Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Multiple Undetected Viruses [Solved]

Started by Michael Smith , Jun 01 2010 12:27 PM

  • This topic is locked This topic is locked

#16
hammerman
Posted 04 June 2010 - 01:53 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 20.
  • Click the "Download JRE" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u20-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u20-windows-i586.exe and select "Run as an Administrator.")
then...

Run OTL and select Minimal Output. Use the Quick Scan button to start a scan.
Please post the OTL report in your reply.
  • 0

Advertisements

#17
Michael Smith
Posted 04 June 2010 - 02:33 PM

Michael Smith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
OTL logfile created on: 6/4/2010 4:20:52 PM - Run 3
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Users\Luke\Desktop\Fixes\OTL
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 39.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221.03 Gb Total Space | 127.78 Gb Free Space | 57.81% Space Free | Partition Type: NTFS
Drive D: | 11.85 Gb Total Space | 1.93 Gb Free Space | 16.29% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LUKES-COMPUTER
Current User Name: Luke
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Users\Luke\Desktop\Fixes\OTL\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\BM\TMBMSRV.exe (Trend Micro Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe (Trend Micro Inc.)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\PCPitstop\PCPitstopScheduleService.exe (PC Pitstop LLC)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)


========== Modules (SafeList) ==========

MOD - C:\Users\Luke\Desktop\Fixes\OTL\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (TmProxy) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe (Trend Micro Inc.)
SRV - (TmPfw) -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe (Trend Micro Inc.)
SRV - (TMBMServer) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe (Trend Micro Inc.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SfCtlCom) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (Trend Micro Inc.)
SRV - (PCPitstop Scheduling) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe (PC Pitstop LLC)
SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (usnjsvc) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (Vongo Service) -- C:\Program Files\Vongo\VongoService.exe (Starz Entertainment Group LLC)
SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)


========== Driver Services (SafeList) ==========

DRV - (tmwfp) -- C:\WINDOWS\System32\drivers\tmwfp.sys (Trend Micro Inc.)
DRV - (tmcomm) -- C:\WINDOWS\System32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (tmlwf) -- C:\WINDOWS\System32\drivers\tmlwf.sys (Trend Micro Inc.)
DRV - (tmtdi) -- C:\WINDOWS\System32\drivers\tmtdi.sys (Trend Micro Inc.)
DRV - (tmactmon) -- C:\WINDOWS\System32\drivers\tmactmon.sys (Trend Micro Inc.)
DRV - (tmevtmgr) -- C:\WINDOWS\System32\drivers\tmevtmgr.sys (Trend Micro Inc.)
DRV - (tmxpflt) -- C:\WINDOWS\System32\drivers\tmxpflt.sys (Trend Micro Inc.)
DRV - (tmpreflt) -- C:\WINDOWS\System32\drivers\tmpreflt.sys (Trend Micro Inc.)
DRV - (vsapint) -- C:\WINDOWS\System32\drivers\vsapint.sys (Trend Micro Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (NuidFltr) -- C:\WINDOWS\System32\drivers\nuidfltr.sys (Microsoft Corporation)
DRV - (igfx) -- C:\WINDOWS\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (ialm) -- C:\WINDOWS\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (NETw5v32) Intel® -- C:\WINDOWS\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (SynTP) -- C:\WINDOWS\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (btwavdt) -- C:\WINDOWS\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwaudio) -- C:\WINDOWS\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\WINDOWS\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (RTL8169) -- C:\WINDOWS\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (HpqRemHid) -- C:\WINDOWS\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV - (NETw4v32) Intel® -- C:\WINDOWS\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (HpqKbFiltr) -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (rismxdp) -- C:\WINDOWS\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\System32\drivers\rimsptsk.sys (REDC)
DRV - (smserial) -- C:\WINDOWS\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSF_DPV) -- C:\WINDOWS\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel® -- C:\WINDOWS\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (BCM43XV) -- C:\WINDOWS\System32\drivers\BCMWL6.SYS (Broadcom Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/01/08 17:14:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension [2010/05/31 01:46:21 | 000,000,000 | ---D | M]

[2010/05/05 18:40:41 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Mozilla\Extensions
[2010/05/05 18:40:41 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Mozilla\Extensions\[email protected]

O1 HOSTS File: ([2010/06/02 19:32:40 | 000,000,065 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts:
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Luke\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: Reg Error: Invalid data type.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/02 01:57:16 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 90 Days ==========

[2010/06/04 16:16:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/06/04 16:05:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/06/04 16:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/06/03 12:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/06/03 11:56:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/02 17:06:47 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\Malwarebytes
[2010/06/02 17:06:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/02 17:06:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/02 17:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/02 17:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/02 16:53:45 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/06/02 16:53:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/06/02 16:36:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/06/02 13:45:45 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\temp
[2010/06/02 13:07:50 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/06/02 13:07:50 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/06/02 13:07:50 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/06/02 13:07:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/02 13:07:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/06/01 16:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/06/01 15:19:26 | 000,000,000 | ---D | C] -- C:\Users\Luke\Desktop\Fixes
[2010/06/01 13:26:50 | 000,000,000 | ---D | C] -- C:\Users\Luke\Desktop\Hijack
[2010/05/31 23:14:27 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/05/31 19:51:14 | 000,000,000 | ---D | C] -- C:\Users\Luke\Desktop\System Cleaner
[2010/05/31 01:53:32 | 000,230,928 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmxpflt.sys
[2010/05/31 01:46:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Trend Micro
[2010/05/31 01:23:43 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\Trend Micro
[2010/05/31 01:17:19 | 001,322,680 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\vsapint.sys
[2010/05/31 01:17:18 | 000,283,152 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmwfp.sys
[2010/05/31 01:17:18 | 000,158,224 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2010/05/31 01:17:18 | 000,146,448 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmlwf.sys
[2010/05/31 01:17:18 | 000,089,872 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmtdi.sys
[2010/05/31 01:17:18 | 000,059,920 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmactmon.sys
[2010/05/31 01:17:18 | 000,050,704 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmevtmgr.sys
[2010/05/31 01:17:18 | 000,036,368 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmpreflt.sys
[2010/05/31 01:11:01 | 000,000,000 | ---D | C] -- C:\Users\Luke\Desktop\TIS
[2010/05/31 00:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SITEguard
[2010/05/31 00:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2010/05/31 00:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010/05/31 00:10:18 | 000,390,656 | ---- | C] (iS3, Inc.) -- C:\Users\Luke\Desktop\STOPzilla_Setup.exe
[2010/05/05 18:40:41 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\Mozilla
[2010/04/12 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/04/12 20:49:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/04/12 20:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/12 20:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/04/12 20:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/03/30 10:49:34 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\Apple Computer
[2010/03/30 10:49:34 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\Apple Computer
[2010/03/30 10:48:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/03/30 10:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/30 10:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/03/30 10:42:20 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\Apple
[2010/03/30 10:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/03/30 10:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/03/30 10:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

========== Files - Modified Within 90 Days ==========

[2010/06/04 16:31:44 | 003,670,016 | -HS- | M] () -- C:\Users\Luke\NTUSER.DAT
[2010/06/04 16:16:02 | 000,000,164 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/06/04 16:13:25 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/04 16:12:45 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/04 16:12:45 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/04 16:12:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/04 16:12:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/04 16:12:39 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/04 16:11:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/06/04 16:11:22 | 000,524,288 | -HS- | M] () -- C:\Users\Luke\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/06/04 16:11:22 | 000,065,536 | -HS- | M] () -- C:\Users\Luke\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/06/04 16:11:10 | 002,845,806 | -H-- | M] () -- C:\Users\Luke\AppData\Local\IconCache.db
[2010/06/04 15:38:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/04 12:58:36 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FC6A490E-08C5-4CBE-8E48-6122E6C1A673}.job
[2010/06/02 19:39:21 | 000,000,312 | ---- | M] () -- C:\Windows\System32\drivers\kgpfr2.cfg
[2010/06/02 19:39:18 | 000,000,856 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2010/06/02 19:32:40 | 000,000,065 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/06/02 16:49:53 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/06/02 16:28:37 | 339,871,117 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/05/31 04:36:56 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/05/31 04:36:56 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/05/31 04:36:56 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/05/31 01:27:21 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\Trend Micro Internet Security Pro.lnk
[2010/05/31 01:17:18 | 000,283,152 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmwfp.sys
[2010/05/31 01:17:18 | 000,158,224 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2010/05/31 01:17:18 | 000,146,448 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmlwf.sys
[2010/05/31 01:17:18 | 000,089,872 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmtdi.sys
[2010/05/31 01:17:18 | 000,059,920 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmactmon.sys
[2010/05/31 01:17:18 | 000,050,704 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmevtmgr.sys
[2010/05/31 01:07:53 | 000,077,528 | ---- | M] () -- C:\Users\Luke\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/31 01:04:05 | 000,316,936 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/05/31 00:15:03 | 001,863,680 | -H-- | M] () -- C:\SZKGFS.dat
[2010/05/30 23:07:38 | 000,390,656 | ---- | M] (iS3, Inc.) -- C:\Users\Luke\Desktop\STOPzilla_Setup.exe
[2010/05/20 23:36:00 | 000,024,064 | ---- | M] () -- C:\Users\Luke\Documents\BOOK COVER.doc
[2010/05/20 23:18:08 | 000,025,600 | ---- | M] () -- C:\Users\Luke\Documents\BOOK REVIEW.doc
[2010/05/12 19:02:59 | 000,000,240 | ---- | M] () -- C:\Windows\win.ini
[2010/05/12 18:32:10 | 000,019,039 | ---- | M] () -- C:\Users\Luke\Documents\DK Gearcheck.xlsx
[2010/05/06 17:49:12 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLuke.job
[2010/05/05 19:06:17 | 000,025,088 | ---- | M] () -- C:\Users\Luke\Documents\THE HOBBIT theme.doc
[2010/05/05 18:38:32 | 000,001,700 | ---- | M] () -- C:\Users\Luke\Desktop\LimeWire 5.5.8.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/28 22:09:45 | 000,026,624 | ---- | M] () -- C:\Users\Luke\Documents\Romeo and Juiet fate vs free will essay.doc
[2010/04/28 13:54:33 | 000,024,064 | ---- | M] () -- C:\Users\Luke\Documents\Fate.doc
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe
[2010/04/12 20:50:13 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/04/12 20:44:12 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/03/31 15:49:13 | 000,025,600 | ---- | M] () -- C:\Users\Luke\Documents\Romeo e-mail.doc
[2010/03/26 16:35:00 | 000,025,600 | ---- | M] () -- C:\Users\Luke\Documents\Mini Report 6.doc
[2010/03/19 16:54:55 | 000,025,088 | ---- | M] () -- C:\Users\Luke\Documents\Mini Report 5.doc
[2010/03/12 17:26:29 | 000,026,112 | ---- | M] () -- C:\Users\Luke\Documents\Mini Report 4.doc
[2010/03/12 17:23:28 | 000,026,112 | ---- | M] () -- C:\Users\Luke\Documents\Mini Reoirt 4.doc

========== Files Created - No Company Name ==========

[2010/06/04 12:57:24 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2010/06/02 19:39:21 | 000,000,312 | ---- | C] () -- C:\Windows\System32\drivers\kgpfr2.cfg
[2010/06/02 19:37:40 | 000,000,856 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2010/06/02 13:07:50 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/06/02 13:07:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/06/02 13:07:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/06/02 13:07:50 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/06/02 13:07:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/05/31 01:27:21 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\Trend Micro Internet Security Pro.lnk
[2010/05/31 01:02:37 | 339,871,117 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/05/31 00:15:03 | 001,863,680 | -H-- | C] () -- C:\SZKGFS.dat
[2010/05/20 23:36:00 | 000,024,064 | ---- | C] () -- C:\Users\Luke\Documents\BOOK COVER.doc
[2010/05/20 23:18:08 | 000,025,600 | ---- | C] () -- C:\Users\Luke\Documents\BOOK REVIEW.doc
[2010/05/05 19:06:17 | 000,025,088 | ---- | C] () -- C:\Users\Luke\Documents\THE HOBBIT theme.doc
[2010/05/05 18:38:32 | 000,001,700 | ---- | C] () -- C:\Users\Luke\Desktop\LimeWire 5.5.8.lnk
[2010/04/28 13:54:33 | 000,024,064 | ---- | C] () -- C:\Users\Luke\Documents\Fate.doc
[2010/04/28 13:45:13 | 000,026,624 | ---- | C] () -- C:\Users\Luke\Documents\Romeo and Juiet fate vs free will essay.doc
[2010/04/12 20:50:13 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/04/12 20:44:12 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/03/30 21:34:43 | 000,025,600 | ---- | C] () -- C:\Users\Luke\Documents\Romeo e-mail.doc
[2010/03/26 16:35:00 | 000,025,600 | ---- | C] () -- C:\Users\Luke\Documents\Mini Report 6.doc
[2010/03/19 16:54:55 | 000,025,088 | ---- | C] () -- C:\Users\Luke\Documents\Mini Report 5.doc
[2010/03/12 17:26:29 | 000,026,112 | ---- | C] () -- C:\Users\Luke\Documents\Mini Report 4.doc
[2010/03/12 17:23:28 | 000,026,112 | ---- | C] () -- C:\Users\Luke\Documents\Mini Reoirt 4.doc
[2010/03/12 16:41:04 | 000,019,039 | ---- | C] () -- C:\Users\Luke\Documents\DK Gearcheck.xlsx
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/03 20:29:35 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/04/19 20:16:37 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009/04/17 16:12:31 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/02/04 22:42:40 | 000,027,019 | ---- | C] () -- C:\Windows\maxlink.ini
[2008/04/02 03:01:35 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/02/10 21:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007/09/13 11:31:06 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2007/09/13 11:22:46 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/09/13 11:22:46 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/09/05 15:52:04 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 18:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2002/03/04 11:16:34 | 000,110,592 | R--- | C] () -- C:\Windows\System32\Jpeg32.dll
[2001/11/14 16:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2010/05/20 00:13:46 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\LimeWire
[2008/12/25 15:46:54 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\WildTangent
[2010/06/04 16:11:34 | 000,032,584 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2010/06/04 12:58:36 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{FC6A490E-08C5-4CBE-8E48-6122E6C1A673}.job

========== Purity Check ==========


< End of report >
  • 0

#18
hammerman
Posted 04 June 2010 - 02:56 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Congratulations, your computer appears clean :)

Let's remove the tools we've been using.

Please follow these steps.

-- Step 1 --

Follow these steps to uninstall Combofix and tools used in the removal of malware
  • Click START then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    Posted Image
-- Step 2 --
  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Here are some measures you can take to ensure that your computer remains clean.

1. Updates

Windows Updates

It is essential that you regularly check and install the latest Windows Updates. Vulnerabilities within Windows can leave your computer open to infection. Regular updates are released to fix these security vulnerabilities. It is recommended that you set Windows to check, download and install your updates automatically.

  • Click Start
  • Select Control Panel
  • Click on Automatic (recommended)
  • Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
  • Click Apply then OK.
Java Updates

As with Windows, Java also needs to be regularly updated to fix security vulnerabilites. You can download the latest version of the Java Runtime Environment (JRE) from here. Download, install and reboot your computer. You also need to uininstall older versions of Java.

  • Click Start
  • Select Control Panel
  • Select Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
Adobe Updates

Your Adobe reader needs updating. You should ensure you use the latest Adobe Acrobat Reader and install any security updates that are released. You can download the latest reader and updates from here.

Other Updates

Regularly check for updates for all your security programs including firewall, antivirus, antispyware etc

2. Security Programs

Here is a list of security programs that I would recommend.

Firewall

A firewall is essential to stop hackers infiltrating your computer. The following firewalls are free for personal use. Do not install more than one firewall.

Zone Alarm is an excellent free basic firewall which is very easy to use.
Online-Armor Free is a more advanced firewall which includes a Host Intrusion Protection System (HIPS). This ensures that unrecognised programs will not run unless you give permission.

Antivirus

An antivirus program is essential. The following antivirus programs are free for personal use. Do not use more than one antivirus and always update virus definitions regularly.

AVG
Avira Free
Avast

Anti-Malware

Malwarebytes Anti-Malware MBAM is an excellent anti-malware tool that should be updated and a Quick Scan performed regularly. A Full Scan does not have to be carried out on such a regular basis as the developers aim to detect the vast majority of malware with the Quick Scan. The scanner is free for on-demand scans only.

Ad-Aware, Spybot, SuperAntispyware and A-Squared Free are also very good anti-malware programs that are free for on-demand scans. Spybot has a real-time protection feature called TeaTimer.

Prevention

SpywareBlaster is an excellent free tool for preventing the installation of spyware.
SpywareGuard offers real-time protection so that spyware is detected and blocked before it can do any harm.

Cleaner

ATF Cleaner removes temporary Internet Explorer, Firefox and Windows files.

Browser

Firefox is an alternative browser to Internet Explorer and is more secure.
NoScript is an add-on for Firefox and prevents execution of malicious scripts.
MVPS is a HOSTS file to replace your existing file. This prevents you connecting to a list of well-known ad sites.
  • 0

#19
Michael Smith
Posted 04 June 2010 - 05:31 PM

Michael Smith

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Excellent! Thank you very much for your help. I'll definately take at look at the recommended downloads. Just one last little bother, the link for OTC seems to be broken.
  • 0

#20
hammerman
Posted 05 June 2010 - 11:17 AM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Do this instead.

Run OTL and press the CleanUp button.
  • 0

#21
hammerman
Posted 07 June 2010 - 08:45 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP