Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware From PDF document

Started by Daryin , Dec 10 2010 02:02 AM

  • Please log in to reply

#1
Daryin
Posted 10 December 2010 - 02:02 AM

Daryin

    New Member

  • Member
  • Pip
  • 1 posts
Hi and thank you for your help. It is much appreciated. I downloaded a pdf file from this link on a google search:

[PDF] Time for change? Personal, social and health education
File Format: PDF/Adobe Acrobat - Quick View
health education. At a time of considerable change for personal, ..... We can learn from the experience of other countries, and areas in the UK such ...
www.ofsted.gov.uk/.../Time%20for%20change_Personal,%20social%20and%20health%20education%20(Word%20format).p...

Note: There are several links for this but this was the top link in the results. To make sure you get the correct link, make sure it has source:


www.ofsted.gov.uk/.../Time%20for%20change_Personal,%20social%20and%20health%20education%20(Word%20format).p...

I got a warning that downloading the file could be harmful to my computer and selected save anyway. I did this because I thought the site was safe and I thought it was just a pdf. However, I later realized that I did not get such a message when downloading other PDF files. I opened the file. It looked fine. Then I decided to start my World of Warcraft game. After I was logged in, my computer screen froze and I could do nothing but shut down my computer and restart. I repeated and got the same screen freeze. Next, I decided to log into Second LIfe. After I logged in, my screen froze again. I had to press the off button on my computer and restart it. I then tried to play a video message and it froze again. I had to reboot.

I have been on my computer now for about 2 hours straight and it has not frozen again. However, I have not tried to view any video or run any executables.

I hope you can help me fix my computer.

P.S. When I run the ATI Tool ver:0.27 and press the "Show 3D View" button only, my screen freezes with multicolored static across the screen. This is the same thing that occurs when I try to open Second Life or World of Warcraft. I have always been able to open them before. Is my video card dying or something?

Thank You.

OTL


OTL logfile created on: 12/10/2010 1:19:05 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Downloads\Software
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 28.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.39 Gb Total Space | 127.47 Gb Free Space | 44.98% Space Free | Partition Type: NTFS
Drive D: | 14.70 Gb Total Space | 7.98 Gb Free Space | 54.30% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 292.00 Gb Free Space | 97.96% Space Free | Partition Type: NTFS
Drive F: | 4.23 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive K: | 298.09 Gb Total Space | 240.19 Gb Free Space | 80.58% Space Free | Partition Type: NTFS

Computer Name: GINA-PC | User Name: Gina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/10 00:58:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Downloads\Software\OTL.exe
PRC - [2010/11/30 17:02:35 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\Gina\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/09/17 20:14:22 | 000,460,144 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
PRC - [2010/09/07 09:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/05/26 11:03:40 | 002,346,192 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/05/14 10:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/03/07 23:36:44 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/01/14 15:08:16 | 000,378,128 | ---- | M] (PC Tools) -- C:\Program Files (x86)\ThreatFire\TFTray.exe
PRC - [2010/01/14 15:08:12 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files (x86)\ThreatFire\TFService.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/31 03:45:14 | 003,399,727 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files (x86)\Free Download Manager\fdm.exe
PRC - [2009/01/26 14:31:12 | 005,365,592 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/03/21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (SafeList) ==========

MOD - [2010/12/10 00:58:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Downloads\Software\OTL.exe
MOD - [2010/09/29 22:53:07 | 000,285,480 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2010/08/31 09:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010/01/14 15:08:22 | 000,460,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\ThreatFire\TFWAH.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc)
SRV:64bit: - [2010/09/29 22:52:48 | 002,528,856 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/08/03 17:24:52 | 000,091,648 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\tomcat7.exe -- (Tomcat7)
SRV:64bit: - [2009/10/07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2008/07/29 12:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/01/09 18:53:12 | 000,242,688 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\STacSV64.exe -- (STacSV)
SRV:64bit: - [2007/06/29 09:11:36 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2010/12/08 17:37:18 | 003,020,888 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_aeec0f0.dll -- (Akamai)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/09/17 20:14:22 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/06/03 11:48:28 | 000,246,520 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/16 15:21:00 | 003,532,120 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/02/19 05:44:44 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe -- (RoxMediaDBVHS)
SRV - [2010/01/14 15:08:12 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/03/29 22:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/03/22 21:10:04 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2007/08/23 14:35:30 | 000,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 14:35:22 | 003,192,184 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/03/21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SymIM.sys -- (SymIMMP)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SymIM.sys -- (SymIM)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\GALA-NET\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV:64bit: - [2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/01/26 20:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010/01/14 15:08:34 | 000,059,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TfSysMon)
DRV:64bit: - [2010/01/14 15:08:32 | 000,041,888 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2010/01/14 15:08:30 | 000,065,072 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/30 18:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/30 08:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/19 15:36:38 | 000,754,808 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2009/06/19 15:36:16 | 000,673,272 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/02 17:20:18 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2008/02/15 23:24:30 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/01/20 20:47:27 | 000,214,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008/01/20 20:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/09 18:54:00 | 000,423,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2007/06/29 09:11:24 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2007/06/20 18:57:36 | 000,029,184 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motmodem.sys -- (motmodem)
DRV:64bit: - [2007/06/20 04:32:58 | 001,478,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2007/06/20 04:30:22 | 000,409,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2007/06/20 04:29:14 | 000,740,352 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2007/05/11 21:01:10 | 000,070,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2007/05/09 21:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/05/09 21:46:48 | 001,127,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2007/04/13 14:22:50 | 000,324,488 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/03/21 13:59:30 | 000,381,720 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2006/11/02 01:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2006/10/06 20:13:22 | 000,550,912 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XV)
DRV:64bit: - [2006/09/18 15:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/06/19 16:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2010/01/18 18:21:16 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2005/01/03 18:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=FX7026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=FX7026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=DTP&M=FX7026
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=FX7026
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files (x86)\Family Toolbar\tbhelper.dll ()
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2008\tbextension

[2010/03/07 23:03:34 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Mozilla\Extensions
[2010/03/07 23:03:34 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Mozilla\Extensions\[email protected]

O1 HOSTS File: ([2010/10/05 14:46:24 | 000,420,710 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14511 more lines...
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe (PC Tools)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Gina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Malwarebytes' Anti-Malware.lnk = C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O8:64bit: - Extra context menu item: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files (x86)\Altova\XMLSpy2010\spy.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files (x86)\Altova\XMLSpy2010\spy.htm ()
O9 - Extra Button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files (x86)\Altova\XMLSpy2010\spy.htm ()
O9 - Extra 'Tools' menuitem : Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files (x86)\Altova\XMLSpy2010\spy.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...S/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://games.pogo.co...aploader_v6.cab (PopCapLoader Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.1.30.43 69.1.30.42
O18:64bit: - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Gina\Pictures\yellowflower.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gina\Pictures\yellowflower.jpg
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010/07/23 01:44:09 | 000,000,000 | RHSD | M] - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2010/04/11 12:28:22 | 000,000,000 | ---- | M] () - K:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{35e6484a-e44c-11de-9930-001cc04c77d8}\Shell\AutoRun\command - "" = L:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{35e6484a-e44c-11de-9930-001cc04c77d8}\Shell\Setup FlipShare\command - "" = L:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{c1cfda02-1f1f-11df-a0fc-001cc04c77d8}\Shell\AutoRun\command - "" = K:\Setup.exe -- [2009/01/16 02:14:08 | 000,156,312 | ---- | M] (Seagate Technology LLC)
O33 - MountPoints2\{c1cfda02-1f1f-11df-a0fc-001cc04c77d8}\Shell\Install\command - "" = K:\Setup.exe -- [2009/01/16 02:14:08 | 000,156,312 | ---- | M] (Seagate Technology LLC)
O33 - MountPoints2\{d7d0f647-61a2-11dd-9268-001cc04c77d8}\Shell - "" = AutoRun
O33 - MountPoints2\{d7d0f647-61a2-11dd-9268-001cc04c77d8}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\Setup.exe -- [2009/01/16 02:14:08 | 000,156,312 | ---- | M] (Seagate Technology LLC)
O33 - MountPoints2\K\Shell\Install\command - "" = K:\Setup.exe -- [2009/01/16 02:14:08 | 000,156,312 | ---- | M] (Seagate Technology LLC)
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/12/09 16:33:41 | 000,000,000 | ---D | C] -- C:\Users\Gina\Desktop\Linux Shells and Utilities Telnet Basics Tutorial_files
[2010/12/06 01:10:07 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/12/06 01:10:07 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/12/06 01:03:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2010/12/03 00:11:01 | 000,000,000 | ---D | C] -- C:\Users\Gina\AppData\Roaming\SampleView
[2010/12/02 22:32:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2010/12/02 22:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010/12/02 22:03:05 | 000,000,000 | ---D | C] -- C:\Users\Gina\Desktop\Security
[2010/11/30 17:54:21 | 000,000,000 | ---D | C] -- C:\tag
[2010/11/30 17:53:03 | 000,000,000 | ---D | C] -- C:\static
[2010/11/30 17:53:03 | 000,000,000 | ---D | C] -- C:\articles
[2010/11/30 17:53:02 | 000,000,000 | ---D | C] -- C:\reldate
[2010/11/30 17:53:01 | 000,000,000 | ---D | C] -- C:\origin
[2010/11/30 17:53:00 | 000,000,000 | ---D | C] -- C:\date
[2010/11/30 17:53:00 | 000,000,000 | ---D | C] -- C:\classification
[2010/11/30 17:52:53 | 000,000,000 | ---D | C] -- C:\cable
[2010/11/30 17:34:40 | 000,000,000 | ---D | C] -- C:\squelettes-dist
[2010/11/30 03:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/11/30 03:00:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010/11/30 03:00:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine
[2010/11/30 03:00:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrentBar
[2010/11/30 02:59:57 | 000,000,000 | ---D | C] -- C:\extensions
[2010/11/30 02:59:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2010/11/30 02:57:40 | 000,000,000 | ---D | C] -- C:\Users\Gina\AppData\Roaming\BitTorrent
[2010/11/28 20:38:34 | 000,000,000 | ---D | C] -- C:\Users\Gina\Desktop\lifepath112810_files
[2010/11/22 23:07:55 | 000,000,000 | ---D | C] -- C:\Users\Gina\Calibre Library
[2010/11/22 23:07:47 | 000,000,000 | ---D | C] -- C:\Users\Gina\AppData\Roaming\calibre
[2010/11/22 23:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Calibre2
[2010/11/22 22:46:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Debugging Tools for Windows (x86)
[2010/11/22 22:41:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreshDevices
[2009/12/08 06:46:10 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\lhacm.acm
[3 C:\Users\Gina\Desktop\*.tmp files -> C:\Users\Gina\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Gina\AppData\Local\*.tmp files -> C:\Users\Gina\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/10 01:31:59 | 000,000,458 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B00AC911-3763-433C-9C12-42DDFF0686D4}.job
[2010/12/10 01:01:02 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1846753614-1807101222-1376221700-1000UA.job
[2010/12/10 00:54:03 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/10 00:48:32 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{65ABE88B-16DD-4203-A00D-D6942105F857}.job
[2010/12/10 00:21:08 | 000,860,908 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/10 00:21:08 | 000,716,284 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/10 00:21:08 | 000,145,888 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/10 00:17:59 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/10 00:17:57 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010/12/10 00:14:45 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/10 00:14:45 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/10 00:14:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/09 23:21:26 | 000,000,843 | ---- | M] () -- C:\Users\Gina\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/09 23:01:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1846753614-1807101222-1376221700-1000Core.job
[2010/12/09 20:21:30 | 000,430,925 | ---- | M] () -- C:\Users\Gina\Desktop\NAFWC23-03-w.pdf
[2010/12/09 20:18:29 | 000,447,406 | ---- | M] () -- C:\Users\Gina\Desktop\NAFWC13-03-e.pdf
[2010/12/09 16:33:41 | 000,002,215 | ---- | M] () -- C:\Users\Gina\Desktop\Linux Shells and Utilities Telnet Basics Tutorial.htm
[2010/12/09 08:12:00 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\Backup.job
[2010/12/07 23:13:55 | 000,109,568 | ---- | M] () -- C:\Users\Gina\Desktop\unixandinternet.doc
[2010/12/01 21:46:12 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2010/11/30 03:01:22 | 000,000,797 | ---- | M] () -- C:\Users\Gina\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2010/11/30 03:01:22 | 000,000,773 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2010/11/28 20:38:34 | 000,049,506 | ---- | M] () -- C:\Users\Gina\Desktop\lifepath112810.htm
[2010/11/28 20:36:28 | 000,451,716 | ---- | M] () -- C:\Users\Gina\Desktop\readinglifepath112810.xps
[2010/11/22 23:07:23 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2010/11/21 14:39:27 | 000,946,688 | ---- | M] () -- C:\Users\Gina\Desktop\pawnsinthegame.pdf
[2010/11/20 20:07:35 | 000,011,834 | ---- | M] () -- C:\Users\Gina\AppData\Roaming\wklnhst.dat
[2010/11/10 23:16:36 | 000,000,680 | ---- | M] () -- C:\Users\Gina\AppData\Local\d3d9caps.dat
[3 C:\Users\Gina\Desktop\*.tmp files -> C:\Users\Gina\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Gina\AppData\Local\*.tmp files -> C:\Users\Gina\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/09 20:21:35 | 000,430,925 | ---- | C] () -- C:\Users\Gina\Desktop\NAFWC23-03-w.pdf
[2010/12/09 20:18:44 | 000,447,406 | ---- | C] () -- C:\Users\Gina\Desktop\NAFWC13-03-e.pdf
[2010/12/09 16:33:32 | 000,002,215 | ---- | C] () -- C:\Users\Gina\Desktop\Linux Shells and Utilities Telnet Basics Tutorial.htm
[2010/12/07 18:22:36 | 000,109,568 | ---- | C] () -- C:\Users\Gina\Desktop\unixandinternet.doc
[2010/12/02 22:33:16 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010/12/02 21:59:15 | 000,365,488 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistMSI5692.txt
[2010/12/02 21:58:49 | 000,011,186 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistUI5692.txt
[2010/11/30 17:34:51 | 000,001,665 | ---- | C] () -- C:\index.html
[2010/11/30 02:59:43 | 000,000,797 | ---- | C] () -- C:\Users\Gina\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2010/11/30 02:59:43 | 000,000,773 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2010/11/28 20:38:29 | 000,049,506 | ---- | C] () -- C:\Users\Gina\Desktop\lifepath112810.htm
[2010/11/28 20:36:21 | 000,451,716 | ---- | C] () -- C:\Users\Gina\Desktop\readinglifepath112810.xps
[2010/11/22 23:07:23 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2010/11/10 13:51:27 | 000,946,688 | ---- | C] () -- C:\Users\Gina\Desktop\pawnsinthegame.pdf
[2010/11/06 22:25:27 | 000,369,654 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistMSI7B7F.txt
[2010/11/06 22:25:27 | 000,014,058 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistUI7B7F.txt
[2010/10/05 19:15:53 | 000,000,260 | ---- | C] () -- C:\Windows\wininit.ini
[2010/07/27 01:47:22 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/07/27 01:28:34 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010/07/11 12:45:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/06/26 17:32:54 | 000,360,750 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistMSI03CC.txt
[2010/06/26 17:32:46 | 000,054,038 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistUI03CC.txt
[2010/06/03 17:52:52 | 000,000,732 | ---- | C] () -- C:\Users\Gina\AppData\Local\d3d9caps64.dat
[2010/04/07 02:25:52 | 000,440,624 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistMSI630C.txt
[2010/04/07 02:25:52 | 000,013,770 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistUI630C.txt
[2010/03/14 02:34:40 | 000,000,248 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2010/03/14 02:30:24 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2010/03/10 22:55:01 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini
[2010/03/10 22:55:00 | 000,000,957 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/03/10 22:55:00 | 000,000,737 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/02/16 01:29:07 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/02/16 01:27:36 | 000,370,494 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistMSI73CD.txt
[2010/02/16 01:27:36 | 000,023,302 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistUI73CD.txt
[2010/02/16 01:27:36 | 000,022,698 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistUI73CE.txt
[2010/02/09 00:06:11 | 000,010,588 | -HS- | C] () -- C:\Users\Gina\AppData\Local\XM3Em3TB
[2010/01/28 10:10:35 | 000,000,552 | ---- | C] () -- C:\Users\Gina\AppData\Local\d3d8caps.dat
[2010/01/26 20:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/12/08 06:44:56 | 000,001,024 | ---- | C] () -- C:\Program Files (x86)\telegram5.idx
[2009/12/08 06:44:56 | 000,000,512 | ---- | C] () -- C:\Program Files (x86)\telegram5.dat
[2009/12/08 06:44:56 | 000,000,029 | ---- | C] () -- C:\Windows\PControl.ini
[2009/12/08 06:44:43 | 000,000,364 | ---- | C] () -- C:\Program Files (x86)\aworld.log
[2009/12/04 01:59:55 | 000,363,104 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistMSI76B2.txt
[2009/12/04 01:59:55 | 000,011,458 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_vcredistUI76B2.txt
[2009/10/28 18:42:19 | 000,004,940 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2009/04/02 02:40:33 | 000,800,704 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/04/02 02:36:25 | 011,339,982 | ---- | C] () -- C:\Users\Gina\AppData\Local\VSMsiLog7DEA.txt
[2009/04/02 02:34:50 | 000,153,764 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_WinSDK_VWDTools_x64_MSI7CB4.txt
[2009/04/02 02:29:35 | 000,117,320 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_depcheck_VNS_EXP_90.txt
[2009/04/02 02:29:30 | 000,370,882 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_install_vns_xcor_90.txt
[2009/04/02 02:29:30 | 000,000,002 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_error_vns_xcor_90.txt
[2009/04/01 00:07:40 | 000,337,272 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_SharedManagementObjects_MSI3DEF.txt
[2009/04/01 00:07:39 | 000,172,028 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_SQLSysClrTypes_msi3DEB.txt
[2009/04/01 00:07:38 | 000,321,424 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_SQLCEToolsForVS2007_MSI3DE8.txt
[2009/04/01 00:07:35 | 000,398,012 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_SSCERuntime_MSI3DDE.txt
[2009/04/01 00:04:18 | 011,370,854 | ---- | C] () -- C:\Users\Gina\AppData\Local\VSMsiLog3B5B.txt
[2009/04/01 00:04:11 | 000,200,112 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI3B44.txt
[2009/04/01 00:04:05 | 000,213,464 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_WinSDK_ExpTools_x64_MSI3B31.txt
[2009/04/01 00:03:59 | 001,227,642 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_ExpRemoteDbg_x64_MSI3B1D.txt
[2009/04/01 00:02:43 | 002,482,618 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_NET_Framework35_x64_MSI3A25.txt
[2009/03/31 23:49:54 | 000,200,298 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2009/03/31 23:49:53 | 000,203,436 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_dotnetfx35install.txt
[2009/03/31 23:49:53 | 000,000,002 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_dotnetfx35error.txt
[2009/03/31 23:49:40 | 000,421,080 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_VC_Red_MSI3028.txt
[2009/03/31 23:44:18 | 000,118,122 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_depcheck_VB_EXP_90.txt
[2009/03/31 23:44:13 | 000,391,764 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_install_vb_xcor_90.txt
[2009/03/31 23:44:13 | 000,000,002 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_error_vb_xcor_90.txt
[2009/01/27 01:53:48 | 000,503,808 | ---- | C] () -- C:\Windows\SysWow64\tiff2pdf.dll
[2008/11/01 18:41:06 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2008/10/29 19:43:58 | 000,028,097 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_depcheckdotnetfx30.txt
[2008/10/29 19:43:57 | 005,471,478 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_dotnetfx3install.txt
[2008/10/29 19:43:57 | 005,460,204 | ---- | C] () -- C:\Users\Gina\AppData\Local\uxeventlog.txt
[2008/10/29 19:43:57 | 000,000,604 | ---- | C] () -- C:\Users\Gina\AppData\Local\dd_dotnetfx3error.txt
[2008/07/13 23:51:12 | 000,000,680 | ---- | C] () -- C:\Users\Gina\AppData\Local\d3d9caps.dat
[2008/06/21 09:48:18 | 000,014,848 | ---- | C] () -- C:\Users\Gina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/31 21:30:01 | 000,031,049 | ---- | C] () -- C:\Users\Gina\AppData\Roaming\UserTile.png
[2008/05/27 23:23:48 | 000,011,834 | ---- | C] () -- C:\Users\Gina\AppData\Roaming\wklnhst.dat
[2008/05/26 01:22:34 | 000,007,548 | ---- | C] () -- C:\Windows\SysWow64\drivers\Samhid.sys
[2008/05/26 00:01:19 | 000,487,424 | ---- | C] () -- C:\Windows\SysWow64\FDRpage.dll
[2008/03/22 20:14:07 | 000,049,152 | ---- | C] () -- C:\Windows\CNYUSB.dll
[2008/03/22 20:14:07 | 000,005,120 | ---- | C] () -- C:\Windows\HKCYDLL.dll
[2008/03/22 20:14:07 | 000,000,360 | ---- | C] () -- C:\Windows\CNYHKey.ini
[2008/02/19 00:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll
[2008/01/20 20:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2001/12/03 15:50:58 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\LTTLS13N.DLL
[2001/12/03 15:50:20 | 000,708,608 | ---- | C] () -- C:\Windows\SysWow64\LTCRY13N.DLL
[2000/07/07 05:49:30 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\LTDLL.DLL
[2000/04/12 15:28:12 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\LFKODAK.DLL
[2000/04/12 15:24:10 | 000,338,944 | ---- | C] () -- C:\Windows\SysWow64\LFFPX7.DLL
[1999/01/22 12:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\MSRTEDIT.DLL
[1997/07/11 00:00:00 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\MSENCODE.DLL
[1997/07/11 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\SysWow64\XLREC.DLL
[1997/07/11 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\SysWow64\RECNCL.DLL
[1997/07/11 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\ODBCSTF.DLL
[1997/07/11 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\DOCOBJ.DLL
[1997/07/11 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\HLINKPRX.DLL

========== LOP Check ==========

[2008/10/02 13:00:35 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Acreon
[2010/12/05 22:07:40 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\BitTorrent
[2010/11/22 23:08:34 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\calibre
[2010/03/08 00:18:10 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\fhnetwork.com
[2010/03/07 23:22:23 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Foxit
[2010/03/08 01:20:41 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Foxit Software
[2010/12/10 01:38:21 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Free Download Manager
[2010/09/02 00:19:50 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\gtk-2.0
[2010/09/01 17:30:32 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Hippo_OpenSim_Viewer
[2010/11/19 03:37:07 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Imprudence
[2010/06/26 17:37:07 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\IObit
[2009/12/11 22:22:08 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Leadertech
[2010/05/02 19:01:19 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\muvee Technologies
[2010/03/14 02:31:54 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\MyHeritage
[2010/10/10 22:36:15 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Notepad++
[2008/05/31 21:30:00 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\PeerNetworking
[2010/08/29 18:00:13 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\PhotoScape
[2010/12/03 00:11:01 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\SampleView
[2010/07/28 23:49:56 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\SecondLife
[2009/07/23 19:53:37 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Simple Star
[2008/05/27 23:23:50 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Template
[2010/02/18 19:48:47 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\TestingRecorder
[2010/03/14 02:30:20 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2010/07/11 12:16:28 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Video DVD Maker FREE
[2009/06/20 18:22:55 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Walgreens
[2009/01/17 22:04:23 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\WildTangent
[2010/12/10 00:17:57 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010/12/09 08:12:00 | 000,000,294 | ---- | M] () -- C:\Windows\Tasks\Backup.job
[2010/11/16 23:18:22 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/01 21:46:12 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
[2010/12/10 00:48:32 | 000,000,432 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{65ABE88B-16DD-4203-A00D-D6942105F857}.job
[2010/12/10 01:36:59 | 000,000,458 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B00AC911-3763-433C-9C12-42DDFF0686D4}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 498 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:C46995DA

< End of report >

Edited by Daryin, 11 December 2010 - 07:09 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP