Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Your system has been infected background

Started by nijisan , Nov 28 2010 10:14 PM

  • This topic is locked This topic is locked

#31
maliprog
Posted 05 December 2010 - 12:39 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi nijisan,

I see a lot of infections. Let's try to fix some of them and get control over your system. Test your system after this fix and let me know.

Start OTLPE as you did previously from CD
Copy the attached Fix.txt (located at the and of this fix) to a USB

  • Insert your USB drive with fix.txt on it
  • Start OTLPE
  • Drag and drop fix.txt into the Custom scans and fixes box
  • If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done to normal mode if possible
  • Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

Please don't forget to include these items in your reply:

  • New OTL scan log
It would be helpful if you could post each log in separate post

Attached Files

  • Attached File  Fix.txt   2.34KB   92 downloads

  • 0

Advertisements

#32
nijisan
Posted 06 December 2010 - 07:52 AM

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Here is the LOG



========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Win_Updater deleted successfully.
File C:\Windows\System32\system\svchost.exe not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\userinit deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSHNAS deleted successfully.
File C:\Windows\System32\sshnas21.dll not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XDva328 deleted successfully.
File C:\Windows\System32\XDva328.sys not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XDva326 deleted successfully.
File C:\Windows\System32\XDva326.sys not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XDva313 deleted successfully.
File C:\Windows\System32\XDva313.sys not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\XDva309 deleted successfully.
File C:\Windows\System32\XDva309.sys not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WDICA deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LLRING0 deleted successfully.
File C:\Program Files\ZhyperMU\ZMU2010SMALL R3\zhypermu small r3\MuGuard\llck1.sys not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lbrtfdc deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KIKIDRIVER deleted successfully.
File C:\Documents and Settings\WINDOWS XP\Desktop\Downloaded Files\Kiki Engine 1.41 [Unpacked]\Kiki Engine 1.41 [Unpacked]\kiki.sys not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GarenaPEngine deleted successfully.
File C:\DOCUME~1\WINDOW~1\LOCALS~1\Temp\HIAC8.tmp not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vbma3ff2 deleted successfully.
C:\WINDOWS\system32\drivers\vbma3ff2.sys moved successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\oreans32 deleted successfully.
C:\WINDOWS\system32\drivers\oreans32.sys moved successfully.
Registry value HKEY_USERS\WINDOWS_XP_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7BE8ED1-B138-48FD-BB22-9779A39130B1}\ not found.
HKU\WINDOWS_XP_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\WINDOWS_XP_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D7BE8ED1-B138-48FD-BB22-9779A39130B1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7BE8ED1-B138-48FD-BB22-9779A39130B1}\ not found.
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job moved successfully.
C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job moved successfully.
File C:\Windows\System32\drivers\vbma3ff2.sys not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General\\BackupWallPaper deleted successfully.
File not found.
C:\WINDOWS\system32\msoibenw.dll moved successfully.
File C:\Windows\System32\drivers\vbma3ff2.sys not found.
File rity] not found.
File ptytemp] not found.
File ptyflash] not found.

OTLPE by OldTimer - Version 3.1.43.0 log created on 12062010_214459
  • 0

#33
maliprog
Posted 06 December 2010 - 07:55 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi nijisan,

How is your system now? Any changes?
  • 0

#34
nijisan
Posted 06 December 2010 - 08:04 AM

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Virus detection from AVG started popping out. I tried running an OTL scan but it still gets terminated.
  • 0

#35
maliprog
Posted 06 December 2010 - 08:26 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
If you can try to run AVG scan. After that:

Step 1

Please click here to download AVP Tool by Kaspersky.
  • Save it to your desktop.
  • Reboot your computer into SafeMode.
    You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
    Use your up arrow key to highlight SafeMode then hit enter    .
  • Double click the setup file to run it.
  • Click Next to continue.
  • It will by default install it to your desktop folder.Click Next.
  • Hit ok at the prompt for scanning in Safe Mode.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.
  • System Memory
  • Startup Objects
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)


After that click on Security level then choose Customize then click on the tab that says Heuristic Analyzer then choose Enable Deep rootkit search then choose ok.
Then choose OK again then you are back to the main screen.

  • Then click on Scan at the to right hand Corner.
  • It will automatically Neutralize any objects found.
  • If some objects are left un-neutralized then click the button that says Neutralize all
  • If it says it cannot be Neutralized then chooose The delete option when prompted.
  • After that is done click on the reports button at the bottom and save it to file name it Kas.
  • Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

    Note: This tool will self uninstall when you close it so please save the log before closing it.

Step 2

Run OTL Quick Scan from OTLPE like we did before.

Step 3

Please don't forget to include these items in your reply:

  • AVP log
  • New OTLPE scan log
It would be helpful if you could post each log in separate post
  • 0

#36
nijisan
Posted 06 December 2010 - 09:45 AM

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
still scanning with kaspersky..
  • 0

#37
maliprog
Posted 06 December 2010 - 10:36 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Great! Don't forget to save log before closing it.
  • 0

#38
nijisan
Posted 07 December 2010 - 05:53 AM

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
OTL logfile created on: 12/7/2010 7:22:38 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\WINDOWS XP\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 74.00% Memory free
9.00 Gb Paging File | 8.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.94 Gb Total Space | 118.44 Gb Free Space | 78.99% Space Free | Partition Type: NTFS
Drive D: | 76.31 Gb Total Space | 66.92 Gb Free Space | 87.70% Space Free | Partition Type: FAT32
Drive E: | 148.14 Gb Total Space | 144.67 Gb Free Space | 97.65% Space Free | Partition Type: NTFS
Drive G: | 1.91 Gb Total Space | 0.06 Gb Free Space | 2.94% Space Free | Partition Type: FAT32

Computer Name: WINDOWS-352AC85 | User Name: WINDOWS XP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/02 16:16:20 | 001,476,096 | ---- | M] () -- C:\Program Files\Angels Online\angel.dat
PRC - [2010/12/01 20:06:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy (3) of OTL.scr
PRC - [2010/12/01 07:02:35 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Documents and Settings\WINDOWS XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010/11/24 22:30:19 | 002,069,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 22:29:43 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/10/16 19:47:22 | 003,249,504 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2010/10/15 19:34:28 | 000,300,656 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2010/10/15 19:34:28 | 000,140,920 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
PRC - [2010/09/21 09:00:53 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/06/22 08:59:20 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/06/22 08:59:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/06/22 08:58:53 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/06/22 08:58:52 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/05/25 22:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2009/05/14 12:18:00 | 000,206,848 | ---- | M] (Grass Software) -- c:\Program Files\GrassSoft\Mouse Recorder\MacroService.exe
PRC - [2009/05/14 12:17:46 | 000,123,392 | ---- | M] (Grass Software) -- c:\Program Files\GrassSoft\Mouse Recorder\MacroServiceWnd.exe
PRC - [2008/04/14 20:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/19 08:22:08 | 001,089,536 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2008/02/18 19:32:03 | 000,081,920 | R--- | M] () -- C:\WINDOWS\system32\SupportAppXL\cdrom_mon.exe
PRC - [2008/01/31 17:27:04 | 000,118,784 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2007/08/09 15:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (SafeList) ==========

MOD - [2010/12/01 20:06:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy (3) of OTL.scr
MOD - [2009/03/26 22:35:40 | 000,034,224 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\idmmkb.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Windows\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/15 19:34:28 | 000,300,656 | ---- | M] (Speedbit Ltd.) [Auto | Running] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/06/22 08:59:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/12/17 05:05:00 | 003,375,888 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/05/14 12:18:00 | 000,206,848 | ---- | M] (Grass Software) [Auto | Running] -- c:\Program Files\GrassSoft\Mouse Recorder\MacroService.exe -- (Macro Expert)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/02/18 19:32:03 | 000,081,920 | R--- | M] () [Auto | Running] -- C:\WINDOWS\system32\SupportAppXL\cdrom_mon.exe -- (Autorun CDROM Monitor)
SRV - [2007/08/09 15:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2005/09/23 07:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\usbVM303.sys -- (ZSMC303)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmfilter303.sys -- (vmfilter303)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\WINDOWS XP\Desktop\Downloaded Files\Spuc3ngine\Spuc3nginef\spuce.sys -- (spuce1)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Gravity\RO\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\DRIVERS\imagedrv.sys -- (Imagedrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\btkrnl.sys -- (btkrnl)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/09/30 04:53:36 | 000,078,328 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2010/06/22 08:59:21 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/22 08:58:54 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/01 09:13:59 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/29 08:03:56 | 000,040,832 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Yonline.ahc -- (Yonline)
DRV - [2010/04/28 08:45:14 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MP4ConverterAudio.sys -- (MP4ConverterAudio)
DRV - [2010/03/05 17:55:03 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009/11/25 11:50:16 | 004,463,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/10/22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\63202452.sys -- (63202452)
DRV - [2009/10/22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\33734292.sys -- (33734292)
DRV - [2009/10/13 16:50:00 | 000,133,632 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mkd2kfNT.sys -- (Mkd2kfNt)
DRV - [2009/10/09 22:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\3373429.sys -- (setup_9.0.0.722_29.11.2010_06-15drv)
DRV - [2009/10/09 22:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\6320245.sys -- (setup_9.0.0.722_06.12.2010_16-19drv)
DRV - [2009/09/25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\63202451.sys -- (63202451)
DRV - [2009/09/25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\33734291.sys -- (33734291)
DRV - [2009/07/13 16:37:00 | 000,079,360 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV - [2008/10/30 21:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/04/14 20:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/14 20:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/14 06:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008/03/18 16:12:20 | 000,105,088 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/03/18 16:12:20 | 000,105,088 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/03/18 16:12:20 | 000,105,088 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008/03/17 11:03:46 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/03/04 16:40:04 | 000,097,408 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbser.sys -- (qcusbser)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/12/21 16:26:00 | 004,405,248 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:9.0.0.736
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7.1.6
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004

FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/12/02 16:10:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/29 12:49:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/29 12:49:13 | 000,000,000 | ---D | M]

[2010/10/14 20:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Mozilla\Extensions
[2009/09/24 16:04:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Mozilla\Extensions\[email protected]
[2010/11/29 12:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Mozilla\Firefox\Profiles\uyhieiy8.default\extensions
[2010/11/29 12:49:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/10 19:41:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]

O1 HOSTS File: ([2010/11/29 10:33:27 | 000,000,023 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SBCONVERT Class) - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (SBCONVERT Class) - {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\Toolbar\Grabber.dll (Speedbit Ltd.)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - Startup: C:\Documents and Settings\WINDOWS XP\Start Menu\Programs\Startup\setup_9.0.0.722_06.12.2010_16-19.lnk = C:\Documents and Settings\WINDOWS XP\Desktop\Virus Removal Tool\setup_9.0.0.722_06.12.2010_16-19\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\Windows\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/29 15:45:57 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/11/29 13:05:40 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010/11/29 13:05:39 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{03499452-b020-11df-981c-001e58e74f64}\Shell\auto\command - "" = Read1st.exe
O33 - MountPoints2\{03499452-b020-11df-981c-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{03499452-b020-11df-981c-001e58e74f64}\Shell\explore\command - "" = Read1st.exe
O33 - MountPoints2\{03499452-b020-11df-981c-001e58e74f64}\Shell\open\command - "" = Read1st.exe
O33 - MountPoints2\{137e5842-ea30-11df-984a-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{137e5842-ea30-11df-984a-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{137e5842-ea30-11df-984a-001e58e74f64}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{137e5843-ea30-11df-984a-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{137e5843-ea30-11df-984a-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{137e5843-ea30-11df-984a-001e58e74f64}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{137e5846-ea30-11df-984a-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{137e5846-ea30-11df-984a-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{137e5846-ea30-11df-984a-001e58e74f64}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{137e5847-ea30-11df-984a-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{137e5847-ea30-11df-984a-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{137e5847-ea30-11df-984a-001e58e74f64}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{137e584a-ea30-11df-984a-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{137e584a-ea30-11df-984a-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{137e584a-ea30-11df-984a-001e58e74f64}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{24ac78ae-5746-11df-97f4-001e58e74f64}\Shell\AutoplAY\CommaNd - "" = mimovx.cmd
O33 - MountPoints2\{24ac78ae-5746-11df-97f4-001e58e74f64}\Shell\AutoRun\command - "" = mimovx.cmd
O33 - MountPoints2\{24ac78ae-5746-11df-97f4-001e58e74f64}\Shell\eXploRe\CoMMANd - "" = mimovx.cmd
O33 - MountPoints2\{24ac78ae-5746-11df-97f4-001e58e74f64}\Shell\open\CommaND - "" = mimovx.cmd
O33 - MountPoints2\{3de2f9be-cc75-11de-974e-001e58e74f64}\Shell\AutoRun\command - "" = G:\.\ShowModem.exe -- File not found
O33 - MountPoints2\{5fadd985-e57e-11de-9757-001e58e74f64}\Shell\auto\command - "" = G:\Read1st.exe -- File not found
O33 - MountPoints2\{5fadd985-e57e-11de-9757-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5fadd985-e57e-11de-9757-001e58e74f64}\Shell\explore\command - "" = G:\Read1st.exe -- File not found
O33 - MountPoints2\{5fadd985-e57e-11de-9757-001e58e74f64}\Shell\open\command - "" = G:\Read1st.exe -- File not found
O33 - MountPoints2\{79e33c19-58d0-11df-97f5-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{79e33c19-58d0-11df-97f5-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{79e33c19-58d0-11df-97f5-001e58e74f64}\Shell\AutoRun\command - "" = G:\MediaManager.exe -- File not found
O33 - MountPoints2\{7da14f61-e545-11dc-9730-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{7da14f61-e545-11dc-9730-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7da14f61-e545-11dc-9730-001e58e74f64}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{7da14f62-e545-11dc-9730-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{7da14f62-e545-11dc-9730-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7da14f62-e545-11dc-9730-001e58e74f64}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{86c7a75e-c604-11de-974b-001e58e74f64}\Shell\auto\command - "" = Read1st!
O33 - MountPoints2\{86c7a75e-c604-11de-974b-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{86c7a75e-c604-11de-974b-001e58e74f64}\Shell\explore\command - "" = Read1st!
O33 - MountPoints2\{86c7a75e-c604-11de-974b-001e58e74f64}\Shell\open\command - "" = Read1st!
O33 - MountPoints2\{90f48736-8f53-11df-9812-001e58e74f64}\Shell\auto\command - "" = Read1st.exe
O33 - MountPoints2\{90f48736-8f53-11df-9812-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{90f48736-8f53-11df-9812-001e58e74f64}\Shell\explore\command - "" = Read1st.exe
O33 - MountPoints2\{90f48736-8f53-11df-9812-001e58e74f64}\Shell\open\command - "" = Read1st.exe
O33 - MountPoints2\{ace7a92f-eebb-11df-9853-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{ace7a92f-eebb-11df-9853-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ace7a92f-eebb-11df-9853-001e58e74f64}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{ace7a931-eebb-11df-9853-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{ace7a931-eebb-11df-9853-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ace7a931-eebb-11df-9853-001e58e74f64}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{ace7a932-eebb-11df-9853-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{ace7a932-eebb-11df-9853-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ace7a932-eebb-11df-9853-001e58e74f64}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{ace7a935-eebb-11df-9853-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{ace7a935-eebb-11df-9853-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ace7a935-eebb-11df-9853-001e58e74f64}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{ace7a936-eebb-11df-9853-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{ace7a936-eebb-11df-9853-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ace7a936-eebb-11df-9853-001e58e74f64}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{ae9db5ee-fb8c-11df-9866-001e58e74f64}\Shell\auto\command - "" = Read1st.exe
O33 - MountPoints2\{ae9db5ee-fb8c-11df-9866-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ae9db5ee-fb8c-11df-9866-001e58e74f64}\Shell\explore\command - "" = Read1st.exe
O33 - MountPoints2\{ae9db5ee-fb8c-11df-9866-001e58e74f64}\Shell\open\command - "" = Read1st.exe
O33 - MountPoints2\{b73ce2c9-e543-11dc-972f-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{b73ce2c9-e543-11dc-972f-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b73ce2c9-e543-11dc-972f-001e58e74f64}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{b73ce2cc-e543-11dc-972f-001e58e74f64}\Shell - "" = AutoRun
O33 - MountPoints2\{b73ce2cc-e543-11dc-972f-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b73ce2cc-e543-11dc-972f-001e58e74f64}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{c18727da-abd5-11de-9745-001e58e74f64}\Shell\auto\command - "" = G:\Scrap
O33 - MountPoints2\{c18727da-abd5-11de-9745-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c18727da-abd5-11de-9745-001e58e74f64}\Shell\explore\command - "" = G:\Scrap
O33 - MountPoints2\{c18727da-abd5-11de-9745-001e58e74f64}\Shell\open\command - "" = G:\Scrap
O33 - MountPoints2\{c1872890-abd5-11de-9745-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c1872890-abd5-11de-9745-001e58e74f64}\Shell\AutoRun\command - "" = insomnia\\\jkdrolja.exe
O33 - MountPoints2\{c1872890-abd5-11de-9745-001e58e74f64}\Shell\explore\command - "" = insomnia\\\jkdrolja.exe
O33 - MountPoints2\{c1872890-abd5-11de-9745-001e58e74f64}\Shell\Install\command - "" = insomnia\\\jkdrolja.exe
O33 - MountPoints2\{c1872890-abd5-11de-9745-001e58e74f64}\Shell\open\command - "" = insomnia\\\jkdrolja.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/07 19:21:52 | 003,022,064 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\WINDOWS XP\Desktop\dfsetup200.exe
[2010/12/07 19:21:21 | 002,963,664 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\WINDOWS XP\Desktop\ccsetup301.exe
[2010/12/07 00:20:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy (3) of OTL.scr
[2010/12/06 22:57:12 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\6320245.sys
[2010/12/06 22:57:12 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\63202451.sys
[2010/12/06 22:57:12 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\63202452.sys
[2010/12/06 22:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Desktop\Virus Removal Tool
[2010/12/06 22:35:08 | 085,061,872 | ---- | C] ( ) -- C:\Documents and Settings\WINDOWS XP\Desktop\setup_9.0.0.722_06.12.2010_16-19.exe
[2010/12/05 20:04:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Desktop\parity
[2010/12/05 11:21:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Local Settings\Application Data\AVG Security Toolbar
[2010/12/04 20:18:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\WINDOWS XP\Recent
[2010/12/03 20:16:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Desktop\parity Binary
[2010/12/02 21:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Desktop\exam
[2010/12/02 16:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/12/01 20:06:53 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy (2) of OTL.scr
[2010/11/29 23:16:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/11/29 21:44:18 | 098,217,771 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\WINDOWS XP\Desktop\OTLPEStd.exe
[2010/11/29 21:10:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/29 17:52:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Desktop\FileLister
[2010/11/29 15:54:25 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/11/29 15:45:57 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/11/29 13:21:10 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\3373429.sys
[2010/11/29 13:21:10 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\33734291.sys
[2010/11/29 13:21:10 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\33734292.sys
[2010/11/29 13:04:00 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\WINDOWS XP\Desktop\mbam-setup-1.46.exe
[2010/11/29 12:47:33 | 084,543,856 | ---- | C] ( ) -- C:\Documents and Settings\WINDOWS XP\Desktop\setup_9.0.0.722_29.11.2010_06-15.exe
[2010/11/29 12:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/29 12:00:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/29 12:00:42 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/29 10:32:44 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\System32\VCCLSID.exe
[2010/11/29 10:32:44 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\System32\SrchSTS.exe
[2010/11/29 10:32:44 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\System32\swreg.exe
[2010/11/29 10:32:44 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\VACFix.exe
[2010/11/29 10:32:44 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.exe
[2010/11/29 10:32:44 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe
[2010/11/29 10:32:44 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\404Fix.exe
[2010/11/29 10:32:44 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\o4Patch.exe
[2010/11/29 10:32:44 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\System32\swxcacls.exe
[2010/11/29 10:32:44 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\Agent.OMZ.Fix.exe
[2010/11/29 10:32:44 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\System32\Process.exe
[2010/11/27 20:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Application Data\Malwarebytes
[2010/11/27 20:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/27 20:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/11/27 19:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Desktop\Downloaded Files
[2010/11/21 21:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\WINDOWS
[2010/11/21 21:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Webzen
[2010/11/20 21:12:46 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent Ultra Accelerator
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/07 19:22:52 | 003,022,064 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\WINDOWS XP\Desktop\dfsetup200.exe
[2010/12/07 19:22:15 | 002,963,664 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\WINDOWS XP\Desktop\ccsetup301.exe
[2010/12/07 18:30:03 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1004336348-682003330-1004UA.job
[2010/12/07 08:08:37 | 068,609,545 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/12/07 03:30:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1004336348-682003330-1004Core.job
[2010/12/07 00:17:20 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RealUpgradeLogonTaskS-1-5-21-1482476501-1004336348-682003330-1004.job
[2010/12/07 00:16:56 | 000,002,048 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/07 00:16:05 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Status Monitor.lnk
[2010/12/06 22:58:06 | 000,002,253 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Start Menu\Programs\Startup\setup_9.0.0.722_06.12.2010_16-19.lnk
[2010/12/06 22:48:48 | 085,061,872 | ---- | M] ( ) -- C:\Documents and Settings\WINDOWS XP\Desktop\setup_9.0.0.722_06.12.2010_16-19.exe
[2010/12/06 21:54:24 | 000,018,804 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Problem Set on Solid Mensuration 3rd Q.docx
[2010/12/06 00:03:52 | 000,001,332 | ---- | M] () -- C:\OTLPE.lnk
[2010/12/05 12:33:36 | 000,040,904 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\parity Binary.rar
[2010/12/05 11:23:09 | 002,672,312 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\esetsmartinstaller_enu_2.exe
[2010/12/05 11:08:26 | 000,013,646 | ---- | M] () -- C:\Windows\System32\wpa.dbl
[2010/12/05 09:05:00 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-1482476501-1004336348-682003330-1004.job
[2010/12/04 23:42:17 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/03 08:32:06 | 000,002,323 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Google Chrome.lnk
[2010/12/03 08:32:06 | 000,002,301 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/02 21:44:44 | 000,119,677 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 11 - Network Security.pptx
[2010/12/02 19:53:45 | 000,837,120 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 7a - Internetworking.ppt
[2010/12/02 19:53:34 | 000,729,088 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 9 - Internet.ppt
[2010/12/01 22:38:16 | 000,077,685 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\BtX.Wallpaper.122985.jpg
[2010/12/01 20:10:42 | 000,000,952 | RH-- | M] () -- C:\boot.ini
[2010/12/01 20:06:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy (3) of OTL.scr
[2010/12/01 20:06:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy (2) of OTL.scr
[2010/12/01 19:33:07 | 000,002,457 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\HiJackThis.lnk
[2010/11/30 06:10:59 | 000,132,872 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document (2)3.docx
[2010/11/30 06:06:39 | 000,023,462 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3 (2).docx
[2010/11/30 01:00:38 | 000,017,288 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Title Page - Documentation.docx
[2010/11/30 00:52:46 | 000,022,128 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3 (1).docx
[2010/11/29 23:39:29 | 000,021,258 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3.docx
[2010/11/29 23:10:10 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Visio Drawing.vsd
[2010/11/29 22:55:24 | 000,030,189 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document (2).docx
[2010/11/29 22:08:30 | 098,217,771 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\WINDOWS XP\Desktop\OTLPEStd.exe
[2010/11/29 17:55:50 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled3.bmp
[2010/11/29 17:55:40 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled2.bmp
[2010/11/29 17:52:00 | 000,020,359 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\FileLister.zip
[2010/11/29 16:38:04 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\.wtav
[2010/11/29 16:30:26 | 000,034,342 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Main Documentation.docx
[2010/11/29 16:15:52 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\exeHelper_2.com
[2010/11/29 15:50:15 | 000,035,513 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document.docx
[2010/11/29 15:49:11 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\rkill.com
[2010/11/29 14:35:10 | 000,233,632 | RH-- | M] () -- C:\NTLDR
[2010/11/29 14:35:10 | 000,047,580 | RH-- | M] () -- C:\NTDETECT.COM
[2010/11/29 13:41:26 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\~$in Documentation.docx
[2010/11/29 13:39:00 | 000,000,115 | ---- | M] () -- C:\Windows\System32\version.ini
[2010/11/29 13:32:43 | 000,000,108 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Bitdefender Serial.rar
[2010/11/29 13:25:30 | 000,003,023 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\50492_170463769633090_3140060_q.jpg
[2010/11/29 13:08:26 | 084,543,856 | ---- | M] ( ) -- C:\Documents and Settings\WINDOWS XP\Desktop\setup_9.0.0.722_29.11.2010_06-15.exe
[2010/11/29 13:04:21 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\WINDOWS XP\Desktop\mbam-setup-1.46.exe
[2010/11/29 12:49:14 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/29 12:49:14 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/11/29 12:32:01 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/11/29 12:29:43 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Flash_Disinfector.exe
[2010/11/29 12:15:17 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled.bmp
[2010/11/29 12:02:18 | 003,981,348 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Combo-Fix.exe
[2010/11/29 12:00:45 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/29 11:15:13 | 000,001,324 | ---- | M] () -- C:\Windows\System32\d3d9caps.dat
[2010/11/29 10:36:29 | 000,002,050 | ---- | M] () -- C:\Windows\System32\tmp.reg
[2010/11/28 15:17:25 | 000,052,950 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\005.gif
[2010/11/28 10:29:17 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2010/11/28 03:20:03 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/28 02:55:32 | 000,011,715 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\My Documents\Good Carbs and Bad Carbs.docx
[2010/11/27 21:50:41 | 001,413,788 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter 5 - Unobtrusive Methods of Information Gathering.pdf
[2010/11/27 20:40:40 | 000,303,624 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/11/26 17:40:22 | 000,430,090 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Third Long Test.pdf
[2010/11/25 21:59:38 | 000,597,842 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter 6 - Prototyping, RAD, and Extreme Programming.pdf
[2010/11/25 17:59:14 | 000,040,484 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Main Documentation Chapters-guide.docx
[2010/11/22 21:14:41 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\My Documents\Rescue.asd
[2010/11/21 21:05:58 | 000,000,521 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mu.lnk
[2010/11/20 21:12:54 | 000,000,916 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Ultra Accelerator.lnk
[2010/11/16 16:35:09 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Garena.lnk
[2010/11/16 09:55:11 | 000,001,108 | ---- | M] () -- C:\Windows\checkip.dat
[2010/11/16 09:52:38 | 000,001,167 | ---- | M] () -- C:\Windows\ipconfig.dat
[2010/11/16 08:29:01 | 000,000,020 | ---- | M] () -- C:\Windows\GKLauncherInfo.ini
[2010/11/16 07:57:16 | 000,002,799 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\.NETSpeedBoost 6.0 Professional Edition.lnk
[2010/11/13 14:42:00 | 000,000,025 | ---- | M] () -- C:\Windows\popcinfot.dat
[2010/11/13 14:24:41 | 000,005,006 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Application Data\settings.dat
[2010/11/11 17:41:23 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Setting.dat
[2010/11/09 19:35:42 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\PUTTY.RND
[2010/11/07 22:25:05 | 000,435,590 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/07 22:25:05 | 000,068,360 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/06 22:58:06 | 000,002,253 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Start Menu\Programs\Startup\setup_9.0.0.722_06.12.2010_16-19.lnk
[2010/12/06 21:54:28 | 000,018,804 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Problem Set on Solid Mensuration 3rd Q.docx
[2010/12/05 12:33:36 | 000,040,904 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\parity Binary.rar
[2010/12/05 11:21:50 | 002,672,312 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\esetsmartinstaller_enu_2.exe
[2010/12/02 21:49:19 | 000,729,088 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 9 - Internet.ppt
[2010/12/02 21:49:14 | 000,837,120 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 7a - Internetworking.ppt
[2010/12/02 21:44:43 | 000,119,677 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 11 - Network Security.pptx
[2010/12/02 08:02:26 | 000,001,332 | ---- | C] () -- C:\OTLPE.lnk
[2010/12/01 22:38:19 | 000,077,685 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\BtX.Wallpaper.122985.jpg
[2010/11/30 06:06:40 | 000,023,462 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3 (2).docx
[2010/11/30 01:00:42 | 000,017,288 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Title Page - Documentation.docx
[2010/11/30 00:52:47 | 000,022,128 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3 (1).docx
[2010/11/29 23:39:32 | 000,021,258 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3.docx
[2010/11/29 23:09:51 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Visio Drawing.vsd
[2010/11/29 23:03:51 | 000,132,872 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document (2)3.docx
[2010/11/29 17:55:50 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled3.bmp
[2010/11/29 17:55:40 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled2.bmp
[2010/11/29 17:52:15 | 000,020,359 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\FileLister.zip
[2010/11/29 16:41:46 | 000,233,632 | RH-- | C] () -- C:\NTLDR
[2010/11/29 16:41:46 | 000,047,580 | RH-- | C] () -- C:\NTDETECT.COM
[2010/11/29 16:41:46 | 000,000,952 | RH-- | C] () -- C:\boot.ini
[2010/11/29 16:24:45 | 000,030,189 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document (2).docx
[2010/11/29 16:16:13 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\exeHelper_2.com
[2010/11/29 15:50:02 | 000,035,513 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document.docx
[2010/11/29 15:48:51 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\rkill.com
[2010/11/29 13:41:26 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\~$in Documentation.docx
[2010/11/29 13:38:58 | 000,000,115 | ---- | C] () -- C:\Windows\System32\version.ini
[2010/11/29 13:32:45 | 000,000,108 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Bitdefender Serial.rar
[2010/11/29 13:25:32 | 000,003,023 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\50492_170463769633090_3140060_q.jpg
[2010/11/29 12:49:14 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/29 12:49:14 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/11/29 12:29:36 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Flash_Disinfector.exe
[2010/11/29 12:15:16 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled.bmp
[2010/11/29 12:05:12 | 000,002,457 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\HiJackThis.lnk
[2010/11/29 12:00:45 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/29 11:59:57 | 003,981,348 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Combo-Fix.exe
[2010/11/29 10:33:33 | 000,002,050 | ---- | C] () -- C:\Windows\System32\tmp.reg
[2010/11/29 10:32:44 | 000,075,776 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe
[2010/11/29 10:32:44 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe
[2010/11/29 10:32:44 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
[2010/11/29 09:36:50 | 000,040,484 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Main Documentation Chapters-guide.docx
[2010/11/29 08:57:35 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\.wtav
[2010/11/28 15:17:29 | 000,052,950 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\005.gif
[2010/11/28 02:35:10 | 000,011,715 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\My Documents\Good Carbs and Bad Carbs.docx
[2010/11/27 21:50:35 | 001,413,788 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter 5 - Unobtrusive Methods of Information Gathering.pdf
[2010/11/27 20:44:25 | 000,430,090 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Third Long Test.pdf
[2010/11/25 21:59:01 | 000,597,842 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter 6 - Prototyping, RAD, and Extreme Programming.pdf
[2010/11/25 18:09:26 | 000,034,342 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Main Documentation.docx
[2010/11/22 21:14:41 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\My Documents\Rescue.asd
[2010/11/21 21:05:58 | 000,000,521 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mu.lnk
[2010/11/20 21:12:54 | 000,000,916 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Ultra Accelerator.lnk
[2010/11/09 19:35:26 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\PUTTY.RND
[2010/11/09 17:17:32 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2010/11/05 17:00:47 | 000,000,020 | ---- | C] () -- C:\Windows\GKLauncherInfo.ini
[2010/11/04 19:57:47 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Setting.dat
[2010/11/04 19:57:47 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\UserFlag.ini
[2010/10/23 12:37:34 | 000,304,092 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\farm.bmp
[2010/10/17 11:58:46 | 000,005,006 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\settings.dat
[2010/10/03 13:21:00 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2010/08/10 19:37:56 | 000,000,141 | ---- | C] () -- C:\Windows\option.ini
[2010/08/10 19:35:00 | 000,036,864 | ---- | C] () -- C:\Windows\System32\EGameEncrypt.dll
[2010/05/26 23:08:10 | 099,580,183 | ---- | C] () -- C:\Program Files\N0kia.rar
[2010/03/25 10:35:27 | 000,000,318 | ---- | C] () -- C:\Windows\WpePro_0delay.INI
[2010/03/24 18:13:43 | 000,000,321 | ---- | C] () -- C:\Windows\WPE PRO.INI
[2010/03/19 17:11:48 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/02/24 18:34:43 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2010/02/07 23:44:15 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2010/02/05 21:09:37 | 000,000,306 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/01/06 21:55:56 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/01/06 21:55:56 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010/01/06 21:55:31 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2009/11/23 01:13:05 | 000,124,230 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\debuggee.mdmp
[2009/10/23 13:17:19 | 000,159,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/10/22 23:39:52 | 000,003,120 | ---- | C] () -- C:\Windows\System32\6ffdbcaf-f6c1-42d3-a4a9-c7957224a70b.dll
[2009/10/07 19:45:18 | 000,009,013 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/09/24 16:39:26 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009/09/21 14:56:05 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/09/21 14:56:04 | 000,100,864 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/27 14:32:21 | 000,004,161 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2006/05/16 14:25:43 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hpzids01.dll
[2001/08/29 19:57:40 | 000,155,648 | ---- | C] () -- C:\Windows\System32\addurl41.DLL
[2001/07/10 14:43:16 | 000,018,432 | ---- | C] () -- C:\Windows\System32\winwatch.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2E3335FF
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECD22A97
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EEC268D2
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D74B6CF5
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B11E0DF
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:010ADD2C
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0

< End of report >




I was not able to get hold of the AVP scan log
  • 0

#39
maliprog
Posted 07 December 2010 - 07:01 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi nijisan,

Step 1

Delete all your previous versions of OTL and download new one from Here.

After that run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O33 - MountPoints2\{03499452-b020-11df-981c-001e58e74f64}\Shell\auto\command - "" = Read1st.exe
    O33 - MountPoints2\{03499452-b020-11df-981c-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{03499452-b020-11df-981c-001e58e74f64}\Shell\explore\command - "" = Read1st.exe
    O33 - MountPoints2\{03499452-b020-11df-981c-001e58e74f64}\Shell\open\command - "" = Read1st.exe
    O33 - MountPoints2\{137e5842-ea30-11df-984a-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{137e5842-ea30-11df-984a-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{137e5842-ea30-11df-984a-001e58e74f64}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
    O33 - MountPoints2\{137e5843-ea30-11df-984a-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{137e5843-ea30-11df-984a-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{137e5843-ea30-11df-984a-001e58e74f64}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
    O33 - MountPoints2\{137e5846-ea30-11df-984a-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{137e5846-ea30-11df-984a-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{137e5846-ea30-11df-984a-001e58e74f64}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
    O33 - MountPoints2\{137e5847-ea30-11df-984a-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{137e5847-ea30-11df-984a-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{137e5847-ea30-11df-984a-001e58e74f64}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
    O33 - MountPoints2\{137e584a-ea30-11df-984a-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{137e584a-ea30-11df-984a-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{137e584a-ea30-11df-984a-001e58e74f64}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
    O33 - MountPoints2\{24ac78ae-5746-11df-97f4-001e58e74f64}\Shell\AutoplAY\CommaNd - "" = mimovx.cmd
    O33 - MountPoints2\{24ac78ae-5746-11df-97f4-001e58e74f64}\Shell\AutoRun\command - "" = mimovx.cmd
    O33 - MountPoints2\{24ac78ae-5746-11df-97f4-001e58e74f64}\Shell\eXploRe\CoMMANd - "" = mimovx.cmd
    O33 - MountPoints2\{24ac78ae-5746-11df-97f4-001e58e74f64}\Shell\open\CommaND - "" = mimovx.cmd
    O33 - MountPoints2\{3de2f9be-cc75-11de-974e-001e58e74f64}\Shell\AutoRun\command - "" = G:\.\ShowModem.exe -- File not found
    O33 - MountPoints2\{5fadd985-e57e-11de-9757-001e58e74f64}\Shell\auto\command - "" = G:\Read1st.exe -- File not found
    O33 - MountPoints2\{5fadd985-e57e-11de-9757-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{5fadd985-e57e-11de-9757-001e58e74f64}\Shell\explore\command - "" = G:\Read1st.exe -- File not found
    O33 - MountPoints2\{5fadd985-e57e-11de-9757-001e58e74f64}\Shell\open\command - "" = G:\Read1st.exe -- File not found
    O33 - MountPoints2\{79e33c19-58d0-11df-97f5-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{79e33c19-58d0-11df-97f5-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{79e33c19-58d0-11df-97f5-001e58e74f64}\Shell\AutoRun\command - "" = G:\MediaManager.exe -- File not found
    O33 - MountPoints2\{7da14f61-e545-11dc-9730-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{7da14f61-e545-11dc-9730-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{7da14f61-e545-11dc-9730-001e58e74f64}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
    O33 - MountPoints2\{7da14f62-e545-11dc-9730-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{7da14f62-e545-11dc-9730-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{7da14f62-e545-11dc-9730-001e58e74f64}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
    O33 - MountPoints2\{86c7a75e-c604-11de-974b-001e58e74f64}\Shell\auto\command - "" = Read1st!
    O33 - MountPoints2\{86c7a75e-c604-11de-974b-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{86c7a75e-c604-11de-974b-001e58e74f64}\Shell\explore\command - "" = Read1st!
    O33 - MountPoints2\{86c7a75e-c604-11de-974b-001e58e74f64}\Shell\open\command - "" = Read1st!
    O33 - MountPoints2\{90f48736-8f53-11df-9812-001e58e74f64}\Shell\auto\command - "" = Read1st.exe
    O33 - MountPoints2\{90f48736-8f53-11df-9812-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{90f48736-8f53-11df-9812-001e58e74f64}\Shell\explore\command - "" = Read1st.exe
    O33 - MountPoints2\{90f48736-8f53-11df-9812-001e58e74f64}\Shell\open\command - "" = Read1st.exe
    O33 - MountPoints2\{ace7a92f-eebb-11df-9853-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{ace7a92f-eebb-11df-9853-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{ace7a92f-eebb-11df-9853-001e58e74f64}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
    O33 - MountPoints2\{ace7a931-eebb-11df-9853-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{ace7a931-eebb-11df-9853-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{ace7a931-eebb-11df-9853-001e58e74f64}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
    O33 - MountPoints2\{ace7a932-eebb-11df-9853-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{ace7a932-eebb-11df-9853-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{ace7a932-eebb-11df-9853-001e58e74f64}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
    O33 - MountPoints2\{ace7a935-eebb-11df-9853-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{ace7a935-eebb-11df-9853-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{ace7a935-eebb-11df-9853-001e58e74f64}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
    O33 - MountPoints2\{ace7a936-eebb-11df-9853-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{ace7a936-eebb-11df-9853-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{ace7a936-eebb-11df-9853-001e58e74f64}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
    O33 - MountPoints2\{ae9db5ee-fb8c-11df-9866-001e58e74f64}\Shell\auto\command - "" = Read1st.exe
    O33 - MountPoints2\{ae9db5ee-fb8c-11df-9866-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{ae9db5ee-fb8c-11df-9866-001e58e74f64}\Shell\explore\command - "" = Read1st.exe
    O33 - MountPoints2\{ae9db5ee-fb8c-11df-9866-001e58e74f64}\Shell\open\command - "" = Read1st.exe
    O33 - MountPoints2\{b73ce2c9-e543-11dc-972f-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{b73ce2c9-e543-11dc-972f-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{b73ce2c9-e543-11dc-972f-001e58e74f64}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
    O33 - MountPoints2\{b73ce2cc-e543-11dc-972f-001e58e74f64}\Shell - "" = AutoRun
    O33 - MountPoints2\{b73ce2cc-e543-11dc-972f-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{b73ce2cc-e543-11dc-972f-001e58e74f64}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
    O33 - MountPoints2\{c18727da-abd5-11de-9745-001e58e74f64}\Shell\auto\command - "" = G:\Scrap
    O33 - MountPoints2\{c18727da-abd5-11de-9745-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{c18727da-abd5-11de-9745-001e58e74f64}\Shell\explore\command - "" = G:\Scrap
    O33 - MountPoints2\{c18727da-abd5-11de-9745-001e58e74f64}\Shell\open\command - "" = G:\Scrap
    O33 - MountPoints2\{c1872890-abd5-11de-9745-001e58e74f64}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{c1872890-abd5-11de-9745-001e58e74f64}\Shell\AutoRun\command - "" = insomnia\\\jkdrolja.exe
    O33 - MountPoints2\{c1872890-abd5-11de-9745-001e58e74f64}\Shell\explore\command - "" = insomnia\\\jkdrolja.exe
    O33 - MountPoints2\{c1872890-abd5-11de-9745-001e58e74f64}\Shell\Install\command - "" = insomnia\\\jkdrolja.exe
    O33 - MountPoints2\{c1872890-abd5-11de-9745-001e58e74f64}\Shell\open\command - "" = insomnia\\\jkdrolja.exe
    [2010/11/29 10:36:29 | 000,002,050 | ---- | M] () -- C:\Windows\System32\tmp.reg

    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply.

Step 2

Unistall Malwarebytes and remove all previous downloaded setup files. Download new installation of Malwarebytes.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 3

  • Run OTL.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open notepad window. OTL.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.


Step 4

How is your system now? What problems do you still experience?

Step 5

Please don't forget to include these items in your reply:

  • OTL fix log
  • Malwarebytes log
  • New OTL scan log
It would be helpful if you could post each log in separate post
  • 0

#40
nijisan
Posted 07 December 2010 - 09:37 AM

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I don't know what happened but I can't run MBAM and OTL again.
  • 0

Advertisements

#41
maliprog
Posted 07 December 2010 - 12:22 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Did you manage to run OTL Fix or you can't run OTL at all?
  • 0

#42
nijisan
Posted 08 December 2010 - 06:24 AM

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I can't run OTL again, it's like the same problem. It kills the program.
  • 0

#43
maliprog
Posted 08 December 2010 - 07:22 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi nijisan,

Let's try to run Dr.Web and get some logs. If you fail to run Dr.Web please run AVP again and try to save log for me.

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in pop-up window to allow scan.
  • This will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, select Complete scan.
  • Click the green arrow Posted Image at the right, and the scan will start.
  • Click Yes to all if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click File and choose Save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • Copy and paste that log in the next reply. You can use Notepad to open the DrWeb.cvs report.

NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.
  • 0

#44
nijisan
Posted 08 December 2010 - 08:00 AM

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
My net became awfully slow right now. Might be because of the virus..
  • 0

#45
maliprog
Posted 08 December 2010 - 08:09 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Let me know if you can continue with steps. If you cant we will continue with OTLPE.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP