Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Heavily infected computer [Closed]

Started by Bulljoe , Apr 03 2013 10:23 PM

  • This topic is locked This topic is locked

#31
Bulljoe
Posted 02 July 2013 - 04:37 PM

Bulljoe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I ran OTL with the above script, and was asked to reboot but no log was produced.
  • 0

Advertisements

#32
Bulljoe
Posted 02 July 2013 - 08:18 PM

Bulljoe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Sorry. I did not read ALL your instructions....

Here is the log:-


OTL logfile created on: 3/07/2013 12:11:09 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1.97 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.67% Memory free
4.69 Gb Paging File | 3.79 Gb Available in Paging File | 80.81% Paging File free
Paging file location(s): c:\pagefile.sys 2940 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.57 Gb Total Space | 4.46 Gb Free Space | 6.41% Space Free | Partition Type: NTFS
Drive D: | 396.19 Gb Total Space | 243.22 Gb Free Space | 61.39% Space Free | Partition Type: NTFS
Drive H: | 1863.01 Gb Total Space | 719.62 Gb Free Space | 38.63% Space Free | Partition Type: NTFS

Computer Name: USER-84F12D431F | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/28 14:21:47 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/06/23 11:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2013/05/08 08:36:35 | 000,119,024 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2013/05/05 18:57:54 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/27 07:45:10 | 000,534,160 | ---- | M] (QFX Software Corporation) -- C:\Program Files\KeyScrambler\KeyScrambler.exe
PRC - [2013/02/27 15:38:44 | 001,259,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/12/05 02:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2012/11/19 16:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/11/08 02:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/11/02 02:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2010/10/27 18:24:42 | 000,645,952 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2010/10/27 18:23:16 | 001,483,072 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/28 14:21:46 | 003,522,456 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/05/01 09:00:43 | 001,581,056 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft\Media Tools\plugins\pl-b2e730376325753834d77280c183157b.dll
MOD - [2013/03/04 07:46:27 | 000,224,256 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft\Media Tools\MediaIconsOverlays.dll
MOD - [2013/01/02 16:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/11/28 13:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 13:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/06/26 04:00:00 | 003,454,976 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
MOD - [2012/03/12 02:07:38 | 000,159,744 | ---- | M] () -- C:\Program Files\Mega Codec Pack\Filters\Haali\mmfinfo.dll
MOD - [2011/09/09 00:01:08 | 000,556,032 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax
MOD - [2011/09/09 00:00:52 | 000,150,528 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkx.dll
MOD - [2011/09/09 00:00:48 | 000,142,336 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mp4.dll
MOD - [2011/09/09 00:00:48 | 000,109,568 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\avi.dll
MOD - [2011/09/08 23:59:54 | 000,080,384 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkzlib.dll
MOD - [2011/09/08 23:59:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Mega Codec Pack\Filters\Haali\mkunicode.dll
MOD - [2011/03/24 14:08:08 | 000,352,256 | ---- | M] () -- C:\Program Files\Photo DVD Maker Professional\MPAudioSplitter_pdm.ax
MOD - [2008/04/14 05:42:04 | 000,562,176 | ---- | M] () -- C:\WINDOWS\system32\qedit.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/05/22 14:53:10 | 000,006,656 | ---- | M] () -- C:\Program Files\WinAVI Video Converter\SimpleExt.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/06/28 14:21:46 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/12 16:50:36 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/08 08:36:35 | 000,119,024 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2013/04/18 09:26:53 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/05 02:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2012/11/02 02:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/01 17:22:06 | 000,295,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/27 18:23:16 | 001,483,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/03/02 14:06:16 | 000,068,136 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/12/06 20:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Disabled | Stopped] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS -- (SymEvent)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\NuMega\SoftICE Driver Suite\Common\Binsiwvid.sys -- (SiwvidStart)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/04/11 03:18:40 | 000,302,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/27 07:40:56 | 000,209,304 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2013/02/19 19:20:24 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/01/30 08:40:38 | 000,010,496 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2012/12/10 02:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/11/08 02:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/10/11 14:55:04 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2012/09/18 19:33:00 | 000,043,960 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2012/09/18 19:33:00 | 000,039,608 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2012/09/18 19:33:00 | 000,030,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2012/09/18 19:32:56 | 000,012,216 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2012/01/10 20:07:36 | 000,179,200 | R--- | M] (Dexetek ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DxVGrb.sys -- (DxVGrb)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/07/23 02:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/13 17:09:26 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011/07/13 07:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/06/02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2010/10/07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/07/20 23:56:52 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2010/07/20 23:45:12 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2010/07/20 23:37:38 | 006,086,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/03/17 16:42:46 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2010/03/10 07:18:20 | 000,024,216 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2009/04/08 02:32:48 | 000,116,224 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009/03/25 16:29:52 | 000,130,432 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007/12/26 01:47:30 | 000,272,128 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2006/12/14 09:41:48 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/07/19 11:29:08 | 000,027,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2006/07/19 11:28:56 | 000,071,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2006/07/19 11:28:04 | 000,036,736 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2006/07/19 11:27:46 | 000,055,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou)
DRV - [2006/07/19 11:27:26 | 000,013,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.SYS -- (L8042Kbd)
DRV - [2005/04/07 09:46:50 | 000,034,240 | R--- | M] (ADS) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adsexpb.sys -- (ADSEXPB)
DRV - [2001/11/07 04:40:00 | 000,018,240 | ---- | M] (Compuware Corporation - NuMega Lab) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\DbgMsg.sys -- (DbgMsg)
DRV - [2001/11/07 01:09:10 | 001,347,462 | ---- | M] (Compuware Corporation - NuMega Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ntice.sys -- (NTice)
DRV - [2001/11/07 01:09:10 | 000,119,658 | ---- | M] (Compuware Corporation - NuMega Lab) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\siwvid.sys -- (Siwvid)
DRV - [2001/11/07 01:09:10 | 000,022,900 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\siwsym.sys -- (Siwsym)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{B48DCA56-2F73-4321-827B-AC88FFB71781}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\..\SearchScopes,DefaultScope = {B48DCA56-2F73-4321-827B-AC88FFB71781}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9FD7B827-2C19-4010-A3EF-936A29545E4C}: "URL" = http://www.bing.com/...=SPLBR2&pc=SPLH
IE - HKCU\..\SearchScopes\{B48DCA56-2F73-4321-827B-AC88FFB71781}: "URL" = http://www.google.co...1I7WQIB_enAU539
IE - HKCU\..\SearchScopes\{DABE5CFC-59E3-4577-B5E6-D8B9CEF16EAB}: "URL" = http://au.search.yah...cevm&type=STDVM
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/30 17:32:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/20 11:13:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/22 13:11:18 | 000,000,000 | ---D | M]

[2010/04/01 16:33:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2013/05/29 10:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\706l0eqd.default-1343368655062\extensions
[2013/06/23 22:34:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions
[2012/07/12 14:52:59 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/07/23 18:26:01 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012/06/27 18:13:17 | 000,000,000 | ---D | M] (Sothink Web Video Downloader for Firefox) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
[2012/05/12 09:52:17 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2012/06/28 16:33:44 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2012/07/09 16:20:27 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2013/06/28 14:23:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions
[2011/12/08 14:47:10 | 000,014,961 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2011/10/03 17:58:10 | 000,074,961 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2011/11/30 15:54:45 | 000,051,994 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2012/07/04 17:03:41 | 000,087,157 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2011/11/22 19:16:08 | 000,004,527 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2011/12/03 11:01:05 | 000,003,691 | R--- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2012/06/28 15:20:29 | 000,185,362 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012/07/25 08:54:47 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/08/28 14:28:29 | 000,042,336 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi
[2012/06/12 02:26:43 | 000,007,915 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]\chrome\content\ff\view_expiry.js
[2013/05/07 21:34:11 | 000,004,530 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\[email protected]
[2013/02/23 14:38:42 | 000,615,654 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\[email protected]
[2013/06/28 14:23:46 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/21 09:13:51 | 000,765,412 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013/06/20 11:13:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/20 11:13:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/06/20 11:13:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/28 14:21:47 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2010/12/09 07:21:24 | 000,002,224 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\webblog.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: qvo6 (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: FTdownloader V3.0 = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn\3.0_0\
CHR - Extension: FTdownloader V3.0 = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn\3.0_0\

O1 HOSTS File: ([2013/07/03 08:18:28 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EA6C079-3333-4797-9BAC-AF0FD534706A}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C85F8EC6-C08E-404C-9D39-C29A7821E0FD}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\WINDOWS\System32\acaptuser32.dll (Adobe Systems Incorporated)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\expressburn.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\finereader.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\presentationhost.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\screenshotreader.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/01 11:50:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/11/19 13:09:57 | 000,000,000 | ---D | M] - C:\AutoHideIP -- [ NTFS ]
O34 - HKLM BootExecute: (sdnclean.exe)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2020/12/01 12:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2013/07/02 12:15:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2013/06/28 15:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Karen Armstrong
[2013/06/28 14:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Khaled Hosseini
[2013/06/23 20:02:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/23 11:47:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2013/06/21 17:45:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2013/06/21 15:00:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/06/21 15:00:22 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/20 11:18:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/06/20 11:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/20 10:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2013/06/19 18:04:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/06/19 17:53:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/06/19 17:53:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/06/19 17:53:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/06/19 17:53:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/06/19 17:50:19 | 000,012,568 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2013/06/19 17:50:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/19 17:06:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
[2013/06/19 17:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/06/19 09:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\SUPERAntiSpyware Pro
[2013/06/19 09:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware Pro
[2013/06/12 16:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2013/06/12 16:25:41 | 000,000,000 | ---D | C] -- C:\MGtools
[2013/06/12 15:44:49 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/06/08 18:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2013/06/08 18:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/06/08 18:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/06/08 18:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/06/08 18:51:51 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/06/07 17:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2013/06/07 17:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2013/06/06 11:04:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013/06/06 11:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/06/06 11:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/06/06 10:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2013/06/05 16:26:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/06/05 16:22:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/06/05 16:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2013/06/05 16:05:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/06/05 15:22:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/06/05 15:22:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/06/05 15:21:07 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/06/05 15:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2013/06/05 14:47:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/06/05 14:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\WindowsUpdate
[2013/04/18 09:19:47 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Program Files\unicows.dll
[2013/04/18 09:19:39 | 000,189,808 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\AutoPlay.exe
[2013/03/28 11:33:30 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\User\Application Data\pcouffin.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/03 11:50:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/03 09:06:00 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 4e57916c-2d66-4dfb-b6cf-71f6d1ed4305.job
[2013/07/03 08:24:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/03 08:23:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/03 08:18:28 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/07/03 08:10:38 | 125,311,217 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2013/07/01 02:00:00 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 2c793a52-bef9-4ac1-a46e-cdcfbcfb56ba.job
[2013/07/01 00:01:00 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\defrag.job
[2013/06/29 14:37:54 | 000,282,322 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2013/06/28 15:27:49 | 000,154,624 | ---- | M] () -- C:\Documents and Settings\User\My Documents\metadata.db
[2013/06/28 15:27:49 | 000,012,986 | ---- | M] () -- C:\Documents and Settings\User\My Documents\metadata_db_prefs_backup.json
[2013/06/28 11:34:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/06/23 11:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2013/06/22 17:31:17 | 000,416,199 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Deb,s Facebook Photo.JPG
[2013/06/21 12:29:54 | 000,001,041 | ---- | M] () -- C:\Documents and Settings\User\Application Data\vso_ts_preview.xml
[2013/06/20 11:35:41 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\ExpressBurnReminder.job
[2013/06/20 10:20:14 | 000,000,895 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/20 10:20:14 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/20 10:20:14 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/06/20 10:20:13 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/06/19 17:50:19 | 000,012,568 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2013/06/19 17:06:21 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2013/06/19 15:58:30 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/06/17 12:38:56 | 000,004,649 | ---- | M] () -- C:\Documents and Settings\User\My Documents\avatar.jpg
[2013/06/17 12:28:10 | 000,392,042 | ---- | M] () -- C:\MGlogs.zip
[2013/06/16 14:50:07 | 002,685,442 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Mortgage experts say it's time to go for a quick fix.mht
[2013/06/12 18:11:09 | 000,000,307 | -HS- | M] () -- C:\boot.ini
[2013/06/12 15:28:32 | 001,898,001 | ---- | M] () -- C:\MGtools.exe
[2013/06/12 15:06:18 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/06/12 15:01:41 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\User\defogger_reenable
[2013/06/12 11:59:21 | 000,334,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/09 12:01:29 | 000,000,308 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Malware and Spyware Cleaning Guide - Geeks to Go Forums.URL
[2013/06/09 11:25:38 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/06/08 18:56:49 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/06/08 18:52:10 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/06/07 15:06:09 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to Local Disk ©.lnk
[2013/06/07 14:56:52 | 000,000,282 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to SAMSUNG (H).lnk
[2013/06/07 11:05:08 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Disk Cleanup.lnk
[2013/06/07 10:20:39 | 000,470,040 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/07 10:20:39 | 000,076,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/05 16:23:05 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/06/05 15:24:49 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/06/05 15:20:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/06/05 15:20:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/06/05 15:19:55 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013/06/05 15:17:06 | 000,022,720 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/21 18:25:05 | 000,416,199 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Deb,s Facebook Photo.JPG
[2013/06/21 07:49:49 | 000,001,041 | ---- | C] () -- C:\Documents and Settings\User\Application Data\vso_ts_preview.xml
[2013/06/20 19:07:53 | 000,204,472 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/06/19 17:53:31 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/06/19 17:53:31 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/06/19 17:53:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/06/19 17:53:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/06/19 17:53:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/06/19 17:06:31 | 000,000,508 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 4e57916c-2d66-4dfb-b6cf-71f6d1ed4305.job
[2013/06/19 17:06:30 | 000,000,508 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 2c793a52-bef9-4ac1-a46e-cdcfbcfb56ba.job
[2013/06/19 17:06:21 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2013/06/17 13:03:17 | 000,004,649 | ---- | C] () -- C:\Documents and Settings\User\My Documents\avatar.jpg
[2013/06/16 14:50:07 | 002,685,442 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Mortgage experts say it's time to go for a quick fix.mht
[2013/06/12 16:25:45 | 000,392,042 | ---- | C] () -- C:\MGlogs.zip
[2013/06/12 15:28:31 | 001,898,001 | ---- | C] () -- C:\MGtools.exe
[2013/06/12 15:01:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User\defogger_reenable
[2013/06/09 15:42:29 | 000,966,374 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1409082233-117609710-839522115-1003-0.dat
[2013/06/09 15:42:29 | 000,355,886 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/06/08 18:56:49 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/06/08 18:52:10 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/06/07 15:06:09 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to Local Disk ©.lnk
[2013/06/07 14:56:52 | 000,000,282 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to SAMSUNG (H).lnk
[2013/06/05 16:30:47 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/05 16:30:47 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Internet Explorer.lnk
[2013/06/05 16:13:12 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/06/05 16:13:12 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/06/05 16:13:12 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/06/05 16:13:11 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/06/05 16:13:11 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/06/05 16:13:11 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/06/05 16:13:11 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/06/05 16:13:11 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/06/05 16:13:11 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/06/05 16:13:11 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/06/05 16:13:11 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/06/05 16:13:11 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/06/05 16:13:11 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/06/05 16:13:11 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/06/05 16:13:11 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/06/05 16:13:11 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/06/05 16:13:11 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/06/05 16:13:10 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/06/05 16:13:10 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/06/05 16:13:10 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/06/05 16:13:10 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/06/05 16:13:10 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/06/05 16:13:10 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/06/05 16:13:10 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/06/05 16:13:10 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/06/05 16:13:10 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/06/05 16:13:10 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/06/05 16:13:10 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/06/05 16:13:10 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/06/05 16:13:10 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/06/05 16:13:10 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/06/05 16:13:10 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/06/05 16:13:10 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/06/05 16:13:10 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/06/05 16:13:10 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/06/05 16:13:10 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/06/05 16:13:10 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/06/05 16:13:10 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/06/05 16:13:10 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/06/05 16:13:10 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/06/05 16:13:10 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/06/05 16:13:10 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/06/05 16:13:10 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/06/05 16:13:10 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/06/05 16:13:10 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/06/05 16:13:10 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/06/05 16:13:10 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/06/05 16:13:10 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/06/05 16:13:10 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/06/05 16:13:10 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/06/05 16:13:10 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/06/05 16:13:10 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/06/05 16:13:10 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/06/05 16:13:10 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/06/05 16:13:10 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/06/05 16:13:10 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/06/05 16:13:10 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/06/05 16:13:10 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/06/05 16:13:10 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/06/05 16:13:10 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/06/05 16:13:10 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/06/05 16:13:10 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/06/05 16:13:10 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/06/05 16:13:10 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/06/05 16:13:09 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/06/05 16:13:09 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/06/05 16:13:09 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/06/05 16:13:09 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/06/05 16:13:09 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/06/05 16:13:09 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/06/05 16:13:09 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/06/05 16:13:08 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/06/05 16:13:08 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/06/05 16:13:08 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/06/05 16:13:08 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/06/05 16:13:08 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/06/05 16:13:08 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/06/05 16:13:08 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/06/05 16:13:08 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/06/05 16:13:08 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/06/05 15:36:43 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Windows Media Player.lnk
[2013/06/05 15:22:23 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013/06/05 15:21:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013/06/05 15:21:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013/06/05 15:21:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013/06/05 15:21:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013/06/05 15:21:34 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013/06/05 15:21:29 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013/06/05 15:21:10 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013/06/05 15:17:06 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/05 15:03:51 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/06/05 15:03:51 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/06/05 15:03:51 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/06/05 15:03:51 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/06/05 15:03:51 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/06/05 15:03:51 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/06/05 15:03:50 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2013/05/31 13:06:24 | 000,026,900 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\dt.dat
[2013/04/18 09:19:31 | 000,018,183 | ---- | C] () -- C:\Program Files\Lisezmoi.htm
[2013/04/18 09:19:31 | 000,015,557 | ---- | C] () -- C:\Program Files\ReadMe.htm
[2013/04/18 09:19:30 | 000,017,015 | ---- | C] () -- C:\Program Files\Liesmich.htm
[2013/01/05 09:16:08 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\User\wxDownloadFast.ini
[2012/12/24 16:44:31 | 000,000,060 | ---- | C] () -- C:\Documents and Settings\User\jagex_cl_runescape_LIVE.dat
[2012/12/24 16:44:31 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\User\random.dat
[2012/11/01 07:23:29 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2012/10/12 11:34:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2012/10/12 11:32:58 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012/08/18 12:37:16 | 000,001,588 | ---- | C] () -- C:\WINDOWS\debugrcfile.ini
[2012/07/13 17:21:23 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/07/13 17:21:23 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/03/04 13:29:22 | 000,002,396 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012/02/15 16:00:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/27 12:31:10 | 000,000,520 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2011/12/17 14:20:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2011/12/08 18:40:31 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\KRSBridgeControls.dll
[2011/12/08 18:40:31 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\JeanieInterface.dll
[2011/12/08 18:40:31 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\KRSSockets.dll
[2011/12/08 18:40:31 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\FuzzBox.dll
[2011/12/08 18:40:31 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\BrowseForDirectory.dll
[2011/11/29 22:12:25 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2011/11/29 22:09:35 | 000,000,578 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2011/11/29 22:07:18 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2011/11/22 19:21:10 | 000,002,816 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\un.png
[2011/11/22 19:15:59 | 000,000,316 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Setting.dat
[2011/11/22 19:15:59 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\User\Application Data\UserFlag.ini
[2011/09/07 17:03:45 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/28 12:29:04 | 002,097,152 | ---- | C] () -- C:\Documents and Settings\User\My Volume N
[2011/04/21 19:28:31 | 000,000,022 | --S- | C] () -- C:\Documents and Settings\User\Application Data\Sys2662.Config.Repository.bin
[2011/02/18 19:11:28 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\User\Application Data\AutoGK.ini
[2011/02/10 07:29:06 | 000,000,043 | --S- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2010/04/05 12:20:52 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\User\default.pls
[2010/04/02 14:04:29 | 000,166,400 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/02 12:18:12 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\User\Application Data\pcouffin.cat
[2010/04/02 12:18:12 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\User\Application Data\pcouffin.inf

========== ZeroAccess Check ==========

[2010/04/21 09:55:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 22:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/06/08 18:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2011/03/12 19:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
[2012/01/22 18:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\38FDB89C-1EBD-4366-84B2-336D12CC3209
[2012/12/30 15:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4shared Desktop
[2013/05/26 18:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aimersoft DVD Ripper
[2011/05/03 13:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aiseesoft Studio
[2012/10/07 12:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anvsoft
[2012/02/23 10:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AutoHideIP
[2012/02/16 09:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2013/03/17 21:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2013/04/24 18:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bridge Analyser
[2010/04/02 15:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2013/06/05 17:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/09/27 10:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CompuClever
[2011/11/22 20:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_0_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/11/22 20:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_2_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/02/10 07:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2011/11/24 12:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2011/11/22 20:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HideIPEasy
[2013/06/12 17:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2012/03/28 14:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2012/12/04 16:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leawo
[2010/04/14 10:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2013/05/15 08:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/12/11 11:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2012/07/28 18:10:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage
[2011/08/06 17:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\oM01602IaPfD01602
[2013/04/22 08:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QFX Software
[2011/09/08 13:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2011/12/23 16:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2012/03/02 16:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2012/10/07 12:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2010/07/25 22:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\sureshotgps
[2012/04/08 12:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/12/11 14:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2011/10/16 15:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2013/01/02 08:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WoW Worldwide Software LTD
[2013/06/21 16:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2012/10/08 14:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
[2013/06/21 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2011/02/07 09:47:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/06/12 17:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/02/18 09:32:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2011/11/25 11:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/03/30 20:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D2044A97-3875-40E7-8161-DA975C6BA7CF}
[2010/04/14 18:10:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012/11/01 07:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
[2012/08/19 15:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\.minecraft
[2012/07/28 17:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\.techniclauncher
[2012/07/25 20:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ad-Aware Antivirus
[2011/09/24 13:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Alaz
[2013/01/02 10:22:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Amazon
[2011/11/22 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AutoHideIP
[2011/09/07 18:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG10
[2012/02/16 09:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG2012
[2011/10/18 19:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Azureus
[2010/10/24 10:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BackTalk
[2013/04/24 18:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bridge Analyser
[2010/12/19 13:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bridge Baron 19
[2012/02/13 07:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bridge Baron 21
[2013/01/02 08:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\calibre
[2010/04/02 16:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\CD-LabelPrint
[2012/09/27 10:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\CompuClever
[2012/07/26 11:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Curiolab
[2011/11/22 20:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_0_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/11/22 20:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_2_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/01/11 15:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Digiarty
[2012/01/22 18:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Downloaded Installations
[2012/04/07 09:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\driveridentifier
[2013/06/20 10:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Dropbox
[2013/03/28 11:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DVDVideoSoft
[2011/08/06 14:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\EarMaster
[2013/05/26 16:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FamilyTreeMaker
[2011/01/03 11:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FDBTemp
[2012/04/16 17:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Garmin
[2011/12/05 16:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GetRightToGo
[2011/07/26 17:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GrabPro
[2013/06/24 16:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\HandBrake
[2011/11/22 20:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\HideIPEasy
[2012/03/28 12:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\iolo
[2011/09/24 13:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ivsu
[2012/01/03 21:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Kernel for Windows Data Recovery
[2012/08/05 11:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2012/12/04 15:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leawo
[2011/11/29 22:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Millennia
[2011/07/21 12:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Moyea
[2011/11/29 22:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\MyHeritage
[2011/01/27 15:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\NCH Swift Sound
[2012/11/13 20:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OpenOffice.org
[2012/07/28 17:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Oracle
[2013/03/31 11:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Orbit
[2013/03/31 11:39:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OxelonMC
[2013/01/12 14:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Photo DVD Maker
[2012/10/07 12:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Photo DVD Slideshow
[2011/07/26 17:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ProgSense
[2011/02/14 12:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Purple Ghost Software, Inc
[2013/04/22 08:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\QFX Software
[2012/08/04 17:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Qualys
[2011/04/30 11:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Regensoft
[2011/04/21 10:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\RegistryKeys
[2011/02/11 18:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Reviversoft
[2011/02/18 16:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ScanSpyware
[2011/11/26 13:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SourceTec
[2010/06/30 17:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\spotmau
[2012/04/07 11:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SystemRequirementsLab
[2011/11/29 22:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\The Complete Genealogy Reporter - FTB
[2010/06/30 17:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Thinstall
[2012/12/04 12:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\tiger-k
[2013/06/02 17:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TuneUp Software
[2011/12/11 13:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ulead Systems
[2013/07/03 12:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent
[2013/06/24 13:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Vso
[2011/03/28 13:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
[2011/04/11 10:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Search
[2010/11/10 21:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Xilisoft
[2013/01/21 11:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\XMedia Recode
[2012/03/11 16:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\YouTube Downloader

========== Purity Check ==========



< End of report >
  • 0

#33
Essexboy
Posted 03 July 2013 - 06:55 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer now ?
  • 0

#34
Bulljoe
Posted 03 July 2013 - 03:13 PM

Bulljoe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
The computer seems to be running Ok, but I srill get MBAM alerts.

Here is a list of recent sites MBAM is alerting
58.240.153.165 (outgoing)
98.142.251.112 (outgoing)
59.34.34.176 (outgoing)
41.203.87.215 (outgoing)
218.10.86.243 (outgoing)
91.188.37.148 (outgoing)
121.1093.137 (outgoing) several times
89.28.109.67 (incoming)

Also I received a popup from AVG:-
"AVG asks for confirmation...
Application TMP196.EXE is trying to connect to the internet"
I ticked the box "dont allow"

I also notice on the last OTL log a line reading "CHR QV06"
I thought I had got rid of QV06
How do I get rid of it completely?

PS. I am getting continual MBAM warnings as I type

Regards
  • 0

#35
Essexboy
Posted 03 July 2013 - 03:42 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets see where that is hiding

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
  • 0

#36
Bulljoe
Posted 05 July 2013 - 02:28 AM

Bulljoe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Sorry for the delay.

Here is the log


# AdwCleaner v2.304 - Logfile created 07/05/2013 at 18:21:40
# Updated 03/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : User - USER-84F12D431F
# Boot Mode : Normal
# Running from : C:\Documents and Settings\User\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v23.0 (en-US)

File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\706l0eqd.default-1343368655062\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [38194 octets] - [06/04/2013 07:18:18]
AdwCleaner[R2].txt - [1486 octets] - [07/04/2013 10:12:34]
AdwCleaner[R3].txt - [1546 octets] - [11/04/2013 17:38:02]
AdwCleaner[R4].txt - [9201 octets] - [19/04/2013 15:35:03]
AdwCleaner[R5].txt - [4987 octets] - [22/05/2013 12:15:04]
AdwCleaner[R6].txt - [2399 octets] - [11/06/2013 10:58:28]
AdwCleaner[R7].txt - [7916 octets] - [20/06/2013 10:16:50]
AdwCleaner[R8].txt - [7976 octets] - [20/06/2013 10:19:10]
AdwCleaner[S10].txt - [5129 octets] - [22/05/2013 12:15:27]
AdwCleaner[S11].txt - [12188 octets] - [29/05/2013 10:11:17]
AdwCleaner[S12].txt - [2495 octets] - [02/06/2013 17:07:20]
AdwCleaner[S13].txt - [3605 octets] - [09/06/2013 15:28:36]
AdwCleaner[S14].txt - [2461 octets] - [11/06/2013 11:26:37]
AdwCleaner[S15].txt - [6570 octets] - [20/06/2013 10:20:04]
AdwCleaner[S16].txt - [388 octets] - [05/07/2013 18:07:35]
AdwCleaner[S17].txt - [373 octets] - [05/07/2013 18:16:05]
AdwCleaner[S18].txt - [2383 octets] - [05/07/2013 18:21:40]
AdwCleaner[S1].txt - [38480 octets] - [06/04/2013 07:18:45]
AdwCleaner[S2].txt - [1611 octets] - [11/04/2013 17:38:51]
AdwCleaner[S3].txt - [374 octets] - [19/04/2013 15:36:32]
AdwCleaner[S4].txt - [9234 octets] - [19/04/2013 18:00:52]
AdwCleaner[S5].txt - [1850 octets] - [19/04/2013 18:24:22]
AdwCleaner[S6].txt - [338 octets] - [21/04/2013 09:27:04]
AdwCleaner[S7].txt - [2700 octets] - [27/04/2013 10:44:56]
AdwCleaner[S8].txt - [388 octets] - [27/04/2013 11:10:48]
AdwCleaner[S9].txt - [2093 octets] - [27/04/2013 11:16:13]

########## EOF - C:\AdwCleaner[S18].txt - [2982 octets] ##########
  • 0

#37
Essexboy
Posted 05 July 2013 - 05:58 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What media player are you using as this has re-appeared C:\Documents and Settings\All Users\Application Data\Microsoft\Media Tools
  • 0

#38
Bulljoe
Posted 05 July 2013 - 05:43 PM

Bulljoe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I use VLC Media Player.

My computer seems to have reverted to its old way of taking a very long time to log on to web sites.
Sometimes I needed to reboot to get logged on because it would stop loading (and occasionally time out).
A couple of times, using Windows Task Manager, I observed Firefox Memory Usage of 165000K even though I had closed Firefox.
I then tried to end the process using Task Manager but it would not end it.
I get the feeling that some program is running in the background and using up all the resourses.

Also when I first turn the computer on, I get a message box telling me that AVG firewall had been changed to Network 2 and will now change to "small home or office network"

It is currently set at "small home or office network".

Hope this gives you more pointers to my problem.
  • 0

#39
Essexboy
Posted 06 July 2013 - 04:09 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK it is not VLC .. So time for the bigger hammer I feel

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks
  • Allow the installation of the recovery console

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#40
Bulljoe
Posted 06 July 2013 - 06:57 PM

Bulljoe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
My computer indicated it was running low on disc space.
I ran TuneUp utilities & discovered OTL had An enormous file called "moved files" which
contained a lot of old movies.
I moved most of the movies to an external drive.
I am still low on space on drive C
I will investigate this further.

Here is the log








ComboFix 13-07-07.01 - User 07/07/2013 10:33:22.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2012.1137 [GMT 10:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\User\Application Data\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Files Created from 2013-06-07 to 2013-07-07 )))))))))))))))))))))))))))))))
.
.
2020-12-01 02:20 . 2020-12-01 02:20 -------- d-----w- c:\documents and settings\LocalService\Application Data\iolo
2013-07-07 00:10 . 2008-04-13 19:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2013-07-05 08:15 . 2013-07-05 08:16 154 ----a-w- c:\windows\DeleteOnReboot.bat
2013-06-23 10:02 . 2013-06-23 10:02 -------- dc----w- C:\_OTL
2013-06-22 03:12 . 2013-05-07 21:23 114280 -c--a-w- c:\windows\system32\acaptuser32.dll
2013-06-21 07:45 . 2013-06-21 07:46 -------- d-----w- c:\documents and settings\All Users\Application Data\YTD Video Downloader
2013-06-21 05:00 . 2013-06-21 05:00 -------- d-----w- c:\windows\ERUNT
2013-06-21 05:00 . 2013-06-21 05:00 -------- dc----w- C:\JRT
2013-06-19 07:06 . 2013-06-19 07:06 -------- d-----w- c:\documents and settings\User\Application Data\SUPERAntiSpyware.com
2013-06-19 07:06 . 2013-06-19 07:06 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2013-06-18 23:23 . 2013-06-18 23:35 -------- d-----w- c:\program files\SUPERAntiSpyware Pro
2013-06-12 06:46 . 2013-06-12 07:15 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro
2013-06-12 06:25 . 2013-06-17 02:28 -------- dc----w- C:\MGtools
2013-06-12 05:44 . 2013-06-12 05:44 -------- dc----w- C:\TDSSKiller_Quarantine
2013-06-08 08:56 . 2013-06-08 08:56 -------- d-----w- c:\program files\iPod
2013-06-08 08:56 . 2013-06-08 08:56 -------- d-----w- c:\program files\iTunes
2013-06-08 08:56 . 2013-06-08 08:56 -------- d-----w- c:\documents and settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-08 08:52 . 2013-06-09 03:45 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2013-06-08 08:52 . 2013-06-09 03:45 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2013-06-08 08:52 . 2013-06-09 03:45 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2013-06-08 08:52 . 2013-06-09 03:45 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2013-06-08 08:52 . 2013-06-09 03:45 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2013-06-08 08:51 . 2013-06-08 08:52 -------- d-----w- c:\program files\QuickTime
2013-06-07 07:39 . 2013-06-07 07:39 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-18 07:35 . 2011-02-19 12:03 420944 ----a-w- c:\windows\system32\msvcp100.dll
2013-06-18 07:35 . 2011-02-18 13:40 773712 ----a-w- c:\windows\system32\msvcr100.dll
2013-06-17 02:28 . 2013-06-12 06:25 392042 -c--a-w- C:\MGlogs.zip
2013-06-12 06:50 . 2012-04-01 23:00 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 06:50 . 2011-06-10 22:31 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-07 04:49 . 2012-08-05 01:30 16400 -c--a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-05-07 22:30 . 2004-08-04 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:30 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-07 22:30 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2013-05-07 21:11 . 2013-05-07 21:11 927264 -c--a-w- c:\windows\system32\FTBSaver.scr
2013-05-03 01:30 . 2004-08-04 12:00 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38 . 2004-08-03 22:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-30 23:00 . 2013-04-30 23:00 1581056 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Media Tools\plugins\pl-b2e730376325753834d77280c183157b.dll
2013-04-30 17:59 . 2013-04-30 17:59 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-04-30 17:59 . 2013-04-30 17:59 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-04-10 17:18 . 2012-03-18 19:17 302368 -c--a-w- c:\windows\system32\drivers\avgtdix.sys
2013-04-10 01:31 . 2004-08-04 12:00 1876352 ----a-w- c:\windows\system32\win32k.sys
2008-06-12 06:15 . 2013-04-17 23:19 245408 -c--a-w- c:\program files\unicows.dll
2008-05-06 10:23 . 2013-04-17 23:19 189808 -c--a-w- c:\program files\AutoPlay.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0MediaIconsOerlay]
@="{1EC23CFF-4C58-458f-924C-8519AEF61B32}"
[HKEY_CLASSES_ROOT\CLSID\{1EC23CFF-4C58-458f-924C-8519AEF61B32}]
2013-03-03 21:46 224256 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Media Tools\MediaIconsOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"KeyScrambler"="c:\program files\KeyScrambler\keyscrambler.exe" [2013-03-26 534160]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ sdnclean.exe\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnk0A831A0E.startup
backupExtension=0A831A0E.startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Orbit.lnk]
backup=c:\windows\pss\Orbit.lnk0A831D3B.startup
backupExtension=0A831D3B.startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-07-20 13:55 19554408 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe"
"Akamai NetSession Interface"=c:\documents and settings\User\Local Settings\Application Data\Akamai\netsession_win.exe
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" /AUTO
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"IgfxTray"=c:\windows\system32\igfxtray.exe
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"Persistence"=c:\windows\system32\igfxpers.exe
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Gigabyte\\EasySaver\\UpdExe.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\MultiProxy\\MProxy.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Regensoft\\Downloader App\\DownloaderApp.exe"=
"c:\\Documents and Settings\\User\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Documents and Settings\\User\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:appletv
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 4:50 AM 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 4:46 AM 31952]
R0 Siwvid;Siwvid;c:\windows\system32\drivers\siwvid.sys [7/11/2001 1:09 AM 119658]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 5:25 AM 250080]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [19/03/2012 5:17 AM 302368]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [30/08/2012 5:33 PM 33112]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23/07/2011 2:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [13/07/2011 7:55 AM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/05/2013 8:36 AM 119024]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [5/12/2012 2:44 AM 2321560]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4:53 AM 193288]
R2 DbgMsg;Debug Message;c:\windows\system32\drivers\DbgMsg.sys [7/11/2001 4:40 AM 18240]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [5/08/2012 11:29 AM 12216]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [11/09/2012 8:00 PM 418376]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3/08/2012 10:15 PM 701512]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [27/10/2010 6:23 PM 1483072]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 7:52 PM 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 1:32 PM 142176]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 1:32 PM 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 1:32 PM 17232]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [1/04/2010 12:17 PM 116224]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [21/04/2013 11:30 AM 209304]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3/08/2012 10:15 PM 22856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [7/10/2010 1:34 PM 10064]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [2/11/2012 2:51 AM 5174392]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1/04/2010 12:15 PM 1691480]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 7:52 PM 30944]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2/06/2011 11:08 AM 11336]
S3 DxVGrb;DxVGrb;c:\windows\system32\drivers\DxVGrb.sys [15/09/2012 12:47 PM 179200]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [10/03/2010 7:18 AM 24216]
S3 NTice;NTice;c:\windows\system32\drivers\ntice.sys [7/11/2001 1:09 AM 1347462]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [2/04/2010 12:18 PM 47360]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [26/12/2007 1:47 AM 272128]
S3 SiwvidStart;SiwvidStart;\??\c:\program files\NuMega\SoftICE Driver Suite\Common\Binsiwvid.sys --> c:\program files\NuMega\SoftICE Driver Suite\Common\Binsiwvid.sys [?]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [1/11/2012 7:23 AM 10496]
S4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6/12/2007 8:03 PM 660768]
S4 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [1/04/2010 12:12 PM 68136]
S4 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [4/05/2010 11:07 AM 503080]
S4 Siwsym;Siwsym;c:\windows\system32\drivers\siwsym.sys [7/11/2001 1:09 AM 22900]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 09:02 114688 -c--a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 06:50]
.
2013-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 06:57]
.
2013-06-30 c:\windows\Tasks\defrag.job
- c:\windows\system32\defrag.exe [2004-08-04 19:42]
.
2013-06-20 c:\windows\Tasks\ExpressBurnReminder.job
- c:\program files\NCH Software\ExpressBurn\expressburn.exe [2012-11-01 16:50]
.
2012-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 08:31]
.
2013-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 08:31]
.
2013-07-06 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 4e57916c-2d66-4dfb-b6cf-71f6d1ed4305.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-07 22:37]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.au/
mStart Page = hxxp://www.google.com
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-06-28 14:23; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-07 10:37
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1409082233-117609710-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08211550-CA01-C31F-B8B2-33F80314E406}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"pamekcoejigfjhjbncmepabligdoilec"=hex:6b,61,64,67,6a,67,6a,68,68,64,70,6c,66,
6b,6f,61,6b,6f,63,6b,66,6e,00,00
"oaoeakfoakogokknhkkekpimblenie"=hex:6a,61,6a,67,67,67,6c,70,70,69,65,67,61,67,
6a,62,6b,6d,63,6c,00,f4
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]
"value"="?\09\05\09\0c\15\0b?"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(352)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
Completion time: 2013-07-07 10:39:00
ComboFix-quarantined-files.txt 2013-07-07 00:38
ComboFix2.txt 2013-06-19 08:04
.
Pre-Run: 129,409,024 bytes free
Post-Run: 126,312,448 bytes free
.
- - End Of File - - 1C6A30345B14B606BD83F62647512BFA
8F558EB6672622401DA993E1E865C861
  • 0

Advertisements

#41
Essexboy
Posted 07 July 2013 - 03:25 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Still nothing readily apparent

ESET Online Scanner:

Note: The below instructions relate to running the scan with Google Chrome only. You will need to disable your current installed Anti-Virus for the duration of the online scan, how to do so can be read here.

  • Please go here to run the scan...
  • In the window that now appears called Launch ESET Online Scanner
  • Double-click on esetsmartinstaller_enu.exe to download the ESET Smart Installer
  • Then in the lower left hand corner of the browser window double click on Posted Image >> follow the prompts
  • In the new window that appears select the option YES, I accept the Terms of Use then click on Start
  • Now in the Computer scan settings window that appears:-
  • Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Start
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do nottouch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
  • 0

#42
Bulljoe
Posted 07 July 2013 - 08:59 PM

Bulljoe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I had a lot of trouble logging on to today.
It took a few "The Connection Has Timed Out" before I could log in to Geeks to Go.
Eventually got on and ran the scan.
It took a long time to process...after 30mins it seemed stuck at 5%
Anyway, here it is:-



ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=59153c04536d87479a4ed13049a1e610
# engine=14310
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-07-08 02:48:09
# local_time=2013-07-08 12:48:09 (+1000, AUS Eastern Standard Time)
# country="Australia"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# scanned=236919
# found=9
# cleaned=0
# scan_time=12969
sh=B310E48B006E13F32CF85BD62F52BB75F2A6C239 ft=1 fh=a16dfddb6afdedb2 vn="a variant of Win32/Bundled.Toolbar.Ask.C application" ac=I fn="C:\Documents and Settings\All Users\Application Data\YouTube Downloader\ytd_installer.exe"
sh=EDBC970F3BE764FAE6B923FB291D54896907A505 ft=1 fh=b85d5a55c3b2ad44 vn="Win32/Adware.RK.AP application" ac=I fn="C:\Documents and Settings\User\My Documents\DOWNLOADS\minicadviewer_setup.exe"
sh=09C4972395A181FA9B804021198B8DCC4BA38B3A ft=1 fh=5913a407fc9b2fbe vn="a variant of Win32/SoftonicDownloader.E application" ac=I fn="C:\Documents and Settings\User\My Documents\DOWNLOADS\SoftonicDownloader_for_xvid4psp.exe"
sh=FA6135074EC0662B8A9D616B3A91DFC85DF28780 ft=1 fh=8448a62bdab78d9f vn="a variant of Win32/Bundled.Toolbar.Ask.C application" ac=I fn="C:\Documents and Settings\User\My Documents\DOWNLOADS\YTDSetup.exe"
sh=890368473ECBC404DCD42FF0C6C38397102F59C0 ft=1 fh=4c7db45bf4256cb3 vn="Win32/PrcView application" ac=I fn="C:\MGtools\Process.exe"
sh=D27E2702D5F982F01073C6D10ECE06214ACDB1EC ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2010-4452.I trojan" ac=I fn="C:\Program Files\jv16 PowerTools 2011\Backups\0001B4\1961d67c-5ba8febb"
sh=1B5A0EDA220589D373CB4E7B675CC93F2AF22D45 ft=0 fh=0000000000000000 vn="a variant of Win32/SweetIM.F application" ac=I fn="C:\WINDOWS\Installer\b96d41.msi"
sh=DEDED3A329BE163C2EEB5977273125059B2DAC84 ft=0 fh=0000000000000000 vn="a variant of Win32/Keygen.AD application" ac=I fn="H:\SOFTWARE\~Bigasoft Total Video Converter 3.7.35.4822 + Keygen\~Bigasoft Total Video Converter 3.7.35.4822 + Keygen.tgz"
sh=7015AA43F5557896CE3B669633CAA7415D49B024 ft=1 fh=58332b8b925b5f47 vn="a variant of Win32/Keygen.AD application" ac=I fn="H:\SOFTWARE\~Bigasoft Total Video Converter 3.7.35.4822 + Keygen\Get Your Software Here\Keygen\keygen.exe"
  • 0

#43
Essexboy
Posted 08 July 2013 - 07:07 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Use of keygens does not help, they are an ideal vector for malware H:\SOFTWARE\~Bigasoft Total Video Converter 3.7.35.4822 + Keygen

But at the moment I am at a loss at what is slowing your net connections down. I will go back through the entire thread and see if that reveals anything
  • 0

#44
Bulljoe
Posted 08 July 2013 - 05:37 PM

Bulljoe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Should I run ESET and check "Remove Found Threats"?
Also computer acting strangely this morning.
When I attempted to type in the Firefox/Google window, it simply opened a new tab!
Now I cannot log on at all. Not prepared to reboot before I get this reply to you.(In case I have a further problem).

PS. I will be overseas from next Sunday, due back in Sydney on August 12.
  • 0

#45
Essexboy
Posted 09 July 2013 - 07:20 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes allow ESET to delete affected files .. Nothing yet jumps out at me from my perusal
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP