Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer freezing and making Beeping sound [Solved]


  • This topic is locked This topic is locked

#31
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
Okay, this means all files that needed to be replaced, are indeed replaced.

How are things running now on your end? Can you please post me a new OTL log?
  • 0

Advertisements


#32
saf99

saf99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
erm... not sure I think they're same because yesterday my computer froze again. Sorry I forgot how to do an OTL scan could you remind me?
  • 0

#33
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
Of course, instructions below :)

OTL
-----
Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

  • 0

#34
saf99

saf99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hi again ...here is the log for the OTL.txt but fopr some reason the Extra.Txt didn't show up at all, I ran the scan twice to make sure it did but it didn't :)
  • 0

#35
saf99

saf99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
OTL logfile created on: 3/21/2010 10:15:34 PM - Run 2
OTL by OldTimer - Version 3.1.37.2 Folder = C:\Users\Safran\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.62 Gb Total Space | 41.95 Gb Free Space | 42.97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 100.00 Mb Total Space | 69.81 Mb Free Space | 69.81% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 55.66 Gb Total Space | 22.20 Gb Free Space | 39.88% Space Free | Partition Type: NTFS

Computer Name: SAFRAN-PC
Current User Name: Safran
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/18 15:06:02 | 000,556,032 | ---- | M] (OldTimer Tools) -- C:\Users\Safran\Desktop\OTL.exe
PRC - [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/11/18 12:47:14 | 001,243,088 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/11/09 03:17:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/11/06 14:29:22 | 001,141,712 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/30 11:18:16 | 000,359,624 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/07/14 01:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/05/21 18:25:15 | 001,501,064 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe
PRC - [2009/05/21 18:25:15 | 000,448,400 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe


========== Modules (SafeList) ==========

MOD - [2010/03/18 15:06:02 | 000,556,032 | ---- | M] (OldTimer Tools) -- C:\Users\Safran\Desktop\OTL.exe
MOD - [2009/12/08 13:12:24 | 000,014,544 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2009/07/14 01:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/14 01:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/14 01:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/14 01:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/14 01:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/14 01:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 01:15:21 | 000,093,696 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
MOD - [2009/07/14 01:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 01:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/14 01:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 01:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/14 01:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (BrowserQuest Service)
SRV - [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/11/06 14:29:22 | 001,141,712 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/10/30 11:18:16 | 000,359,624 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/07/14 01:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/14 01:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/14 01:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/14 01:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 01:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/14 01:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/14 01:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 01:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 01:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/14 01:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/14 01:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 01:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/14 01:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/14 01:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/14 01:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/14 01:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)


========== Driver Services (SafeList) ==========

DRV - [2010/03/07 00:29:02 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009/11/09 11:20:12 | 000,207,792 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/11/09 03:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/11/04 02:59:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2009/10/16 07:24:58 | 001,183,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL85n86.sys -- (RTL85n86)
DRV - [2009/10/07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam E3500(UVC)
DRV - [2009/10/07 08:47:56 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/09/27 23:12:22 | 009,509,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/23 01:19:31 | 000,294,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2009/09/23 01:19:31 | 000,055,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2009/09/23 01:18:08 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009/09/23 01:18:07 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009/07/14 01:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/14 01:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/14 01:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 01:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 01:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/14 01:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/14 01:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/14 01:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/14 01:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/14 01:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/14 01:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/14 01:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 01:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/14 01:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 01:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/07/14 01:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 01:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 01:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 01:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/14 01:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/14 01:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/14 01:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/14 01:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 01:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 01:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 01:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 01:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 01:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/14 01:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 01:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 01:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 01:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/14 01:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/14 01:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/14 01:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 01:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 01:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 01:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/14 01:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/14 01:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/14 00:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/14 00:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/14 00:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 00:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 23:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 23:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 23:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 23:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 23:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 23:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 23:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/07/13 23:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 23:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 23:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 23:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 23:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 23:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 23:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 23:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 23:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 23:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 23:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 22:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 22:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 22:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 22:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 22:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 22:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 22:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/07/13 22:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 22:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 22:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/05/09 01:14:21 | 000,030,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 A6 4B D0 0F AC CA 01 [binary data]
IE - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/12 23:32:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/03/17 02:46:51 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/03/18 17:56:58 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1823437180-114209430-2017350500-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/18 18:02:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/03/18 17:55:00 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Local\temp
[2010/03/18 17:42:44 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/03/18 16:56:29 | 000,181,000 | ---- | C] (Kaspersky Lab) -- C:\Users\Safran\Desktop\TDSSKiller.exe
[2010/03/18 15:05:55 | 000,556,032 | ---- | C] (OldTimer Tools) -- C:\Users\Safran\Desktop\OTL.exe
[2010/03/17 11:24:15 | 000,081,920 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateControl350.dll
[2010/03/17 11:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Win 32.Malware.Jeefo Removal Tool[2]
[2010/03/17 02:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/03/17 02:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/03/17 02:41:43 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/03/17 00:01:08 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/03/17 00:01:08 | 000,098,600 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/03/17 00:01:07 | 000,207,792 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/03/17 00:01:07 | 000,087,784 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/03/17 00:01:04 | 000,070,408 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/03/17 00:00:50 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Roaming\PC Tools
[2010/03/17 00:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/03/17 00:00:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/03/16 23:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2010/03/16 23:39:33 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Local\Threat Expert
[2010/03/16 23:35:13 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old
[2010/03/16 23:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/03/16 19:16:24 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/03/16 19:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/03/16 17:57:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/03/16 17:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/03/16 17:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/03/16 17:56:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/03/16 17:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/12 23:32:26 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/03/12 23:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010/03/11 21:13:56 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/03/11 21:13:56 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/03/11 21:13:56 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/03/11 21:13:49 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/03/11 21:09:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/03/07 17:20:17 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Local\Microsoft Games
[2010/03/07 16:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HPSSUPPLY
[2010/03/07 00:58:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010/03/07 00:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/07 00:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/03/07 00:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/07 00:29:02 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010/03/07 00:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/03/06 23:17:51 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Roaming\DAEMON Tools Lite
[2010/03/06 23:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/03/06 20:42:44 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Roaming\DAEMON Tools Pro
[2010/03/06 20:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2010/03/05 18:50:18 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010/03/05 18:50:17 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010/03/05 18:50:17 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010/03/05 18:50:17 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010/03/05 18:50:16 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010/03/05 18:50:16 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010/03/05 18:50:16 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010/03/05 18:50:16 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010/03/05 18:50:15 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010/03/05 18:50:15 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010/03/05 18:50:15 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010/03/05 18:50:15 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010/03/05 18:50:15 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010/03/05 18:50:15 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010/03/05 18:50:15 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010/03/05 18:50:15 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/03/05 18:50:15 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010/03/05 18:50:15 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010/03/05 18:50:15 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/03/05 18:50:15 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010/03/05 18:50:14 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/03/05 18:50:14 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010/03/05 18:50:14 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010/03/05 18:50:14 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010/03/05 18:50:14 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010/03/05 18:50:14 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010/03/05 18:50:14 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010/03/05 18:50:13 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010/03/05 18:50:13 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010/03/05 18:50:13 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010/03/05 18:50:13 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010/03/05 18:50:13 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010/03/05 18:50:13 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010/03/05 18:50:13 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010/03/05 18:50:13 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010/03/05 18:50:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010/03/05 18:50:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010/03/05 18:50:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010/03/05 18:50:13 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010/03/05 18:50:13 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010/03/05 18:50:13 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010/03/05 18:50:12 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010/03/05 18:50:12 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010/03/05 18:50:12 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010/03/05 18:50:12 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010/03/05 18:50:12 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010/03/05 18:50:12 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010/03/05 18:50:12 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010/03/05 18:50:11 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010/03/05 18:50:11 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010/03/05 18:50:11 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010/03/05 18:50:11 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010/03/05 18:50:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010/03/05 18:50:11 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010/03/05 18:50:11 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010/03/05 18:50:11 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010/03/05 18:50:11 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010/03/05 18:50:11 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010/03/05 18:50:11 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010/03/05 18:50:11 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010/03/05 18:50:11 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010/03/05 18:50:11 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010/03/05 18:50:10 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010/03/05 18:50:10 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010/03/05 18:50:10 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010/03/05 18:50:10 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010/03/05 18:50:10 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010/03/05 18:50:10 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010/03/05 18:50:09 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010/03/05 18:50:09 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010/03/05 18:50:09 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010/03/05 18:50:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010/03/05 18:50:09 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010/03/05 18:50:06 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010/03/05 18:50:06 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010/03/05 18:50:06 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010/03/05 18:50:06 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010/03/05 18:50:06 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010/03/05 18:50:05 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010/03/05 18:50:05 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010/03/05 18:50:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010/03/05 18:47:03 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010/03/05 18:46:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/03/04 11:57:23 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Local\Nero
[2010/03/04 11:53:21 | 000,000,000 | ---D | C] -- C:\Users\Safran\Desktop\Extras
[2010/03/04 11:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Easy
[2010/03/04 01:19:40 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010/03/01 20:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/03/01 20:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/01 20:22:57 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/03/01 20:22:57 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/03/01 20:22:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/03/01 20:22:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/03/01 20:02:36 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RichTx32.ocx
[2010/03/01 20:02:36 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSWinSck.ocx
[2010/03/01 20:02:33 | 001,753,088 | ---- | C] (Exontrol Inc.) -- C:\Windows\System32\ExGrid.dll
[2010/03/01 20:02:33 | 000,614,400 | ---- | C] (Exontrol Inc.) -- C:\Windows\System32\ExButton.dll
[2010/03/01 20:02:33 | 000,602,112 | ---- | C] (Exontrol Inc.) -- C:\Windows\System32\ExMenu.dll
[2010/03/01 20:02:33 | 000,516,096 | ---- | C] (Exontrol Inc.) -- C:\Windows\System32\ExTab.dll
[2010/03/01 20:02:33 | 000,356,352 | ---- | C] (eSellerate Inc.) -- C:\Windows\System32\eSellerateEngine.dll
[2010/03/01 20:02:33 | 000,307,200 | ---- | C] (Exontrol Inc.) -- C:\Windows\System32\ExPMenu.dll
[2010/03/01 20:02:33 | 000,118,784 | ---- | C] (eSellerate Inc.) -- C:\Windows\System32\eWebControl.dll
[2010/03/01 20:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\eSellerate
[2010/03/01 20:02:32 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.004
[2010/03/01 20:02:32 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbar332.dll
[2010/03/01 20:02:32 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.005
[2010/03/01 20:02:32 | 000,147,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.002
[2010/03/01 20:02:32 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
[2010/03/01 20:02:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.003
[2010/03/01 20:02:31 | 000,598,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000
[2010/03/01 20:02:31 | 000,164,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.001
[2010/03/01 20:02:31 | 000,000,000 | ---D | C] -- C:\Program Files\AnswersThatWork
[2010/03/01 18:38:17 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Roaming\Nero
[2010/03/01 18:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/03/01 18:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/02/24 20:32:06 | 000,000,000 | ---D | C] -- C:\$AVG
[2010/02/24 20:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2010/02/24 20:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/02/24 19:54:09 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Roaming\WinRAR
[2010/02/24 19:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/02/24 12:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/02/24 12:55:20 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Roaming\uTorrent
[2010/02/23 20:57:31 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/02/23 20:57:29 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010/02/23 20:57:29 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/02/23 20:57:29 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010/02/23 20:57:29 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/02/23 20:57:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/02/22 23:32:04 | 000,000,000 | ---D | C] -- C:\Users\Safran\Documents\SightSpeed Recordings
[2010/02/22 20:58:13 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Roaming\AVS4YOU
[2010/02/22 20:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010/02/22 20:58:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/02/22 20:57:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2010/02/22 20:57:14 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70.dll
[2010/02/22 20:57:14 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp70.dll
[2010/02/22 20:57:13 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2010/02/22 20:57:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2010/02/22 20:57:13 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2010/02/22 20:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/02/22 20:03:43 | 000,000,000 | ---D | C] -- C:\Users\Safran\Documents\Clone2Go DVD Ripper
[2010/02/22 20:03:36 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Roaming\Clone2Go DVD Ripper
[2010/02/22 20:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\Clone2Go DVD Ripper
[2010/02/21 03:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/02/20 18:40:10 | 000,000,000 | R--D | C] -- C:\Users\Safran\Documents\Scanned Documents
[2010/02/20 16:33:38 | 000,000,000 | ---D | C] -- C:\Users\Safran\AppData\Local\ElevatedDiagnostics
[2010/02/20 01:04:34 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/02/19 23:58:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/21 22:15:34 | 001,835,008 | -HS- | M] () -- C:\Users\Safran\ntuser.dat
[2010/03/21 22:00:05 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/21 22:00:05 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/21 21:57:31 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/03/21 21:57:07 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/21 21:55:03 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/21 21:55:03 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2010/03/21 21:55:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/21 21:54:43 | 1408,688,128 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/21 20:34:45 | 002,574,199 | -H-- | M] () -- C:\Users\Safran\AppData\Local\IconCache.db
[2010/03/21 20:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/21 17:38:06 | 000,027,453 | ---- | M] () -- C:\Users\Safran\Desktop\Capture3.PNG
[2010/03/20 17:17:14 | 000,023,591 | ---- | M] () -- C:\Users\Safran\Desktop\Capture2.PNG
[2010/03/20 16:56:04 | 000,717,892 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/03/20 16:56:04 | 000,624,240 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/03/20 16:56:04 | 000,109,352 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/03/20 12:10:15 | 000,065,079 | ---- | M] () -- C:\Users\Safran\Desktop\Capture.PNG
[2010/03/20 12:10:15 | 000,065,079 | ---- | M] () -- C:\Users\Safran\Desktop\Capture - Copy.PNG
[2010/03/18 17:57:06 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/03/18 17:56:58 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/03/18 17:41:08 | 003,894,152 | R--- | M] () -- C:\Users\Safran\Desktop\ComboFix.exe
[2010/03/18 17:35:37 | 000,000,176 | ---- | M] () -- C:\Users\Safran\defogger_reenable
[2010/03/18 17:34:18 | 000,050,477 | ---- | M] () -- C:\Users\Safran\Desktop\Defogger.exe
[2010/03/18 16:24:31 | 000,155,752 | ---- | M] () -- C:\Users\Safran\Desktop\tdsskiller.zip
[2010/03/18 15:31:28 | 000,293,376 | ---- | M] () -- C:\Users\Safran\Desktop\2swezxrd.exe
[2010/03/18 15:06:02 | 000,556,032 | ---- | M] (OldTimer Tools) -- C:\Users\Safran\Desktop\OTL.exe
[2010/03/17 11:24:15 | 000,002,283 | ---- | M] () -- C:\Users\Safran\Desktop\Win 32.Malware.Jeefo Removal Tool[2].lnk
[2010/03/17 11:11:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/03/17 11:11:45 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/03/16 21:29:16 | 000,000,513 | ---- | M] () -- C:\Windows\win.ini
[2010/03/16 20:48:56 | 000,109,600 | ---- | M] () -- C:\Users\Safran\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/16 19:19:42 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/03/16 18:10:20 | 000,000,162 | -H-- | M] () -- C:\Users\Safran\Desktop\~$jangs.docx
[2010/03/16 18:03:50 | 000,410,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/03/13 00:43:48 | 000,197,047 | ---- | M] () -- C:\Windows\hpoins30.dat
[2010/03/13 00:41:50 | 000,002,125 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2010/03/13 00:36:59 | 000,002,069 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/03/13 00:21:37 | 000,019,500 | ---- | M] () -- C:\Windows\hpqins13.dat
[2010/03/12 23:31:30 | 000,001,273 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/03/12 22:12:16 | 000,196,398 | ---- | M] () -- C:\Windows\hpoins30.dat.temp
[2010/03/12 18:02:38 | 000,261,632 | ---- | M] () -- C:\Windows\PEV.exe
[2010/03/11 00:01:48 | 000,023,698 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2010/03/10 15:53:32 | 000,181,000 | ---- | M] (Kaspersky Lab) -- C:\Users\Safran\Desktop\TDSSKiller.exe
[2010/03/07 00:48:17 | 000,002,054 | ---- | M] () -- C:\Users\Safran\Desktop\Rome - Total War.lnk
[2010/03/07 00:48:10 | 000,000,248 | ---- | M] () -- C:\Windows\RomeTW.ini
[2010/03/07 00:29:02 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010/03/07 00:17:34 | 000,524,288 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{a9595bc3-297e-11df-a7f4-001e9071aa2e}.TMContainer00000000000000000002.regtrans-ms
[2010/03/07 00:17:34 | 000,065,536 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{a9595bc3-297e-11df-a7f4-001e9071aa2e}.TM.blf
[2010/03/07 00:17:33 | 000,524,288 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{a9595bc3-297e-11df-a7f4-001e9071aa2e}.TMContainer00000000000000000001.regtrans-ms
[2010/03/05 17:38:15 | 000,000,315 | ---- | M] () -- C:\Users\Safran\AppData\Roaming\default.rss
[2010/03/05 17:38:06 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/03/04 11:31:51 | 000,000,042 | ---- | M] () -- C:\Windows\System32\RegistryEasy.lie
[2010/03/01 20:22:49 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/03/01 20:22:49 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/03/01 18:24:28 | 000,002,654 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010/02/25 00:50:35 | 000,524,288 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{dac47147-219f-11df-944b-001e9071aa2e}.TMContainer00000000000000000002.regtrans-ms
[2010/02/25 00:50:35 | 000,524,288 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{dac47147-219f-11df-944b-001e9071aa2e}.TMContainer00000000000000000001.regtrans-ms
[2010/02/25 00:50:35 | 000,065,536 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{dac47147-219f-11df-944b-001e9071aa2e}.TM.blf
[2010/02/24 19:51:51 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/02/24 19:51:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/02/24 10:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/02/23 20:53:03 | 000,524,288 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{54376346-20bd-11df-bfa8-001e9071aa2e}.TMContainer00000000000000000002.regtrans-ms
[2010/02/23 20:53:03 | 000,524,288 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{54376346-20bd-11df-bfa8-001e9071aa2e}.TMContainer00000000000000000001.regtrans-ms
[2010/02/23 20:53:03 | 000,065,536 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{54376346-20bd-11df-bfa8-001e9071aa2e}.TM.blf
[2010/02/21 03:36:44 | 000,524,288 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{40f77e41-1e98-11df-9308-001e9071aa2e}.TMContainer00000000000000000002.regtrans-ms
[2010/02/21 03:36:44 | 000,524,288 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{40f77e41-1e98-11df-9308-001e9071aa2e}.TMContainer00000000000000000001.regtrans-ms
[2010/02/21 03:36:44 | 000,065,536 | -HS- | M] () -- C:\Users\Safran\ntuser.dat{40f77e41-1e98-11df-9308-001e9071aa2e}.TM.blf
[2010/02/20 19:40:13 | 000,077,620 | ---- | M] () -- C:\Windows\hpqins05.dat
[2010/02/20 18:59:46 | 000,023,113 | ---- | M] () -- C:\Windows\hpqins15.dat
[2010/02/20 17:14:05 | 002,529,622 | ---- | M] () -- C:\Users\Safran\AppData\Local\[j0009]-[p08].bmp
[2010/02/20 17:09:56 | 002,529,622 | ---- | M] () -- C:\Users\Safran\AppData\Local\[j0008]-[p10].bmp
[2010/02/20 17:07:04 | 002,529,622 | ---- | M] () -- C:\Users\Safran\AppData\Local\[j0007]-[p10].bmp
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/21 17:38:06 | 000,027,453 | ---- | C] () -- C:\Users\Safran\Desktop\Capture3.PNG
[2010/03/20 17:17:14 | 000,023,591 | ---- | C] () -- C:\Users\Safran\Desktop\Capture2.PNG
[2010/03/20 12:19:24 | 000,065,079 | ---- | C] () -- C:\Users\Safran\Desktop\Capture - Copy.PNG
[2010/03/20 12:10:15 | 000,065,079 | ---- | C] () -- C:\Users\Safran\Desktop\Capture.PNG
[2010/03/18 17:41:05 | 003,894,152 | R--- | C] () -- C:\Users\Safran\Desktop\ComboFix.exe
[2010/03/18 17:35:19 | 000,000,176 | ---- | C] () -- C:\Users\Safran\defogger_reenable
[2010/03/18 17:34:18 | 000,050,477 | ---- | C] () -- C:\Users\Safran\Desktop\Defogger.exe
[2010/03/18 16:24:27 | 000,155,752 | ---- | C] () -- C:\Users\Safran\Desktop\tdsskiller.zip
[2010/03/18 15:31:25 | 000,293,376 | ---- | C] () -- C:\Users\Safran\Desktop\2swezxrd.exe
[2010/03/17 11:24:15 | 000,002,283 | ---- | C] () -- C:\Users\Safran\Desktop\Win 32.Malware.Jeefo Removal Tool[2].lnk
[2010/03/17 00:01:08 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/03/17 00:01:07 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/03/17 00:01:07 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/03/17 00:01:04 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/03/16 23:57:46 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2010/03/16 23:35:14 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/03/16 18:10:20 | 000,000,162 | -H-- | C] () -- C:\Users\Safran\Desktop\~$jangs.docx
[2010/03/13 00:41:50 | 000,002,125 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2010/03/13 00:39:26 | 000,197,047 | ---- | C] () -- C:\Windows\hpoins30.dat
[2010/03/13 00:39:25 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2010/03/13 00:17:23 | 000,019,500 | ---- | C] () -- C:\Windows\hpqins13.dat
[2010/03/12 23:31:30 | 000,001,273 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/03/12 23:31:05 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/03/11 21:13:56 | 000,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010/03/11 21:13:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/03/11 21:13:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/03/11 21:13:56 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/03/11 21:13:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/03/07 00:48:17 | 000,002,054 | ---- | C] () -- C:\Users\Safran\Desktop\Rome - Total War.lnk
[2010/03/07 00:48:10 | 000,000,248 | ---- | C] () -- C:\Windows\RomeTW.ini
[2010/03/07 00:17:03 | 000,524,288 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{a9595bc3-297e-11df-a7f4-001e9071aa2e}.TMContainer00000000000000000002.regtrans-ms
[2010/03/07 00:17:03 | 000,524,288 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{a9595bc3-297e-11df-a7f4-001e9071aa2e}.TMContainer00000000000000000001.regtrans-ms
[2010/03/07 00:17:03 | 000,065,536 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{a9595bc3-297e-11df-a7f4-001e9071aa2e}.TM.blf
[2010/03/04 11:31:51 | 000,000,042 | ---- | C] () -- C:\Windows\System32\RegistryEasy.lie
[2010/03/01 20:46:08 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/03/01 18:24:28 | 000,002,654 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010/02/24 23:55:32 | 000,524,288 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{dac47147-219f-11df-944b-001e9071aa2e}.TMContainer00000000000000000002.regtrans-ms
[2010/02/24 23:55:32 | 000,524,288 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{dac47147-219f-11df-944b-001e9071aa2e}.TMContainer00000000000000000001.regtrans-ms
[2010/02/24 23:55:32 | 000,065,536 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{dac47147-219f-11df-944b-001e9071aa2e}.TM.blf
[2010/02/24 19:51:51 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/02/24 19:51:51 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/02/23 20:53:03 | 000,524,288 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{54376346-20bd-11df-bfa8-001e9071aa2e}.TMContainer00000000000000000002.regtrans-ms
[2010/02/23 20:53:03 | 000,524,288 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{54376346-20bd-11df-bfa8-001e9071aa2e}.TMContainer00000000000000000001.regtrans-ms
[2010/02/23 20:53:03 | 000,065,536 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{54376346-20bd-11df-bfa8-001e9071aa2e}.TM.blf
[2010/02/21 03:22:26 | 000,524,288 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{40f77e41-1e98-11df-9308-001e9071aa2e}.TMContainer00000000000000000002.regtrans-ms
[2010/02/21 03:22:26 | 000,524,288 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{40f77e41-1e98-11df-9308-001e9071aa2e}.TMContainer00000000000000000001.regtrans-ms
[2010/02/21 03:22:26 | 000,065,536 | -HS- | C] () -- C:\Users\Safran\ntuser.dat{40f77e41-1e98-11df-9308-001e9071aa2e}.TM.blf
[2010/02/20 19:39:07 | 000,077,620 | ---- | C] () -- C:\Windows\hpqins05.dat
[2010/02/20 18:59:12 | 000,023,113 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/02/20 17:14:04 | 002,529,622 | ---- | C] () -- C:\Users\Safran\AppData\Local\[j0009]-[p08].bmp
[2010/02/20 17:09:55 | 002,529,622 | ---- | C] () -- C:\Users\Safran\AppData\Local\[j0008]-[p10].bmp
[2010/02/20 17:07:02 | 002,529,622 | ---- | C] () -- C:\Users\Safran\AppData\Local\[j0007]-[p10].bmp
[2010/02/05 21:30:07 | 000,000,315 | ---- | C] () -- C:\Users\Safran\AppData\Roaming\default.rss
[2010/02/03 03:09:16 | 000,023,698 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/02/03 01:12:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/03 00:31:25 | 000,039,426 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/10/07 08:24:22 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/13 23:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 179 bytes -> C:\ProgramData\TEMP:D2F2F703
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:443E07A5
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >
  • 0

#36
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
Hi again,

I don't see any signs of malware there. However you might want to try to disable PCTools Spyware Doctor. This program sometimes can cause performance issues.

Try disabling it and see if the problem still persists. You can also uninstall it, reboot, see if the problem is fixed and if not, reinstall the application (this is a better way of testing it, but involves a bit more effort, since you have to uninstall/reinstall).
  • 0

#37
saf99

saf99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I've uninstalled it but I doubt it's the cause of the problem because this problem persisted before I had spyware doctor installed and i installed it assuming it will help get rid of the crash.....
  • 0

#38
saf99

saf99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I just had a crash again, it seems to happen only when I am watching videos, video streams or even when playing games. I think anything with moving images or animations will cause a crash.... :)
  • 0

#39
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
This makes me think of problems with your video drivers. It might be worth a try to re-install your video card drivers.

You can also check if this occurs in safe mode with networking. Reboot in safe mode with networking, and try to watch a video online.

I'm pretty sure this is not malware related, but lets do one last check.

ESET ONLINE SCANNER
----------------------------
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    Note - when ESET doesn't find any threats, no report will be created.
  • Push the Posted Image button.
  • Push Posted Image

  • 0

#40
saf99

saf99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hi again, I did reboot in safe mode with networking and I did watch a video and I may have paused it before I left my computer alone for quite a while. When I came back it was on the desktop frozen couldn't even move the mouse. So rebooting in safe mode did not solve the problem.

I also carried out the above scan but no infections were found so I don't think a report was produced as there wasn't an option for me to produce a report..

By the way do you believe it could be because of my RAM. is there any way of checking if there is a problem with the RAM? because I had a problem with my computer before where I will switch it on and the screen will turn all fuzzy and sometimes I will get a blue screen and my computer will just not go to my desktop it will just restart. I then borrowed a RAM of a friend and it seemed to be working fine until this problem , he's RAM was probably less than a year or maybe more....
  • 0

Advertisements


#41
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts

I had a problem with my computer before where I will switch it on and the screen will turn all fuzzy

That sounds to me as a problem with your video card (however, I'm not a hardware expert). Especially the fact that you have also the problem watching video's.

I recommend you to post about this in the Hardware forum. It would be a good idea to include a note with this topic link.

As far as malware is concerned you are clean!

ALL CLEAN
--------------
Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :)

Please do the following to remove the remaining programs from your PC:
  • Delete the tools used during the disinfection:
  • Click start > run and type combofix /uninstall, press enter. This will remove Combofix from your computer.
  • Delete GMER (this is a random named file) and OTL.
Please read these advices, in order to prevent reinfecting your PC:
  • Install and update the following programs regularly:
    • an outbound firewall
      A comprehensive tutorial and a list of possible firewalls can be found here.
    • an AntiVirus Software
      It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
    • an Anti-Spyware program
      Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
      SUPERAntiSpyware is another good scanner with high detection and removal rates.
      Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
    • Spyware Blaster
      A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.
    • MVPs hosts file
      A tutorial for MVPs hosts file can be found here. If you would like automatic updates you might want to take a look at HostMan host file manager. For more information on thehosts file, and what it can do for you,please consult the Tutorial on the Hosts file
  • Keep Windows (and your other Microsoft software) up to date!
    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.
    Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!
  • Keep your other software up to date as well
    Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.
  • Stay up to date!
    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing :).
Some more links you might find of interest:

Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.
  • 0

#42
saf99

saf99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I see thanks so much for your help, at least it's helped keep my computer clean. By the way how do I add a note to this topic?, and do I have to state my problem again in the hardware forum? or should I just copy and paste the description of my problem into that forum?
  • 0

#43
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
You can just copy paste the description there, include also a link to this thread so everyone there can see what we did here.
  • 0

#44
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP