Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Believe I have a Trojan - Genome - Help Please


  • Please log in to reply

#1
bowenc

bowenc

    New Member

  • Member
  • Pip
  • 2 posts
Hello GtG.

I belive i have a computer nasty as everytime a file is run the Performance % on the Task manager shoots up to 100% and very rarely drops to allow you to use the machine.

Also the F-Secure System scan seems to be being hijacked with no Infections reported but no files being scanned. (Appendix 1 below)
Log for this is at the end of this post.

I've no internet access at the moment (which may be lucky!) so i'll deal with this by downloading files at an internet cafe and running them on the machine at home.

history is:

I ran the TFC, ERUNT, MBAM (Though this seemed VERY slow to run - think it may have been being prevented)

A Full Drive Virus scan resulted in this from F-Secure (my AV Software):

<REPORT> attachment and italic below


F-Secure Anti-Virus Command Line Scanner, version 1.08.5210
Scans files for viruses
Copyright © 2001-2005, F-Secure Corporation

04 December 2009 00:00:27

Command line: /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\TALKTA~1\ANTI-V~1\REPORT.TXT

Workstation name: sirius2

Scanning options:
Target: C:\ D:\ E:\ R:\
Files scanned with extensions: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ANI AVB BAT CEO CMD JOB JPG LSP MAP MHT MIF PHP POT SWF WMF NWS TAR TGZ ZIP JAR ARJ LZH TAR TGZ GZ CAB RAR BZ2 HQX
Action: Disinfect infected files
Scan inside archives: on

Scanning Engines:
F-Secure AVP: version 6.00.169, definitions updated 2009-12-03
F-Secure Libra: version 2.04.05, definitions updated 2009-11-30
F-Secure Orion: version 1.02.41, definitions updated 2009-12-03

Results of virus scanning:
Cannot open file C:\hiberfil.sys
Cannot open file C:\pagefile.sys
Scanning of C:\____Temp\Craig\Craig_VNC_PE_v4p2p5.zip\vnc-P4_2_5-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\____Temp\Craig\Craig_VNC_PE_v4p2p5.zip was aborted [F-Secure AVP]
Scanning of C:\____Temp\Craig\UsefulStuffForFurtheringCraigsTalents\SQL_Edu\SQLSrvrExpress2005\SQLEXPR_ADV.EXE\setup\sqlrun_sql.msi\stream 6 was aborted [F-Secure AVP]
Scanning of C:\____Temp\Craig\UsefulStuffForFurtheringCraigsTalents\SQL_Edu\SQLSrvrExpress2005\SQLEXPR_ADV.EXE was aborted [F-Secure AVP]
Scanning of C:\____Temp\Craig\UsefulStuffForFurtheringCraigsTalents\SQL_Edu\SQLSrvrExpress2005\SQLEXPR_TOOLKIT.EXE\dbghelp.dll was aborted [F-Secure AVP]
Scanning of C:\____Temp\Craig\UsefulStuffForFurtheringCraigsTalents\SQL_Edu\SQLSrvrExpress2005\SQLEXPR_TOOLKIT.EXE was aborted [F-Secure AVP]
Scanning of C:\____Temp\Craig\UsefulStuffForFurtheringCraigsTalents\morevs2008\VisualStudio2008TrainingKit.exe was aborted [F-Secure AVP]
File C:\____Temp\Craig\Sense\DataAnalysisProjects\LTV\TestSendSense.zip\MdTbl_3B_Dev_YearGiftGivenandRecCat.csv is encrypted
File C:\____Temp\Craig\Sense\DataAnalysisProjects\LTV\LizFiles\LTVAnalysis.zip\Table 4 Non Active RGifts.CSV is encrypted
File C:\____Temp\Craig\Sense\DataAnalysisProjects\LTV\BownalysisInternalOnly\Work\FACT_TABLE_FINAL.zip\FACT_TABLE_FINAL.xls is encrypted
Scanning of C:\____Temp\Craig\OfftheSonyKey20070912\PHP\php_manual_en.chm was aborted [F-Secure AVP]
Scanning of C:\____Temp\Craig\OfftheSonyKey20070912\PHP\php_manual_en.zip\php_manual_en.chm was aborted [F-Secure AVP]
Scanning of C:\____Temp\Craig\OfftheSonyKey20070912\PHP\php_manual_en.zip was aborted [F-Secure AVP]
Scanning of C:\____Temp\Craig\OfftheSonyKey20070912\PHP\ScriptGUI.exe was aborted [F-Secure AVP]
Cannot open a file in archive C:\____Temp\Craig\DavePC_Footie2\VirtualPC2007.exe\AdditionsISO
Cannot open a file in archive C:\____Temp\Craig\DAVE-VPC_VS008andVWD2005\VirtualPC2007.exe\AdditionsISO
Cannot open a file in archive C:\____Temp\Craig\DAVE-VPC_VS008\VirtualPC2007.exe\AdditionsISO
Cannot open a file in archive C:\____Temp\Craig\DAVE-VPC_MASTER\VirtualPC2007.exe\AdditionsISO
Scanning of C:\____Temp\Craig\BobbleWantstobeaMillionaire\DynUpSetup.exe was aborted [F-Secure AVP]
Cannot open a file in archive C:\____Temp\Craig\BobbleWantstobeaMillionaire\BBCiPlayer\BBC-iPlayer_Setup.exe\atk.js
File C:\____Temp\Craig\2ndSense\FACT_TABLE_FINAL_2.zip\FACT_TABLE_FINAL_2.xls is encrypted
Scanning of C:\XAMPP\xampp-win32-1.6.8-installer.exe was aborted [F-Secure AVP]
Scanning of C:\WINDOWS\system32\CFPOutLook.dll was aborted [F-Secure AVP]
Scanning of C:\WINDOWS\system32\osmax.ocx was aborted [F-Secure AVP]
Scanning of C:\WINDOWS\system32\pcode32.dll was aborted [F-Secure AVP]
Cannot open file C:\WINDOWS\system32\config\default
Scanning of C:\WINDOWS\Driver Cache\i386\driver.cab was aborted [F-Secure AVP]
Scanning of C:\WINDOWS\Copy of SftwareDstribution\Download\3523b3abacdd3fcc4406d6f454eeff4e2bf3e785 was aborted [F-Secure AVP]
Scanning of C:\WINDOWS\Copy of SftwareDstribution\Download\72832347ba98dc294a89887c711d8a2494327240\hotfixexpressadv\files\sqlexpr_adv.exe\setup\yb800303.cab was aborted [F-Secure AVP]
Scanning of C:\WINDOWS\Copy of SftwareDstribution\Download\72832347ba98dc294a89887c711d8a2494327240\hotfixexpressadv\files\sqlexpr_adv.exe\setup\sqlrun_sql.msi\stream 6 was aborted [F-Secure AVP]
Scanning of C:\WINDOWS\Copy of SftwareDstribution\Download\72832347ba98dc294a89887c711d8a2494327240\hotfixexpressadv\files\sqlexpr_adv.exe was aborted [F-Secure AVP]
Scanning of C:\WINDOWS\Copy of SftwareDstribution\Download\72832347ba98dc294a89887c711d8a2494327240 was aborted [F-Secure AVP]
Scanning of C:\VDFlex\VDF12\Source\VDF12.0.StudioDownload.exe was aborted [F-Secure AVP]
Scanning of C:\VDFlex\vdf\VDF12\Dataflex_VDF12.0.StudioDownload_061222.exe was aborted [F-Secure AVP]
Scanning of C:\VDFlex\vdf\VDF12\VDF12.0.65.0.Studio.Alpha5.exe was aborted [F-Secure AVP]
Scanning of C:\VDFlex\vdf\Down_One_Level\VDF11.1.StudioDownload.exe was aborted [F-Secure AVP]
Scanning of C:\VDFlex\vdf\Down_One_Level\WinprintViewer.10.1.4.0.zip\WinprintViewer.exe was aborted [F-Secure AVP]
Scanning of C:\VDFlex\vdf\Down_One_Level\WinprintViewer.10.1.4.0.zip\WinPrint.dll was aborted [F-Secure AVP]
Scanning of C:\VDFlex\vdf\Down_One_Level\WinprintViewer.10.1.4.0.zip was aborted [F-Secure AVP]
Scanning of C:\VDFlex\vdf\doc\VDF11.0.69.0.Alpha5.Help.zip\Help\VdfClassRef.chm was aborted [F-Secure AVP]
Scanning of C:\VDFlex\vdf\doc\VDF11.0.69.0.Alpha5.Help.zip was aborted [F-Secure AVP]
Scanning of C:\VDFlex\vdf\doc\vdf9help.zip was aborted [F-Secure AVP]
Scanning of C:\VDFlex\vdf\archive\Multipart\Setup62.EXE was aborted [F-Secure AVP]
Cannot open a file in archive C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP604\A0329638.exe\AdditionsISO
Cannot open a file in archive C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP604\A0329641.exe\AdditionsISO
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0314902.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0314907.EXE was aborted [F-Secure AVP]
Cannot open a file in archive C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0314909.exe\AdditionsISO
Cannot open a file in archive C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0314924.exe\AdditionsISO
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0315194.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0315199.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0315314.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0315319.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0316450.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0316455.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0316562.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0316567.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0316704.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0316709.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0316844.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0316849.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0316977.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0316982.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0317097.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP575\A0317102.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0312890.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0312895.EXE was aborted [F-Secure AVP]
Cannot open a file in archive C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0312897.exe\AdditionsISO
Cannot open a file in archive C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0312912.exe\AdditionsISO
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0313182.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0313187.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0313302.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0313307.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0314443.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0314448.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0314564.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0314569.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0314706.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP574\A0314711.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP572\A0311373.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP572\A0311378.EXE was aborted [F-Secure AVP]
Cannot open a file in archive C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP572\A0311380.exe\AdditionsISO
Cannot open a file in archive C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP572\A0311395.exe\AdditionsISO
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP572\A0311532.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP572\A0311537.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP572\A0311674.EXE was aborted [F-Secure AVP]
Scanning of C:\System Volume Information\_restore{752C9936-658F-4531-9A8C-FA1CACF9D6E3}\RP572\A0311679.EXE was aborted [F-Secure AVP]
Cannot open a file in archive C:\RECYCLER\S-1-5-21-1417001333-1645522239-682003330-1003\Dc2\VirtualPC2007.exe\AdditionsISO
Cannot open a file in archive C:\RECYCLER\S-1-5-21-1417001333-1645522239-682003330-1003\Dc1\VirtualPC2007.exe\AdditionsISO
Scanning of C:\Program Files\XAMPP\MercuryMail\DAEMONS\clamwallsetup.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\XAMPP\MercuryMail\DAEMONS\graywallsetup.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\XAMPP\MercuryMail\DAEMONS\spamhaltersetup.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\WinKey\TaskMgr.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\WinKey\WinKey.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\WinKey\WinKeyHook.dll was aborted [F-Secure AVP]
Scanning of C:\Program Files\WinKey\WinKeyMgr.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\TClockEx\unins000.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\TalkTalk Online Security\backweb\81720\Users\Default\Data\4edb\122d9db7\TTOnlineSecurity_7.03-116-chupg.jar was aborted [F-Secure AVP]
Scanning of C:\Program Files\TalkTalk Online Security\backweb\81720\Users\Default\Data\4edb\122d6b08\pex_6.02-20.jar was aborted [F-Secure AVP]
Scanning of C:\Program Files\RealVNC\VNCMirror\unins000.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\RealVNC\VNC4\unins000.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\RealVNC\VNC4\vnc-mirror-1_8_0-x86_x64_win32.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\RealVNC\VNC4\Mirror Driver\unins000.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\Psycle\unins000.exe was aborted [F-Secure AVP]
Cannot open a file in archive C:\Program Files\MSVirtualPC2007\setup.exe\AdditionsISO
Cannot open a file in archive C:\Program Files\MSVirtualPC2007\setup64.exe\AdditionsISO
Scanning of C:\Program Files\Marketmaker\Spreadbet Client\jre\lib\rt.jar was aborted [F-Secure AVP]
Scanning of C:\Program Files\Key Mouse Genie\unins000.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\Java\jre1.6.0_01\lib\rt.jar was aborted [F-Secure AVP]
Scanning of C:\Program Files\DynDNS Updater\Uninstall.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\DBTools Software\DBManager\unins000.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\CoolRuler\coolruler.exe was aborted [F-Secure AVP]
Scanning of C:\Program Files\CogniFit\MAP\Xtras\Budapi32.dll was aborted [F-Secure AVP]
Scanning of C:\Program Files\CogniFit\MAP\DF_Training\Xtras\Budapi32.dll was aborted [F-Secure AVP]
Scanning of C:\Program Files\CogniFit\MAP\DF_test\Xtras\Budapi32.dll was aborted [F-Secure AVP]
Scanning of C:\Program Files\Ahead\Nero\KARAOKE.dll was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Yenicag\Source\ftpexplo.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Yenicag\FTPExplorer\ftpexplorer.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Wisdom Spray\wisdomspray.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\StopLoss\setup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\StopLoss\Stoploss.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\StopLoss\unins000.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\StopLoss\Source\stoploss.zip\setup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\StopLoss\Source\stoploss.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SpoonProxy\Source\sproxy25.zip\sproxy25.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SpoonProxy\Source\sproxy25.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\Source\sc2000.exe\EXITSC.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\Source\sc2000.exe\SCIMAGES.DLL was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\Source\sc2000.exe\SECCOPY.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\Source\sc2000.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\Source\sc2000_old.exe\EXITSC.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\Source\sc2000_old.exe\SCIMAGES.DLL was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\Source\sc2000_old.exe\SECCOPY.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\Source\sc2000_old.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\SecCopy\ExitSC.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\SecCopy\SCImages.dll was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\SecCopy\SecCopy\SecCopy.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\RegDet\regdet.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Mike Lins Utilities\Source\Binary.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Mike Lins Utilities\Source\Clipomatic20.zip\Clipomatic.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Mike Lins Utilities\Source\Clipomatic20.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Mike Lins Utilities\Source\RdocEx.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Mike Lins Utilities\Source\RegSvrEx.zip\RegSvrEx.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Mike Lins Utilities\Source\RegSvrEx.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\IconEdit\iconedit32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\FTPxfer\FTPxfer.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\DupeLess\dupeless.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Bits\PasToWeb.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Bits\playlist.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\Bits\RASTIMER.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\BestFTP Explorer 2000\BestFTPExplorer.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\BestFTP Explorer 2000\unins000.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\BestFTP Explorer 2000\Source\BestFTPExplorer20004thEd.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\BestFTP Explorer 2000\Source\bestftpx.zip\BestFTPExplorer20004thEd.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\BestFTP Explorer 2000\Source\bestftpx.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\zzz_Others\AboutTime\abouttime_msie.exe was aborted [F-Secure AVP]
File C:\PrgFiles\NotInst\_PrgFiles_G1200\WinZip\Source\V90\winzip90.exe\SETUP.WZ\WINZIP32.EX_ is encrypted
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\WindowWasher\Source\WindowWasher.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\WindowWasher\Source\Window_Washer_v5[1].0.0.1.zip\WindowWasher.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\WindowWasher\Source\Window_Washer_v5[1].0.0.1.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\WindowsXP\PowerToys_Funpack\PowerToys_VSS.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Visual_Basic\visual_basic_6.exe was aborted [F-Secure AVP]
Cannot open a file in archive C:\PrgFiles\NotInst\_PrgFiles_G1200\Tray Manager\Source\tman_src.zip\trayman.rc
Cannot open a file in archive C:\PrgFiles\NotInst\_PrgFiles_G1200\Tray Manager\Source\traymgr.zip\My Documents\pcm\Util\TrayMgr2\upload\tman_src.zip\trayman.rc
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\TclockEx\Source_Other\monoff10.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\TclockEx\Source\tclockex.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\SysInfo\Source\sysinf01.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Startup\Source_Other\Binary.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Startup\Source_Other\Clipomatic20.zip\Clipomatic.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Startup\Source_Other\Clipomatic20.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Startup\Source_Other\RdocEx.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Startup\Source_Other\RegSvrEx.zip\RegSvrEx.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Startup\Source_Other\RegSvrEx.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Skype_Net\Source\v1_1_0_79\SkypeSetup_v_1_1_0_79_on_050130.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Skype_Net\Source\v1_1_0_61\SkypeSetup_ver1_1_0_61.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Skype_Net\Source\v1_00\SkypeSetup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Skype_Net\Source\v0_98\SkypeSetup-Beta.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Skype_Net\Source\v0_97\SkypeSetup-Beta.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\OIN\OIN.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Mozilla\Thunderbird\Source\ver_1p0\Thunderbird Setup 1.0.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MonOff\Source\monoff10.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\Source\021115_Werner\keygen_mm.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\Source\021115_Werner\MacroMagic.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\Source\021115_Werner\MacroMagic.zip\MacroMagic.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\Source\021115_Werner\MacroMagic.zip\MacroMagic4-1T EPSMM41T.ZIP\keygen_mm.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\Source\021115_Werner\MacroMagic.zip\MacroMagic4-1T EPSMM41T.ZIP was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\Source\021115_Werner\MacroMagic.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\Source\021115_Werner\MacroMagic4-1T EPSMM41T.ZIP\keygen_mm.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\Source\021115_Werner\MacroMagic4-1T EPSMM41T.ZIP was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\Source\021115_ver41t\mmagic.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\Source\021115_ver41t\MMagic_tut.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\MacroMagic\PFCopy\Iolo\Macro Magic\EventHook.dll was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Files Management\FilesManagement.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Files Management\Source\FilesManagement_300701.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\FAR\Source\Far1704.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\DiskTest\DiskTest.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\DiskTest\Source\DiskTest.zip\DiskTest.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\DiskTest\Source\DiskTest.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Descriptions\Descriptions.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Descriptions\Source\Descriptions.zip\Descriptions.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Descriptions\Source\Descriptions.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\Descriptions\Source\Descriptions_280701.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\CacheBoost\Source\Cacheboost_setupcbp_from_site_050123.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\CacheBoost\Source\Zipped\CacheBoost_Pro_4.zip\cbpro_emt.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\CacheBoost\Source\Zipped\CacheBoost_Pro_4.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\CacheBoost\Source\UnZip\cbpro_emt.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\Nero\Source\Nero\nero55100.exe\Nero\KARAOKE.DLL was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\Nero\Source\Nero\nero55100.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\Nero\Source\Nero\nero551015a.exe\Nero\KARAOKE.DLL was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\Nero\Source\Nero\nero551015a.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\Nero\Source\Nero\nero551028.exe\Nero\KARAOKE.DLL was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\Nero\Source\Nero\nero551028.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\Audio\ct5880\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\Audio\ct5880\Source\5880_wdm.zip\5880_wdm\common\files\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\Audio\ct5880\Source\5880_wdm.zip\5880_wdm\wdmdrv\wdm\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\Audio\ct5880\Source\5880_wdm.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\Audio\ct5880\Source\ct5880_xp_512.zip\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\Audio\ct5880\Source\ct5880_xp_512.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\Audio\ct5880\Source\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\aaaNew Drivers Downloaded\Source - old\ct5880_xp_512.zip\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\aaaNew Drivers Downloaded\Source - old\ct5880_xp_512.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\aaaNew Drivers Downloaded\Source - 240102\5880_wdm.zip\5880_wdm\common\files\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\aaaNew Drivers Downloaded\Source - 240102\5880_wdm.zip\5880_wdm\wdmdrv\wdm\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\aaaNew Drivers Downloaded\Source - 240102\5880_wdm.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\aaaNew Drivers Downloaded\Source - 030214\5880_wdm.zip\5880_wdm\common\files\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\aaaNew Drivers Downloaded\Source - 030214\5880_wdm.zip\5880_wdm\wdmdrv\wdm\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\aaaNew Drivers Downloaded\Source - 030214\5880_wdm.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\2005\050123\DriverDownloads\driver_audio_creative_5880_wdm.exe\driver_audio_creative_5880_wdm\common\files\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\2005\050123\DriverDownloads\driver_audio_creative_5880_wdm.exe\driver_audio_creative_5880_wdm\wdmdrv\wdm\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\2005\050123\DriverDownloads\driver_audio_creative_5880_wdm.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\a_COMPUT\a_G1200\W2000\MBOARD\Gigabyte\Audio\ct5880\Audio\English\Drivers\common\files\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\AdAware\gspypro.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\AdAware\Source\ver6p181\aaw6181.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\AdAware\Source\ver6p0\aaw6.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\aaa___020413_Updates\ExamDiff28_30daylimitprint.zip\setup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\_PrgFiles_G1200\aaa___020413_Updates\ExamDiff28_30daylimitprint.zip was aborted [F-Secure AVP]
File C:\PrgFiles\NotInst\WinZip\Source\V90\winzip90.exe\SETUP.WZ\WINZIP32.EX_ is encrypted
Cannot open a file in archive C:\PrgFiles\NotInst\Tray Manager\Source\tman_src.zip\trayman.rc
Cannot open a file in archive C:\PrgFiles\NotInst\Tray Manager\Source\traymgr.zip\My Documents\pcm\Util\TrayMgr2\upload\tman_src.zip\trayman.rc
Scanning of C:\PrgFiles\NotInst\TclockEx\Source_Other\monoff10.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\TclockEx\Source\tclockex.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Startup\Source_Other\Binary.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Startup\Source_Other\Clipomatic20.zip\Clipomatic.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Startup\Source_Other\Clipomatic20.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Startup\Source_Other\RdocEx.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Startup\Source_Other\RegSvrEx.zip\RegSvrEx.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Startup\Source_Other\RegSvrEx.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\PcOnPoint\Source\PConPoint_v3p5_060528.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Nero\Source\Nero\nero55100.exe\Nero\KARAOKE.DLL was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Nero\Source\Nero\nero55100.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Nero\Source\Nero\nero551015a.exe\Nero\KARAOKE.DLL was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Nero\Source\Nero\nero551015a.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Nero\Source\Nero\nero551028.exe\Nero\KARAOKE.DLL was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Nero\Source\Nero\nero551028.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\Mozilla\Thunderbird\Source\ver_1p0\Thunderbird Setup 1.0.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MonOff\Source\monoff10.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MonOff\Source\MonitorOff_inPF\unins000.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\Source\021115_Werner\keygen_mm.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\Source\021115_Werner\MacroMagic.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\Source\021115_Werner\MacroMagic.zip\MacroMagic.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\Source\021115_Werner\MacroMagic.zip\MacroMagic4-1T EPSMM41T.ZIP\keygen_mm.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\Source\021115_Werner\MacroMagic.zip\MacroMagic4-1T EPSMM41T.ZIP was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\Source\021115_Werner\MacroMagic.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\Source\021115_Werner\MacroMagic4-1T EPSMM41T.ZIP\keygen_mm.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\Source\021115_Werner\MacroMagic4-1T EPSMM41T.ZIP was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\Source\021115_ver41t\mmagic.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\Source\021115_ver41t\MMagic_tut.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\MacroMagic\PFCopy\Iolo\Macro Magic\EventHook.dll was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\CacheBoost\Source\Cacheboost_setupcbp_from_site_050123.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\CacheBoost\Source\Zipped\CacheBoost_Pro_4.zip\cbpro_emt.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\CacheBoost\Source\Zipped\CacheBoost_Pro_4.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\CacheBoost\Source\UnZip\cbpro_emt.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\Audio\ct5880\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\Audio\ct5880\Source\ct5880_xp_512.zip\ensmix32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\NotInst\a_COMPUT\a_G1200\XP\MOTHERBOARD\Gigabtye\Audio\ct5880\Source\ct5880_xp_512.zip was aborted [F-Secure AVP]
File C:\PrgFiles\Inst\WinZip\Source\V90_SR-1\Must_Overwrite_earlierv90_with_this_winzip90.exe\SETUP.WZ\WINZIP32.EX_ is encrypted
File C:\PrgFiles\Inst\WinZip\Source\V90\winzip90.exe\SETUP.WZ\WINZIP32.EX_ is encrypted
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p4p2\vnc-P4_4_2-x86_x64_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p8\v4p2p8_windows\vnc-P4_2_8-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p8\v4p2p8_windows\vnc-P4_2_8-x86_win32.zip\vnc-P4_2_8-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p8\v4p2p8_windows\vnc-P4_2_8-x86_win32.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p8\v4p2p8_mirror\vnc-mirror-1_7-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p8\v4p2p8_mirror\vnc-mirror-1_7-x86_win32.zip\vnc-mirror-1_7-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p8\v4p2p8_mirror\vnc-mirror-1_7-x86_win32.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p6\v4p2p6_windows\vnc-P4_2_6-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p6\v4p2p6_windows\vnc-P4_2_6-x86_win32.zip\vnc-P4_2_6-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p6\v4p2p6_windows\vnc-P4_2_6-x86_win32.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p5\v4p2p5_windows\vnc-P4_2_5-x86_win32_Personal_Ed_v4p2pp5_060630.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p5\v4p2p5_windows\vnc-P4_2_5-x86_win32_Personal_Ed_v4p2pp5_060630.zip\vnc-P4_2_5-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Personal_Edition\Source\v4p2p5\v4p2p5_windows\vnc-P4_2_5-x86_win32_Personal_Ed_v4p2pp5_060630.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Basic_Edition_Free\Source\v4p12\vnc-4_1_2-x86_win32_060630.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Basic_Edition_Free\Source\v4p12\vnc-4_1_2-x86_win32_060630.zip\vnc-4_1_2-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Basic_Edition_Free\Source\v4p12\vnc-4_1_2-x86_win32_060630.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Basic_Edition_Free\Source\v4p11\v4p11_windows\vnc-4_1_1-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Basic_Edition_Free\Source\v4p11\v4p11_windows\vnc-4_1_1-x86_win32_050316.zip\vnc-4_1_1-x86_win32.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\VNC\Basic_Edition_Free\Source\v4p11\v4p11_windows\vnc-4_1_1-x86_win32_050316.zip was aborted [F-Secure AVP]
Cannot open a file in archive C:\PrgFiles\Inst\Virtual_PC_2007\Source\v1\MS_vPC2007_setup_070228.exe\AdditionsISO
Cannot open a file in archive C:\PrgFiles\Inst\Tray Manager\Source\tman_src.zip\trayman.rc
Cannot open a file in archive C:\PrgFiles\Inst\Tray Manager\Source\traymgr.zip\My Documents\pcm\Util\TrayMgr2\upload\tman_src.zip\trayman.rc
Scanning of C:\PrgFiles\Inst\TclockEx\Source_Other\monoff10.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\TclockEx\Source\tclockex.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\StartupCPL.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\StartupCPL.zip\StartupCPL.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\StartupCPL.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\z_Mike Lins Misc Progs\Progs\Binary.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\z_Mike Lins Misc Progs\Progs\Clipomatic20.zip\Clipomatic.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\z_Mike Lins Misc Progs\Progs\Clipomatic20.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\z_Mike Lins Misc Progs\Progs\StartupCPL.zip\StartupCPL.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\z_Mike Lins Misc Progs\Progs\StartupCPL.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\z_Mike Lins Misc Progs\Misc\Progs\RdocEx.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\z_Mike Lins Misc Progs\Misc\Progs\RegSvrEx.zip\RegSvrEx.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\z_Mike Lins Misc Progs\Misc\Progs\RegSvrEx.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\Source_Other\Binary.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\Source_Other\Clipomatic20.zip\Clipomatic.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\Source_Other\Clipomatic20.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\Source_Other\RdocEx.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\Source_Other\RegSvrEx.zip\RegSvrEx.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Startup\Source_Other\RegSvrEx.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\SQLServer\Source\SQLSrvrExpress2005.zip\SQLSrvrExpress2005\SQLEXPR_ADV.EXE\setup\sqlrun_sql.msi\stream 6 was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\SQLServer\Source\SQLSrvrExpress2005.zip\SQLSrvrExpress2005\SQLEXPR_ADV.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\SQLServer\Source\SQLSrvrExpress2005.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Skype_Net\Source\v2_00_107\SkypeSetup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Skype_Net\Source\v2_00_103\SkypeSetup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Skype_Net\Source\v2_00_08\SkypeSetup_v2p00p08.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Skype_Net\Source\v1_4\SkypeSetup_v1p4_060101.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Skype_Net\Source\v1_1_0_79\SkypeSetup_v_1_1_0_79_on_050130.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Skype_Net\Source\v1_1_0_61\SkypeSetup_ver1_1_0_61.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Skype_Net\Source\v1_00\SkypeSetup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Skype_Net\Source\v0_98\SkypeSetup-Beta.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Skype_Net\Source\v0_97\SkypeSetup-Beta.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\SisoftSANDRA\Source\Sisoft_SANDRA_LITE_2005_SR3_san2005[1].SR3-1069-CNET_060504.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\SisoftSANDRA\Source\Sisoft_SANDRA_Lite_for_WindowsME_san2004.SP2b-9133-Win32-GRU_060504.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\PivotCalc\PivotCalc1.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\PivotCalc\Source\PivotCalc1.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MySql_DBManager\Source\DBManager.zip\DBManager\setup323.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MySql_DBManager\Source\DBManager.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MySql_DBManager\Source\DBManager\setup323.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MySqlAdministrator\mysql-gui-tools-5.0-r11a-win32.zip\mysql-gui-tools-5.0-r11a-win32.msi\stream 63 was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MySqlAdministrator\mysql-gui-tools-5.0-r11a-win32.zip\mysql-gui-tools-5.0-r11a-win32.msi was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MySqlAdministrator\mysql-gui-tools-5.0-r11a-win32.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MySql\Source\mysql-5.0.37-win32.zip\Setup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MySql\Source\mysql-5.0.37-win32.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MySql\Source\Setup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MSSQLServer\Source\SQLSrvrExpress2005\SQLEXPR_ADV.EXE\setup\sqlrun_sql.msi\stream 6 was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\MSSQLServer\Source\SQLSrvrExpress2005\SQLEXPR_ADV.EXE was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\Mozy\Source\v1p8p0p3\mozy-1_8_0_3.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\DynDNS\Source\v3p1p0p15\dyndns-setup.zip\Setup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\DynDNS\Source\v3p1p0p15\dyndns-setup.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\DynDNS\Source\v3p1p0p15\Setup.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\DiskTest\DiskTest.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\DiskTest\Source\DiskTest.zip\DiskTest.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\DiskTest\Source\DiskTest.zip was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\AdAware\gspypro.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\AdAware\Source\ver6p181\aaw6181.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\Inst\AdAware\Source\ver6p0\aaw6.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\aMBSupp\PcOnPoint\Source\PConPoint_v3p5_060528.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\aMBSupp\Nero\Source\050307\Nero-6.6.0.8_050307_exp_050331.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\aMBSupp\AdAware\gspypro.exe was aborted [F-Secure AVP]
Scanning of C:\PrgFiles\aMBSupp\AdAware\Source\ver6p0\aaw6.exe was aborted [F-Secure AVP]
Scanning of C:\Finance3\___Temp_Werner\Visual_Basic\visual_basic_6.exe was aborted [F-Secure AVP]
Scanning of C:\Finance3\___Temp_Werner\Metastock\Source\Metastock.8.0.RT.[programa+serial.number+manual.pdf.castellano].rar was aborted [F-Secure AVP]
Scanning of C:\Finance3\___Temp_Werner\MacroMagic\Source\MacroMagic.zip\MacroMagic.exe was aborted [F-Secure AVP]
Scanning of C:\Finance3\___Temp_Werner\MacroMagic\Source\MacroMagic.zip\MacroMagic4-1T EPSMM41T.ZIP\keygen_mm.exe was aborted [F-Secure AVP]
Scanning of C:\Finance3\___Temp_Werner\MacroMagic\Source\MacroMagic.zip\MacroMagic4-1T EPSMM41T.ZIP was aborted [F-Secure AVP]
Scanning of C:\Finance3\___Temp_Werner\MacroMagic\Source\MacroMagic.zip was aborted [F-Secure AVP]
C:\Finance2\Wealth_Lab_v4\060602\Source\Keys\Zips\WL Index-Lab for Wealth-Lab v301 d-il3011.zip\keygen.exe Infection: Trojan.Win32.Genome.lzl
C:\Finance2\Wealth_Lab_v4\060602\Source\Keys\Zips\WL Index-Lab for Wealth-Lab v301 d-il3011.zip Infection: Trojan.Win32.Genome.lzl Action: Renamed.
C:\Finance2\Wealth_Lab_v4\060602\Source\Keys\Zips\WL MonteCarlo-Lab d-mc302x.zip\keygen.exe Infection: Trojan.Win32.Genome.rrq
C:\Finance2\Wealth_Lab_v4\060602\Source\Keys\Zips\WL MonteCarlo-Lab d-mc302x.zip Infection: Trojan.Win32.Genome.rrq Action: Renamed.
C:\Finance2\Wealth_Lab_v4\060602\Source\Keys\Zips\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip\keygen.exe Infection: Trojan.Win32.Genome.sdb
C:\Finance2\Wealth_Lab_v4\060602\Source\Keys\Zips\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip Infection: Trojan.Win32.Genome.sdb Action: Renamed.
C:\Finance2\Wealth_Lab_v4\060602\Source\Keys\Unzips\Neuro-Lab\keygen.exe Infection: Trojan.Win32.Genome.sdb Action: Renamed.
C:\Finance2\Wealth_Lab_v4\060602\Source\Keys\Unzips\MonteCarlo-Lab\keygen.exe Infection: Trojan.Win32.Genome.rrq Action: Renamed.
C:\Finance2\Wealth_Lab_v4\060602\Source\Keys\Unzips\Index-Lab\keygen.exe Infection: Trojan.Win32.Genome.lzl Action: Renamed.
Scanning of C:\Finance2\Wealth_Lab_v4\060602\as in PF\Wealth-Lab, Inc\Wealth-Lab Developer 4.0\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance2\Visual_Basic\visual_basic_6.exe was aborted [F-Secure AVP]
Scanning of C:\Finance2\MetastockPro\Source\Metastock\MetastockProgram\Source\Metastock.8.0.RT.[programa+serial.number+manual.pdf.castellano].rar was aborted [F-Secure AVP]
Scanning of C:\Finance2\Iolo\Macro Magic\EventHook.dll was aborted [F-Secure AVP]
Scanning of C:\Finance2\Iolo\Macro Magic\keygen_mm.exe was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\z_Prior_040824_updates\Wealth-Lab, Inc\Wealth-Lab Developer 3.0\IBAdapter.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\z_Prior_040824_updates\Wealth-Lab, Inc\Wealth-Lab Developer 3.0\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\z_Prior_040824_updates\Wealth-Lab, Inc\Wealth-Lab Developer 3.0\RuleBuilder.exe was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\z_Prior_040824_updates\Wealth-Lab, Inc\Wealth-Lab Developer 3.0\WLDMigration.exe was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\z_Prior_040824_updates\Wealth-Lab, Inc\Wealth-Lab Developer 3.0\WLNeuro3.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\z_As_Orig_In_PF\Wealth-Lab Developer 3.0\Orig\IBAdapter.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\z_As_Orig_In_PF\Wealth-Lab Developer 3.0\Orig\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\zz_As_Installed_on_050221_prior_Chartscript_Additions_&_Mods\Wealth-Lab, Inc\Wealth-Lab Developer 3.0\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\zz_As_Installed_on_050221_prior_Chartscript_Additions_&_Mods\Wealth-Lab, Inc\Wealth-Lab Developer 3.0\WLNeuro3.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\zTemp_see_this\from_070224_z_updated\Wealth-Lab, Inc\Wealth-Lab Developer 3.0\IBAdapter.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\zTemp_see_this\from_070224_z_updated\Wealth-Lab, Inc\Wealth-Lab Developer 3.0\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\Zips\QTAdapterSource_050221.zip\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\Zips\QTAdapterSource_050221.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\Zips\QuoteTracker8_050221.zip\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\Zips\QuoteTracker8_050221.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\Zips\QuoteTracker8_AdapterDLL_050221.zip\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\Zips\QuoteTracker8_AdapterDLL_050221.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\Main\RTsouceProgs\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\Main\RTsouceProgs\AdapterSource\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\050221\Main\RTsouceProgs\Adapter\QuoteTracker.dll was aborted [F-Secure AVP]
C:\Finance\Wealth-Lab_v3\Source\050221\Main\Keys\NL\keygen.exe Infection: Trojan.Win32.Genome.sdb Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\050221\Main\Keys\NL\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip\keygen.exe Infection: Trojan.Win32.Genome.sdb
C:\Finance\Wealth-Lab_v3\Source\050221\Main\Keys\NL\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip Infection: Trojan.Win32.Genome.sdb Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\050221\Main\Keys\MC\keygen.exe Infection: Trojan.Win32.Genome.rrq Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\050221\Main\Keys\MC\WL MonteCarlo-Lab d-mc302x.zip\keygen.exe Infection: Trojan.Win32.Genome.rrq
C:\Finance\Wealth-Lab_v3\Source\050221\Main\Keys\MC\WL MonteCarlo-Lab d-mc302x.zip Infection: Trojan.Win32.Genome.rrq Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\050221\Main\Keys\IL\keygen.exe Infection: Trojan.Win32.Genome.lzl Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\050221\Main\Keys\IL\WL Index-Lab for Wealth-Lab v301 d-il3011.zip\keygen.exe Infection: Trojan.Win32.Genome.lzl
C:\Finance\Wealth-Lab_v3\Source\050221\Main\Keys\IL\WL Index-Lab for Wealth-Lab v301 d-il3011.zip Infection: Trojan.Win32.Genome.lzl Action: Renamed.
Scanning of C:\Finance\Wealth-Lab_v3\Source\040805\Zips\QuoteTracker8_040531.zip\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040805\Zips\QuoteTracker8_040531.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040229\Zips\IBAdapter10.zip\IBAdapter.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040229\Zips\IBAdapter10.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040229\Unzips\IBAdapter.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Zips\IBAdapter9.zip\IBAdapter.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Zips\IBAdapter9.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Zips\QuoteTracker7.zip\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Zips\QuoteTracker7.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Zips\RuleBuilder.zip\RuleBuilder.exe was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Zips\RuleBuilder.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Zips\WLDMigration.zip\WLDMigration.exe was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Zips\WLDMigration.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Unzips\IBAdapter.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Unzips\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Unzips\RuleBuilder.exe was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\040117\Unzips\WLDMigration.exe was aborted [F-Secure AVP]
C:\Finance\Wealth-Lab_v3\Source\040117\Keys\Zips\WL Index-Lab for Wealth-Lab v301 d-il3011.zip\keygen.exe Infection: Trojan.Win32.Genome.lzl
C:\Finance\Wealth-Lab_v3\Source\040117\Keys\Zips\WL Index-Lab for Wealth-Lab v301 d-il3011.zip Infection: Trojan.Win32.Genome.lzl Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\040117\Keys\Zips\WL MonteCarlo-Lab d-mc302x.zip\keygen.exe Infection: Trojan.Win32.Genome.rrq
C:\Finance\Wealth-Lab_v3\Source\040117\Keys\Zips\WL MonteCarlo-Lab d-mc302x.zip Infection: Trojan.Win32.Genome.rrq Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\040117\Keys\Zips\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip\keygen.exe Infection: Trojan.Win32.Genome.sdb
C:\Finance\Wealth-Lab_v3\Source\040117\Keys\Zips\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip Infection: Trojan.Win32.Genome.sdb Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\040117\Keys\Unzips\Neuro-Lab\keygen.exe Infection: Trojan.Win32.Genome.sdb Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\040117\Keys\Unzips\MonteCarlo-Lab\keygen.exe Infection: Trojan.Win32.Genome.rrq Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\040117\Keys\Unzips\Index-Lab\keygen.exe Infection: Trojan.Win32.Genome.lzl Action: Renamed.
Scanning of C:\Finance\Wealth-Lab_v3\Source\031224\Zips\IBAdapter8.zip\IBAdapter.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\031224\Zips\IBAdapter8.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\031224\Zips\QuoteTracker6.zip\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\031224\Zips\QuoteTracker6.zip was aborted [F-Secure AVP]
C:\Finance\Wealth-Lab_v3\Source\031224\Zips\WL Index-Lab for Wealth-Lab v301 d-il3011.zip\keygen.exe Infection: Trojan.Win32.Genome.lzl
C:\Finance\Wealth-Lab_v3\Source\031224\Zips\WL Index-Lab for Wealth-Lab v301 d-il3011.zip Infection: Trojan.Win32.Genome.lzl Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\031224\Zips\WL MonteCarlo-Lab d-mc302x.zip\keygen.exe Infection: Trojan.Win32.Genome.rrq
C:\Finance\Wealth-Lab_v3\Source\031224\Zips\WL MonteCarlo-Lab d-mc302x.zip Infection: Trojan.Win32.Genome.rrq Action: Renamed.
C:\Finance\Wealth-Lab_v3\Source\031224\Zips\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip\keygen.exe Infection: Trojan.Win32.Genome.sdb
C:\Finance\Wealth-Lab_v3\Source\031224\Zips\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip Infection: Trojan.Win32.Genome.sdb Action: Renamed.
Scanning of C:\Finance\Wealth-Lab_v3\Source\031224\Zips\WLDMigration.zip\WLDMigration.exe was aborted [F-Secure AVP]
Scanning of C:\Finance\Wealth-Lab_v3\Source\031224\Zips\WLDMigration.zip was aborted [F-Secure AVP]
Scanning of C:\Finance\CMCMarkets\MarketMaker\Source\060510onASR1\Source\Spreadbet_MM5_Installer.exe\Windows\resource\jre\lib\rt.jar was aborted [F-Secure AVP]
Scanning of C:\Finance\CMCMarkets\MarketMaker\Source\060510onASR1\Source\Spreadbet_MM5_Installer.exe was aborted [F-Secure AVP]
Scanning of C:\Finance\CMCMarkets\MarketMaker\Source\060505onRB200\Source\Spreadbet_MM5_Installer_040507.exe\Windows\resource\jre\lib\rt.jar was aborted [F-Secure AVP]
Scanning of C:\Finance\CMCMarkets\MarketMaker\Source\060505onRB200\Source\Spreadbet_MM5_Installer_040507.exe was aborted [F-Secure AVP]
Scanning of C:\Finance\CMCMarkets\MarketMaker\Source\051110\Spreadbet_MM5_Installer.exe\Windows\resource\jre\lib\rt.jar was aborted [F-Secure AVP]
Scanning of C:\Finance\CMCMarkets\MarketMaker\Source\051110\Spreadbet_MM5_Installer.exe was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Local Settings\Temp\aax192.tmp.exe was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Local Settings\Temp\CopyUpdate.exe was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Local Settings\Temp\DWPInstaller.exe was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Local Settings\Temp\SQLEXPR_ADV.EXE\setup\sqlrun_rs.msi was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Local Settings\Temp\SQLEXPR_ADV.EXE\setup\sqlrun_sql.msi\stream 6 was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Local Settings\Temp\SQLEXPR_ADV.EXE was aborted [F-Secure AVP]
Cannot open file C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Toolbar History\counters
Scanning of C:\Documents and Settings\Robert\Desktop\DESKTOP IN HERE MOP\CuteWriter.exe was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Desktop\DESKTOP IN HERE MOP\keymouse.exe was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Desktop\DESKTOP IN HERE MOP\php_manual_en.chm was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Desktop\DESKTOP IN HERE MOP\teeth_saver_pc.zip\teeth_saver_pc_setup.exe was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Desktop\DESKTOP IN HERE MOP\teeth_saver_pc.zip was aborted [F-Secure AVP]
Scanning of C:\Documents and Settings\Robert\Desktop\DESKTOP IN HERE MOP\teeth_saver_pc_setup.exe was aborted [F-Secure AVP]
File C:\Documents and Settings\Robert\Desktop\DeskTidyUp\LTV2\FACT_TABLE_FINAL.zip\FACT_TABLE_FINAL.xls is encrypted
Cannot open file C:\Documents and Settings\Robert\Application Data\ispnews\ispn.ini
Scanning of C:\Documents and Settings\All Users\Documents\WindowsXP-KB835935-SP2-ENU.exe was aborted [F-Secure AVP]
Scanning of C:\CFPSETUP\CFPSetup.EXE was aborted [F-Secure AVP]
Scanning of C:\CFPSETUP\vbrt.EXE was aborted [F-Secure AVP]
Scanning of D:\CRAIG\SCCH\CB_Jobs.zip\CB_Jobs\Done_QQQ_EmilyCourseReviews\FINAL\MoveAllTheFilesContainedHeretoyourCdriveandRunMacros1234.zip\MoveAllTheFilesContainedHeretoyourCdriveandRunMacros1234\Statistics2_2009SummerCR.mdb was aborted [F-Secure AVP]
Scanning of D:\CRAIG\SCCH\CB_Jobs.zip was aborted [F-Secure AVP]
Scanning of D:\CRAIG\SCCH\MoveAllTheFilesContainedHeretoyourCdriveandRunMacros1234.zip\MoveAllTheFilesContainedHeretoyourCdriveandRunMacros1234\Statistics2_2009SummerCR.mdb was aborted [F-Secure AVP]
Scanning of D:\CRAIG\SCCH\CB_Jobs\Done_QQQ_EmilyCourseReviews\FINAL\MoveAllTheFilesContainedHeretoyourCdriveandRunMacros1234.zip\MoveAllTheFilesContainedHeretoyourCdriveandRunMacros1234\Statistics2_2009SummerCR.mdb was aborted [F-Secure AVP]
Scanning of D:\CRAIG\SCCH\CB_Jobs\Done_QQQ_EmilyCourseReviews\FINAL\SummerCourseReviews2009_SecondWave_Reports.zip\SummerCourseReviews2009_SecondWave_Reports\Statistics2_2009SummerCR_2WaveReports.mdb was aborted [F-Secure AVP]
Scanning of D:\CRAIG\PSYCLE\PsycleInstallerSSE2-1.8.6.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_WinXP\I386\DRIVER.CAB was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_VDataFlex\VDataFlex\vdf\VDF12\VDF12.0.65.0.Studio.Alpha5.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_VDataFlex\VDataFlex\vdf\Down_One_Level\VDF11.1.StudioDownload.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_VDataFlex\VDataFlex\vdf\Down_One_Level\WinprintViewer.10.1.4.0.zip\WinprintViewer.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_VDataFlex\VDataFlex\vdf\Down_One_Level\WinprintViewer.10.1.4.0.zip\WinPrint.dll was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_VDataFlex\VDataFlex\vdf\Down_One_Level\WinprintViewer.10.1.4.0.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_VDataFlex\VDataFlex\vdf\doc\VDF11.0.69.0.Alpha5.Help.zip\Help\VdfClassRef.chm was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_VDataFlex\VDataFlex\vdf\doc\VDF11.0.69.0.Alpha5.Help.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_VDataFlex\VDataFlex\vdf\doc\vdf9help.zip\VDFClassRef.chm was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_VDataFlex\VDataFlex\vdf\doc\vdf9help.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_VDataFlex\VDataFlex\vdf\archive\Multipart\Setup62.EXE was aborted [F-Secure AVP]
Cannot open a file in archive D:\BOBBLE\zzz\z_Pub98\MSIE\MSGMS_2.CAB
Cannot open a file in archive D:\BOBBLE\zzz\z_Pub98\MSIE\MSGMS_3.CAB
Scanning of D:\BOBBLE\zzz\z_OffXP\FILES\PFILES\MSOFFICE\OFFICE10\1033\HTMLREF.CHM was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_OffXP\FILES\PFILES\MSOFFICE\OFFICE10\1033\VBAWD10.CHM was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_M2M32-SLI Deluxe\Software\AntiVirus\TC\NIS2006\NIS.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\zzz\z_M2M32-SLI Deluxe\Software\AntiVirus\EN\NIS2006\NIS.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\____Temp\My Documents\_Temp\060510\Registry_Cleaner\Zip\amust_registry_cleaner_30.zip\amust_registry_cleaner_30.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\____Temp\My Documents\_Temp\060510\Registry_Cleaner\Zip\amust_registry_cleaner_30.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\____Temp\My Documents\_Temp\060510\Registry_Cleaner\Zip\amust_registry_cleaner_30b.zip\amust_registry_cleaner_30.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\____Temp\My Documents\_Temp\060510\Registry_Cleaner\Zip\amust_registry_cleaner_30b.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\____Temp\My Documents\_Temp\060510\Registry_Cleaner\Unzip\amust_registry_cleaner_30.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\____Temp\My Documents\_Temp\060510\Cornerstone\DTI\mininstall.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\____Temp\My Documents\_Temp\060510\Awaiting\SkypeSetup.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\____Temp\Craig\Craig_VNC_PE_v4p2p5.zip\vnc-P4_2_5-x86_win32.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\____Temp\Craig\Craig_VNC_PE_v4p2p5.zip was aborted [F-Secure AVP]
File D:\BOBBLE\yyData\___bTemp\___Courses_2\WinZip\Source\winzip90.exe\SETUP.WZ\WINZIP32.EX_ is encrypted
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses_2\Werner\From Werner\040313\isobuster_eng.zip\IsoBuster 1.5 (English Only) Setup.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses_2\Werner\From Werner\040313\isobuster_eng.zip was aborted [F-Secure AVP]
File D:\BOBBLE\yyData\___bTemp\___Courses_2\SureFire\SureFire_Money_Management.exe\pgmins.ini is encrypted
D:\BOBBLE\yyData\___bTemp\___Courses_2\Misc\Misc7\WL Index-Lab for Wealth-Lab v301 d-il3011.zip\keygen.exe Infection: Trojan.Win32.Genome.lzl
D:\BOBBLE\yyData\___bTemp\___Courses_2\Misc\Misc7\WL Index-Lab for Wealth-Lab v301 d-il3011.zip Infection: Trojan.Win32.Genome.lzl Action: Renamed.
D:\BOBBLE\yyData\___bTemp\___Courses_2\Misc\Misc7\WL MonteCarlo-Lab d-mc302x.zip\keygen.exe Infection: Trojan.Win32.Genome.rrq
D:\BOBBLE\yyData\___bTemp\___Courses_2\Misc\Misc7\WL MonteCarlo-Lab d-mc302x.zip Infection: Trojan.Win32.Genome.rrq Action: Renamed.
D:\BOBBLE\yyData\___bTemp\___Courses_2\Misc\Misc7\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip\keygen.exe Infection: Trojan.Win32.Genome.sdb
D:\BOBBLE\yyData\___bTemp\___Courses_2\Misc\Misc7\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip Infection: Trojan.Win32.Genome.sdb Action: Renamed.
Cannot open a file in archive D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\timer_040903.zip\SETUP.LST
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\r7\Clocks\R7_Speaking_Clock_spcl25.zip\install.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\r7\Clocks\R7_Speaking_Clock_spcl25.zip was aborted [F-Secure AVP]
Cannot open a file in archive D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\r7\Clocks\R7_timer_040703.zip\SETUP.LST
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\r7\Clocks\R7_VersaTimer_vtmr101.zip\packages\install.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\r7\Clocks\R7_VersaTimer_vtmr101.zip was aborted [F-Secure AVP]
Cannot open a file in archive D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\Misc1\CCI_timer_040926.zip\SETUP.LST
Cannot open a file in archive D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\Misc1\timer_040628.zip\SETUP.LST
Cannot open a file in archive D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\General\timer_040903.zip\SETUP.LST
Cannot open a file in archive D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\EminiTraders\Woodies_New_Clock\Timer1.CAB
Cannot open a file in archive D:\BOBBLE\yyData\___bTemp\___Courses_2\CCI\EminiTraders\Woodies_New_Clock\Woodies_New_Clock_timer.zip
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\040117\Source\IBAdapter9.zip\IBAdapter.dll was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\040117\Source\IBAdapter9.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\040117\Source\QuoteTracker7.zip\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\040117\Source\QuoteTracker7.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\040117\Source\RuleBuilder.zip\RuleBuilder.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\040117\Source\RuleBuilder.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\040117\Source\WLDMigration.zip\WLDMigration.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\040117\Source\WLDMigration.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\IBAdapter8.zip\IBAdapter.dll was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\IBAdapter8.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\QuoteTracker6.zip\QuoteTracker.dll was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\QuoteTracker6.zip was aborted [F-Secure AVP]
D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\WL Index-Lab for Wealth-Lab v301 d-il3011.zip\keygen.exe Infection: Trojan.Win32.Genome.lzl
D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\WL Index-Lab for Wealth-Lab v301 d-il3011.zip Infection: Trojan.Win32.Genome.lzl Action: Renamed.
D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\WL MonteCarlo-Lab d-mc302x.zip\keygen.exe Infection: Trojan.Win32.Genome.rrq
D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\WL MonteCarlo-Lab d-mc302x.zip Infection: Trojan.Win32.Genome.rrq Action: Renamed.
D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip\keygen.exe Infection: Trojan.Win32.Genome.sdb
D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\WL Neuro-Lab for Wealth-Lab v304 d-nl3041.zip Infection: Trojan.Win32.Genome.sdb Action: Renamed.
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\WLDMigration.zip\WLDMigration.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Wealth-Labs\WL3\031224\Source\WLDMigration.zip was aborted [F-Secure AVP]
File D:\BOBBLE\yyData\___bTemp\___Courses\TFB\2005\Pdfs\SureFire_Money_Management.exe\pgmins.ini is encrypted
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Metastock\MetastockProgram\Source\Metastock.8.0.RT.[programa+serial.number+manual.pdf.castellano].rar was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Dataflex\VDF9.0.29.1.EXE was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Dataflex\VDF9.1.55.0.Beta2.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Dataflex\vdf9help.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___Courses\Dataflex\VDFClient9.0.29.1.EXE was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___A_See\___Computers\aaa___WindowsXP\PowerToys_VSS.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___A_See\___Computers\aaa___Skype_Net\Source\SkypeSetup-Beta.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___A_See\___Computers\aaa___AtomicTime_Com\AtomTime_atpro31a.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___A_See\aaa___TheMasterofTrading_Com\MarketMaster.exe\Market Master.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___A_See\aaa___TheMasterofTrading_Com\MarketMaster.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___A_See\aaa___QuoteTracker_Com\Source\050722\QuoteTracker_qtsetup_v3p6p3_050722.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___A_See\aaa___ProfitRun_Com\Pdfs\Bill_Poulos_Futures_Trading_Handbook_051023.exe was aborted [F-Secure AVP]
File D:\BOBBLE\yyData\___bTemp\___A_See\aaa___PFGForex_Com\Source\PFGForexCharts_EN_5.3.4.83_050601.exe\startup.apm\amsdata.dat is encrypted
Scanning of D:\BOBBLE\yyData\___bTemp\___A_See\aaa___MetaQuote_Com\Source\mt4setup.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\___A_See\aaa___FractalsEdge_Com\Source\050817\SetupFractalsEdgeAdvancedDemo_050817.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\060418\CMC\Source\Spreadbet_MM5_Installer_040507.exe\Windows\resource\jre\lib\rt.jar was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\060418\CMC\Source\Spreadbet_MM5_Installer_040507.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\0602xx\__Needs_Attention\Free_Registry_Fix_v3p9_50Times_frfdownload_060401.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\0601xx\_Await4_0512xx\Fractal_Edge_SetupFractalsEdgeAdvancedDemo_051226.exe was aborted [F-Secure AVP]
File D:\BOBBLE\yyData\___bTemp\__MyDocs\0601xx\aaa___ScientificTrader_Com\Pdfs\ScientificTrader_Com - Money_Management_060111.exe\pgmins.ini is encrypted
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\0601xx\aaa___FractalsEdge_Com\Source\SetupFractalsEdgeAdvancedDemo_060109.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\0601xx\aaa___eminiMaster_Com\Source\eminiMaster_Com - setup_27thApr2005_060108.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\0601xx\aaa___eminiMaster_Com\Source\eminiMaster_Com - setup_BAKALARON_26thApr2005_060108.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\0601xx\aaa___eminiMaster_Com\Source\eminiMaster_Com - setup_BAK_16thJan2005_060108.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\_Awaiting4\Bill_Poulos_Futures_Trading_Handbook_051023.exe was aborted [F-Secure AVP]
File D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\_Awaiting3\ScientificTrader_Com - Money_Management_050921.exe\pgmins.ini is encrypted
File D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\_Awaiting2\ScientificTrader_Com - Money_Managementb_050908.exe\pgmins.ini is encrypted
File D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\_Awaiting2\ScientificTrader_Com - Money_Management_050908.exe\pgmins.ini is encrypted
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\_Awaiting1\_Temp\Temp_02\PDF_writer_Pw2pdf_setup_050311.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\_Awaiting1\_Temp\Temp_02\Universal_Document_Converter_v3p1_udc_dc_050311.zip\udc_dc.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\_Awaiting1\_Temp\Temp_02\Universal_Document_Converter_v3p1_udc_dc_050311.zip was aborted [F-Secure AVP]
File D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\_Awaiting1\_Temp\SureFire\SureFire_Money_Management.exe\pgmins.ini is encrypted
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\aaa___QuoteTracker_Com\Source\050722\QuoteTracker_qtsetup_v3p6p3_050722.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\aaa___EminiMaster_Com\Source\050831\EminiMaster_Com - setup.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\aaa___EminiMaster_Com\Source\050831\EminiMaster_Com - setup_050831.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\aaa___EminiMaster_Com\Source\050831\EminiMaster_Com - setup_BAKALARON_050831.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___bTemp\__MyDocs\051212pre\_Temp\aaa___EminiMaster_Com\Source\050831\EminiMaster_Com - setup_BAK_050831.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___aTemp\aaa___gciTrading_Com\Htms3\setup.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___aTemp\aaa___Digitalminer_Com\hkcontrol.zip\hkcontrol.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\___aTemp\aaa___Digitalminer_Com\hkcontrol.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\accelweb.zip\accdemo.exe\Accelerate.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\accelweb.zip\accdemo.exe\setup.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\accelweb.zip\accdemo.exe\startup1.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\accelweb.zip\accdemo.exe\unacc.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\accelweb.zip\accdemo.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\accelweb.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\inboxspe.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\inbxspec.zip\inboxspe.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\inbxspec.zip was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\n2p10066.exe\Net2fone.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\n2p10066.exe\N2pFax.dll was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\n2p10066.exe was aborted [F-Secure AVP]
Scanning of D:\BOBBLE\yyData\__CD\CD_folders\zzzF_temp\Hemscott\tb3setup.exe was aborted [F-Secure AVP]

Files
Scanned: 516767
Infected: 45
Suspected: 0
Disinfected: 0
Deleted: 0
Renamed: 27

Time: 16:16:18


This lead me to believe i have a trojan called genome. Maybe you know this one.

Can you give me an idea what this may be doing. It seems to involve the internet as the modem has started doing unusual things too (always connected....)

Hope you can help me,

Craig




Appendix A <FSecure20100119> attachment and Italics below

LOG file FOR SYSTEM SCAN for CBowen
--------------------------------------

Scanning Report
19 January 2010 12:29:32 - 12:29:32
Computer name: SIRIUS2
Scanning type: Scan system for spyware
Target: System


--------------------------------------------------------------------------------

Result
No malware found


--------------------------------------------------------------------------------

Statistics
Files:
Scanned: 0
System: 0
Not scanned: 0
Result:
Viruses: 0
Spyware: 0
Suspected: 0
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
Quarantined: 0
Failed: 0
Boot Sectors:
Scanned: 0
Infected: 0
Suspected: 0
Disinfected: 0


--------------------------------------------------------------------------------

Options
Definitions version:
Viruses: 2009-12-23_02
Spyware: 2009-06-18_09
Scanning Engines:
F-Secure AVP: 6.00.169, 2009-12-23
F-Secure Libra: 2.04.05, 2009-12-12
F-Secure Orion: 1.02.41, 2009-12-23
F-Secure Draco: 0.00.00, 0-00-00
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ANI AVB BAT CEO CMD JOB JPG LSP MAP MHT MIF PHP POT SWF WMF NWS TAR TGZ ZIP JAR ARJ LZH TAR TGZ GZ CAB RAR BZ2 HQX
Scan inside archives
Actions:
Viruses: Ask after scan
Spyware: Ask after scan

--------------------------------------------------------------------------------

Copyright © 1998-2005 Product support | Send virus sample to F-Secure
F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name. This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.

Attached Files


  • 0

Advertisements


#2
bowenc

bowenc

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Hi GtG,

Basically I need to clean up my computer of a particularly vicious nasty.

It seems to hijack the machine whenever any action is about to be taken against it which is very disconcerting!

Sorry to reply to my own post but i thought i'd better follow all the sinitial steps again
and post all relevant log files.

Just for info, the task manager shoots to 100% everytime the MBAM is run without fail.

Here goes with the procedure followed and logs,

1> Ran TFC and ERUNT.
2> Ran MBAM (see attached for screenshot of how computer reacts when MBAM shortcut even Hovered Over!)

Log file:

Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702


19/01/2010 17:36:54
mbam-log-2010-01-19 (17-36-54).txt


Scan type: Quick Scan
Objects scanned: 130952
Time elapsed: 11 minute(s), 47 second(s)


Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0


Memory Processes Infected:
(No malicious items detected)


Memory Modules Infected:
(No malicious items detected)


Registry Keys Infected:
(No malicious items detected)


Registry Values Infected:
(No malicious items detected)


Registry Data Items Infected:
(No malicious items detected)


Folders Infected:
(No malicious items detected)


Files Infected:
(No malicious items detected)

3> Ran GMER

ark.txt:


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-19 22:03:25
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Robert\LOCALS~1\Temp\kwldypog.sys



---- System - GMER 1.0.15 ----

SSDT \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) ZwCreateProcess [0xF75AE614]
SSDT \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) ZwCreateProcessEx [0xF75AE6A8]
SSDT \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) ZwCreateSection [0xF75AE01A]
SSDT \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) ZwWriteVirtualMemory [0xF75ADEE2]


Code \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) IoCreateDevice

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs FSfilter.sys

Device \Driver\Tcpip \Device\Ip fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
Device \Driver\Tcpip \Device\Tcp fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
Device \Driver\Tcpip \Device\Udp fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
Device \Driver\Tcpip \Device\RawIp fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
Device \Driver\Tcpip \Device\IPMULTICAST fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)


AttachedDevice \FileSystem\Fastfat \Fat FSfilter.sys
AttachedDevice \FileSystem\Fastfat \Fat FSrec.sys


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000d889efef8
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000d889efef8 (not active ControlSet)


---- EOF - GMER 1.0.15 ----

4A> Ran OTL

OTL.txt:

OTL logfile created on: 19/01/2010 22:10:21 - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Robert\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,023.00 Mb Total Physical Memory | 379.00 Mb Available Physical Memory | 37.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 131.84 Gb Total Space | 27.29 Gb Free Space | 20.70% Space Free | Partition Type: NTFS
Drive D: | 131.84 Gb Total Space | 46.12 Gb Free Space | 34.98% Space Free | Partition Type: NTFS
Drive E: | 15.78 Gb Total Space | 15.72 Gb Free Space | 99.60% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive R: | 31.73 Mb Total Space | 31.73 Mb Free Space | 100.00% Space Free | Partition Type: FAT

Computer Name: SIRIUS2
Current User Name: Robert
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/19 14:11:14 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Robert\Desktop\OTL.exe
PRC - [2009/12/06 01:23:00 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/12/06 01:23:00 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/04/28 20:59:58 | 00,297,056 | ---- | M] (F-Secure Corp.) -- C:\Program Files\TalkTalk Online Security\Anti-Virus\fsgk32.exe
PRC - [2009/04/28 20:59:58 | 00,255,072 | ---- | M] (F-Secure Corp.) -- C:\Program Files\TalkTalk Online Security\Anti-Virus\fssm32.exe
PRC - [2009/04/28 20:59:58 | 00,184,416 | ---- | M] (F-Secure Corporation) -- C:\Program Files\TalkTalk Online Security\Anti-Virus\FSAV32.exe
PRC - [2009/04/28 19:05:11 | 00,270,389 | ---- | M] (F-Secure Corp.) -- C:\Program Files\TalkTalk Online Security\backweb\81720\Program\fsbwsys.exe
PRC - [2009/04/28 19:05:08 | 00,032,807 | ---- | M] (BackWeb Technologies Inc. ) -- C:\Program Files\TalkTalk Online Security\backweb\81720\Program\ServiceWrapper-81720.exe
PRC - [2009/04/28 19:05:08 | 00,032,807 | ---- | M] (BackWeb Technologies Inc. ) -- C:\Program Files\TalkTalk Online Security\backweb\81720\Program\fspex.exe
PRC - [2008/11/06 15:45:58 | 01,605,632 | ---- | M] (Philips) -- C:\Program Files\Philips\SA30xx Device Manager\SA30XX_DeviceManager.exe
PRC - [2008/10/18 10:39:11 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/09/05 17:45:53 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
PRC - [2008/08/27 18:14:34 | 00,084,440 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe
PRC - [2008/08/12 05:25:27 | 00,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/08/04 13:45:16 | 05,779,456 | ---- | M] () -- C:\Program Files\XAMPP\mysql\bin\mysqld-nt.exe
PRC - [2008/06/23 19:04:22 | 00,094,208 | ---- | M] (Dynamic Network Services, Inc.) -- C:\Program Files\DynDNS Updater\DynUpPs.exe
PRC - [2008/06/23 19:04:20 | 00,086,016 | ---- | M] (Dynamic Network Services, Inc.) -- C:\Program Files\DynDNS Updater\DynTray.exe
PRC - [2008/06/12 10:42:26 | 02,139,504 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe
PRC - [2008/04/14 00:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008/04/14 00:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 00:12:17 | 00,015,872 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmremote.exe
PRC - [2008/02/26 21:08:50 | 29,183,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2007/04/27 08:41:54 | 00,282,624 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2007/04/04 08:48:52 | 00,480,776 | ---- | M] (Matrox Graphics Inc.) -- c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
PRC - [2007/04/04 08:48:42 | 00,087,560 | ---- | M] (Matrox Graphics Inc.) -- C:\WINDOWS\system32\mgabg.exe
PRC - [2007/04/04 08:48:34 | 01,771,016 | ---- | M] (Matrox Graphics Inc.) -- C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe
PRC - [2007/02/10 04:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2006/01/07 01:36:10 | 00,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2005/11/18 12:55:00 | 00,233,537 | ---- | M] (F-Secure Corporation) -- C:\Program Files\TalkTalk Online Security\FSGUI\fsguidll.exe
PRC - [2005/08/22 13:04:52 | 00,200,767 | ---- | M] (F-Secure Corporation) -- C:\Program Files\TalkTalk Online Security\FWES\program\fsdfwd.exe
PRC - [2005/08/15 23:12:02 | 00,192,512 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\TalkTalk\bin\sprtcmd.exe
PRC - [2005/06/07 07:39:32 | 00,159,792 | ---- | M] (F-Secure Corporation) -- C:\Program Files\TalkTalk Online Security\Anti-Virus\FSRW.exe
PRC - [2005/05/31 12:45:06 | 00,356,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\TalkTalk Online Security\FSGUI\ispnews.exe
PRC - [2005/05/09 07:05:50 | 00,270,387 | ---- | M] (F-Secure Corporation) -- C:\Program Files\TalkTalk Online Security\Common\FAMEH32.EXE
PRC - [2005/05/09 07:05:50 | 00,180,274 | ---- | M] (F-Secure Corporation) -- C:\Program Files\TalkTalk Online Security\Common\FSMB32.EXE
PRC - [2005/05/09 07:05:50 | 00,118,833 | ---- | M] (F-Secure Corporation) -- C:\Program Files\TalkTalk Online Security\Common\FSM32.EXE
PRC - [2005/05/09 07:05:50 | 00,065,585 | ---- | M] (F-Secure Corporation) -- C:\Program Files\TalkTalk Online Security\Common\FCH32.EXE
PRC - [2005/05/09 07:05:50 | 00,061,490 | ---- | M] (F-Secure Corporation) -- C:\Program Files\TalkTalk Online Security\Common\FSMA32.EXE
PRC - [2003/04/08 16:50:14 | 00,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PRC - [2001/12/12 05:00:02 | 00,102,400 | ---- | M] (SuperSpeed Software, Inc.) -- C:\WINDOWS\system32\SSCMntr.exe
PRC - [2001/09/04 09:15:22 | 00,045,056 | ---- | M] (F-Secure Corp.) -- C:\Program Files\TalkTalk Online Security\Anti-Virus\fsgk32st.exe
PRC - [2001/08/23 12:00:00 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsmsink.exe
PRC - [2000/10/18 19:57:00 | 00,040,960 | ---- | M] () -- C:\Program Files\TrayMan\NTStart.exe
PRC - [2000/10/18 19:56:58 | 00,081,920 | ---- | M] (Ziff Davis Media, Inc.) -- C:\Program Files\TrayMan\trayman.exe
PRC - [1999/07/03 23:00:00 | 00,099,840 | ---- | M] () -- C:\Program Files\WinKey\WinKey.exe


========== Modules (SafeList) ==========

MOD - [2010/01/19 14:11:14 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Robert\Desktop\OTL.exe
MOD - [2005/08/15 23:12:16 | 00,102,400 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\TalkTalk\bin\sprthook.dll
MOD - [2000/10/18 19:56:52 | 00,049,152 | ---- | M] () -- C:\Program Files\TrayMan\tmhook.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/06 01:23:00 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/04/28 21:02:56 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/04/28 19:05:11 | 00,270,389 | ---- | M] (F-Secure Corp.) [Auto | Running] -- C:\Program Files\TalkTalk Online Security\backweb\81720\program\fsbwsys.exe -- (fsbwsys)
SRV - [2009/04/28 19:05:08 | 00,032,807 | ---- | M] (BackWeb Technologies Inc. ) [Auto | Running] -- C:\Program Files\TalkTalk Online Security\backweb\81720\Program\ServiceWrapper-81720.exe -- (BackWeb Plug-in - 81720)
SRV - [2008/08/27 18:14:34 | 00,084,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - [2008/08/04 13:45:16 | 05,779,456 | ---- | M] () [Auto | Running] -- C:\Program Files\XAMPP\mysql\bin\mysqld-nt.exe -- (mysql)
SRV - [2008/07/30 08:53:08 | 00,587,776 | ---- | M] (FileZilla Project) [On_Demand | Stopped] -- C:\Program Files\XAMPP\FileZillaFTP\FileZillaServer.exe -- (FileZilla Server)
SRV - [2008/06/14 17:02:12 | 00,017,408 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\Program Files\XAMPP\apache\bin\apache.exe -- (Apache2.2)
SRV - [2008/06/12 10:42:26 | 02,139,504 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2008/02/26 21:08:50 | 29,183,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe -- (MSSQLSERVER) SQL Server (MSSQLSERVER)
SRV - [2008/02/26 21:08:50 | 29,183,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2007/04/04 08:48:52 | 00,480,776 | ---- | M] (Matrox Graphics Inc.) [Auto | Running] -- c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe -- (Matrox Centering Service)
SRV - [2007/04/04 08:48:42 | 00,087,560 | ---- | M] (Matrox Graphics Inc.) [Auto | Running] -- C:\WINDOWS\system32\mgabg.exe -- (MGABGEXE)
SRV - [2007/02/10 04:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2007/02/10 04:29:48 | 00,242,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2006/08/28 01:53:48 | 00,092,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\msftesql.exe -- (msftesql) SQL Server FullText Search (MSSQLSERVER)
SRV - [2006/08/28 01:53:48 | 00,092,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe -- (msftesql$SQLEXPRESS) SQL Server FullText Search (SQLEXPRESS)
SRV - [2006/01/06 21:25:12 | 00,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2005/11/24 16:03:22 | 00,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2005/11/24 15:57:44 | 00,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005/11/24 15:47:30 | 00,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2005/10/14 01:50:20 | 00,045,272 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2005/09/23 06:01:16 | 02,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)
SRV - [2005/08/22 13:04:52 | 00,200,767 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\TalkTalk Online Security\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2005/05/09 07:05:50 | 00,061,490 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\TalkTalk Online Security\Common\FSMA32.EXE -- (FSMA)
SRV - [2003/04/08 16:50:14 | 00,126,976 | ---- | M] () [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2001/12/12 05:00:02 | 00,102,400 | ---- | M] (SuperSpeed Software, Inc.) [Auto | Running] -- C:\WINDOWS\system32\SSCMntr.exe -- (SSCMntr)
SRV - [2001/09/04 09:15:22 | 00,045,056 | ---- | M] (F-Secure Corp.) [Auto | Running] -- C:\Program Files\TalkTalk Online Security\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2000/10/18 19:57:00 | 00,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files\TrayMan\NTStart.exe -- (TrayMan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/08/12 05:25:56 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008/11/15 14:47:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/06 01:23:16 | 00,000,000 | ---D | M]

[2009/06/28 19:23:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\qcz6fksw.default\extensions
[2009/03/11 21:01:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\qcz6fksw.default\extensions\[email protected]
[2009/06/28 19:23:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\qcz6fksw.default\extensions\[email protected]
[2009/12/06 01:23:18 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/04/24 09:29:14 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2007/03/12 09:16:21 | 00,066,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2007/03/12 09:16:21 | 00,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2007/03/12 09:16:21 | 00,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2007/03/12 09:16:21 | 00,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2007/03/12 09:16:21 | 00,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2006/06/15 10:24:15 | 00,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2006/06/15 10:24:15 | 00,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2006/06/15 10:24:15 | 00,001,077 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2006/09/11 14:39:34 | 00,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2001/08/23 12:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\TalkTalk Online Security\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Startup Wizard] C:\Program Files\TalkTalk Online Security\FSGUI\FSSW.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\TalkTalk Online Security\TNB\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [Matrox PowerDesk SE] c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe (Matrox Graphics Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [News Service] C:\Program Files\TalkTalk Online Security\FSGUI\ispnews.exe (F-Secure Corporation)
O4 - HKLM..\Run: [POINTER] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TalkTalk] C:\Program Files\TalkTalk\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE (Dale Nurden)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater.lnk = C:\Program Files\DynDNS Updater\DynUpPs.exe (Dynamic Network Services, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips SA30XX Device Manager.lnk = C:\Program Files\Philips\SA30xx Device Manager\SA30XX_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TalkTalk Online Security.lnk = C:\Program Files\TalkTalk Online Security\backweb\81720\Program\fspex.exe (BackWeb Technologies Inc. )
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinKey.lnk = C:\Program Files\WinKey\WinKey.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O8 - Extra context menu item: &Block this popup - C:\Program Files\TalkTalk Online Security\Anti-Spyware\blockpopups.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\TalkTalk Online Security\Anti-Spyware\ieshield.dll (F-Secure Corporation)
O9 - Extra 'Tools' menuitem : IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\TalkTalk Online Security\Anti-Spyware\ieshield.dll (F-Secure Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158609680577 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1180531698593 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java
file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/17 03:24:50 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006/09/17 03:24:25 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (0)

========== Files/Folders - Created Within 14 Days ==========

[2010/01/19 22:08:53 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Robert\Desktop\OTL.exe
[2010/01/19 17:49:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Robert\Desktop\claire 2
[2010/01/19 16:02:33 | 00,000,000 | ---D | C] -- C:\new20100119
[2010/01/08 15:33:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Robert\Desktop\tidy 2010
[2009/09/07 13:43:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/09/27 17:31:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/09/26 17:59:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Matrox
[2007/05/09 10:40:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2007/04/24 09:29:31 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2007/04/24 09:29:11 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft

========== Files - Modified Within 14 Days ==========

[2010/01/19 22:08:56 | 09,437,184 | ---- | M] () -- C:\Documents and Settings\Robert\ntuser.dat
[2010/01/19 22:07:20 | 00,000,980 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1645522239-682003330-1003UA.job
[2010/01/19 22:07:13 | 00,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1645522239-682003330-1003Core.job
[2010/01/19 22:01:00 | 00,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/01/19 16:13:01 | 00,614,960 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/19 16:13:00 | 00,765,796 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/19 16:13:00 | 00,138,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/19 16:09:20 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/19 16:08:01 | 00,001,021 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TalkTalk Online Security.lnk
[2010/01/19 16:07:59 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/19 16:07:57 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/19 16:07:48 | 10,730,08640 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/19 16:07:10 | 00,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/01/19 16:07:08 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Robert\ntuser.ini
[2010/01/19 16:05:49 | 00,000,341 | ---- | M] () -- C:\Documents and Settings\Robert\Desktop\Shortcut to WAVEMAN2_C ©.lnk
[2010/01/19 14:11:14 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Robert\Desktop\OTL.exe
[2010/01/19 11:29:44 | 00,000,544 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2010/01/15 12:08:24 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/10 13:53:11 | 00,000,439 | ---- | M] () -- C:\Documents and Settings\Robert\Desktop\SCCH.lnk
[2010/01/10 13:15:26 | 00,025,016 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010/01/09 14:31:28 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\Robert\Desktop\John_Phoebe_56 Woodbine Street.doc
[2010/01/08 16:53:00 | 02,795,109 | ---- | M] () -- C:\Documents and Settings\Robert\Desktop\StuffForKeyCB.zip
[2010/01/08 14:57:23 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2010/01/19 16:05:49 | 00,000,341 | ---- | C] () -- C:\Documents and Settings\Robert\Desktop\Shortcut to WAVEMAN2_C ©.lnk
[2010/01/19 11:29:24 | 00,001,021 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TalkTalk Online Security.lnk
[2010/01/16 15:11:31 | 00,019,968 | ---- | C] () -- C:\Documents and Settings\Robert\Desktop\John_Phoebe_56 Woodbine Street.doc
[2010/01/10 13:52:55 | 00,000,439 | ---- | C] () -- C:\Documents and Settings\Robert\Desktop\SCCH.lnk
[2010/01/08 17:44:03 | 02,795,109 | ---- | C] () -- C:\Documents and Settings\Robert\Desktop\StuffForKeyCB.zip
[2009/10/15 20:41:11 | 00,004,476 | ---- | C] () -- C:\WINDOWS\PsycleKeys.INI
[2009/06/28 19:23:23 | 00,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/04/28 19:11:26 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2009/04/28 19:11:21 | 00,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2009/04/28 19:11:20 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2009/04/28 19:11:19 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll
[2009/04/06 13:50:42 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008/12/11 00:04:03 | 00,000,072 | ---- | C] () -- C:\WINDOWS\my.ini
[2008/04/06 13:11:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\checkbsm.ini
[2008/04/06 12:24:39 | 00,000,049 | ---- | C] () -- C:\WINDOWS\bsm.ini
[2007/12/29 15:04:38 | 00,089,088 | ---- | C] () -- C:\Documents and Settings\Robert\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/03 03:22:47 | 00,001,423 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/09/12 21:53:51 | 00,025,016 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/08/11 16:35:56 | 00,000,062 | ---- | C] () -- C:\WINDOWS\CFPReportGenerator.ini
[2007/08/11 15:36:58 | 00,000,358 | ---- | C] () -- C:\WINDOWS\WinMan32.ini
[2007/08/11 15:35:33 | 00,001,072 | ---- | C] () -- C:\WINDOWS\CFPBrochureOrdering.ini
[2007/08/11 15:34:52 | 00,308,224 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2007/08/11 15:34:52 | 00,091,136 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2007/08/11 15:34:47 | 00,186,880 | ---- | C] () -- C:\WINDOWS\System32\powerprn.dll
[2007/08/11 15:34:46 | 00,289,792 | ---- | C] () -- C:\WINDOWS\System32\pcode32.dll
[2007/08/11 15:34:45 | 00,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx11_ic.ini
[2007/08/11 15:34:44 | 00,569,344 | ---- | C] () -- C:\WINDOWS\System32\tx11.dll
[2007/08/11 15:34:44 | 00,377,856 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll
[2007/08/11 15:34:44 | 00,000,238 | ---- | C] () -- C:\WINDOWS\System32\Ic32.ini
[2007/08/11 15:34:43 | 00,044,544 | ---- | C] () -- C:\WINDOWS\System32\u25dts.dll
[2007/08/11 15:34:42 | 00,748,160 | ---- | C] () -- C:\WINDOWS\System32\Co2c40en.dll
[2007/05/29 12:40:49 | 00,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2007/05/09 10:53:13 | 00,001,061 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2007/04/28 14:03:56 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/04/16 11:40:24 | 00,000,208 | ---- | C] () -- C:\WINDOWS\DBManagerSTD.INI
[2007/04/04 09:39:36 | 00,000,129 | ---- | C] () -- C:\Documents and Settings\Robert\Local Settings\Application Data\fusioncache.dat
[2007/03/04 22:09:57 | 00,002,521 | ---- | C] () -- C:\WINDOWS\MetaQuote.INI
[2007/03/04 22:08:45 | 00,000,006 | ---- | C] () -- C:\WINDOWS\System32\mwebdl.dll
[2007/03/04 21:57:23 | 00,217,196 | ---- | C] () -- C:\WINDOWS\System32\EqNotify.dll
[2007/03/04 21:57:23 | 00,164,864 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll
[2007/03/04 21:57:23 | 00,158,720 | ---- | C] () -- C:\WINDOWS\System32\LFCMP61N.DLL
[2007/03/04 21:57:23 | 00,148,480 | ---- | C] () -- C:\WINDOWS\System32\dbcapi.dll
[2007/03/04 21:57:23 | 00,110,080 | ---- | C] () -- C:\WINDOWS\System32\Lfpng61n.dll
[2007/03/04 21:57:23 | 00,043,008 | ---- | C] () -- C:\WINDOWS\System32\LTFIL61N.DLL
[2007/03/04 21:57:23 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\MSWTHK32.DLL
[2007/03/04 21:57:23 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2007/03/04 21:57:23 | 00,003,360 | ---- | C] () -- C:\WINDOWS\System32\MSWTHK16.DLL
[2007/02/20 13:21:11 | 00,025,071 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/02/20 13:20:54 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006/09/18 19:50:43 | 00,000,657 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/18 19:27:17 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2003/06/25 16:21:10 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\btsec.dll
[2003/06/25 16:17:08 | 00,258,048 | ---- | C] () -- C:\WINDOWS\System32\btins.dll
[2003/06/25 16:17:04 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\BtXpShell.dll
[2003/06/25 16:17:02 | 00,753,664 | ---- | C] () -- C:\WINDOWS\System32\BtWizard.dll
[2003/06/25 16:16:36 | 00,782,419 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll
[2003/06/25 16:16:24 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\BTNCopy.dll
[2003/06/25 16:14:50 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\btrezxp.dll
[2003/06/25 16:14:38 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\btosif_olx.dll
[2003/06/25 16:12:14 | 00,491,520 | ---- | C] () -- C:\WINDOWS\System32\WidcommSdk.dll
[2003/06/25 16:08:36 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\BtAudioHelper.dll
[2003/06/25 16:02:40 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll
[2003/06/25 16:02:12 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\BTXPPanel.dll
[2003/06/25 16:01:56 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\bt2k_ins.dll
[2003/06/25 16:01:14 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\btdev.dll
[2003/06/25 16:01:04 | 02,813,952 | ---- | C] () -- C:\WINDOWS\System32\btrez.dll
[2003/06/25 16:00:46 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\btwpimif.dll
[2003/06/25 16:00:38 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\btosif_ol.dll
[2003/06/25 16:00:18 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\btosif_notes.dll
[2003/06/25 15:59:58 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\btosif.dll
[2003/06/25 15:59:36 | 00,389,187 | ---- | C] () -- C:\WINDOWS\System32\wbtapi.dll
[2003/04/08 16:48:16 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\btsendto_wab.dll
[2003/04/08 16:47:56 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\btsendto_office.dll
[2003/04/08 16:45:58 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\btsendto_notes.dll
[2003/04/08 16:44:16 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2003/04/08 16:43:38 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\bthcrpui.dll
[2003/04/08 16:43:08 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\bthcrp.dll
[2003/04/08 16:42:36 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\btsendto.dll
[2003/04/08 16:37:38 | 00,144,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\btwdndis.sys
[2003/04/08 16:35:32 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\btbigbmp.dll
[2003/04/08 16:35:26 | 00,022,183 | ---- | C] () -- C:\WINDOWS\System32\drivers\btserial.sys
[2003/04/08 16:35:04 | 00,222,812 | ---- | C] () -- C:\WINDOWS\System32\drivers\btslbcsp.sys
[2003/04/08 16:32:42 | 01,168,410 | ---- | C] () -- C:\WINDOWS\System32\drivers\btkrnl.sys
[2003/04/08 16:27:36 | 00,030,203 | ---- | C] () -- C:\WINDOWS\System32\drivers\btport.sys
[2003/04/08 16:26:14 | 00,021,733 | ---- | C] () -- C:\WINDOWS\System32\drivers\btaudio.sys
[2002/05/15 22:29:04 | 00,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 17:18:00 | 00,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 12:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1998/10/11 00:07:38 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll

========== LOP Check ==========

[2008/09/29 05:39:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS
[2009/04/28 19:06:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2009/01/13 12:00:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg
[2008/09/26 17:59:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Matrox
[2008/09/26 17:59:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Matrox Graphics Inc
[2008/09/26 17:47:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
[2006/09/18 23:40:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2007/05/09 11:04:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/12/22 06:57:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2009/08/13 10:49:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2007/05/09 11:07:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\F-Secure
[2007/05/09 10:51:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\ispnews
[2009/08/26 18:30:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Leawo
[2007/08/05 19:01:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\MySQL
[2007/04/19 14:06:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Opera
[2009/12/17 15:21:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Spotify
[2008/01/09 23:05:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\STOIK
[2009/12/22 06:21:03 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/01/19 11:29:44 | 00,000,544 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled scanning task.job
[2010/01/19 22:01:00 | 00,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 00:05:44 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/27 07:59:19 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/09/27 07:59:19 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 18:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 18:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 00:05:44 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/27 07:59:19 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/09/27 07:59:19 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 18:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 18:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 00:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 00:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/03 23:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 00:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 00:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/03 23:56:46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/03 23:56:46 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 00:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 00:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >
< End of report >

4B>Extras.txt Log

OTL Extras logfile created on: 19/01/2010 22:10:21 - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Robert\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,023.00 Mb Total Physical Memory | 379.00 Mb Available Physical Memory | 37.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 131.84 Gb Total Space | 27.29 Gb Free Space | 20.70% Space Free | Partition Type: NTFS
Drive D: | 131.84 Gb Total Space | 46.12 Gb Free Space | 34.98% Space Free | Partition Type: NTFS
Drive E: | 15.78 Gb Total Space | 15.72 Gb Free Space | 99.60% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive R: | 31.73 Mb Total Space | 31.73 Mb Free Space | 100.00% Space Free | Partition Type: FAT

Computer Name: SIRIUS2
Current User Name: Robert
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5902:TCP" = 5902:TCP:*:Enabled:VNC
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1433:TCP" = 1433:TCP:*:Enabled:SQL Server
"1434:UDP" = 1434:UDP:*:Enabled:UDP SQL 1434

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\TalkTalk Online Security\backweb\81720\Program\fspex.exe" = C:\Program Files\TalkTalk Online Security\backweb\81720\Program\fspex.exe:*:Enabled:TalkTalk Online Security -- (BackWeb Technologies Inc. )

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\1stWORKS\hotCommCL\BIN\hotComm.exe" = C:\Program Files\1stWORKS\hotCommCL\BIN\hotComm.exe:*:Enabled:hotComm CL Client -- (1stWorks Corporation)
"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" = C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe:*:Enabled:sqlservr.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe" = C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe:*:Enabled:sqlbrowser.exe -- (Microsoft Corporation)
"C:\Program Files\Kontiki\KService.exe" = C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service -- File not found
"C:\Program Files\RealVNC\VNC4\winvnc4.exe" = C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Disabled:VNC Server -- (RealVNC Ltd.)
"C:\Program Files\TalkTalk Online Security\backweb\81720\Program\fspex.exe" = C:\Program Files\TalkTalk Online Security\backweb\81720\Program\fspex.exe:*:Enabled:TalkTalk Online Security -- (BackWeb Technologies Inc. )
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify AB)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01BDFB08-EE88-4E5E-94A6-AE9EDCFA40C5}" = Microsoft IntelliPoint 4.0
"{06774728-5873-4240-952A-49B82BF5680C}" = Introduction to Visual Web Developer 2008 Express Edition
"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime
"{0DD0650C-5113-4FEE-BDDA-AC0B76FD0BD1}" = ULi AGP Driver
"{0F51A262-1ADF-4914-B448-78AC58C4178A}" = WIDCOMM Bluetooth Software
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{143BE018-D8F8-4014-8CB6-AF63F5799D21}" = ULi LAN Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{20608BFA-6068-48FE-A410-400F2A124C27}" = Microsoft SQL Server Management Studio Express
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 15
"{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = TalkTalk Broadband
"{50818611-BD3B-4582-BBE4-8367D4638DB4}" = Visual Web Developer 2005 Express Edition Feature Tour
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5B14E062-97A1-11D3-B2C8-00C0F014C0F2}" = RamDisk XP Pro
"{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP
"{6C0628AE-4901-4AE4-B749-B9B3A36E656C}" = Microsoft IntelliType Pro 2.1
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{769ADBAC-47FC-482A-8D93-98D19838EE85}" = Matrox PowerDesk-SE
"{774F3269-DF48-413D-9E09-251A7E196580}" = Beginning Web Site Development Module 1 - Visual Basic
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8814B2A0-A57E-4363-8046-5E8310B38279}" = Absolute Beginner's Series VWD VB Lesson 1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E7D0A7F-B85F-44DC-8C1C-2A2C27BAEA0B}_is1" = Psycle 1.8.6
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9B97F3A0-993F-4453-BCA8-E0DAFBE57845}" = Pass! with BSM
"{9FD95902-7327-4C45-86C2-1785F9785E87}" = Microsoft SQL Server 2005 Books Online (English) (February 2007)
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.4
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A30965BD-2D4D-45CE-8F04-6A6889818CF1}" = Microsoft SQL Server 2005 Tools
"{A66EA108-6122-4CCD-BBFA-78D3A8CBE54B}" = Absolute Beginner's Series VWD VB Lesson 2
"{A89272EA-FE35-427B-B3C6-1D1500F6CC56}" = Visual Basic 2005 Express Edition Feature Tour
"{A8DF8593-F619-47DE-AD27-BCABF233433A}" = STOIK Video Converter 2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0F9497C-52B4-4686-8E73-74D866BBDF59}" = Microsoft SQL Server 2005 (SQLEXPRESS)
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C25EF637-BE7A-4761-9B45-9069989C319F}" = Microsoft Visual Studio 2005 Premier Partner Edition - ENU
"{C3F5DBA5-ABFC-443E-AA60-928223AADF53}" = Microsoft SQL Server 2005
"{CFB17307-B244-4EAD-AE8E-CDAF440477C2}" = OpenMG Secure Module 4.4.00
"{D084B1A9-153B-409D-AEBF-C40FCEF925EA}" = TalkTalk Assist & Go
"{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE92998-C43E-401E-B508-52B6F619C4EC}" = Learn to play the Keyboard
"9E140F48C9836B9B78539C08FB2B17146BDB3F65" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"AI RoboForm" = AI RoboForm (All Users)
"AviSynth" = AviSynth 2.5
"BackWeb-81720 Uninstaller" = TalkTalk Online Security
"Cool Ruler" = Cool Ruler
"CutePDF Writer Installation" = CutePDF Writer 2.7
"DBManager Standard_is1" = DBManager 3.2.3
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DynDNSUpdater" = DynDNS Updater
"ERUNT_is1" = ERUNT 1.1j
"hotComm® CL" = hotComm® CL
"HotspotShield" = Hotspot Shield 1.07
"HTML Help Workshop" = HTML Help Workshop
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"InstallShield_{CFB17307-B244-4EAD-AE8E-CDAF440477C2}" = OpenMG Secure Module 4.4.00
"JDDTouchPro" = JD Design TouchPro (Remove Only)
"Key Mouse Genie 4.1_is1" = Key Mouse Genie 4.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MAP" = MAP
"Marketmaker Spreadbet Client" = Marketmaker Spreadbet Client
"Matrox Graphics Uninstaller" = Matrox Graphics Software (remove only)
"MetaQuote_1.07" = MetaQuote 1.14
"MetaStock Professional 8.0" = MetaStock Professional 8.0
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Monitors Matter CheckScreen" = Monitors Matter CheckScreen
"Mozilla Firefox (2.0.0.3)" = Mozilla Firefox (2.0.0.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MWSnap 3" = MWSnap 3
"MySpaceIM" = MySpaceIM
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenMG HotFix4.4-05-12-06-01" = OpenMG Limited Patch 4.4-06-13-19-01
"PCFriendly" = PCFriendly
"Picasa 3" = Picasa 3
"RealPlayer 6.0" = RealPlayer
"RealVNC_is1" = VNC Personal Edition P4.4.2
"RTcmc101a 1.01" = RTcmc101a 1.01
"SendToX.PowerToy" = Send To Extensions PowerToy
"Spotify" = Spotify
"ST6UNST #1" = Mouse Keyboard Wizard - VsiSoftware.com
"TClockEx_is1" = TClockEx
"teeth_saver" = teeth_saver Screen Saver
"TrayManager" = TrayManager
"TVUPlayer" = TVUPlayer 2.3.7.1
"Tweak UI 2.10" = Tweak UI
"Visual Studio 6.0 Enterprise Edition" = Microsoft Visual Studio 6.0 Enterprise Edition
"VLC media player" = VideoLAN VLC media player 0.8.6f
"VNCMirror_is1" = VNC Mirror Driver 1.8.0
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinKey" = WinKey
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"xampp" = XAMPP 1.6.8

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 19/01/2010 13:22:25 | Computer Name = SIRIUS2 | Source = F-Secure Anti-Virus | ID = 103
Description = 202 2010-01-19 17:22:25+01:00 sirius2 SIRIUS2\Robert F-Secure
Anti-Virus Scanning of C:\NEW20100119\MBAM-SETUP.EXE was aborted due to exceeded
scanning time limit. The file may be in use or reading it was too slow (e.g. network
connection was under stress).

Error - 19/01/2010 13:22:36 | Computer Name = SIRIUS2 | Source = F-Secure Anti-Virus | ID = 103
Description = 203 2010-01-19 17:22:36+01:00 sirius2 SIRIUS2\Robert F-Secure
Anti-Virus Scanning of C:\NEW20100119\MBAM-SETUP.EXE was aborted due to exceeded
scanning time limit. The file may be in use or reading it was too slow (e.g. network
connection was under stress).

Error - 19/01/2010 13:22:36 | Computer Name = SIRIUS2 | Source = F-Secure Anti-Virus | ID = 103
Description = 204 2010-01-19 17:22:36+01:00 sirius2 SIRIUS2\Robert F-Secure
Anti-Virus Scanning of C:\NEW20100119\MBAM-SETUP.EXE was aborted due to exceeded
scanning time limit. The file may be in use or reading it was too slow (e.g. network
connection was under stress).

Error - 19/01/2010 13:22:36 | Computer Name = SIRIUS2 | Source = F-Secure Anti-Virus | ID = 103
Description = 205 2010-01-19 17:22:36+01:00 sirius2 SIRIUS2\Robert F-Secure
Anti-Virus Scanning of C:\NEW20100119\MBAM-SETUP.EXE was aborted due to exceeded
scanning time limit. The file may be in use or reading it was too slow (e.g. network
connection was under stress).

Error - 19/01/2010 13:23:47 | Computer Name = SIRIUS2 | Source = F-Secure Anti-Virus | ID = 103
Description = 206 2010-01-19 17:23:47+01:00 sirius2 SIRIUS2\Robert F-Secure
Anti-Virus Scanning of C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\UNINS000.EXE
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 19/01/2010 13:23:47 | Computer Name = SIRIUS2 | Source = F-Secure Anti-Virus | ID = 103
Description = 207 2010-01-19 17:23:47+01:00 sirius2 SIRIUS2\Robert F-Secure
Anti-Virus Scanning of C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\UNINS000.EXE
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 19/01/2010 13:23:47 | Computer Name = SIRIUS2 | Source = F-Secure Anti-Virus | ID = 103
Description = 208 2010-01-19 17:23:47+01:00 sirius2 SIRIUS2\Robert F-Secure
Anti-Virus Scanning of C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\UNINS000.EXE
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 19/01/2010 13:23:47 | Computer Name = SIRIUS2 | Source = F-Secure Anti-Virus | ID = 103
Description = 209 2010-01-19 17:23:47+01:00 sirius2 SIRIUS2\Robert F-Secure
Anti-Virus Scanning of C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\UNINS000.EXE
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 19/01/2010 13:24:07 | Computer Name = SIRIUS2 | Source = F-Secure Anti-Virus | ID = 103
Description = 210 2010-01-19 17:24:07+01:00 sirius2 SIRIUS2\Robert F-Secure
Anti-Virus Scanning of C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\UNINS000.EXE
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

Error - 19/01/2010 13:24:17 | Computer Name = SIRIUS2 | Source = F-Secure Anti-Virus | ID = 103
Description = 211 2010-01-19 17:24:17+01:00 sirius2 SIRIUS2\Robert F-Secure
Anti-Virus Scanning of C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\UNINS000.EXE
was aborted due to exceeded scanning time limit. The file may be in use or reading
it was too slow (e.g. network connection was under stress).

[ System Events ]
Error - 19/01/2010 12:06:40 | Computer Name = SIRIUS2 | Source = Service Control Manager | ID = 7034
Description = The mysql service terminated unexpectedly. It has done this 1 time(s).

Error - 19/01/2010 12:06:40 | Computer Name = SIRIUS2 | Source = Service Control Manager | ID = 7034
Description = The SSC Monitor service terminated unexpectedly. It has done this
1 time(s).

Error - 19/01/2010 12:06:40 | Computer Name = SIRIUS2 | Source = Service Control Manager | ID = 7034
Description = The TrayMan service terminated unexpectedly. It has done this 1 time(s).

Error - 19/01/2010 12:06:40 | Computer Name = SIRIUS2 | Source = Service Control Manager | ID = 7034
Description = The VNC Server Version 4 service terminated unexpectedly. It has
done this 1 time(s).

Error - 19/01/2010 12:06:41 | Computer Name = SIRIUS2 | Source = Service Control Manager | ID = 7034
Description = The F-Secure Anti-Virus Firewall Daemon service terminated unexpectedly.
It has done this 1 time(s).

Error - 19/01/2010 12:08:09 | Computer Name = SIRIUS2 | Source = Service Control Manager | ID = 7000
Description = The General Purpose USB Driver (adildr.sys) service failed to start
due to the following error: %%1058

Error - 19/01/2010 12:08:09 | Computer Name = SIRIUS2 | Source = Service Control Manager | ID = 7024
Description = The Apache2.2 service terminated with service-specific error 1 (0x1).

Error - 19/01/2010 12:08:09 | Computer Name = SIRIUS2 | Source = Service Control Manager | ID = 7023
Description = The IPSEC Services service terminated with the following error: %%10013

Error - 19/01/2010 13:48:06 | Computer Name = SIRIUS2 | Source = Removable Storage Service | ID = 262255
Description = RSM could not load media in drive Drive 0 of library Kingston DataTraveler
2.0 USB Device.

Error - 19/01/2010 13:48:11 | Computer Name = SIRIUS2 | Source = Removable Storage Service | ID = 262255
Description = RSM could not load media in drive Drive 0 of library Kingston DataTraveler
2.0 USB Device.


< End of report >

5> Do you think you can help me please?

Hope you can help now that all this is posted.

thanks in advance,

Craig


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP