Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I don't know what I have, it's malware please read! [Solve

Started by Bigbug12 , Nov 20 2012 06:44 PM

  • This topic is locked This topic is locked

#31
Bigbug12
Posted 02 December 2012 - 10:17 AM

Bigbug12

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
OTL logfile created on: 12/2/2012 8:04:37 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Walt\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 42.85% Memory free
6.13 Gb Paging File | 4.52 Gb Available in Paging File | 73.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 112.59 Gb Total Space | 90.32 Gb Free Space | 80.22% Space Free | Partition Type: NTFS
Drive D: | 185.37 Gb Total Space | 185.26 Gb Free Space | 99.94% Space Free | Partition Type: NTFS

Computer Name: WALT-PC | User Name: Walt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/02 07:59:55 | 000,752,128 | ---- | M] () -- C:\Users\Walt\Downloads\RogueKiller.exe
PRC - [2012/12/02 07:41:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Walt\Downloads\OTL.exe
PRC - [2012/12/01 18:15:01 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
PRC - [2012/11/06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/10/24 09:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:06 | 000,329,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcfgex.exe
PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2008/01/20 18:25:29 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
PRC - [2008/01/20 18:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/20 18:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/01 18:15:01 | 014,586,808 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_110.dll
MOD - [2012/12/01 17:06:20 | 001,687,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3106.38542__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012/12/01 17:06:20 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3106.38494__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:20 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3106.38558__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012/12/01 17:06:20 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3106.38756__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3106.38533__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012/12/01 17:06:20 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3106.38664__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3106.38517__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:19 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3106.38798__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012/12/01 17:06:19 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3106.38724__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:19 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3106.38795__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:19 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3106.38805__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:19 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3106.38731__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012/12/01 17:06:19 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3106.38510__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:19 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3106.38714__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:19 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3106.38723__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:19 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3106.38795__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:16 | 000,806,912 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3106.38668__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:16 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3106.38573__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:16 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3106.38657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:16 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3106.38519__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:16 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3106.38746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012/12/01 17:06:16 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3106.38706__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:16 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3106.38579__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2012/12/01 17:06:16 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3106.38565__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:16 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3106.38689__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:16 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3106.38667__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:16 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3106.38578__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:16 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3106.38687__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:16 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3106.38704__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:15 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3106.38666__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012/12/01 17:06:15 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3106.38665__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3106.38667__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012/12/01 17:06:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3091.17968__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012/12/01 17:06:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3091.17961__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012/12/01 17:06:15 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3091.17980__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012/12/01 17:06:15 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3091.18004__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012/12/01 17:06:15 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3091.17978__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012/12/01 17:06:15 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3091.18004__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012/12/01 17:06:14 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3091.17957__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012/12/01 17:06:14 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012/12/01 17:06:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3091.17954__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012/12/01 17:06:14 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3091.17956__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012/12/01 17:06:14 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3091.18035__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012/12/01 17:06:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3091.17981__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2012/12/01 17:06:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3091.17970__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012/12/01 17:06:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3091.17968__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012/12/01 17:06:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3091.17961__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012/12/01 17:06:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3091.17977__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012/12/01 17:06:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3091.17980__90ba9c70f846762e\DEM.OS.dll
MOD - [2012/12/01 17:06:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012/12/01 17:06:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3091.17981__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012/12/01 17:06:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012/12/01 17:06:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3091.17967__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012/12/01 17:06:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3091.17987__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012/12/01 17:06:14 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012/12/01 17:06:13 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3091.17993__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3091.17970__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3091.17992__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3091.18001__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3091.17992__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3091.17976__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3091.18001__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3091.17988__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3091.17982__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3091.17979__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3091.17991__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3091.17983__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012/12/01 17:06:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3091.17982__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012/12/01 17:06:12 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3106.38526__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012/12/01 17:06:12 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3106.38785__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012/12/01 17:06:12 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3106.38782__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012/12/01 17:06:12 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3106.38488__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012/12/01 17:06:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3091.17979__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012/12/01 17:06:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3106.38822__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012/12/01 17:06:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3091.17961__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012/12/01 17:06:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3091.17965__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012/12/01 17:06:12 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3091.17978__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012/12/01 17:06:12 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2012/12/01 17:06:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3091.17977__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012/12/01 17:06:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3091.17977__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012/12/01 17:06:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3091.17963__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2012/12/01 17:06:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3091.17968__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012/12/01 17:06:12 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012/12/01 17:06:12 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012/12/01 17:06:12 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3106.38837__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2012/12/01 17:06:12 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3106.38485__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012/12/01 17:06:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3106.38485__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012/12/01 17:06:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3091.17977__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012/12/01 17:06:10 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3106.38503__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012/12/01 17:06:10 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3106.38486__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2012/12/01 17:06:10 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3106.38482__90ba9c70f846762e\APM.Server.dll
MOD - [2012/12/01 17:06:10 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3106.38484__90ba9c70f846762e\AEM.Server.dll
MOD - [2012/12/01 17:06:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3091.17970__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012/12/01 17:06:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012/12/01 17:06:10 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3106.38784__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2012/12/01 17:06:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3091.17993__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2012/10/24 09:50:39 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008/07/03 23:37:36 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008/01/20 18:52:50 | 013,193,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\45ee94a63c463b93e3ff694c6ecd0820\System.Windows.Forms.ni.dll
MOD - [2008/01/20 18:52:15 | 001,667,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a35f567c4c67d6b1ca9a0023852847a2\System.Drawing.ni.dll
MOD - [2008/01/20 18:52:13 | 012,513,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\369cdfcbaefd8f28200e295c26c2141f\System.Web.ni.dll
MOD - [2008/01/20 18:52:00 | 000,815,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8fe7232e97fdf63c6b146e93f432d7d7\System.Runtime.Remoting.ni.dll
MOD - [2008/01/20 18:51:50 | 005,771,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\02cf61328d59df9b3ec09544f449a781\System.Xml.ni.dll
MOD - [2008/01/20 18:51:43 | 001,011,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15366cc16c2550064601b5167821667d\System.Configuration.ni.dll
MOD - [2008/01/20 18:51:40 | 008,265,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll
MOD - [2008/01/20 18:51:31 | 011,722,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll
MOD - [2008/01/20 18:51:31 | 000,027,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e2170385d6492ce6539124c5a3b361a8\Accessibility.ni.dll


========== Services (SafeList) ==========

SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/11/06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/24 09:50:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2008/01/20 18:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Walt\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/12/02 08:00:11 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2008/09/19 01:03:00 | 000,277,440 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2008/07/04 02:35:40 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/06/16 20:34:38 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Dell\MediaDirect\000.fcl -- ({2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7})
DRV - [2008/06/03 17:30:22 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/21 04:36:12 | 003,663,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008/02/15 18:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/07/30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/01 17:41:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/12/01 17:41:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Walt\AppData\Roaming\Mozilla\Extensions
[2012/12/01 17:41:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/24 09:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/24 09:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/24 09:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.116.46.115 24.205.192.61 24.205.224.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE53408D-E1CC-4C8C-8EB3-CBC0C9467378}: DhcpNameServer = 68.116.46.115 24.205.192.61 24.205.224.36
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/02 07:55:41 | 000,000,000 | ---D | C] -- C:\Users\Walt\Desktop\RK_Quarantine
[2012/12/02 07:12:57 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/12/02 07:12:57 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Local\temp
[2012/12/02 07:12:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/12/02 07:06:26 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/12/02 07:06:26 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/12/02 07:06:26 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/12/02 07:05:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/02 07:05:17 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/12/01 19:18:21 | 000,000,000 | ---D | C] -- C:\Users\Walt\Desktop\Pics Kodak
[2012/12/01 18:15:23 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\Macromedia
[2012/12/01 18:15:23 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Local\Macromedia
[2012/12/01 18:15:23 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\Adobe
[2012/12/01 18:14:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012/12/01 18:11:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/12/01 17:56:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/12/01 17:43:54 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\Skype
[2012/12/01 17:43:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/12/01 17:43:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/12/01 17:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/12/01 17:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/12/01 17:41:49 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\Mozilla
[2012/12/01 17:41:49 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Local\Mozilla
[2012/12/01 17:41:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/12/01 17:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/12/01 17:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/12/01 17:40:19 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\Malwarebytes
[2012/12/01 17:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/01 17:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/12/01 17:40:08 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/12/01 17:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/12/01 17:37:34 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\AVG2013
[2012/12/01 17:36:36 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\TuneUp Software
[2012/12/01 17:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/12/01 17:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/12/01 17:36:14 | 000,000,000 | ---D | C] -- C:\$AVG
[2012/12/01 17:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/12/01 17:33:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/12/01 17:33:23 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Local\MFAData
[2012/12/01 17:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/12/01 17:33:23 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Local\Avg2013
[2012/12/01 17:28:17 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Local\MediaDirect
[2012/12/01 17:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2012/12/01 17:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/12/01 17:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2012/12/01 17:14:46 | 000,000,000 | ---D | C] -- C:\Windows\CtDrvInstall
[2012/12/01 17:14:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2012/12/01 17:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2012/12/01 17:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Reallusion
[2012/12/01 17:13:49 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\InstallShield
[2012/12/01 17:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
[2012/12/01 17:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Webcam
[2012/12/01 17:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Creative Live! Cam
[2012/12/01 17:10:44 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\ATI
[2012/12/01 17:10:44 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Local\ATI
[2012/12/01 17:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/12/01 17:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/12/01 17:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/12/01 17:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/12/01 16:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/12/01 16:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/12/01 16:07:32 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\System32\rixdicon.dll
[2012/12/01 16:07:32 | 000,046,592 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2012/12/01 16:07:32 | 000,043,008 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2012/12/01 16:07:32 | 000,038,400 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2012/12/01 16:07:31 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/12/01 16:07:16 | 000,000,000 | ---D | C] -- C:\dell
[2012/12/01 16:05:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2012/12/01 16:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012/12/01 15:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
[2012/12/01 15:50:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2012/12/01 15:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2012/12/01 15:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft FrontPage
[2012/12/01 15:48:31 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\Microsoft Web Folders
[2012/12/01 15:48:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/12/01 15:46:45 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/12/01 14:43:37 | 000,000,000 | R--D | C] -- C:\Users\Walt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/12/01 14:43:37 | 000,000,000 | R--D | C] -- C:\Users\Walt\Searches
[2012/12/01 14:43:37 | 000,000,000 | R--D | C] -- C:\Users\Walt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/12/01 14:43:28 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\Identities
[2012/12/01 14:43:27 | 000,000,000 | R--D | C] -- C:\Users\Walt\Contacts
[2012/12/01 14:43:25 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Local\VirtualStore
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\AppData\Local\Temporary Internet Files
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\Templates
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\Start Menu
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\SendTo
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\Recent
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\PrintHood
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\NetHood
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\Documents\My Videos
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\Documents\My Pictures
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\Documents\My Music
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\My Documents
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\Local Settings
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\AppData\Local\History
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\Cookies
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\Application Data
[2012/12/01 14:43:21 | 000,000,000 | -HSD | C] -- C:\Users\Walt\AppData\Local\Application Data
[2012/12/01 14:43:20 | 000,000,000 | --SD | C] -- C:\Users\Walt\AppData\Roaming\Microsoft
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\Videos
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\Saved Games
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\Pictures
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\Music
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\Links
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\Favorites
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\Downloads
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\Documents
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\Desktop
[2012/12/01 14:43:20 | 000,000,000 | R--D | C] -- C:\Users\Walt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/12/01 14:43:20 | 000,000,000 | -H-D | C] -- C:\Users\Walt\AppData
[2012/12/01 14:43:20 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Local\Microsoft
[2012/12/01 14:43:20 | 000,000,000 | ---D | C] -- C:\Users\Walt\AppData\Roaming\Media Center Programs
[2012/12/01 14:41:06 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2012/12/01 14:25:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/12/01 14:21:34 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/12/01 14:21:22 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/12/01 14:20:32 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/12/01 14:20:17 | 000,000,000 | ---D | C] -- C:\Boot
[2012/12/01 14:19:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM

========== Files - Modified Within 30 Days ==========

[2012/12/02 08:00:11 | 000,014,336 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/12/02 07:55:14 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/02 07:55:14 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/02 07:00:35 | 000,001,680 | ---- | M] () -- C:\Users\Walt\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk
[2012/12/02 06:29:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/01 17:43:43 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/12/01 17:41:40 | 000,000,870 | ---- | M] () -- C:\Users\Walt\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/12/01 17:40:09 | 000,000,930 | ---- | M] () -- C:\Users\Walt\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/12/01 17:34:19 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/01 17:34:19 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/01 17:33:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012/12/01 17:14:34 | 000,000,076 | RHS- | M] () -- C:\Windows\CT4CET.bin
[2012/12/01 17:10:12 | 000,239,600 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/12/01 17:09:54 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012/12/01 17:09:53 | 3182,354,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/01 15:51:41 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2012/12/01 15:51:19 | 000,001,871 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2012/12/01 14:43:43 | 000,000,680 | ---- | M] () -- C:\Users\Walt\AppData\Local\d3d9caps.dat
[2012/12/01 14:27:35 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/12/01 14:20:19 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

========== Files Created - No Company Name ==========

[2012/12/02 08:00:11 | 000,014,336 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/12/02 07:06:26 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/12/02 07:06:26 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/12/02 07:06:26 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/12/02 07:06:26 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/12/02 07:06:26 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/12/02 07:00:35 | 000,001,680 | ---- | C] () -- C:\Users\Walt\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk
[2012/12/01 17:43:43 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/12/01 17:41:40 | 000,000,870 | ---- | C] () -- C:\Users\Walt\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/12/01 17:41:40 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/12/01 17:40:09 | 000,000,930 | ---- | C] () -- C:\Users\Walt\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/12/01 17:33:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012/12/01 17:28:14 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaDirect.lnk
[2012/12/01 17:14:34 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2012/12/01 17:13:36 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\FilterPC.bmp
[2012/12/01 17:13:36 | 000,024,995 | ---- | C] () -- C:\Windows\System32\drivers\FilterPC.jpg
[2012/12/01 17:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/12/01 17:09:53 | 3182,354,432 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/01 17:01:31 | 000,328,162 | ---- | C] () -- C:\Windows\System32\drivers\ativcaxx.cpa
[2012/12/01 17:01:31 | 000,052,400 | ---- | C] () -- C:\Windows\System32\drivers\ativvpxx.vp
[2012/12/01 17:01:31 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativpkxx.vp
[2012/12/01 17:01:31 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativokxx.vp
[2012/12/01 17:01:31 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativdkxx.vp
[2012/12/01 17:01:31 | 000,000,929 | ---- | C] () -- C:\Windows\System32\drivers\ativcaxx.vp
[2012/12/01 17:01:30 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2012/12/01 17:01:30 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2012/12/01 17:01:30 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2012/12/01 17:01:30 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2012/12/01 17:01:30 | 000,013,052 | ---- | C] () -- C:\Windows\atiogl.xml
[2012/12/01 17:01:29 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012/12/01 17:01:29 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2012/12/01 16:11:53 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OA001PC.bmp
[2012/12/01 16:11:53 | 000,022,951 | ---- | C] () -- C:\Windows\System32\drivers\OA001PC.jpg
[2012/12/01 16:11:53 | 000,005,777 | ---- | C] () -- C:\Windows\OA001.uns
[2012/12/01 15:51:40 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/12/01 15:51:19 | 000,002,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
[2012/12/01 15:51:19 | 000,002,030 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
[2012/12/01 15:51:19 | 000,002,022 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
[2012/12/01 15:51:19 | 000,002,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
[2012/12/01 15:51:19 | 000,001,998 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
[2012/12/01 15:51:19 | 000,001,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
[2012/12/01 15:51:19 | 000,001,871 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2012/12/01 14:43:38 | 000,000,949 | ---- | C] () -- C:\Users\Walt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/12/01 14:43:36 | 000,000,944 | ---- | C] () -- C:\Users\Walt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/12/01 14:43:26 | 000,000,915 | ---- | C] () -- C:\Users\Walt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/12/01 14:43:22 | 000,000,680 | ---- | C] () -- C:\Users\Walt\AppData\Local\d3d9caps.dat
[2012/12/01 14:43:20 | 000,000,258 | ---- | C] () -- C:\Users\Walt\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/12/01 14:43:20 | 000,000,240 | ---- | C] () -- C:\Users\Walt\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/12/01 14:20:19 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2012/12/01 14:20:17 | 000,333,203 | RHS- | C] () -- C:\bootmgr
[2012/12/01 14:19:58 | 000,000,024 | RH-- | C] () -- C:\Windows\dell_version

========== ZeroAccess Check ==========

[2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008/01/20 18:23:46 | 011,580,416 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/01/20 18:24:24 | 000,614,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
Just ran OTL again also Ruguekiller. It's staring to move the typing again! I honstly think that I'm infected!! It
seems that it get mad when I run the Malware programs because it starts doing wird things after I run the programs, it's almost like it learns from what we do!!! I'm telling you there is something funny going on!! please let me know how to flash the BIOS I think I have 9.06 it's what on the installation Disk! Let me know what you want me do next!! Thanks Walt
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/20 18:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/12/01 17:37:34 | 000,000,000 | ---D | M] -- C:\Users\Walt\AppData\Roaming\AVG2013 think I'm still infected
[2012/12/01 17:36:36 | 000,000,000 | ---D | M] -- C:\Users\Walt\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >





omboFix 12-12-01.02 - Walt 12/02/2012 7:07.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3036.1473 [GMT -8:00]
Running from: c:\users\Walt\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-11-02 to 2012-12-02 )))))))))))))))))))))))))))))))
.
.
2012-12-02 15:11 . 2012-12-02 15:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-02 02:15 . 2012-12-02 02:15 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-02 02:15 . 2012-12-02 02:15 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-02 02:14 . 2012-12-02 02:14 -------- d-----w- c:\windows\system32\Macromed
2012-12-02 02:11 . 2012-12-02 02:11 -------- d-----w- c:\windows\system32\SPReview
2012-12-02 01:56 . 2012-12-02 01:56 -------- d-----w- c:\windows\system32\EventProviders
2012-12-02 01:43 . 2012-12-02 01:43 -------- d-----w- c:\program files\Common Files\Skype
2012-12-02 01:43 . 2012-12-02 01:43 -------- d-----r- c:\program files\Skype
2012-12-02 01:43 . 2012-12-02 01:43 -------- d-----w- c:\programdata\Skype
2012-12-02 01:41 . 2012-12-02 01:41 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-12-02 01:40 . 2012-12-02 01:40 -------- d-----w- c:\programdata\Malwarebytes
2012-12-02 01:40 . 2012-12-02 01:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-02 01:40 . 2012-09-30 03:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-02 01:36 . 2012-12-02 01:36 -------- d-----w- c:\programdata\AVG2013
2012-12-02 01:36 . 2012-12-02 01:36 -------- d-----w- C:\$AVG
2012-12-02 01:35 . 2012-12-02 01:35 -------- d-----w- c:\program files\AVG
2012-12-02 01:33 . 2012-12-02 01:38 -------- d-----w- c:\programdata\MFAData
2012-12-02 01:33 . 2012-12-02 01:33 -------- d--h--w- c:\programdata\Common Files
2012-12-02 01:28 . 2012-12-02 01:28 -------- d-----w- c:\programdata\Dell
2012-12-02 01:28 . 2012-12-02 01:28 -------- d-----w- c:\programdata\CyberLink
2012-12-02 01:27 . 2012-12-02 01:27 -------- d-----w- c:\program files\CyberLink
2012-12-02 01:27 . 2008-07-04 21:23 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-12-02 01:27 . 2008-07-04 21:23 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-12-02 01:27 . 2008-07-04 21:23 1047552 ----a-w- c:\windows\system32\MFC71u.dll
2012-12-02 01:27 . 2008-07-04 21:23 89088 ----a-w- c:\windows\system32\atl71.dll
2012-12-02 01:27 . 2008-07-04 21:23 1060864 ----a-w- c:\windows\system32\MFC71.dll
2012-12-02 01:14 . 2012-12-02 01:14 -------- d-----w- c:\windows\CtDrvInstall
2012-12-02 01:14 . 2012-12-02 01:14 76 --sh--r- c:\windows\CT4CET.bin
2012-12-02 01:14 . 2012-12-02 01:14 -------- d-----w- c:\program files\Creative
2012-12-02 01:14 . 2012-12-02 01:14 -------- d-----w- c:\program files\Common Files\Reallusion
2012-12-02 01:13 . 2012-12-02 01:13 -------- d-----w- c:\program files\Dell Webcam
2012-12-02 01:13 . 2012-12-02 01:13 -------- d-----w- c:\program files\Creative Live! Cam
2012-12-02 01:10 . 2012-12-02 01:10 -------- d-----w- c:\programdata\ATI
2012-12-02 01:09 . 2012-12-02 01:09 0 ----a-w- c:\windows\ativpsrm.bin
2012-12-02 01:04 . 2012-12-02 01:06 -------- d-----w- c:\program files\ATI Technologies
2012-12-02 01:04 . 2012-12-02 01:04 -------- d-----w- c:\program files\ATI
2012-12-02 00:57 . 2012-12-02 00:57 -------- d-----w- c:\program files\Intel
2012-12-02 00:11 . 2012-12-02 00:11 -------- d-----w- c:\program files\Common Files\InstallShield
2012-12-02 00:11 . 2008-09-19 09:03 277440 ----a-w- c:\windows\system32\drivers\OA001Vid.sys
2012-12-02 00:11 . 2008-08-21 09:01 24576 ----a-w- c:\windows\system32\OA001Srv.exe
2012-12-02 00:11 . 2008-08-02 01:18 94208 ----a-w- c:\windows\CtDrvIns.exe
2012-12-02 00:11 . 2008-06-04 01:30 144672 ----a-w- c:\windows\system32\drivers\OA001Ufd.sys
2012-12-02 00:11 . 2008-04-15 09:01 53248 ----a-w- c:\windows\system32\OA001Pin.dll
2012-12-02 00:11 . 2008-04-15 09:01 32768 ----a-w- c:\windows\OA001Cfg.exe
2012-12-02 00:11 . 2007-12-21 09:00 31256 ----a-w- c:\windows\system32\OA001Pin.crl
2012-12-02 00:11 . 2007-06-08 09:00 148056 ----a-w- c:\windows\system32\drivers\OA001Afx.sys
2012-12-02 00:07 . 2008-02-16 02:01 46592 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2012-12-02 00:07 . 2007-07-30 19:54 38400 ----a-w- c:\windows\system32\drivers\rixdptsk.sys
2012-12-02 00:07 . 2007-07-30 18:42 43008 ----a-w- c:\windows\system32\drivers\rimsptsk.sys
2012-12-02 00:07 . 2007-07-25 20:48 172032 ----a-w- c:\windows\system32\rixdicon.dll
2012-12-02 00:07 . 2004-09-04 11:00 90112 ----a-w- c:\windows\system32\snymsico.dll
2012-12-02 00:07 . 2012-12-02 01:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-12-02 00:07 . 2012-12-02 00:07 -------- d-----w- C:\dell
2012-12-02 00:05 . 2012-12-02 01:27 -------- d-----w- c:\program files\Dell
2012-12-02 00:05 . 2012-12-02 00:05 -------- d-----w- c:\windows\system32\vmm32
2012-12-01 23:50 . 2012-12-01 23:50 -------- d-----w- c:\program files\Microsoft FrontPage
2012-12-01 23:46 . 2012-12-02 01:44 -------- d-sh--w- c:\windows\Installer
2012-12-01 22:43 . 2012-12-02 01:15 -------- d-----w- c:\users\Walt
2012-12-01 22:41 . 2012-12-02 01:10 -------- d-----w- c:\windows\Debug
2012-12-01 22:20 . 2012-12-01 22:29 -------- d-----w- c:\windows\Panther
2012-12-01 22:20 . 2012-12-01 22:20 -------- d-----w- C:\Boot
2012-12-01 22:19 . 2012-12-01 22:19 -------- d-----w- c:\windows\system32\OEM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-22 21:02 . 2012-10-22 21:02 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-10-15 11:48 . 2012-10-15 11:48 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-10-05 11:32 . 2012-10-05 11:32 93536 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2012-10-02 11:30 . 2012-10-02 11:30 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-09-21 11:46 . 2012-09-21 11:46 164832 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-09-21 11:46 . 2012-09-21 11:46 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys
2012-09-21 11:45 . 2012-09-21 11:45 19936 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2012-09-14 11:05 . 2012-09-14 11:05 35552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2012-10-24 17:50 . 2012-12-02 01:41 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-07-04 132392]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-07 3143800]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - AVGIDSDRIVER
*NewlyCreated* - AVGIDSSHIM
*NewlyCreated* - AVGLDX86
*NewlyCreated* - AVGLOGX
*NewlyCreated* - AVGMFX86
*NewlyCreated* - AVGRKX86
*NewlyCreated* - AVGTDIX
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7}
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 68.116.46.115 24.205.192.61 24.205.224.36
FF - ProfilePath - c:\users\Walt\AppData\Roaming\Mozilla\Firefox\Profiles\evp6swhe.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-02 07:11
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7}]
"ImagePath"="\??\c:\program files\Dell\MediaDirect\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(4932)
c:\windows\system32\ieframe.dll
.
Completion time: 2012-12-02 07:12:55
ComboFix-quarantined-files.txt 2012-12-02 15:12
.
Pre-Run: 96,677,154,816 bytes free
Post-Run: 96,637,833,216 bytes free
.
- - End Of File - - C3FF5F5B97BCDBCA32A6A010C5FA5FF5
RogueKiller V8.3.1 [Dec 2 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6001 Service Pack 1) 32 bits version
Started in : Normal mode
User : Walt [Admin rights]
Mode : Scan -- Date : 12/02/2012 08:00:50

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[Services][ROGUE ST] HKLM\[...]\ControlSet001\Services\{2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7} (C:\Program Files\Dell\MediaDirect\000.fcl) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost


¤¤¤ MBR Check: ¤¤¤
  • 0

Advertisements

#32
Jasmyne
Posted 02 December 2012 - 11:11 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
The problems are going to happen the more programs you run, malware removal related or not, due to the increased activity between your OS and your hardware.

Flashing the BIOS is not a simple undertaking. As previously stated:

Unlike regular Windows updates that you can simply run from Windows, BIOS updates must be done from outside of Windows and are very specific for your computer. BIOS updates are based on the specific line and model of your PC. Many times there can be different update for the same models of PC based on differences of the CPU, graphics card and operating systems. Also with some graphics cards you must update different drivers so that your graphics card will function after your BIOS is updated.

There are a lot of variables that play into getting the right update with the right patches to make sure your system will boot after the update. If any variable is incorrect your computer will NOT boot.

Any instructions we would give you would have to be followed exactly, and we have no crystal ball in which to be able to predict unexpected things that could happen in such a difficult update, which is why we would advise you to take your take your computer to a local repair shop to have this done where someone could do this for you. Also, they would be liable for making sure your computer was running properly in the end.


There is no room for thinking or guessing with a BIOS update if you wish to have a bootable computer, this is why we highly advise you take this computer to a local repair shop.
  • 0

#33
Bigbug12
Posted 05 December 2012 - 09:54 AM

Bigbug12

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Hi Jasmyne
Any of the malware programs I ran show any Malware? After the Fresh install the Computer ran good but now it starting show more activity, moving the cursor, moving the page and so on!! Is there any way to find out what's on here!!
"The +here on my Computer untill now! in front of the HDD was never t
This what's it like trheir is something on my Computer.ying to type! Last line! As you can see it moves the cursor to a different place and when I look up I have to correct my typing. Like I said t"
This is what's it like to type on this Computer. I left it on corrected. Tell me this normal.
Thanks Walt
  • 0

#34
Jasmyne
Posted 06 December 2012 - 08:00 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Walt,

There is NO MALWARE on your computer that is indicated in any of the scans you have done.

Let's get a look at your current BIOS and other system information.

Click on the Start Orb and in the Search box type msinfo32

This should open "System Information"

When this opens please take a screenshot of the information and post it in your next reply.
  • 0

#35
Bigbug12
Posted 08 December 2012 - 02:06 PM

Bigbug12

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Hi Jasmyne
Here is the screen shot. Was not able to copy and paste. I don't know if you will get it. SMBIOS version 2.5 Dell Inc. Ao8 11/25/09.
Also I noticed that on my Inspiron XP is it's missing "Sleep" also when you close the cover it keeps on running!!
But let's just fix this one first.
Thanks Walt

Attached Thumbnails

  • Systen information.JPG

  • 0

#36
Jasmyne
Posted 09 December 2012 - 09:44 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Walt,

Good news, according to what Dell says your BIOS update should be pretty straightforward and not as difficult as most I've come across in the past. If you have any questions please STOP and ask.

For the BIOS update:

  • Click here for the update. On the next page choose Single-file download and click Continue.
  • A box should open which will download the file R302080.exe If you are able to choose a download location, save the file to your desktop, if not please move the file to your desktop after it has downloaded.
  • Double-click the new icon on the desktop labeled R302080.EXE.
  • The Self-Extracting window appears and prompts you to extract or unzip to C:\DELL\DRIVERS\R302080. Write down this path so the executable (I.e. Setup.exe) file can be found later.
  • The Self-Extractor window appears.
  • Click OK.
  • After completing the file extraction, if the Self-Extractor window is still open, close it.
  • Click the Start button and then click Run.
  • Type C:\DELL\DRIVERS\R302080 in the Open textbox and then click OK.
  • Follow the on-screen installation instructions.

After the BIOS update is complete let's go ahead and update Windows Vista to SP2.

Go here for information on Windows Updates for Vista.

After you've completed the updated for your BIOS and the Windows updates, let me know how things are going.

Jasmyne
  • 0

#37
Bigbug12
Posted 12 December 2012 - 10:18 AM

Bigbug12

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Hi Jasmyne
I updated the Bios and installed all the updates! It seems to be better, still moves the cursor ones in a while but it's bareble now. I just noticed that it's no longer correcting my spelling! I have Word on here? Ran Malwarebytes and AVG Free no Viruses? Thank you for all the HELP!! Thanks Walt
  • 0

#38
Jasmyne
Posted 12 December 2012 - 04:31 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Walt,

Glad to hear things are running better! :thumbsup: I have a few questions and we'll see what we can do about the other issues. :)

Is the spell correct issue just in Microsoft Word?

With some settings Word will automatically correct "hte" to be "the" and then it underlines the correct word with the green wavy line but with other words misspellings it just places a red wavy line underneath. On other settings it just leaves all misspellings with a red wavy line underneath. Is it doing either, or nothing at all? Also, what version of Microsoft Word do you have?

Jasmyne
  • 0

#39
Bigbug12
Posted 12 December 2012 - 06:12 PM

Bigbug12

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Hi Jasmyne
No it's in all the typing. Before when I miss spelled a word it would under line the word,now nothing at all. It still moves the curser ( page) down when I press the space bar. It's starting to get wurse. I have Word 2007. Could it be that the setting should be adjusted as far as the sensetivity setting goes?
I'm telling you I have a filing that I still have company!! Could the Windows updates have something to do with the spelling not working? There where 125 updates!
Thanks Walt
  • 0

#40
Jasmyne
Posted 12 December 2012 - 09:46 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Walt,

A few more questions. I should have been more specific in my last post. :blush:

When you say all the typing, spell check issue is in all the typing in Office programs only? If not, what other programs are you using that the spell check not working in?

Could it be that the setting should be adjusted as far as the sensetivity setting goes?


That's exactly what I was going to have you check next. :)

Go to Start > Control Panel > Hardware and Sound
Select Mouse

You should find settings for your touchpad.

You may have to adjust and test with settings changed to see if it helps, then re-adjust if necessary. I know on my laptop, my settings are great for me, but drive a friend of mine crazy when she uses my laptop because she's always brushing the touchpad when she types. :)

I'm telling you I have a filing that I still have company!! Could the Windows updates have something to do with the spelling not working? There where 125 updates!


Unless you've picked up something since the last install I'm sure your computer is clean. :) Once we make sure we have all the issues cleared up we can scan again just to be 110% for sure. I'm researching the spelling issue. I have a possible idea on something to try but I need to run it by my instructor first. ;)

Jasymne
  • 0

Advertisements

#41
Bigbug12
Posted 14 December 2012 - 12:54 PM

Bigbug12

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Hi Jasmyne
I went into Control pannel and adjusted the sensetivity and it's better but still loose the cusor! It seems to freeze up also, where it's not reponding, it will sit a while before it startes working. Seems that a lot is going on and it's besee? As far as the spelling is concened it spell checks in 2007 Office word but not in Yahoo as you can see as you can see!! Thanks Walt
  • 0

#42
Bigbug12
Posted 15 December 2012 - 08:40 AM

Bigbug12

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Hi Jasmyne
I tried to do a System Restore 2 times and it does not finish. An unspecified error. also in start up it asking for SM Bus Controller Driver? and Ethernet Controller Driver? I also tried to repair Microsoft Word no luck still not spell checking. What ever is or was di some damage as I said before it's still booting from Hard drive when CD/DVD is in first possition!! And it should not. If nothing else it's a little more berable to type!! Thanks Walt
  • 0

#43
Jasmyne
Posted 15 December 2012 - 09:06 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Walt,

I tried to do a System Restore 2 times and it does not finish. An unspecified error.

I know things not working right is frustrating, I've been the one in this forum getting help before too. :) At times I need to have my instructions approved before I post them to you so that they are 100% correct, please be patient and not do things that can completely change what is going on with your computer. Throughout this process every time you re-formatted I have to start over in trying to find the problem. Please don't do anything to the computer I've not asked you to do.

also in start up it asking for SM Bus Controller Driver? and Ethernet Controller Driver?


Is this new on start up? You haven't mentioned it before and drivers that need to be updated can cause issues.

I also tried to repair Microsoft Word no luck still not spell checking.


You previously told me the spell checking was only in Yahoo, not Word. If that's the case repairing Word will not help. If the problem is in Word I have a fix we can try but if not, which browser are you using?

What ever is or was di some damage as I said before it's still booting from Hard drive when CD/DVD is in first possition!! And it should not. If nothing else it's a little more berable to type!!

When the CD/DVD is in first position it should check the CD/DVD first, but if it doesn't detect a bootable disk in the drive it will go to the next option, your hard drive. We are slowly weeding out the problems on the machine please do NOT reformat the computer again.


Let's check out your hard drive to make sure it doesn't have any bad sectors.

  • Open Computer by clicking the Start button Posted Image, and then clicking Computer.
  • Right-click the hard disk drive that you want to check, and then click Properties.
  • Click the Tools tab, and then, under Error-checking, click Check Now. Posted Image If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  • To check for both file errors and physical errors, select both Automatically fix file system errors and Scan for and attempt recovery of bad sectors.
  • Click Start.
  • If you get a message that it can't be run yet, choose to allow it to run on the next reboot and reboot the system to start the scan.

Depending upon the size of your hard disk, this may take several minutes. For best results, don't use your computer for any other tasks while it's checking for errors.
  • 0

#44
Jasmyne
Posted 15 December 2012 - 12:33 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Let's get started getting the drivers updated.

For the SM Bus Controller Driver go here to download the new driver. After it downloads, double-click the file to unzip the set of files and follow the instructions for installation.

For the Ethernet Controller Driver I need more information to file the right update for your computer. Click on the start orb and in the search box type run. In the run command box type devmgmt.msc This will open the Drive Manager for your computer. Click the + sign or arrow (mine is an arrow) next to "Network Adapters." Right-click on the device and then select “Properties.” Under the “Details” tab take a screenshot of this information and post it back to me.
  • 0

#45
Bigbug12
Posted 16 December 2012 - 06:01 PM

Bigbug12

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Hi Jasmyne
As far as checking Error on disk it ran and I gess it did not find any thing and when it was done it just went to the Wndows screen?!?
Installed the SM Bus Controller Driver and Ethernet is in "Other Devices" Location PCI bus 8 , Devices 0. function 0.
This device is not configured correctly Code 1. I sniped it but could not find where it was saved. But that's the information in the Box. Thanks Walt
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP