Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need alot of help have a Massive virus

Started by eric carter , Aug 09 2009 11:44 AM

  • Please log in to reply

#1
eric carter
Posted 09 August 2009 - 11:44 AM

eric carter

    New Member

  • Member
  • Pip
  • 2 posts
i had a problem with MBAM i DL an update for it and then it wouldnt work and wouldnt uninstall so i deleted it manually but i kept finding a DLL file from it running around. i already did a System restore and that didnt fix it. ive tried all ur tools and some of them wont work. my computer take a long time to load up after reboot and lags in my games. >.> im not entirely sure what is wrong.
i have used MBAM, process explorer, eset online scanner, superantispyware, avast(wich was a virus i think-uninstalled it had to do some messin with it), CCcleaner( have to run it found some 60,000 temp internet files.
i also have process explore and i found this
C:\Windows\system32\SearchIndexer.exe /Embedding not sure what it is but thats its command line


OTL logfile created on: 8/9/2009 11:10:40 AM - Run 1
OTL by OldTimer - Version 3.0.10.5 Folder = C:\root repell
Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 59.70% Memory free
4.00 Gb Paging File | 2.72 Gb Available in Paging File | 68.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 27.86 Gb Free Space | 37.38% Space Free | Partition Type: NTFS
Drive D: | 74.53 Gb Total Space | 26.67 Gb Free Space | 35.79% Space Free | Partition Type: NTFS
Drive E: | 5.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FUZZY
Current User Name: eric j carter
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/02/05 15:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/05 15:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/08/09 10:23:52 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/04/22 00:19:35 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/04/22 00:19:02 | 02,607,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/08/09 10:23:56 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/09 10:23:56 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/09 10:23:56 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/09 10:23:56 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/02/05 15:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/02/05 15:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/23 08:05:34 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2009/02/05 15:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/08/09 10:23:57 | 02,000,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/04/22 00:19:30 | 01,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009/04/22 00:23:15 | 00,674,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/04/22 00:19:43 | 01,124,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009/04/22 00:23:15 | 00,674,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/08/05 16:06:26 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/04/22 00:19:35 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/07 16:46:26 | 00,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/07/07 16:46:26 | 00,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/08/09 11:07:39 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\root repell\OTL.exe
PRC - [2009/04/22 00:23:15 | 00,674,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/04/22 00:19:51 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc [On_Demand | Stopped])
SRV - [2009/02/05 15:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009/02/05 15:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009/02/05 15:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009/02/05 15:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2009/08/09 10:23:56 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/08/09 10:23:52 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2009/04/22 00:19:54 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AxInstSV.dll -- (AxInstSV [On_Demand | Stopped])
SRV - [2009/04/22 00:19:55 | 00,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bdesvc.dll -- (BDESVC [Unknown | Stopped])
SRV - [2009/04/04 15:05:06 | 00,067,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/04/22 00:20:13 | 00,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\defragsvc.dll -- (defragsvc [On_Demand | Stopped])
SRV - [2009/04/22 00:20:14 | 00,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore.dll -- (Dhcp [Auto | Running])
SRV - [2009/04/22 00:19:00 | 00,556,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2009/04/22 00:19:00 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2009/04/22 00:22:15 | 01,086,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (eventlog [Auto | Running])
SRV - [2009/04/22 00:20:30 | 00,797,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache [On_Demand | Stopped])
SRV - [2009/04/04 15:04:57 | 00,043,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/04/22 00:20:46 | 00,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener [On_Demand | Running])
SRV - [2009/04/22 00:21:43 | 00,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider [On_Demand | Running])
SRV - [2009/04/04 15:04:34 | 00,879,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/04/04 15:04:35 | 00,129,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/07/07 16:46:26 | 00,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2009/04/22 00:21:42 | 00,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc [On_Demand | Running])
SRV - [2009/04/22 00:21:40 | 01,004,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\peerdistsvc.dll -- (PeerDistSvc [On_Demand | Stopped])
SRV - [2009/04/22 00:21:42 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg [On_Demand | Stopped])
SRV - [2009/04/22 00:21:42 | 00,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc [On_Demand | Running])
SRV - [2009/04/22 00:22:10 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\umpo.dll -- (Power [Auto | Running])
SRV - [2009/04/22 00:21:46 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper [Unknown | Running])
SRV - [2009/04/22 00:21:49 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc [On_Demand | Stopped])
SRV - [2009/04/22 00:19:20 | 03,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe -- (sppsvc [Auto | Stopped])
SRV - [2009/04/22 00:22:02 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify [On_Demand | Stopped])
SRV - [2009/04/22 00:22:07 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\themeservice.dll -- (Themes [Auto | Running])
SRV - [2009/04/22 00:22:12 | 00,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc [On_Demand | Stopped])
SRV - [2009/04/22 00:20:52 | 00,680,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2009/04/22 00:19:43 | 01,124,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2009/04/22 00:22:25 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwansvc.dll -- (WwanSvc [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4E 3E DD E9 81 DA C9 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/08 17:22:42 | 00,000,000 | ---D | M]


O1 HOSTS File: (824 bytes) - C:\Windows\System32\drivers\etc\Hosts
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\eric j carter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.142.152.254 66.112.11.87
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/20 10:42:25 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/03/09 19:17:56 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/03/02 04:31:43 | 00,162,880 | R--- | M] () - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2007/02/24 23:23:24 | 00,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2007/03/02 04:31:43 | 00,162,880 | R--- | M] () - E:\autorun.exe -- [ UDF ]
O33 - MountPoints2\{8d85efff-4681-11de-9bdf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8d85efff-4681-11de-9bdf-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2007/03/02 04:31:43 | 00,162,880 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

NetSvcs: FastUserSwitchingCompatibility - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: Nla - Service key not found. File not found
NetSvcs: Ntmssvc - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: SRService - Service key not found. File not found
NetSvcs: Wmi - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: LogonHours - Service key not found. File not found
NetSvcs: PCAudit - Service key not found. File not found
NetSvcs: helpsvc - Service key not found. File not found
NetSvcs: uploadmgr - Service key not found. File not found
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2009/08/09 11:07:02 | 00,000,000 | ---- | C] () -- C:\Users\eric j carter\Desktop\settings.dat
[2009/08/09 11:05:27 | 00,470,528 | ---- | C] ( ) -- C:\Users\eric j carter\Desktop\RootRepeal.exe
[2009/08/09 11:03:25 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2009/08/09 11:03:19 | 00,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2009/08/09 10:58:11 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/08/09 10:57:55 | 00,000,000 | ---D | C] -- C:\root repell
[2009/08/09 10:56:30 | 00,000,000 | ---D | C] -- C:\Windows\LastGood
[2009/08/09 10:55:04 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/08/09 10:52:33 | 00,001,074 | ---- | C] () -- C:\Users\eric j carter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/08/09 10:52:14 | 00,000,894 | ---- | C] () -- C:\Users\eric j carter\Desktop\NTREGOPT.lnk
[2009/08/09 10:52:13 | 00,000,875 | ---- | C] () -- C:\Users\eric j carter\Desktop\ERUNT.lnk
[2009/08/09 10:52:09 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/08/09 10:48:16 | 00,000,991 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/08/09 10:24:28 | 00,011,952 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/08/09 10:24:28 | 00,001,812 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 8.5.lnk
[2009/08/09 10:24:27 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2009/08/09 10:24:22 | 00,335,240 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/08/09 10:24:20 | 00,027,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/08/09 10:24:07 | 39,677,948 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/08/09 10:24:06 | 00,060,190 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/08/09 10:24:05 | 00,463,779 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2009/08/09 10:24:04 | 06,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2009/08/09 10:24:04 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2009/08/09 10:23:50 | 00,000,000 | ---D | C] -- C:\ProgramData\avg8
[2009/08/09 10:05:28 | 00,022,772 | ---- | C] () -- C:\Users\eric j carter\Documents\cc_20090809_100522.reg
[2009/08/09 09:52:00 | 00,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2009/08/09 09:12:17 | 00,001,831 | ---- | C] () -- C:\Users\eric j carter\Desktop\CCleaner.lnk
[2009/08/09 09:12:17 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/08/09 09:04:30 | 00,000,000 | ---D | C] -- C:\Users\eric j carter\AppData\Roaming\AVG8
[2009/08/08 19:05:34 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/08/08 19:05:34 | 00,002,014 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/08/08 19:05:33 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/08/08 19:05:32 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/08/08 19:05:32 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/08/08 19:05:32 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/08/08 19:05:09 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/08/08 19:05:09 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2009/08/08 19:05:09 | 00,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/08/08 18:54:43 | 00,002,039 | ---- | C] () -- C:\Users\eric j carter\Desktop\HijackThis.lnk
[2009/08/08 16:56:57 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/08/08 16:29:32 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/08/08 16:29:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/08/08 16:29:22 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/08/08 16:29:21 | 00,000,000 | ---D | C] -- C:\Users\eric j carter\AppData\Roaming\SUPERAntiSpyware.com
[2009/08/08 16:29:21 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/08/08 14:23:38 | 00,000,000 | ---D | C] -- C:\Windows\Sun
[2009/08/08 12:33:51 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/08 11:09:23 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/08/08 04:24:12 | 00,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2009/08/08 01:47:17 | 00,000,000 | ---D | C] -- C:\Users\eric j carter\Documents\Notes
[2009/08/08 01:32:41 | 00,000,000 | ---D | C] -- C:\perflogs
[2009/08/08 01:24:24 | 00,000,000 | ---D | C] -- C:\Users\eric j carter\AppData\Local\ElevatedDiagnostics
[2009/08/06 00:53:48 | 01,353,041 | ---- | C] () -- C:\Users\eric j carter\Documents\Carbonite-3.210 save.zip

========== Files - Modified Within 14 Days ==========

[3 C:\Windows\System32\*.tmp files]
[2009/08/09 11:07:02 | 00,000,000 | ---- | M] () -- C:\Users\eric j carter\Desktop\settings.dat
[2009/08/09 10:52:33 | 00,001,074 | ---- | M] () -- C:\Users\eric j carter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/08/09 10:52:14 | 00,000,894 | ---- | M] () -- C:\Users\eric j carter\Desktop\NTREGOPT.lnk
[2009/08/09 10:52:13 | 00,000,875 | ---- | M] () -- C:\Users\eric j carter\Desktop\ERUNT.lnk
[2009/08/09 10:50:59 | 00,013,392 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/09 10:50:59 | 00,013,392 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/09 10:48:16 | 00,000,991 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/08/09 10:43:41 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/09 10:42:56 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/09 10:42:53 | 16,101,13024 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/09 10:24:28 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/08/09 10:24:28 | 00,001,812 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 8.5.lnk
[2009/08/09 10:24:27 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2009/08/09 10:24:22 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/08/09 10:24:20 | 39,677,948 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/08/09 10:24:20 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/08/09 10:24:07 | 00,060,190 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/08/09 10:24:06 | 00,463,779 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2009/08/09 10:24:05 | 06,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2009/08/09 10:06:38 | 00,022,772 | ---- | M] () -- C:\Users\eric j carter\Documents\cc_20090809_100522.reg
[2009/08/09 09:12:17 | 00,001,831 | ---- | M] () -- C:\Users\eric j carter\Desktop\CCleaner.lnk
[2009/08/08 19:05:34 | 00,002,014 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/08/08 19:05:31 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/08/08 18:58:17 | 03,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\eric j carter\Desktop\procexp.exe
[2009/08/08 18:54:43 | 00,002,039 | ---- | M] () -- C:\Users\eric j carter\Desktop\HijackThis.lnk
[2009/08/08 17:36:59 | 00,730,456 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/08 17:36:59 | 00,627,336 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/08 17:36:59 | 00,107,514 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/08 01:32:28 | 00,007,614 | R--- | M] () -- C:\Users\eric j carter\AppData\Local\resmon.resmoncfg
[2009/08/06 00:53:51 | 01,353,041 | ---- | M] () -- C:\Users\eric j carter\Documents\Carbonite-3.210 save.zip
[2009/08/01 02:32:10 | 01,535,196 | RH-- | M] () -- C:\Users\eric j carter\AppData\Local\IconCache.db
[2009/07/30 15:45:37 | 00,470,528 | ---- | M] ( ) -- C:\Users\eric j carter\Desktop\RootRepeal.exe
[2009/07/28 16:04:07 | 02,542,309 | ---- | M] () -- C:\Users\eric j carter\Desktop\WowMatrix.exe

========== LOP Check ==========

[2009/08/09 09:04:30 | 00,000,000 | ---D | M] -- C:\Users\eric j carter\AppData\Roaming
[2009/08/08 17:22:08 | 00,000,000 | ---D | M] -- C:\Users\eric j carter\AppData\Roaming\Acreon
[2009/08/08 17:22:08 | 00,000,000 | ---D | M] -- C:\Users\eric j carter\AppData\Roaming\LimeWire
[2009/04/22 05:24:12 | 00,000,000 | ---D | M] -- C:\Users\eric j carter\AppData\Roaming\Media Center Programs
[2009/08/08 17:24:59 | 00,000,000 | ---D | M] -- C:\Users\eric j carter\AppData\Roaming\Ventrilo
[2009/08/09 10:43:41 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/04/22 03:27:21 | 00,014,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2009/03/09 22:51:44 | 03,064,736 | ---- | M] () -- C:\ventrilo-3.0.4-Windows-i386.exe

< >
< End of report >


OTL Extras logfile created on: 8/9/2009 11:10:40 AM - Run 1
OTL by OldTimer - Version 3.0.10.5 Folder = C:\root repell
Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 59.70% Memory free
4.00 Gb Paging File | 2.72 Gb Available in Paging File | 68.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 27.86 Gb Free Space | 37.38% Space Free | Partition Type: NTFS
Drive D: | 74.53 Gb Total Space | 26.67 Gb Free Space | 35.79% Space Free | Partition Type: NTFS
Drive E: | 5.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FUZZY
Current User Name: eric j carter
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 14
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"7-Zip" = 7-Zip 4.57
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast!" = avast! Antivirus
"AVG8Uninstall" = AVG Free 8.5
"CCleaner" = CCleaner (remove only)
"CurseClient" = Curse Client
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"LimeWire" = LimeWire 4.18.8
"NVIDIA Drivers" = NVIDIA Drivers
"Tiberian Sun" = Command & Conquer Tiberian Sun
"Warcraft III" = Warcraft III
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Search Defender" = Yahoo! Search Protection

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 8/8/2009 6:03:27 PM | Computer Name = fuzzy | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.

Error - 8/8/2009 6:03:27 PM | Computer Name = fuzzy | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.

[ Application Events ]
Error - 5/21/2009 11:51:14 PM | Computer Name = fuzzycomp | Source = Software Protection Platform Service | ID = 1017
Description = Installation of the Proof of Purchase failed. 0xC004F050 Partial Pkey=RQGD7
ACID=?
Detailed
Error[?]

Error - 5/21/2009 11:52:33 PM | Computer Name = fuzzycomp | Source = Software Protection Platform Service | ID = 1017
Description = Installation of the Proof of Purchase failed. 0xC004F050 Partial Pkey=ROGD7
ACID=?
Detailed
Error[?]

Error - 5/21/2009 11:52:48 PM | Computer Name = fuzzycomp | Source = Software Protection Platform Service | ID = 1017
Description = Installation of the Proof of Purchase failed. 0xC004F050 Partial Pkey=RQGO7
ACID=?
Detailed
Error[?]

Error - 5/21/2009 11:52:59 PM | Computer Name = fuzzycomp | Source = Software Protection Platform Service | ID = 1017
Description = Installation of the Proof of Purchase failed. 0xC004F050 Partial Pkey=RQG07
ACID=?
Detailed
Error[?]

Error - 5/21/2009 10:02:12 PM | Computer Name = fuzzy | Source = Microsoft-Windows-LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is not formatted
correctly. The malformed string is 5274. The first DWORD in the Data section contains
the index value to the malformed string while the second and third DWORDs in the
Data section contain the last valid index values.

Error - 5/23/2009 11:55:43 PM | Computer Name = fuzzy | Source = VSS | ID = 8194
Description =

Error - 5/26/2009 1:23:07 AM | Computer Name = fuzzy | Source = Application Error | ID = 1000
Description = Faulting application name: RA95.exe, version: 0.0.0.0, time stamp:
0x34159303 Faulting module name: RA95.exe, version: 0.0.0.0, time stamp: 0x34159303
Exception
code: 0xc0000005 Fault offset: 0x000e392e Faulting process id: 0x9b0 Faulting application
start time: 0x01c9dd7a76e4819c Faulting application path: C:\Program Files\EA Games\Command
& Conquer The First Decade\Command & Conquer Red Alert™\RA95.exe Faulting module
path: C:\Program Files\EA Games\Command & Conquer The First Decade\Command & Conquer
Red Alert™\RA95.exe Report Id: 4ae3bd4b-49b5-11de-b6dd-001d9245c962

Error - 7/14/2009 5:43:04 PM | Computer Name = fuzzy | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'Internet Explorer' could not be shut down.

Error - 8/6/2009 10:19:42 AM | Computer Name = fuzzy | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.7100.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d24 Start
Time: 01ca1693f42ac381 Termination Time: 120 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:

Error - 8/8/2009 2:20:58 PM | Computer Name = fuzzy | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7100.0, time
stamp: 0x49ee8c24 Faulting module name: RPCRT4.dll, version: 6.1.7100.0, time stamp:
0x49eea681 Exception code: 0xc0000005 Fault offset: 0x0001eec3 Faulting process id:
0x2ec Faulting application start time: 0x01ca1847e759e2d6 Faulting application path:
C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\system32\RPCRT4.dll
Report
Id: 37c0368a-8448-11de-913e-001d9245c962

[ System Events ]
Error - 8/9/2009 11:04:01 AM | Computer Name = fuzzy | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 8/9/2009 11:05:22 AM | Computer Name = fuzzy | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 8/9/2009 11:09:40 AM | Computer Name = fuzzy | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 8/9/2009 11:16:21 AM | Computer Name = fuzzy | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Some processor performance power management features have been disabled
due to a known firmware problem. Check with the computer manufacturer for updated
firmware.

Error - 8/9/2009 11:20:46 AM | Computer Name = fuzzy | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.

Error - 8/9/2009 11:41:02 AM | Computer Name = fuzzy | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 8/9/2009 11:41:03 AM | Computer Name = fuzzy | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 8/9/2009 11:41:04 AM | Computer Name = fuzzy | Source = Service Control Manager | ID = 7031
Description = The AVG Free8 WatchDog service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 0 milliseconds:
Restart the service.

Error - 8/9/2009 11:41:04 AM | Computer Name = fuzzy | Source = Service Control Manager | ID = 7034
Description = The AVG Free8 E-mail Scanner service terminated unexpectedly. It
has done this 1 time(s).

Error - 8/9/2009 11:42:52 AM | Computer Name = fuzzy | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Some processor performance power management features have been disabled
due to a known firmware problem. Check with the computer manufacturer for updated
firmware.


< End of report >


and here is the error report from root repell
11:06:00: FOPS - DeviceIoControl Error! Error Code = 0xc0000024 Extended Info (0x000000e4)
11:06:00: DeviceIoControl Error! Error Code = 0x1e7
11:06:00: FOPS - DeviceIoControl Error! Error Code = 0xc0000024 Extend


i just redownloaded MBAM from majorgeeks and ill run it

UPDATE ran eset online scanner and it found a generik type of virus wasnt able to get all the info on it....unfortunatly my computer is still running horrible slow. gonna let MBAM run thru real quick.

Edited by eric carter, 10 August 2009 - 06:51 PM.

  • 0

Advertisements

#2
eric carter
Posted 10 August 2009 - 03:28 PM

eric carter

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
also i cant see my task manager options now >.>

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:21:33 PM, on 8/10/2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\eric j carter\Desktop\procexp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\eric j carter\Desktop\OTL.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset...lineScanner.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 3296 bytes


OTL logfile created on: 8/10/2009 4:21:09 PM - Run 2
OTL by OldTimer - Version 3.0.10.5 Folder = C:\Users\eric j carter\Desktop
Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.29 Gb Available Physical Memory | 64.42% Memory free
4.00 Gb Paging File | 2.96 Gb Available in Paging File | 74.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 23.75 Gb Free Space | 31.87% Space Free | Partition Type: NTFS
Drive D: | 74.53 Gb Total Space | 26.67 Gb Free Space | 35.79% Space Free | Partition Type: NTFS
Drive E: | 5.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FUZZY
Current User Name: eric j carter
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/07/07 16:46:26 | 00,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/07/07 16:46:26 | 00,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/08/09 10:23:52 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/08/09 10:23:56 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/09 10:23:56 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/09 10:23:56 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/09 10:23:56 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/04/22 00:19:35 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/04/22 00:19:02 | 02,607,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/02/23 08:05:34 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2009/08/09 10:23:57 | 02,000,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/04/22 00:19:30 | 01,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009/04/22 00:19:43 | 01,124,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009/08/08 18:58:17 | 03,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\eric j carter\Desktop\procexp.exe
PRC - [2009/04/22 00:23:15 | 00,674,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/04/22 00:23:15 | 00,674,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/04/22 00:23:15 | 00,674,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/04/22 00:23:15 | 00,674,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/08/09 11:07:39 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\eric j carter\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/04/22 00:19:51 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc [On_Demand | Stopped])
SRV - [2009/08/09 10:23:56 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/08/09 10:23:52 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2009/04/22 00:19:54 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AxInstSV.dll -- (AxInstSV [On_Demand | Stopped])
SRV - [2009/04/22 00:19:55 | 00,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bdesvc.dll -- (BDESVC [Unknown | Stopped])
SRV - [2009/04/04 15:05:06 | 00,067,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/04/22 00:20:13 | 00,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\defragsvc.dll -- (defragsvc [On_Demand | Stopped])
SRV - [2009/04/22 00:20:14 | 00,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore.dll -- (Dhcp [Auto | Running])
SRV - [2009/04/22 00:19:00 | 00,556,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2009/04/22 00:19:00 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2009/04/22 00:22:15 | 01,086,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (eventlog [Auto | Running])
SRV - [2009/04/22 00:20:30 | 00,797,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache [On_Demand | Stopped])
SRV - [2009/04/04 15:04:57 | 00,043,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/04/22 00:20:46 | 00,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener [On_Demand | Running])
SRV - [2009/04/22 00:21:43 | 00,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider [On_Demand | Running])
SRV - [2009/04/04 15:04:34 | 00,879,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/04/04 15:04:35 | 00,129,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/07/07 16:46:26 | 00,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2009/04/22 00:21:42 | 00,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc [On_Demand | Running])
SRV - [2009/04/22 00:21:40 | 01,004,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\peerdistsvc.dll -- (PeerDistSvc [On_Demand | Stopped])
SRV - [2009/08/09 18:15:22 | 00,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Stopped])
SRV - [2009/04/22 00:21:42 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg [On_Demand | Stopped])
SRV - [2009/04/22 00:21:42 | 00,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc [On_Demand | Running])
SRV - [2009/04/22 00:22:10 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\umpo.dll -- (Power [Auto | Running])
SRV - [2009/04/22 00:21:46 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper [Unknown | Running])
SRV - [2009/04/22 00:21:49 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc [On_Demand | Stopped])
SRV - [2009/04/22 00:19:20 | 03,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe -- (sppsvc [Auto | Stopped])
SRV - [2009/04/22 00:22:02 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify [On_Demand | Stopped])
SRV - [2009/06/30 10:28:28 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Stopped])
SRV - [2009/04/22 00:22:07 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\themeservice.dll -- (Themes [Auto | Running])
SRV - [2009/04/22 00:22:12 | 00,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc [On_Demand | Stopped])
SRV - [2009/04/22 00:20:52 | 00,680,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2009/04/22 00:19:43 | 01,124,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2009/04/22 00:22:25 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwansvc.dll -- (WwanSvc [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4E 3E DD E9 81 DA C9 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/08 17:22:42 | 00,000,000 | ---D | M]


O1 HOSTS File: (824 bytes) - C:\Windows\System32\drivers\etc\Hosts
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No CLSID value found.
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.142.152.254 66.112.11.87
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/20 10:42:25 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/03/09 19:17:56 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/03/02 04:31:43 | 00,162,880 | R--- | M] () - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2007/02/24 23:23:24 | 00,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2007/03/02 04:31:43 | 00,162,880 | R--- | M] () - E:\autorun.exe -- [ UDF ]
O33 - MountPoints2\{8d85efff-4681-11de-9bdf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8d85efff-4681-11de-9bdf-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2007/03/02 04:31:43 | 00,162,880 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

NetSvcs: FastUserSwitchingCompatibility - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: Nla - Service key not found. File not found
NetSvcs: Ntmssvc - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: SRService - Service key not found. File not found
NetSvcs: Wmi - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: LogonHours - Service key not found. File not found
NetSvcs: PCAudit - Service key not found. File not found
NetSvcs: helpsvc - Service key not found. File not found
NetSvcs: uploadmgr - Service key not found. File not found
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2009/08/09 18:36:18 | 00,002,527 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2009/08/09 18:36:18 | 00,000,000 | ---D | C] -- C:\Program Files\Steam
[2009/08/09 16:09:09 | 00,189,480 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2009/08/09 16:08:25 | 00,000,000 | ---D | C] -- C:\Users\eric j carter\AppData\Local\PunkBuster
[2009/08/09 16:08:05 | 00,001,300 | ---- | C] () -- C:\Users\eric j carter\Desktop\steam.exe - Shortcut.lnk
[2009/08/09 16:07:53 | 00,137,544 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/08/09 16:07:52 | 00,139,152 | ---- | C] () -- C:\Users\eric j carter\AppData\Roaming\PnkBstrK.sys
[2009/08/09 16:07:20 | 00,189,480 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009/08/09 16:07:19 | 00,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2009/08/09 16:07:19 | 00,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009/08/09 16:04:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2009/08/09 12:44:45 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/08/09 12:41:06 | 00,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/09 12:40:58 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/09 11:38:41 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/08/09 11:07:29 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\eric j carter\Desktop\OTL.exe
[2009/08/09 11:07:02 | 00,000,000 | ---- | C] () -- C:\Users\eric j carter\Desktop\settings.dat
[2009/08/09 11:03:25 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2009/08/09 11:03:19 | 00,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2009/08/09 10:57:55 | 00,000,000 | ---D | C] -- C:\root repell
[2009/08/09 10:55:04 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/08/09 10:48:16 | 00,000,991 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/08/09 10:24:28 | 00,011,952 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/08/09 10:24:28 | 00,001,812 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 8.5.lnk
[2009/08/09 10:24:27 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2009/08/09 10:24:22 | 00,335,240 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/08/09 10:24:20 | 00,027,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/08/09 10:24:07 | 39,716,319 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/08/09 10:24:06 | 00,060,243 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/08/09 10:24:05 | 00,463,779 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2009/08/09 10:24:04 | 06,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2009/08/09 10:24:04 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2009/08/09 10:23:50 | 00,000,000 | ---D | C] -- C:\ProgramData\avg8
[2009/08/09 10:05:28 | 00,022,772 | ---- | C] () -- C:\Users\eric j carter\Documents\cc_20090809_100522.reg
[2009/08/09 09:52:00 | 00,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2009/08/09 09:12:17 | 00,001,831 | ---- | C] () -- C:\Users\eric j carter\Desktop\CCleaner.lnk
[2009/08/09 09:12:17 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/08/09 09:04:30 | 00,000,000 | ---D | C] -- C:\Users\eric j carter\AppData\Roaming\AVG8
[2009/08/08 18:54:43 | 00,002,039 | ---- | C] () -- C:\Users\eric j carter\Desktop\HijackThis.lnk
[2009/08/08 16:29:32 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/08/08 16:29:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/08/08 16:29:22 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/08/08 16:29:21 | 00,000,000 | ---D | C] -- C:\Users\eric j carter\AppData\Roaming\SUPERAntiSpyware.com
[2009/08/08 16:29:21 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/08/08 14:23:38 | 00,000,000 | ---D | C] -- C:\Windows\Sun
[2009/08/08 12:33:51 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/08 11:09:23 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/08/08 04:24:12 | 00,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2009/08/08 01:47:17 | 00,000,000 | ---D | C] -- C:\Users\eric j carter\Documents\Notes
[2009/08/08 01:32:41 | 00,000,000 | ---D | C] -- C:\perflogs
[2009/08/08 01:24:24 | 00,000,000 | ---D | C] -- C:\Users\eric j carter\AppData\Local\ElevatedDiagnostics
[2009/08/06 00:53:48 | 01,353,041 | ---- | C] () -- C:\Users\eric j carter\Documents\Carbonite-3.210 save.zip

========== Files - Modified Within 14 Days ==========

[2009/08/10 16:16:22 | 39,716,319 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/08/10 14:09:05 | 00,013,392 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/10 14:09:05 | 00,013,392 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/10 14:01:46 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/10 14:01:39 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/10 14:01:36 | 16,101,13024 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/09 23:15:20 | 00,189,480 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2009/08/09 23:15:20 | 00,189,480 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
[2009/08/09 21:04:20 | 00,137,544 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/08/09 18:42:51 | 00,060,243 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/08/09 18:36:18 | 00,002,527 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2009/08/09 18:15:45 | 00,139,152 | ---- | M] () -- C:\Users\eric j carter\AppData\Roaming\PnkBstrK.sys
[2009/08/09 18:15:22 | 00,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2009/08/09 18:15:22 | 00,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
[2009/08/09 16:08:05 | 00,001,300 | ---- | M] () -- C:\Users\eric j carter\Desktop\steam.exe - Shortcut.lnk
[2009/08/09 12:41:06 | 00,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/09 11:07:39 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\eric j carter\Desktop\OTL.exe
[2009/08/09 11:07:02 | 00,000,000 | ---- | M] () -- C:\Users\eric j carter\Desktop\settings.dat
[2009/08/09 10:48:16 | 00,000,991 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/08/09 10:24:28 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/08/09 10:24:28 | 00,001,812 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 8.5.lnk
[2009/08/09 10:24:27 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2009/08/09 10:24:22 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/08/09 10:24:20 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/08/09 10:24:06 | 00,463,779 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2009/08/09 10:24:05 | 06,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2009/08/09 10:06:38 | 00,022,772 | ---- | M] () -- C:\Users\eric j carter\Documents\cc_20090809_100522.reg
[2009/08/09 09:12:17 | 00,001,831 | ---- | M] () -- C:\Users\eric j carter\Desktop\CCleaner.lnk
[2009/08/08 19:05:31 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/08/08 18:58:17 | 03,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\eric j carter\Desktop\procexp.exe
[2009/08/08 18:54:43 | 00,002,039 | ---- | M] () -- C:\Users\eric j carter\Desktop\HijackThis.lnk
[2009/08/08 17:36:59 | 00,730,456 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/08 17:36:59 | 00,627,336 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/08 17:36:59 | 00,107,514 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/08 01:32:28 | 00,007,614 | R--- | M] () -- C:\Users\eric j carter\AppData\Local\resmon.resmoncfg
[2009/08/06 00:53:51 | 01,353,041 | ---- | M] () -- C:\Users\eric j carter\Documents\Carbonite-3.210 save.zip
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/08/01 02:32:10 | 01,535,196 | RH-- | M] () -- C:\Users\eric j carter\AppData\Local\IconCache.db
[2009/07/28 16:04:07 | 02,542,309 | ---- | M] () -- C:\Users\eric j carter\Desktop\WowMatrix.exe

========== LOP Check ==========

[2009/08/09 18:15:43 | 00,000,000 | ---D | M] -- C:\Users\eric j carter\AppData\Roaming
[2009/08/08 17:22:08 | 00,000,000 | ---D | M] -- C:\Users\eric j carter\AppData\Roaming\Acreon
[2009/08/08 17:22:08 | 00,000,000 | ---D | M] -- C:\Users\eric j carter\AppData\Roaming\LimeWire
[2009/04/22 05:24:12 | 00,000,000 | ---D | M] -- C:\Users\eric j carter\AppData\Roaming\Media Center Programs
[2009/08/08 17:24:59 | 00,000,000 | ---D | M] -- C:\Users\eric j carter\AppData\Roaming\Ventrilo
[2009/08/10 14:01:46 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/04/22 03:27:21 | 00,015,344 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2009/03/09 22:51:44 | 03,064,736 | ---- | M] () -- C:\ventrilo-3.0.4-Windows-i386.exe
< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP