Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Keylogger


  • Please log in to reply

#1
klopez7507

klopez7507

    New Member

  • Member
  • Pip
  • 2 posts

My x wife admitted to installing a keylogger on my computer......I have looked high and low for it and cannot find it.....I need to make sure I have one before I spend 2000 dollars for an investigator to get the IP/email address so I can use it in court...I know it is infested with malware but all I am interested in is the installed keylogger...just don't want to risk deleting the keylogger by dealing with the other malware....if I can just find out if she is telling me the truth..thanks in advance....below is the log file from OLT

 

 

 

OTL logfile created on: 6/26/2014 9:44:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = F:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date F...ormat: M/d/yyyy
 
3.11 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 49.92% Memory free
6.23 Gb Paging File | 4.58 Gb Available in Paging File | 73.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 171.98 Gb Free Space | 60.68% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 10.28 Gb Free Space | 70.19% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 1.19 Gb Free Space | 31.93% Space Free | Partition Type: FAT32
 
Computer Name: KYLE-PC | User Name: Kyle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/26 21:15:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\OTL(1).exe
PRC - [2014/05/28 15:37:05 | 000,179,712 | ---- | M] () -- C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfkg171.exe
PRC - [2014/05/28 15:37:05 | 000,105,472 | ---- | M] () -- C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfC.exe
PRC - [2014/05/20 11:07:50 | 003,268,080 | ---- | M] () -- C:\Users\Kyle\AppData\Local\fst_us_70\upfst_us_70.exe
PRC - [2014/05/01 07:10:03 | 003,546,128 | ---- | M] (Aztec Media Inc) -- C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe
PRC - [2014/04/25 14:14:28 | 004,101,584 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014/04/25 14:12:10 | 002,081,752 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/04/25 14:12:06 | 001,738,200 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/02/24 23:29:58 | 000,353,792 | ---- | M] () -- C:\Users\Kyle\AppData\Roaming\VOPackage\VOsrv.exe
PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.exe
PRC - [2011/07/15 01:03:00 | 000,021,488 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
PRC - [2011/02/09 17:36:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/28 15:37:05 | 000,172,544 | ---- | M] () -- C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfkg171.dll
MOD - [2014/05/28 15:37:05 | 000,105,472 | ---- | M] () -- C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfC.exe
MOD - [2014/05/20 11:07:50 | 003,268,080 | ---- | M] () -- C:\Users\Kyle\AppData\Local\fst_us_70\upfst_us_70.exe
MOD - [2014/04/25 14:11:24 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/04/25 14:11:22 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/04/25 14:11:20 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2014/05/28 11:27:51 | 000,706,560 | ---- | M] () [Auto | Running] -- C:\Program Files\002\yewimmxqbs64.exe -- (yewimmxqbs64)
SRV:64bit: - [2014/02/06 03:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/01/09 07:15:48 | 001,025,408 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/08/05 11:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 11:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2009/07/13 18:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (70e6ca8c)
SRV:64bit: - [2009/07/13 18:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009/06/28 08:41:16 | 000,042,496 | ---- | M] () [Auto | Running] -- C:\Program Files\Palm, Inc\novacom\amd64\novacomd.exe -- (NovacomD)
SRV - [2014/06/24 08:36:25 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/28 15:37:05 | 000,179,712 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfkg171.exe -- (BlockAndSurf)
SRV - [2014/05/01 07:10:03 | 003,546,128 | ---- | M] (Aztec Media Inc) [Auto | Running] -- C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe -- (SystemkService)
SRV - [2014/03/14 07:17:00 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/02/24 23:29:58 | 000,353,792 | ---- | M] () [Auto | Running] -- C:\Users\Kyle\AppData\Roaming\VOPackage\VOsrv.exe -- (VOsrv)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Running] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/11 21:15:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/07/15 01:03:00 | 000,021,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2011/07/13 07:41:52 | 000,340,976 | ---- | M] (Rovi Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2011/07/13 07:41:30 | 001,095,664 | ---- | M] (Rovi Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2011/02/09 17:36:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
DRV:64bit: - [2014/05/28 08:00:23 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/05/26 20:57:14 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}Gw64.sys -- ({0782648b-1717-4fef-ac58-8cb3ce03adb3}Gw64)
DRV:64bit: - [2014/01/17 01:16:09 | 000,060,096 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tnetfilter2.sys -- (tnetfilter2)
DRV:64bit: - [2014/01/07 03:47:06 | 000,014,872 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/03/25 15:41:46 | 000,076,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/22 11:01:32 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:64bit: - [2012/04/09 16:27:34 | 000,352,144 | ---- | M] (EldoS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cbfs3.sys -- (cbfs3)
DRV:64bit: - [2012/04/06 18:11:16 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 08:59:55 | 000,015,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2011/10/31 16:57:50 | 008,615,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/07/20 17:58:24 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2011/07/20 14:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2011/05/24 03:00:00 | 000,055,952 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/09 01:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2011/02/09 01:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2011/02/09 01:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 02:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/07/13 10:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2010/05/23 19:47:08 | 000,164,848 | ---- | M] (Sonic Solutions) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\syscowad64v.sys -- (SysCow)
DRV:64bit: - [2009/09/03 10:59:28 | 000,054,784 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/09/03 10:37:02 | 000,067,072 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 17:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/07/13 17:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/25 16:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/27 22:55:22 | 000,132,608 | ---- | M] (Unibrain S.A.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ubohci.sys -- (ubohci)
DRV:64bit: - [2009/03/27 22:50:34 | 000,092,160 | ---- | M] (Unibrain S.A.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBUMAPI.sys -- (ubumapi)
DRV:64bit: - [2009/03/27 22:50:02 | 000,024,064 | ---- | M] (Unibrain S.A.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBSBM.sys -- (ubsbm)
DRV:64bit: - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV - [2014/05/01 07:10:05 | 000,036,240 | ---- | M] (Aztec Media Inc) [Kernel | System | Running] -- C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A9119622)
DRV - [2014/02/24 01:13:54 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\EEK\Run\cleanhlp64.sys -- (cleanhlp)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A5 55 48 50 CC FD CE 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperba...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperba...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:14326;https=127.0.0.1:14326
 
========== FireFox ==========
 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@ei.Retrogamer_4w.com/Plugin: C:\Program Files (x86)\Retrogamer_4wEI\Installr\1.bin\NP4wEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/05/10 12:29:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/24 22:22:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6E77A7BD-5C7F-51AE-7FE0-67CE2C884CC1}: C:\Program Files (x86)\BlockAndSurf-soft\171.xpi [2014/05/28 15:37:05 | 000,010,897 | ---- | M] ()
 
[2013/12/21 09:49:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Extensions
[2013/12/21 09:49:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/06/24 17:42:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\rhi909iy.default-1398194666601\extensions
[2014/06/24 17:42:13 | 000,000,000 | ---D | M] (RrSavings) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\rhi909iy.default-1398194666601\extensions\[email protected]
[2014/06/24 17:42:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\s2el6w8u.default-1399132363220\extensions
[2014/05/23 18:15:15 | 000,000,000 | ---D | M] (iCloud Bookmarks) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\s2el6w8u.default-1399132363220\extensions\[email protected]
[2014/06/24 17:42:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\s2el6w8u.default-1399132363220\extensions\[email protected]
[2014/05/10 12:29:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/10 12:29:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2014/04/26 05:09:10 | 000,450,597 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    localhost
O1 - Hosts: ::1    localhost
O1 - Hosts: 127.0.0.1    www.applian.securesites.com
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    1000gratisproben.com
O1 - Hosts: 127.0.0.1    www.1000gratisproben.com
O1 - Hosts: 127.0.0.1    1001namen.com
O1 - Hosts: 127.0.0.1    www.1001namen.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 15470 more lines...
O2:64bit: - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Program Files (x86)\Linkey\IEExtension\iedll64.dll (Aztec Media Inc)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll File not found
O2 - BHO: (RrSavings) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\Rr Savings\RrSavings.dll ()
O2 - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Program Files (x86)\Linkey\IEExtension\iedll.dll (Aztec Media Inc)
O2 - BHO: (BlockAndSurf) - {9C95F31E-E8B9-DA7F-7C77-084B531A417F} - C:\Program Files (x86)\BlockAndSurf-soft\171.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [upfst_us_70.exe] C:\Users\Kyle\AppData\Local\fst_us_70\upfst_us_70.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.9.127.107 68.116.46.115 69.144.127.53
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E47459F-657B-4CE7-8809-7D13E9141F29}: DhcpNameServer = 192.168.1.1 71.9.127.107 68.116.46.115 69.144.127.53
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll) - C:\Program Files (x86)\Linkey\IEExtension\iedll64.dll (Aztec Media Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\Linkey\IEEXTE~1\iedll.dll) - C:\Program Files (x86)\Linkey\IEExtension\iedll.dll (Aztec Media Inc)
O20 - AppInit_DLLs: (c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll) -  File not found
O20 - AppInit_DLLs: (c:\windows\syswow64\guard32.dll) -  File not found
O20 - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~1.dll) - c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O27:64bit: - HKLM IFEO\jumpflip: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\volaro: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\vonteera: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/06/24 08:19:00 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 16:01:00 | 000,000,053 | --S- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{5296ce92-9803-11e1-af6f-0026b963c378}\Shell - "" = AutoRun
O33 - MountPoints2\{5296ce92-9803-11e1-af6f-0026b963c378}\Shell\AutoRun\command - "" = Autoplay.exe -auto
O33 - MountPoints2\{fd300606-2cd0-11e1-b4e5-e1ed9caadb45}\Shell - "" = AutoRun
O33 - MountPoints2\{fd300606-2cd0-11e1-b4e5-e1ed9caadb45}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll) - C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll ()
O36 - AppCertDlls: x86 - (C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll) - C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll ()
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/26 21:33:47 | 000,000,000 | -HSD | C] -- C:\found.002
[2014/06/24 18:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/06/24 18:09:25 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/06/24 17:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rr Savings
[2014/06/24 17:34:30 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2014/06/24 17:34:13 | 000,000,000 | ---D | C] -- C:\Users\Kyle\Start Menu\Programs\Should I Remove It
[2014/06/24 17:34:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reason
[2014/06/24 08:18:29 | 000,000,000 | ---D | C] -- C:\Users\Kyle\Start Menu\Programs\SpyHunter
[2014/06/24 08:18:28 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2014/06/24 08:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/06/24 08:17:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/06/24 07:54:21 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/06/24 07:54:21 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/06/24 07:49:58 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/06/06 16:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ETTB
[2014/05/28 15:39:23 | 000,000,000 | ---D | C] -- C:\Users\Kyle\Start Menu\Programs\AnyProtect PC Backup
[2014/05/28 15:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlockAndSurf-soft
[2014/05/28 15:37:01 | 000,000,000 | ---D | C] -- C:\Users\Kyle\AppData\Local\fst_us_70
[2014/05/28 15:37:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fst_us_70
[2014/05/28 15:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeSoftToday
[2014/05/28 15:36:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Linkey
[2014/05/28 15:35:58 | 000,000,000 | ---D | C] -- C:\Users\Kyle\AppData\Roaming\Settings Manager
[2014/05/28 15:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Settings Manager
[2014/05/28 15:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\systemk
[2014/05/28 15:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
[2014/05/28 15:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2014/05/28 15:35:48 | 000,608,121 | ---- | C] (Click Me In Limited) -- C:\Users\Kyle\AppData\Local\AnyProtectScannerSetup.exe
[2014/05/28 15:35:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnyProtectEx
[2014/05/28 15:35:45 | 000,000,000 | ---D | C] -- C:\Users\Kyle\AppData\Local\StormFall
[2014/05/28 15:22:52 | 000,061,120 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}Gw64.sys
[2014/05/28 13:50:02 | 000,000,000 | ---D | C] -- C:\Users\Kyle\AppData\Roaming\VOPackage
[2014/05/28 11:37:16 | 000,000,000 | ---D | C] -- C:\ProgramData\geeksn0w
[2014/05/28 11:36:22 | 000,000,000 | ---D | C] -- C:\Users\Kyle\Start Menu\Programs\MyPC Backup
[2014/05/28 11:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014/05/28 11:36:15 | 000,000,000 | ---D | C] -- C:\Users\Kyle\AppData\Roaming\Systweak
[2014/05/28 11:36:14 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2014/05/28 11:27:52 | 000,000,000 | ---D | C] -- C:\Program Files\rrsavings
[2014/05/28 11:08:26 | 000,973,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2014/05/28 11:08:25 | 001,095,080 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2014/05/28 11:07:45 | 000,868,264 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2014/05/28 11:07:45 | 000,790,440 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2014/05/28 11:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\www.i-ekb.ru
[2014/05/28 09:39:07 | 000,000,000 | ---D | C] -- C:\Users\Kyle\AppData\Local\Macroplant_LLC
[2014/05/28 09:38:51 | 000,223,760 | ---- | C] (EldoS Corporation) -- C:\Windows\SysWow64\CbFsNetRdr3.dll
[2014/05/28 09:38:51 | 000,190,480 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\CbFsMntNtf3.dll
[2014/05/28 09:38:51 | 000,158,224 | ---- | C] (EldoS Corporation) -- C:\Windows\SysWow64\CbFsMntNtf3.dll
[2014/05/28 09:38:51 | 000,141,328 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\CbFsNetRdr3.dll
[2014/05/28 09:37:49 | 000,352,144 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\drivers\cbfs3.sys
[2014/05/28 09:37:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iExplorer
[2014/05/28 09:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iExplorer
[2014/05/28 08:42:18 | 000,000,000 | ---D | C] -- C:\Users\Kyle\SyncFolder
[2014/05/28 07:42:45 | 000,000,000 | ---D | C] -- C:\Users\Kyle\AppData\Roaming\iPubsoft
[2014/05/28 07:42:39 | 000,000,000 | ---D | C] -- C:\Users\Kyle\Documents\iPubsoft files
[2014/05/28 07:42:38 | 000,000,000 | ---D | C] -- C:\Users\Kyle\Start Menu\Programs\iPubsoft
[2014/05/28 07:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iPubsoft
[2014/05/27 21:59:14 | 000,000,000 | ---D | C] -- C:\Users\Kyle\Desktop\New folder (2)
[2012/05/29 12:45:40 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Kyle\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Kyle\Desktop\*.tmp files -> C:\Users\Kyle\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/26 21:43:45 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\BlockAndSurf Update.job
[2014/06/26 21:43:39 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\BlockAndSurf_wd.job
[2014/06/26 21:42:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/26 21:42:55 | 2507,538,432 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/26 21:39:29 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2014/06/24 22:36:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/24 18:09:33 | 000,001,381 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/06/24 17:37:24 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/24 17:37:24 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/24 17:34:15 | 000,001,271 | ---- | M] () -- C:\Users\Kyle\Desktop\Should I Remove It.lnk
[2014/06/24 17:29:20 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP3.job
[2014/06/24 17:29:20 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP2.job
[2014/06/24 17:29:11 | 005,084,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/24 09:09:15 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP1.job
[2014/06/24 08:42:16 | 000,001,198 | ---- | M] () -- C:\Users\Kyle\AppData\Roaming\aps.scan.quick.results
[2014/06/24 08:42:16 | 000,000,318 | ---- | M] () -- C:\Users\Kyle\AppData\Roaming\aps.uninstall.scan.results
[2014/06/24 08:42:02 | 000,000,000 | ---- | M] () -- C:\Users\Kyle\AppData\Roaming\aps.scan.results
[2014/06/24 08:42:01 | 000,001,047 | ---- | M] () -- C:\Users\Kyle\Desktop\AnyProtect.lnk
[2014/06/24 08:36:23 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/24 08:36:23 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/24 08:19:01 | 001,618,698 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/24 08:19:01 | 000,458,980 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/24 08:19:01 | 000,006,758 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/24 08:19:00 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014/06/24 08:18:30 | 000,002,254 | ---- | M] () -- C:\Users\Kyle\Desktop\SpyHunter.lnk
[2014/06/23 13:57:48 | 000,608,121 | ---- | M] (Click Me In Limited) -- C:\Users\Kyle\AppData\Local\AnyProtectScannerSetup.exe
[2014/06/06 15:04:23 | 000,025,462 | ---- | M] () -- C:\Windows\SysWow64\MiniDump.dmp
[2014/05/28 15:37:05 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/05/28 15:35:58 | 000,001,299 | ---- | M] () -- C:\Users\Kyle\Desktop\Continue Geeksnow.lnk
[2014/05/28 15:35:55 | 000,001,064 | ---- | M] () -- C:\Users\Kyle\Desktop\Optimizer Pro.lnk
[2014/05/28 13:50:02 | 000,001,855 | ---- | M] () -- C:\Users\Kyle\Desktop\Configure VO Package.lnk
[2014/05/28 12:37:21 | 000,054,784 | ---- | M] () -- C:\ProgramData\irecovery.exe
[2014/05/28 12:37:09 | 000,000,600 | ---- | M] () -- C:\Users\Kyle\AppData\Local\PUTTY.RND
[2014/05/28 12:37:06 | 000,000,600 | ---- | M] () -- C:\Users\Kyle\AppData\Roaming\winscp.rnd
[2014/05/28 11:36:40 | 000,001,971 | ---- | M] () -- C:\Users\Kyle\Desktop\Sync Folder.lnk
[2014/05/28 11:36:23 | 000,001,089 | ---- | M] () -- C:\Users\Kyle\Desktop\MyPC Backup.lnk
[2014/05/28 11:08:12 | 001,095,080 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2014/05/28 11:08:12 | 000,973,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2014/05/28 11:07:36 | 000,868,264 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2014/05/28 11:07:36 | 000,790,440 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2014/05/28 09:37:46 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\iExplorer.lnk
[2014/05/28 08:47:36 | 000,002,057 | ---- | M] () -- C:\Windows\wininit.ini
[2014/05/28 08:00:23 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Kyle\Desktop\*.tmp files -> C:\Users\Kyle\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/26 21:39:29 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2014/06/24 18:09:33 | 000,001,393 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/06/24 18:09:33 | 000,001,381 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/06/24 17:34:15 | 000,001,271 | ---- | C] () -- C:\Users\Kyle\Desktop\Should I Remove It.lnk
[2014/06/24 08:19:00 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/06/24 08:18:33 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2014/06/24 08:18:30 | 000,002,254 | ---- | C] () -- C:\Users\Kyle\Desktop\SpyHunter.lnk
[2014/05/28 15:39:42 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP1.job
[2014/05/28 15:39:42 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP3.job
[2014/05/28 15:39:42 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP2.job
[2014/05/28 15:39:24 | 000,001,198 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\aps.scan.quick.results
[2014/05/28 15:39:24 | 000,000,318 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\aps.uninstall.scan.results
[2014/05/28 15:39:24 | 000,000,000 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\aps.scan.results
[2014/05/28 15:39:23 | 000,001,047 | ---- | C] () -- C:\Users\Kyle\Desktop\AnyProtect.lnk
[2014/05/28 15:37:06 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\BlockAndSurf Update.job
[2014/05/28 15:37:05 | 000,000,402 | ---- | C] () -- C:\Windows\tasks\BlockAndSurf_wd.job
[2014/05/28 15:35:58 | 000,001,299 | ---- | C] () -- C:\Users\Kyle\Desktop\Continue Geeksnow.lnk
[2014/05/28 15:35:55 | 000,001,064 | ---- | C] () -- C:\Users\Kyle\Desktop\Optimizer Pro.lnk
[2014/05/28 13:50:02 | 000,001,855 | ---- | C] () -- C:\Users\Kyle\Desktop\Configure VO Package.lnk
[2014/05/28 12:37:21 | 000,054,784 | ---- | C] () -- C:\ProgramData\irecovery.exe
[2014/05/28 12:37:03 | 000,000,600 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\winscp.rnd
[2014/05/28 12:37:00 | 000,000,600 | ---- | C] () -- C:\Users\Kyle\AppData\Local\PUTTY.RND
[2014/05/28 11:36:40 | 000,001,971 | ---- | C] () -- C:\Users\Kyle\Desktop\Sync Folder.lnk
[2014/05/28 11:36:23 | 000,001,089 | ---- | C] () -- C:\Users\Kyle\Desktop\MyPC Backup.lnk
[2014/05/28 09:37:46 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\iExplorer.lnk
[2014/05/28 08:42:21 | 000,001,192 | ---- | C] () -- C:\Quarantine.reg
[2014/05/28 08:42:18 | 000,001,224 | ---- | C] () -- C:\Quarantine.lst
[2014/05/27 17:53:39 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2014/05/25 18:49:58 | 000,005,029 | ---- | C] () -- C:\ProgramData\duhwumje.zbd
[2014/04/06 15:13:35 | 000,002,112 | ---- | C] () -- C:\Users\Kyle\AppData\Local\rx_audio.Cache
[2014/03/23 07:33:09 | 000,005,120 | ---- | C] () -- C:\Users\Kyle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/01/29 22:53:25 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/01/03 15:10:23 | 000,000,161 | ---- | C] () -- C:\Windows\baseinfo.ini
[2013/12/18 16:35:02 | 000,000,037 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\WB.CFG
[2013/09/21 18:24:22 | 000,000,019 | ---- | C] () -- C:\Windows\SiglosPro.INI
[2013/09/13 04:54:09 | 000,315,866 | ---- | C] () -- C:\Users\Kyle\Chapter  1 Test.pdf
[2013/09/02 09:01:51 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013/08/13 18:58:00 | 000,000,258 | R-S- | C] () -- C:\Users\Kyle\ntuser.pol
[2013/08/11 16:53:05 | 000,022,761 | ---- | C] () -- C:\Users\Kyle\data-3.pdf
[2013/08/11 16:52:30 | 000,020,689 | ---- | C] () -- C:\Users\Kyle\data-2.pdf
[2013/08/11 16:51:47 | 000,017,451 | ---- | C] () -- C:\Users\Kyle\data-1.pdf
[2013/08/11 16:50:02 | 000,021,753 | ---- | C] () -- C:\Users\Kyle\data.pdf
[2013/06/10 10:49:27 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2013/03/25 13:37:47 | 000,002,057 | ---- | C] () -- C:\Windows\wininit.ini
[2012/08/20 17:40:41 | 000,001,536 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\Sketchpad 5 Preferences.dat
[2012/06/03 16:04:54 | 1587,720,192 | ---- | C] () -- C:\Users\Kyle\AppData\Local\~RCIso.iso
[2012/05/29 12:45:40 | 000,099,384 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\inst.exe
[2012/05/29 12:45:40 | 000,007,859 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\pcouffin.cat
[2012/05/29 12:45:40 | 000,001,167 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\pcouffin.inf
[2012/05/29 12:41:32 | 000,001,057 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\vso_ts_preview.xml
[2012/05/29 12:04:08 | 000,005,081 | ---- | C] () -- C:\ProgramData\hnbdehzc.pfe
[2012/05/19 13:36:22 | 000,000,072 | ---- | C] () -- C:\Users\Kyle\AppData\Local\rx_image32.Cache
[2012/02/09 00:54:10 | 000,001,110 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\evmanage.prf
[2011/12/31 11:32:45 | 000,003,841 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\evpro32.prf
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 188 bytes -> C:\ProgramData\TEMP:ECF54A0E
@Alternate Data Stream - 171 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:D346F792
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >
 

 


  • 0

Advertisements


#2
azarl

azarl

    GeekU Admin

  • Administrator
  • 25,203 posts

We can help you with cleaning malware, keyloggers etc. but we cannot provide you with evidence for a court of law. If you do need information from your PC, for evidentiary purposes, then you would be best locating an IT professional who is a court approved expert witness locally.

 

Sorry we can't help further, but if you want us to proceed and clean your PC, please let me know, but understand it will be on the basis of we will try and clean it only - nothing else.


  • 0

#3
klopez7507

klopez7507

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

Hi asurl....I guess I am misunderstood...I am not asking for evidence in a court of law...I just want to know if there is one on my computer....then I will pay a professional to use it in a court of law.....sorry for the confusion.

 

Kyle


  • 0

#4
azarl

azarl

    GeekU Admin

  • Administrator
  • 25,203 posts

I'm not trying to be awkward but the help we offer here is in malware removal. It could be that you have a keylogger and/or a backdoor in your PC. If such was present we would obviously warn you as part of the cleaning process so that you could change your passwords and logins.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP