Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

xp antispyware 2012 encounter [Closed]


  • This topic is locked This topic is locked

#1
lusterpants

lusterpants

    New Member

  • Member
  • Pip
  • 1 posts
Hi,
Yesterday my computer became infected by the xp antispyware 2012 virus. I was able to remove it or so I thought using malwarebytes. The computer seemed to be running fine after removal. However, I am encountering some issues today. Mainly, internet explorer cannont display page and firefox will not load pages either. I did leave my computer on while I was at work today and my five year old daughter "used" the computer today and used means jamming down on the keyboard repeatedly and so when I got home from work is when I was confronted with these. So I'm not sure if she did something to it or if I didn't fully eradicate the malware that was affecting my computer yesterday. I ran the otl program and here is the log produced from the scan:

OTL logfile created on: 1/2/2012 9:54:59 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = K:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

501.77 Mb Total Physical Memory | 221.29 Mb Available Physical Memory | 44.10% Memory free
1.20 Gb Paging File | 1.00 Gb Available in Paging File | 83.43% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 182.07 Gb Total Space | 106.30 Gb Free Space | 58.38% Space Free | Partition Type: NTFS
Drive D: | 4.23 Gb Total Space | 1.64 Gb Free Space | 38.80% Space Free | Partition Type: FAT32
Drive K: | 247.22 Mb Total Space | 178.40 Mb Free Space | 72.16% Space Free | Partition Type: FAT

Computer Name: YOUR-F81B4FD27F | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/02 21:52:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- K:\OTL.exe
PRC - [2011/11/04 19:02:45 | 005,960,560 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2011/10/17 08:24:18 | 000,244,960 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/07/29 02:30:30 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/07/29 02:30:28 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/07/29 02:30:28 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010/09/02 14:23:28 | 001,638,400 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2010/07/04 18:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\Samsung New PC Studio\NPSAgent.exe
PRC - [2009/12/03 12:05:08 | 001,701,224 | ---- | M] (Philips) -- C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe
PRC - [2009/11/30 07:17:57 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/01/29 04:11:16 | 000,254,600 | ---- | M] (Smilebox, Inc.) -- C:\Documents and Settings\Owner\Application Data\Smilebox\SmileboxTray.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/25 07:34:56 | 000,082,608 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 3400 Series\ezprint.exe
PRC - [2007/06/25 07:34:55 | 000,291,504 | ---- | M] () -- C:\Program Files\Lexmark 3400 Series\lxcymon.exe
PRC - [2006/12/06 17:49:58 | 000,315,392 | ---- | M] (Giant Telecom Ltd.) -- C:\Program Files\SkyLink\SKYLINK 2-in-1 Phone Utility\SKYLINK 2-in-1 Phone Utility.exe
PRC - [2006/05/10 12:26:42 | 000,278,528 | ---- | M] () -- C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe
PRC - [2004/10/18 15:05:12 | 000,135,168 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\shwiconEM.exe
PRC - [2004/09/24 19:06:46 | 002,559,488 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/09/23 20:27:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/06/09 14:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\WINDOWS\VM_STI.EXE
PRC - [2004/05/17 19:30:04 | 000,543,232 | ---- | M] () -- C:\WINDOWS\zHotkey.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/17 08:24:18 | 000,244,960 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
MOD - [2009/11/27 20:15:36 | 000,135,168 | ---- | M] () -- C:\Program Files\Philips\GoGear VIBE Device Manager\Scsi_nt.dll
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/06/25 07:34:55 | 000,291,504 | ---- | M] () -- C:\Program Files\Lexmark 3400 Series\lxcymon.exe
MOD - [2007/03/16 03:38:25 | 000,117,760 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxcypp5c.dll
MOD - [2006/11/22 07:05:12 | 000,012,288 | ---- | M] () -- C:\Program Files\Lexmark Fax Solutions\fxctrstr.dll
MOD - [2006/11/22 06:51:26 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\LXPRMON.DLL
MOD - [2006/11/22 06:49:18 | 000,032,768 | ---- | M] () -- C:\Program Files\Lexmark Fax Solutions\ipcmt.dll
MOD - [2006/08/08 12:54:18 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 3400 Series\lxcyscw.dll
MOD - [2006/05/25 13:20:44 | 000,241,664 | ---- | M] () -- C:\Program Files\Lexmark 3400 Series\iptk.dll
MOD - [2006/05/10 12:26:42 | 000,278,528 | ---- | M] () -- C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe
MOD - [2006/02/13 06:04:20 | 000,143,360 | ---- | M] () -- C:\Program Files\Lexmark 3400 Series\lxcydrec.dll
MOD - [2004/05/17 19:30:04 | 000,543,232 | ---- | M] () -- C:\WINDOWS\zHotkey.exe
MOD - [2001/07/02 21:36:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\HKNTDLL.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/17 08:24:18 | 000,244,960 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2011/07/29 02:30:30 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/07/29 02:30:28 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/02/28 17:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2008/02/13 20:49:12 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2005/07/15 13:38:33 | 000,139,264 | R--- | M] () [Auto | Stopped] -- C:\Program Files\MioNet\MioNetManager.exe -- (MioNet)


========== Driver Services (SafeList) ==========

DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/09/01 01:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/06/14 08:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/04/26 19:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2010/04/26 19:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2010/04/26 19:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2005/02/26 15:25:52 | 000,091,527 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM31b.sys -- (ZSMC301b)
DRV - [2004/10/20 12:39:32 | 000,040,724 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/10/18 15:05:12 | 000,042,968 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt39.sys -- (SunkFilt39)
DRV - [2004/09/24 19:14:40 | 002,276,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/06/17 15:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 15:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 15:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/03/17 16:10:40 | 000,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2001/08/17 13:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2790392
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@iWon.com/Plugin: C:\Program Files\iWon\bar\1.bin\NPjfStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/12/06 13:28:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2010/02/21 19:51:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\iWon\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/14 07:35:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/15 10:07:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Owner\Application Data\Move Networks [2010/02/02 12:56:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2010/10/03 14:38:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Owner\Application Data\IDM\idmmzcc5 [2011/10/25 16:06:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\Owner\Application Data\IDM\idmmzcc5 [2011/10/25 16:06:28 | 000,000,000 | ---D | M]

[2010/03/06 14:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/03/06 14:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\[email protected]
[2012/01/02 17:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions
[2011/10/06 19:26:39 | 000,000,000 | ---D | M] (ToggleEN Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}(2)
[2011/06/01 13:00:11 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/10/06 19:26:37 | 000,000,000 | ---D | M] (ShopToWin2) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{5835466c-49af-4cbe-b102-a8c8b6313749}(2)
[2011/10/06 19:26:36 | 000,000,000 | ---D | M] (Play Mario Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{61a58fc8-def1-4521-93b2-85c81404839a}(2)
[2011/12/19 17:01:26 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/10/06 19:26:41 | 000,000,000 | ---D | M] (AOL Messaging Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}(2)
[2010/12/17 18:22:37 | 000,000,000 | ---D | M] (Panda3D Game Engine Plug-In) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\[email protected]
[2010/09/19 10:59:36 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\[email protected]
[2011/11/14 07:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/15 08:53:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/11/14 07:35:45 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/06 17:18:35 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/10/15 08:53:34 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/06 17:18:37 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/11/14 07:35:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/14 07:35:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\npqmp071505000011.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: 3DVIA player (Enabled) = C:\Program Files\Virtools\3D Life Player\npvirtools.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2012/01/02 18:15:19 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Simppull Toolbar) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - C:\Program Files\simppulltoolbar\simppulltoolbar.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Simppull Toolbar) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - C:\Program Files\simppulltoolbar\simppulltoolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE (BIGDOG)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe ()
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [Google Updater] C:\Program Files\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [LXCYCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcymon.exe] C:\Program Files\Lexmark 3400 Series\lxcymon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [ShowWnd] C:\WINDOWS\ShowWnd.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconEM.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\SAMSUNG\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [SKYLINK 2-in-1 Phone Utility] C:\Program Files\SkyLink\SKYLINK 2-in-1 Phone Utility\SKYLINK 2-in-1 Phone Utility.exe (Giant Telecom Ltd.)
O4 - HKCU..\Run: [SmileboxTray] C:\Documents and Settings\Owner\Application Data\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk = C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TrayMin315.exe.lnk = C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmar...martActivia.cab (Snapfish Activia)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai...l/installer.exe (Virtools WebPlayer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DAB8ED17-BF2D-4771-B7AB-25EFBF4E29FA}: DhcpNameServer = 192.168.0.1 205.171.3.25
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Gateway.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Gateway.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/26 11:04:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/08/08 17:24:26 | 000,000,045 | -HS- | M] () - D:\autorun.inf.aug.8 -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/01 18:10:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/01/01 18:09:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/12/26 20:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2008/03/16 22:07:41 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyserv.dll
[2008/03/16 22:07:41 | 000,995,328 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyusb1.dll
[2008/03/16 22:07:41 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyinpa.dll
[2008/03/16 22:07:41 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyiesc.dll
[2008/03/16 22:07:41 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhcp.dll
[2008/03/16 22:07:40 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypmui.dll
[2008/03/16 22:07:40 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcylmpm.dll
[2008/03/16 22:07:40 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyprox.dll
[2008/03/16 22:07:40 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypplc.dll
[2008/03/16 22:07:39 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhbn3.dll
[2008/03/16 22:07:39 | 000,385,712 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyih.exe
[2008/03/16 22:07:38 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomc.dll
[2008/03/16 22:07:38 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomm.dll
[2008/03/16 22:07:38 | 000,381,616 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycfg.exe

========== Files - Modified Within 30 Days ==========

[2012/01/02 21:43:40 | 000,572,066 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/02 21:43:40 | 000,262,472 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/02 21:37:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/02 21:32:51 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/02 18:15:19 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/02 14:10:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3316625921-3142970554-1853782496-1003Core1cc7187503a7034.job
[2012/01/02 11:04:00 | 000,000,820 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/01/02 03:42:27 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/01 13:51:15 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/01/01 13:51:15 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/01 13:45:27 | 001,008,141 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\iExplore.exe
[2012/01/01 13:33:37 | 000,014,178 | -HS- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\qau448up1mkw15nn1v154t2vfiags6ju3mbad
[2012/01/01 13:33:37 | 000,014,178 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\qau448up1mkw15nn1v154t2vfiags6ju3mbad
[2011/12/30 18:52:22 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/26 18:05:58 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/24 20:55:20 | 000,000,261 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\fullscreen_1.png
[2011/12/21 10:16:13 | 000,296,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/01/01 13:51:15 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/01/01 13:51:15 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/01 13:45:26 | 001,008,141 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\iExplore.exe
[2012/01/01 12:25:58 | 000,014,178 | -HS- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\qau448up1mkw15nn1v154t2vfiags6ju3mbad
[2012/01/01 12:25:58 | 000,014,178 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\qau448up1mkw15nn1v154t2vfiags6ju3mbad
[2011/12/24 20:55:20 | 000,000,261 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\fullscreen_1.png
[2011/10/14 15:39:57 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/01 14:04:25 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/05/01 14:04:25 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/05/01 14:04:13 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\$_hpcst$.hpc
[2011/03/05 16:20:36 | 000,000,216 | -HS- | C] () -- C:\WINDOWS\WSYS049.SYS
[2010/10/03 18:09:10 | 000,000,015 | ---- | C] () -- C:\WINDOWS\dtx.ini
[2010/09/17 17:50:02 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010/09/13 17:08:55 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2008/10/01 15:43:31 | 000,000,006 | ---- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2008/10/01 15:42:04 | 002,732,032 | ---- | C] () -- C:\WINDOWS\System32\win32cpr.dll
[2008/10/01 15:42:04 | 001,564,771 | ---- | C] () -- C:\WINDOWS\System32\winsfltold.dll
[2008/10/01 15:42:03 | 001,212,416 | ---- | C] () -- C:\WINDOWS\System32\mdmcls32.exe
[2008/10/01 15:42:02 | 011,333,632 | ---- | C] () -- C:\WINDOWS\cfgmng32.exe
[2008/09/27 09:02:48 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/07/05 13:21:02 | 000,000,025 | ---- | C] () -- C:\WINDOWS\WebEasy.INI
[2008/06/15 19:55:53 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2008/06/10 15:49:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/04/13 12:35:41 | 000,226,816 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/16 22:10:42 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcyvs.dll
[2008/03/16 22:10:39 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxcycoin.dll
[2008/03/16 22:10:22 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcydrs.dll
[2008/03/16 22:10:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcycaps.dll
[2008/03/16 22:10:22 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcycnv4.dll
[2008/03/16 22:09:57 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2008/03/16 22:09:57 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2008/03/16 22:07:42 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\lxcyinst.dll
[2008/03/10 22:11:03 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/02/25 17:49:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/02/16 13:52:36 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/02/13 20:37:53 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/02/12 16:41:04 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2008/02/12 16:39:59 | 000,543,232 | ---- | C] () -- C:\WINDOWS\zHotkey.exe
[2008/02/12 16:39:59 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2008/02/12 16:39:59 | 000,036,864 | ---- | C] () -- C:\WINDOWS\ShowWnd.exe
[2008/02/12 16:39:59 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2008/02/12 16:13:16 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/02/12 16:11:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2008/02/12 16:11:01 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/02/12 16:11:01 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/02/12 16:03:57 | 000,518,520 | ---- | C] () -- C:\WINDOWS\vidres.exe
[2008/02/12 16:01:52 | 000,471,298 | ---- | C] () -- C:\WINDOWS\wallpg.exe
[2008/02/12 15:25:25 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2004/08/27 03:50:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/27 02:54:47 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2004/08/26 11:07:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/26 11:01:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/26 09:12:43 | 000,000,508 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/26 09:12:43 | 000,000,461 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 09:12:13 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/26 09:12:10 | 000,572,066 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/26 09:12:10 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/26 09:12:10 | 000,262,472 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/26 09:12:10 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/26 09:12:08 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/26 09:12:07 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/26 09:12:05 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/26 09:12:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/26 09:11:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/26 09:11:54 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/26 09:11:46 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/26 03:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/26 03:54:01 | 000,296,456 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/01/01 16:28:29 | 000,000,100 | ---- | C] () -- C:\WINDOWS\forevermopt.INI
[2004/01/01 16:28:13 | 000,000,314 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2004/01/01 15:05:12 | 000,092,400 | ---- | C] () -- C:\WINDOWS\ktkm7.dll
[2004/01/01 15:05:12 | 000,058,192 | ---- | C] () -- C:\WINDOWS\ktkm6.dll
[2004/01/01 15:05:12 | 000,055,186 | ---- | C] () -- C:\WINDOWS\ktkm5.dll
[2004/01/01 15:05:12 | 000,030,166 | ---- | C] () -- C:\WINDOWS\ktkm9.dll
[2004/01/01 15:05:11 | 000,268,621 | ---- | C] () -- C:\WINDOWS\ktkm33.dll
[2004/01/01 15:05:11 | 000,098,442 | ---- | C] () -- C:\WINDOWS\ktkm35.dll
[2004/01/01 15:05:11 | 000,082,542 | ---- | C] () -- C:\WINDOWS\ktkm37.dll
[2004/01/01 15:05:10 | 000,326,441 | ---- | C] () -- C:\WINDOWS\ktkm32.dll
[2004/01/01 15:05:10 | 000,197,408 | ---- | C] () -- C:\WINDOWS\ktkm29.dll
[2004/01/01 15:05:10 | 000,128,042 | ---- | C] () -- C:\WINDOWS\ktkm30.dll
[2004/01/01 15:05:10 | 000,116,841 | ---- | C] () -- C:\WINDOWS\ktkm26.dll
[2004/01/01 15:05:10 | 000,100,786 | ---- | C] () -- C:\WINDOWS\ktkm28.dll
[2004/01/01 15:05:10 | 000,081,427 | ---- | C] () -- C:\WINDOWS\ktkm31.dll
[2004/01/01 15:05:10 | 000,065,092 | ---- | C] () -- C:\WINDOWS\ktkm27.dll
[2004/01/01 15:05:09 | 000,538,410 | ---- | C] () -- C:\WINDOWS\ktkm20.dll
[2004/01/01 15:05:09 | 000,524,537 | ---- | C] () -- C:\WINDOWS\ktkm18.dll
[2004/01/01 15:05:09 | 000,370,880 | ---- | C] () -- C:\WINDOWS\ktkm22.dll
[2004/01/01 15:05:09 | 000,126,720 | ---- | C] () -- C:\WINDOWS\ktkm23.dll
[2004/01/01 15:05:09 | 000,070,888 | ---- | C] () -- C:\WINDOWS\ktkm19.dll
[2004/01/01 15:05:09 | 000,066,908 | ---- | C] () -- C:\WINDOWS\ktkm17.dll
[2004/01/01 15:05:09 | 000,064,070 | ---- | C] () -- C:\WINDOWS\ktkm21.dll
[2004/01/01 15:05:09 | 000,056,992 | ---- | C] () -- C:\WINDOWS\ktkm24.dll
[2004/01/01 15:05:09 | 000,049,094 | ---- | C] () -- C:\WINDOWS\ktkm25.dll
[2004/01/01 15:05:08 | 000,803,601 | ---- | C] () -- C:\WINDOWS\ktkm16.dll
[2004/01/01 15:05:08 | 000,524,164 | ---- | C] () -- C:\WINDOWS\ktkm12.dll
[2004/01/01 15:05:08 | 000,307,617 | ---- | C] () -- C:\WINDOWS\ktkm15.dll
[2004/01/01 15:05:08 | 000,209,936 | ---- | C] () -- C:\WINDOWS\ktkm14.dll
[2004/01/01 15:05:08 | 000,099,867 | ---- | C] () -- C:\WINDOWS\ktkm13.dll
[2004/01/01 15:05:08 | 000,096,166 | ---- | C] () -- C:\WINDOWS\ktkm1.dll
[2004/01/01 15:05:08 | 000,062,631 | ---- | C] () -- C:\WINDOWS\ktkm11.dll
[2004/01/01 15:05:08 | 000,058,015 | ---- | C] () -- C:\WINDOWS\ktkm10.dll
[1997/06/13 18:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2009/04/20 11:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2012/01/02 18:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/30 12:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BackToTheBeach
[2009/04/20 11:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/10/03 14:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2011/05/01 13:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/10/12 20:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/08/20 19:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/01/17 18:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AICPA
[2009/04/20 11:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Avanquest
[2011/05/30 12:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BackToTheBeach
[2012/01/02 21:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitTorrent
[2011/11/06 19:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2009/10/25 09:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1
[2011/11/23 14:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DMCache
[2011/10/06 18:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FCSB000063945
[2011/11/06 13:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2011/10/21 10:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gtk-2.0
[2011/11/19 16:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\IDM
[2010/06/23 19:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\KompoZer
[2010/06/23 19:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\kompozer.net
[2008/02/12 16:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2011/05/01 14:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Samsung
[2010/10/03 17:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\simppulltoolbar
[2011/03/20 07:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Smilebox
[2008/05/29 07:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Snapfish
[2011/09/14 20:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Temp
[2008/06/15 19:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2008/02/28 20:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Walgreens
[2010/10/03 14:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WeatherBug

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    SRV - [2011/10/17 08:24:18 | 000,244,960 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2790392
    IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
    FF - HKLM\Software\MozillaPlugins\@iWon.com/Plugin: C:\Program Files\iWon\bar\1.bin\NPjfStub.dll File not found
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\iWon\bar\1.bin
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2010/10/03 14:38:41 | 000,000,000 | ---D | M]
    [2011/10/06 19:26:39 | 000,000,000 | ---D | M] (ToggleEN Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}(2)
    [2011/10/06 19:26:37 | 000,000,000 | ---D | M] (ShopToWin2) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{5835466c-49af-4cbe-b102-a8c8b6313749}(2)
    [2011/10/06 19:26:36 | 000,000,000 | ---D | M] (Play Mario Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{61a58fc8-def1-4521-93b2-85c81404839a}(2)
    [2011/12/19 17:01:26 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
    [2010/09/19 10:59:36 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bnv22n3t.default\extensions\[email protected]
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
    O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
    O2 - BHO: (Simppull Toolbar) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - C:\Program Files\simppulltoolbar\simppulltoolbar.dll ()
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
    O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Simppull Toolbar) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - C:\Program Files\simppulltoolbar\simppulltoolbar.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
    [2011/12/26 20:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
    [2012/01/01 13:45:27 | 001,008,141 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\iExplore.exe
    [2012/01/01 13:33:37 | 000,014,178 | -HS- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\qau448up1mkw15nn1v154t2vfiags6ju3mbad
    [2012/01/01 13:33:37 | 000,014,178 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\qau448up1mkw15nn1v154t2vfiags6ju3mbad
    [2011/10/06 18:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FCSB000063945
    [2010/10/03 17:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\simppulltoolbar
    
    :Services
    
    :Reg
    
    :Files
    ipconfig /flushdns /c
    C:\Program Files\StartNow Toolbar
    C:\Program Files\BitTorrentBar
    C:\Program Files\iWon
    C:\Program Files\PriceGong
    C:\Program Files\ConduitEngine
    C:\Program Files\simppulltoolbar
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the ComboFix log in your next reply as well as describe how your computer is running now
  • 0

#3
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP