Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer Freezing and rebooting


  • Please log in to reply

#31
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
Disable Spybot's TeaTimer to make sure it won't interfere with fixes. You can re-enable it when you're clean again:

* Run Spybot-S&D in Advanced Mode
* If it is not already set to do this, go to the Mode menu
select
Advanced Mode
* On the left hand side, click on Tools
* Then click on the Resident icon in the list
* Uncheck
Resident TeaTimer
and OK any prompts.
* Restart your computer

Uninstall
Yahoo Toolbar


Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:Services
NisSrv
MsMpSvc

:OTL
SRV - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)

:files
c:\Program Files\Microsoft Security Client
sc config MsMpEng.exe start= disabled /c
sc config NisSrv start= disabled /c
C:\Windows\System32\drivers\NisDrvWFP.sys
C:\Windows\System32\drivers\MpNWMon.sys
     
:Commands
[RESETHOSTS]
[EMPTYJAVA]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Run OTL, Quickscan and post the log.
  • 0

Advertisements


#32
Raven.Drive.mom

Raven.Drive.mom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
OTL logfile created on: 11/14/2011 4:48:44 PM - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Eleanor\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.70 Gb Available Physical Memory | 35.24% Memory free
4.23 Gb Paging File | 2.55 Gb Available in Paging File | 60.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.30 Gb Total Space | 157.43 Gb Free Space | 71.46% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 2.98 Gb Free Space | 29.80% Space Free | Partition Type: NTFS
Drive E: | 3.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ELEANOR-PC | User Name: Eleanor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/25 11:31:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Eleanor\Desktop\OTL.exe
PRC - [2011/10/24 14:42:24 | 000,161,336 | ---- | M] (Google) -- C:\Users\Eleanor\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/10/20 16:02:55 | 004,615,552 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/09/19 10:09:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/09/06 15:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/05/25 15:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eleanor\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/01/17 17:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 17:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/24 15:10:13 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/02 12:48:22 | 000,139,264 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/01/22 18:22:20 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2008/11/13 12:17:38 | 000,439,616 | ---- | M] () -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/01/01 23:37:16 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2008/01/01 23:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2008/01/01 23:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/12/03 00:58:54 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/11/01 16:39:28 | 000,189,736 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/09/24 04:27:38 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/24 04:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/24 04:27:28 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/24 04:27:28 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2006/11/27 10:14:52 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
PRC - [2006/11/03 18:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/11/03 18:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/14 14:09:56 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/11/14 14:09:55 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/10/23 22:25:52 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/09/19 11:37:23 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/05/18 14:20:11 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2006/12/10 20:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006/12/10 20:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2006/11/20 14:29:10 | 000,101,376 | ---- | M] () -- C:\Windows\System32\APOMngr.dll
MOD - [2006/11/13 11:07:34 | 000,066,560 | ---- | M] () -- C:\Windows\System32\CmdRtr.dll
MOD - [2006/11/03 18:46:24 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2006/11/03 18:25:56 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - [2011/09/19 10:09:04 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009/01/22 18:22:20 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/11/13 12:17:38 | 000,439,616 | ---- | M] () [Auto | Running] -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/01 23:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/01 23:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV - [2011/09/19 10:09:01 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/19 10:09:01 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/09/06 15:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 15:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 15:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 15:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 15:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 15:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/28 18:27:08 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/08/12 06:13:32 | 000,160,272 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2009/08/12 06:13:32 | 000,113,680 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUWWAN.sys -- (PTDUWWAN)
DRV - [2009/08/12 06:13:32 | 000,054,416 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2009/08/12 06:13:28 | 000,160,272 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUVsp.sys -- (PTDUVsp)
DRV - [2009/08/12 06:13:28 | 000,011,920 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUWFLT.sys -- (PTDUWFLT)
DRV - [2009/05/25 14:43:58 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2009/04/23 15:51:18 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2008/06/23 07:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/01/01 23:37:18 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/12/03 00:59:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/12/03 00:58:50 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/25 03:40:58 | 007,617,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/09/24 04:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/08/13 04:44:26 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2006/11/27 02:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 02:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 02:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFree.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mail.google....l/?shva=1#inbox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Eleanor\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Eleanor\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Eleanor\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Eleanor\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Eleanor\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\PayPal\PayPal Plug-In [2009/07/01 19:12:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/10/28 02:06:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Eleanor\AppData\Roaming\Move Networks [2010/04/15 14:48:33 | 000,000,000 | ---D | M]

[2009/03/09 22:56:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eleanor\AppData\Roaming\Mozilla\Extensions
[2009/03/09 22:56:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eleanor\AppData\Roaming\Mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Eleanor\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Eleanor\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Eleanor\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Eleanor\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Eleanor\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Eleanor\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Eleanor\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/11/14 11:37:42 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFree.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (OToolbarHelper Class) - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll ()
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (PayPal Plug-In) - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Free TV Bar c3 Toolbar) - {3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3} - C:\Program Files\Free_TV_Bar_c3\tbFree.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Eleanor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Eleanor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Eleanor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42B0BD43-60C3-47FB-9C7E-292BE013B0A5}: NameServer = 66.174.95.44 69.78.96.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90A8B256-62D3-4693-BA2E-468926491517}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C227C1FB-8BB0-4A3E-8A16-8B1ABF41F118}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Eleanor\Pictures\IMG00003-20100627-2039.jpg
O24 - Desktop BackupWallPaper: C:\Users\Eleanor\Pictures\IMG00003-20100627-2039.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/01/19 15:00:00 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/10 17:10:50 | 000,000,000 | ---D | C] -- C:\802e3a9706177c25a3
[2011/11/08 12:25:03 | 000,000,000 | ---D | C] -- C:\Users\Eleanor\Desktop\logs
[2011/11/03 11:58:24 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2011/11/02 15:47:47 | 000,061,440 | ---- | C] ( ) -- C:\Users\Eleanor\Desktop\VEW.exe
[2011/11/01 21:42:58 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/11/01 21:42:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/11/01 21:42:57 | 000,320,856 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/11/01 21:42:53 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/11/01 21:42:52 | 000,052,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/11/01 21:42:51 | 000,442,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/11/01 21:42:51 | 000,054,616 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/11/01 21:41:26 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/11/01 21:41:25 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/11/01 20:55:49 | 000,000,000 | -HSD | C] -- C:\found.003
[2011/11/01 20:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/11/01 20:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/10/31 11:51:50 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Eleanor\Desktop\aswMBR.exe
[2011/10/31 11:35:08 | 000,000,000 | -HSD | C] -- C:\found.002
[2011/10/31 11:25:42 | 001,564,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Eleanor\Desktop\tdsskiller.exe
[2011/10/31 11:19:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/31 10:47:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/10/31 10:47:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/10/31 10:47:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/10/31 10:47:06 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/10/31 10:47:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/31 10:45:19 | 004,278,520 | R--- | C] (Swearware) -- C:\Users\Eleanor\Desktop\ComboFix.exe
[2011/10/31 09:43:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/10/25 11:30:47 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Eleanor\Desktop\OTL.exe
[2011/10/25 09:00:36 | 000,000,000 | ---D | C] -- C:\found.001
[2011/10/21 11:37:37 | 000,000,000 | ---D | C] -- C:\found.000

========== Files - Modified Within 30 Days ==========

[2011/11/14 16:48:38 | 006,779,686 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/14 16:48:38 | 002,313,476 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/14 16:47:33 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-846242405-2255293798-2596077637-1000UA.job
[2011/11/14 16:47:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/14 15:20:29 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 15:20:29 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 14:21:40 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-846242405-2255293798-2596077637-1000Core.job
[2011/11/14 14:08:01 | 000,027,525 | ---- | M] () -- C:\Users\Eleanor\AppData\Roaming\nvModes.001
[2011/11/14 11:38:57 | 2143,379,456 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/14 11:38:00 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/11/14 11:37:42 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/11/13 22:25:21 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\FixIt_F66956F4-B17B-4115-BBB0-D431EB5C3051.job
[2011/11/13 22:25:20 | 000,005,452 | ---- | M] () -- C:\FixitRegBackup.reg
[2011/11/13 19:57:08 | 000,044,544 | ---- | M] () -- C:\Users\Eleanor\Desktop\Listing Contest1.pdf
[2011/11/13 19:43:42 | 000,015,823 | ---- | M] () -- C:\Users\Eleanor\Desktop\listingcontestrevisedattachments.zip
[2011/11/13 19:29:58 | 000,002,054 | ---- | M] () -- C:\Users\Eleanor\Desktop\Google Chrome.lnk
[2011/11/13 19:29:58 | 000,002,016 | ---- | M] () -- C:\Users\Eleanor\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/10 17:21:33 | 310,459,583 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/09 12:39:42 | 000,027,648 | ---- | M] () -- C:\Users\Eleanor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/08 16:38:10 | 000,468,528 | ---- | M] () -- C:\Users\Eleanor\Desktop\Quik Jon Installation Instructions.pdf
[2011/11/08 16:35:00 | 000,739,954 | ---- | M] () -- C:\Users\Eleanor\Desktop\Pump.pdf
[2011/11/06 21:25:20 | 000,302,592 | ---- | M] () -- C:\Users\Eleanor\Desktop\ylqps2mz.exe
[2011/11/04 08:41:50 | 000,365,945 | ---- | M] () -- C:\Users\Eleanor\Desktop\stmt-1545962[1].pdf
[2011/11/04 08:41:26 | 000,431,989 | ---- | M] () -- C:\Users\Eleanor\Desktop\stmt-1483980[1].pdf
[2011/11/02 15:47:49 | 000,061,440 | ---- | M] ( ) -- C:\Users\Eleanor\Desktop\VEW.exe
[2011/11/01 21:42:59 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/11/01 21:42:51 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/11/01 20:30:27 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/11/01 20:12:10 | 059,854,808 | ---- | M] () -- C:\Users\Eleanor\Desktop\setup_av_free_cnet.exe
[2011/10/31 11:51:51 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Eleanor\Desktop\aswMBR.exe
[2011/10/31 11:25:46 | 001,564,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Eleanor\Desktop\tdsskiller.exe
[2011/10/31 10:45:31 | 004,278,520 | R--- | M] (Swearware) -- C:\Users\Eleanor\Desktop\ComboFix.exe
[2011/10/31 09:23:15 | 000,298,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/10/25 11:31:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Eleanor\Desktop\OTL.exe
[2011/10/24 18:09:36 | 000,042,374 | ---- | M] () -- C:\Users\Eleanor\Documents\190935.jpg
[2011/10/24 18:09:02 | 000,068,486 | ---- | M] () -- C:\Users\Eleanor\Documents\190900.jpg
[2011/10/24 18:08:39 | 000,044,394 | ---- | M] () -- C:\Users\Eleanor\Documents\190837.jpg
[2011/10/24 18:08:12 | 000,032,974 | ---- | M] () -- C:\Users\Eleanor\Documents\190811.jpg
[2011/10/23 21:25:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/10/23 21:25:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

========== Files Created - No Company Name ==========

[2011/11/13 22:25:21 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\FixIt_F66956F4-B17B-4115-BBB0-D431EB5C3051.job
[2011/11/13 21:17:16 | 000,005,452 | ---- | C] () -- C:\FixitRegBackup.reg
[2011/11/13 19:57:06 | 000,044,544 | ---- | C] () -- C:\Users\Eleanor\Desktop\Listing Contest1.pdf
[2011/11/13 19:43:35 | 000,015,823 | ---- | C] () -- C:\Users\Eleanor\Desktop\listingcontestrevisedattachments.zip
[2011/11/08 16:38:09 | 000,468,528 | ---- | C] () -- C:\Users\Eleanor\Desktop\Quik Jon Installation Instructions.pdf
[2011/11/08 16:34:59 | 000,739,954 | ---- | C] () -- C:\Users\Eleanor\Desktop\Pump.pdf
[2011/11/06 21:25:19 | 000,302,592 | ---- | C] () -- C:\Users\Eleanor\Desktop\ylqps2mz.exe
[2011/11/04 08:41:50 | 000,365,945 | ---- | C] () -- C:\Users\Eleanor\Desktop\stmt-1545962[1].pdf
[2011/11/04 08:41:26 | 000,431,989 | ---- | C] () -- C:\Users\Eleanor\Desktop\stmt-1483980[1].pdf
[2011/11/01 21:42:59 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/11/01 20:12:09 | 059,854,808 | ---- | C] () -- C:\Users\Eleanor\Desktop\setup_av_free_cnet.exe
[2011/10/31 10:47:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/10/31 10:47:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/10/31 10:47:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/10/31 10:47:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/10/31 10:47:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/25 09:16:08 | 2143,379,456 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/24 18:11:54 | 000,068,486 | ---- | C] () -- C:\Users\Eleanor\Documents\190900.jpg
[2011/10/24 18:11:54 | 000,044,394 | ---- | C] () -- C:\Users\Eleanor\Documents\190837.jpg
[2011/10/24 18:11:54 | 000,042,374 | ---- | C] () -- C:\Users\Eleanor\Documents\190935.jpg
[2011/10/24 18:11:54 | 000,032,974 | ---- | C] () -- C:\Users\Eleanor\Documents\190811.jpg
[2011/10/23 21:25:17 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/10/23 21:25:17 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/10/07 20:06:56 | 000,000,552 | ---- | C] () -- C:\Users\Eleanor\AppData\Local\d3d8caps.dat
[2011/05/23 06:56:31 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2010/12/16 21:08:45 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/12/16 21:08:44 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/12/16 21:08:44 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/12/16 21:08:44 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/12/16 21:08:44 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/12/16 21:08:44 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/12/16 21:08:44 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/12/16 21:08:44 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/12/16 21:08:44 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/12/16 21:08:44 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/12/16 21:08:44 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/12/16 21:08:44 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/12/16 21:08:44 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/12/16 21:08:44 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/12/16 21:08:44 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/12/16 21:08:44 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/12/16 21:06:39 | 000,000,044 | ---- | C] () -- C:\Windows\EPSPR280.ini
[2010/08/08 15:45:11 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe
[2010/08/03 18:58:19 | 000,000,004 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\D1B35E
[2010/08/03 18:58:18 | 000,870,128 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\mcs.rma
[2010/05/05 07:48:34 | 000,135,110 | ---- | C] () -- C:\Windows\hpwins10.dat.temp
[2010/05/05 07:48:34 | 000,001,042 | ---- | C] () -- C:\Windows\hpwmdl10.dat.temp
[2010/05/05 07:48:19 | 000,010,385 | ---- | C] () -- C:\Windows\hpwscr10.dat
[2010/05/05 07:48:19 | 000,001,042 | ---- | C] () -- C:\Windows\hpwmdl10.dat
[2009/11/09 21:31:57 | 000,148,929 | ---- | C] () -- C:\Windows\hpoins19.dat
[2009/11/09 21:31:37 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2009/11/06 14:31:15 | 000,155,648 | ---- | C] () -- C:\Windows\System32\hpsfs.dll
[2009/11/04 16:51:46 | 000,000,165 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2009/09/18 06:27:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/18 06:27:32 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/04/14 18:22:33 | 000,134,266 | ---- | C] () -- C:\Windows\hpwins10.dat
[2009/02/17 20:42:59 | 000,007,592 | ---- | C] () -- C:\Users\Eleanor\AppData\Local\d3d9caps.dat
[2009/01/31 09:16:10 | 000,027,525 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\nvModes.001
[2009/01/31 02:40:44 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/29 21:30:14 | 000,027,525 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\nvModes.dat
[2009/01/28 22:13:40 | 000,009,926 | ---- | C] () -- C:\Users\Eleanor\AppData\Roaming\wklnhst.dat
[2009/01/28 21:50:46 | 000,027,648 | ---- | C] () -- C:\Users\Eleanor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/23 01:55:35 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2009/01/22 18:28:52 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/01/22 18:22:57 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2009/01/22 18:22:56 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2009/01/22 18:22:56 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2009/01/22 18:04:00 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/04/09 17:00:30 | 000,053,478 | ---- | C] () -- C:\Windows\mvtcpui.ini
[2008/02/19 01:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\System32\OpenQuicktimeLib.dll
[2008/02/07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hppatusg01.dll
[2007/07/25 17:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2007/01/03 07:10:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/10 08:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/03 18:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,298,952 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 006,779,686 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 002,313,476 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2009/08/20 22:03:49 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\Auslogics
[2010/05/05 07:32:10 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/14 14:09:53 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\Dropbox
[2010/12/17 18:02:07 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\Leadertech
[2011/07/03 15:56:17 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\LimeWire
[2010/05/07 16:05:08 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\OpenOffice.org
[2010/04/22 20:56:20 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\Research In Motion
[2010/04/07 09:32:56 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\Smith Micro
[2011/11/12 22:29:13 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\Spotify
[2009/01/28 22:13:55 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\Template
[2009/02/14 17:02:19 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\tmp
[2009/04/13 17:51:39 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\TokBox-Desktop.140E496FAF651FC6D79F73D360E855D4667C7B11.1
[2011/06/21 10:01:59 | 000,000,000 | ---D | M] -- C:\Users\Eleanor\AppData\Roaming\webex
[2011/11/13 22:25:21 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\FixIt_F66956F4-B17B-4115-BBB0-D431EB5C3051.job
[2011/11/14 11:38:04 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:14DAD114
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:223BB3A1

< End of report >
  • 0

#33
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
repeat the event clearing and Vino's.
  • 0

#34
Raven.Drive.mom

Raven.Drive.mom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 15/11/2011 6:21:11 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/11/2011 11:17:09 PM
Type: Warning Category: 0
Event: 4 Source: b57nd60x
Broadcom NetLink ™ Fast Ethernet: The network link is down. Check to make sure the network cable is properly connected.

Log: 'System' Date/Time: 15/11/2011 11:16:20 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/11/2011 11:16:20 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll



Vino's Event Viewer v01c run on Windows Vista in English
Report run at 15/11/2011 6:26:33 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 15/11/2011 11:23:12 PM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Log: 'Application' Date/Time: 15/11/2011 11:23:12 PM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 15/11/2011 11:16:05 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-846242405-2255293798-2596077637-1000_Classes:
Process 220 (\Device\HarddiskVolume3\Windows\System32\spoolsv.exe) has opened key \REGISTRY\USER\S-1-5-21-846242405-2255293798-2596077637-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
  • 0

#35
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
We got rid of that error. There are some new errors but I don't think they are anything to worry about. How is it running now?

Ron
  • 0

#36
Raven.Drive.mom

Raven.Drive.mom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Seems to be fine now.
  • 0

#37
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
We need to cleanup System Restore:

Copy the following:

:Commands
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

Right click on OTL and Run As Administrator. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.

That will get the last of the malware off the system.



You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, All Programs, Accessories then right click on Command Prompt and Run As Administrator.
then right click, Paste, then hit Enter.

OTL has a cleanup tab if you go there it will remove itself and its logs.

To hide hidden files again (OTL may do it for you):

Vista or Win7

# Open the Control Panel menu and click Folder Options.
# After the new window appears select the View tab.
# Remove the check in the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the radio button labeled Do not Show hidden files and folders.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. Exception is MSN messenger which appears to be part of Windows.)
If you get a blocked program notice after installing updatechecker then change it to not run at start then manually run it once a week.

If you use Firefox then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: http://simple-adblock.com/
The free version only blocks 200 ads a day so another reason to use Firefox or Chrome.

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . You can run it any time that Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.


If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0

#38
Raven.Drive.mom

Raven.Drive.mom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Thank you Ron. I will you all of that. Should I reinstall MalwareBytes?
  • 0

#39
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
You can if you want to. Unless you pay for it it does not update on its own but you can manually update it and run a quickscan once in a while just to be safe.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP