[profphat]

Hi there
i was stupid enough to think that there was prob something wrong with my first computer, cos surely my computer wouldnt bootup cos i was just surfing the web right? (see my first post)

Anyways, my second computer suddenly just restarted. No warning or anything (unlike my first computer), it just restarted.

And it has now reached the same point of "verifying DMI pool data. Boot from CD:..."
But it wont load Windows XP.

I believe its certainly malware. Cos its coincidental.
I only installed AVG and zone alarm which i think it isnt enough

i cant access safe mode and i dont hav the windows cd.

please help.

[Advertisements]

Hi profphat,

If you still have OTLPE bootable CD then just do scan part . Hope we'll fix this one too.

• Download OTLPEStd.exe to your desktop
• Ensure that you have a blank CD in the drive
• Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD
• Reboot your system using the boot CD you just created.
  Note : If you do not know how to set your computer to boot from CD follow the steps here
• As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
• Your system should now display a Reatogo desktop.
  Note : as you are running from CD it is not exactly speedy
• Double-click on the OTLPE icon.
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start.
• Drag and drop this attached scan.txt into the Custom scans and fixes box
   Scan.txt   201bytes   289 downloads
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system.
• Right click the file and select send to : select the USB drive.
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\\OTL.txt file in your reply.

[maliprog]

Hi profphat,

If you still have OTLPE bootable CD then just do scan part . Hope we'll fix this one too.

• Download OTLPEStd.exe to your desktop
• Ensure that you have a blank CD in the drive
• Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD
• Reboot your system using the boot CD you just created.
  Note : If you do not know how to set your computer to boot from CD follow the steps here
• As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
• Your system should now display a Reatogo desktop.
  Note : as you are running from CD it is not exactly speedy
• Double-click on the OTLPE icon.
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start.
• Drag and drop this attached scan.txt into the Custom scans and fixes box
   Scan.txt   201bytes   289 downloads
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system.
• Right click the file and select send to : select the USB drive.
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\\OTL.txt file in your reply.

[profphat]

OTL logfile created on: 9/17/2011 3:35:40 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 2.83 Gb Free Space | 2.89% Space Free | Partition Type: NTFS
Drive D: | 97.65 Gb Total Space | 9.52 Gb Free Space | 9.75% Space Free | Partition Type: NTFS
Drive E: | 102.77 Gb Total Space | 21.75 Gb Free Space | 21.16% Space Free | Partition Type: NTFS
Drive G: | 14.92 Gb Total Space | 2.26 Gb Free Space | 15.13% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (UleadBurningHelper)
SRV - [2011/03/17 20:11:02 | 000,947,528 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/08/29 23:17:50 | 000,090,112 | ---- | M] (Clarus, Inc.) [Auto] -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe -- (SZASSIST)
SRV - [2010/04/27 01:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/16 00:11:23 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008/10/20 04:00:12 | 000,102,400 | ---- | M] (PacketVideo) [Auto] -- C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia)
SRV - [2007/03/08 13:01:58 | 000,075,568 | ---- | M] (Zone Labs, LLC) [Auto] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2006/08/30 14:21:33 | 000,585,728 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/03/08 23:48:22 | 000,235,168 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2006/03/08 23:48:08 | 000,087,712 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2006/03/08 23:47:58 | 000,255,648 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/09/30 07:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Auto] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005/04/04 23:17:22 | 000,206,552 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/01/25 09:48:50 | 000,194,272 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/11/02 04:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2004/04/22 23:04:16 | 000,158,848 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2003/06/24 06:23:10 | 000,066,784 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe -- (SBService)
SRV - [2002/08/13 18:03:00 | 000,135,168 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE -- (NProtectService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/08/11 05:18:08 | 000,070,512 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Clarus\Samsung SecretZone\mvd22.sys -- (mvd22)
DRV - [2010/08/11 05:15:48 | 000,018,288 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Clarus\Samsung SecretZone\mdf16.sys -- (mdf16)
DRV - [2010/02/26 02:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 02:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 02:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 02:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 02:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/02/26 02:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/08/16 00:11:44 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/16 00:11:44 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/26 06:33:59 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/08/25 22:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/18 04:00:00 | 000,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070829.009\NAVEX15.SYS -- (NAVEX15)
DRV - [2007/07/18 04:00:00 | 000,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070829.009\NAVENG.SYS -- (NAVENG)
DRV - [2007/03/08 13:02:10 | 000,394,192 | ---- | M] (Zone Labs, LLC) [Kernel | System] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/01/29 06:26:24 | 000,984,832 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2007/01/17 18:39:20 | 000,050,416 | ---- | M] (Zone Labs, LLC) [Kernel | Boot] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2006/09/15 10:52:12 | 000,124,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2006/08/30 14:21:33 | 000,002,397 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/07/29 07:11:23 | 000,030,601 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006/05/04 04:13:52 | 004,271,616 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/03/15 02:10:04 | 001,048,960 | ---- | M] (Compro Tech.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VMHybrid.sys -- (VMHybrid)
DRV - [2005/11/16 04:08:16 | 000,078,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTL8023xp)
DRV - [2005/08/30 05:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005/08/30 05:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005/08/30 05:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005/08/29 13:49:38 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2005/08/29 13:49:34 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2005/08/29 13:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2005/04/07 05:18:34 | 000,003,840 | ---- | M] () [Kernel | System] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2005/04/04 23:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2005/04/04 23:17:00 | 000,017,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2005/01/25 09:48:52 | 000,305,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/01/25 09:48:52 | 000,037,000 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Norton AntiVirus\savrtpel.sys -- (SAVRTPEL)
DRV - [2004/08/22 04:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\d347prt.sys -- (d347prt)
DRV - [2004/08/22 04:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\d347bus.sys -- (d347bus)
DRV - [2004/08/10 21:27:52 | 000,027,232 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004/08/03 11:04:34 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2004/08/03 10:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2003/12/06 11:50:52 | 000,005,513 | ---- | M] () [File_System | Auto] -- C:\WINDOWS\system32\drivers\mp3m2pls.sys -- (mp3m2pls)
DRV - [2002/08/13 18:03:00 | 000,034,578 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NPDRIVER.SYS -- (NPDriver)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\martin_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKU\martin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\martin_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\martin_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\martin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\martin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/12/22 23:17:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2011/07/02 23:58:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/04/12 10:06:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/31 22:16:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/10 10:05:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/04/12 10:06:26 | 000,000,000 | ---D | M]

[2011/05/10 09:58:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/03 10:31:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/08/31 22:16:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/15 08:20:18 | 001,034,544 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2010/04/12 05:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/10 10:04:51 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/05/10 10:04:51 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/10 10:04:51 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/05/10 10:04:51 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/05/10 10:04:51 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2001/08/23 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\martin_ON_C\..\Toolbar\ShellBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\martin_ON_C\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKU\martin_ON_C\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe Photo Downloader] File not found
O4 - HKLM..\Run: [Advanced Tools Check] C:\Program Files\Norton AntiVirus\AdvTools\AdvChk.exe (Symantec Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME)
O4 - HKLM..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe ()
O4 - HKLM..\Run: [DVD or CD Sharing] C:\Program Files\DVD or CD Sharing\ODSAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [EPSON Stylus Photo R310 Series] File not found
O4 - HKLM..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe ()
O4 - HKLM..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SMSERIAL] File not found
O4 - HKLM..\Run: [Symantec NetDriver Monitor] C:\Program Files\SymNetDrv\SNDMon.exe (Symantec Corporation)
O4 - HKLM..\Run: [UIUCU] C:\Documents and Settings\martin\Local Settings\Temp\UIUCU.EXE (Conexant Systems, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKU\martin_ON_C..\Run: [] File not found
O4 - HKU\martin_ON_C..\Run: [Search Protection] File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [avg_spchecker] C:\Program Files\AVG\AVG8\Notification\SPChecker.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\martin\Start Menu\Programs\Startup\Shortcut to utorrent.lnk = File not found
O4 - Startup: C:\Documents and Settings\martin\Start Menu\Programs\Startup\Warner Bros.lnk = File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\martin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\martin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/30 06:20:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/08/26 00:35:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martin\My Documents\Turbo Lister
[2006/08/30 22:46:25 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2006/08/30 22:46:25 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/03 23:18:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/03 22:27:12 | 000,000,000 | ---- | M] () -- C:\mediasample.bin
[2011/09/03 22:25:07 | 082,773,569 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/09/03 22:22:42 | 000,050,257 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/09/03 22:22:25 | 000,049,616 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/09/03 22:22:13 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/09/03 08:28:35 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\martin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/03 06:09:44 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/09/02 10:08:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/30 10:35:02 | 023,403,669 | ---- | M] () -- C:\Documents and Settings\martin\Desktop\Chris Brown & Benny Benassi - Beautiful People - YouTube.flv
[2011/08/19 08:00:00 | 000,000,532 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/30 10:32:20 | 023,403,669 | ---- | C] () -- C:\Documents and Settings\martin\Desktop\Chris Brown & Benny Benassi - Beautiful People - YouTube.flv
[2011/01/23 00:20:07 | 000,015,000 | ---- | C] () -- C:\Documents and Settings\martin\Application Data\302E.AD5
[2010/10/25 09:00:39 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2010/07/20 01:20:50 | 000,002,140 | ---- | C] () -- C:\WINDOWS\photoimpression.ini
[2010/07/20 01:19:54 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2010/07/20 01:10:32 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2010/07/20 01:10:32 | 000,003,136 | ---- | C] () -- C:\WINDOWS\Ade001.bin
[2010/07/20 01:10:32 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini
[2010/07/20 01:10:32 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini
[2010/07/20 01:10:32 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2010/03/19 21:02:06 | 000,052,884 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/15 10:31:30 | 006,664,208 | ---- | C] () -- C:\WINDOWS\System32\dvdripcore.dll
[2010/03/15 10:31:28 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2009/08/17 02:07:16 | 000,000,032 | ---- | C] () -- C:\WINDOWS\VCatKey.INI
[2009/04/08 10:01:52 | 001,954,520 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/02/01 00:46:32 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\martin\Local Settings\Application Data\kodakpcd.ini
[2009/01/14 09:05:38 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2008/10/08 04:50:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2008/10/08 04:50:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2008/03/17 10:10:02 | 001,355,899 | ---- | C] () -- C:\WINDOWS\UnInstallNetCommADSL.dll
[2007/08/30 08:27:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2007/08/30 08:18:59 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/05/23 00:56:41 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2007/05/19 06:11:18 | 000,000,046 | ---- | C] () -- C:\WINDOWS\VID_DirectX.INI
[2007/04/12 10:41:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcf.INI
[2007/04/01 11:52:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/04/01 11:52:07 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2007/04/01 11:51:28 | 000,002,937 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/03/24 05:19:12 | 000,000,347 | ---- | C] () -- C:\Documents and Settings\martin\Application Data\AutoGK.ini
[2007/03/24 04:55:01 | 000,043,153 | ---- | C] () -- C:\WINDOWS\System32\xvid-uninstall.exe
[2007/03/15 09:53:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2007/03/15 09:53:45 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2007/03/15 07:20:40 | 000,000,906 | ---- | C] () -- C:\Documents and Settings\martin\.plugin141_02.trace
[2007/03/14 08:40:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDER310E.ini
[2006/10/15 10:47:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2006/09/14 01:26:38 | 000,000,034 | ---- | C] () -- C:\WINDOWS\APPGUIDE.INI
[2006/09/08 05:25:49 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2006/09/03 10:09:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/08/31 21:48:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/08/31 21:11:14 | 000,005,513 | ---- | C] () -- C:\WINDOWS\System32\drivers\mp3m2pls.sys
[2006/08/31 01:03:26 | 000,001,162 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2006/08/31 00:24:03 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\martin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/08/30 23:13:26 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/08/30 22:08:29 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2006/08/30 22:08:18 | 000,796,584 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2006/08/30 14:21:33 | 000,002,397 | ---- | C] () -- C:\WINDOWS\System32\drivers\symlcbrd.sys
[2006/08/30 14:15:59 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/30 14:13:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/08/30 14:11:39 | 000,255,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/08/30 14:06:42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006/08/30 13:58:24 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/08/30 13:58:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/08/30 06:21:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/08/30 06:18:01 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/08/16 10:13:34 | 001,382,280 | ---- | C] () -- C:\WINDOWS\System32\fftw3.dll
[2006/06/21 00:09:56 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/21 00:09:56 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/06/21 00:09:56 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/06/21 00:09:54 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/06/21 00:09:54 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/06/21 00:09:54 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/06/21 00:09:54 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/21 00:09:54 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/06/21 00:09:54 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/06/21 00:09:54 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/21 00:09:52 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2005/12/09 05:48:02 | 000,843,776 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/12/05 01:59:58 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/08/12 17:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2004/10/05 18:37:20 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2004/08/22 05:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004/08/02 02:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/05/20 11:50:14 | 001,537,536 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-hi.dll
[2004/04/04 14:09:56 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-lo.dll
[2003/08/07 15:01:50 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2003/01/07 03:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/24 08:40:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\ac3encode.dll
[2002/10/15 18:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/08/28 23:57:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/07/08 00:44:12 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\Uninstall.exe
[2002/06/27 23:48:26 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\CSUninstall.exe
[2002/03/26 08:18:27 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002/03/06 11:19:16 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2001/08/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 08:00:00 | 000,440,682 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 08:00:00 | 000,070,704 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1998/10/10 12:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll

========== LOP Check ==========

[2009/06/26 06:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVGTOOLBAR
[2009/06/02 05:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\AVGTOOLBAR
[2011/08/31 11:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\BitComet
[2011/03/09 10:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Canon
[2010/11/15 01:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1
[2007/08/30 08:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\ConvertTemp
[2007/04/02 10:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Dr. DivX 2.0 OSS
[2010/03/19 06:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\FreeAudioPack
[2011/01/30 06:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\FrostWire
[2007/11/11 00:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\FunWebProducts
[2010/03/03 13:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\HandBrake
[2011/05/03 22:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\ImgBurn
[2006/09/29 02:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\InterVideo
[2008/05/18 03:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Leadertech
[2007/05/10 09:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Mp3tag
[2010/04/12 10:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Nokia
[2010/04/12 10:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Nokia Ovi Suite
[2009/04/09 23:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Nseries
[2010/04/12 09:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\PC Suite
[2010/03/16 21:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Red Kawa
[2010/03/04 10:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\RipIt4Me
[2010/11/15 21:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Samsung
[2007/03/27 22:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Seven Zip
[2007/08/30 08:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Temporary
[2007/08/30 08:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\TransRender
[2011/09/03 23:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\uTorrent
[2011/04/23 10:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2009/12/05 11:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deskshare
[2007/09/06 06:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2010/07/25 01:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/04/09 12:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/04/08 10:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2010/03/14 01:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2010/04/12 09:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/08/03 06:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2007/03/14 08:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010/07/19 02:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2007/03/27 22:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{4588FC3C-C040-44E3-BB19-D9D014557FE1}
[2010/03/18 07:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2005/10/31 11:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe


< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/03 12:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004/08/03 12:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2002/08/28 23:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2001/08/23 08:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2004/08/03 12:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004/08/03 12:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/03 12:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004/08/03 12:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[2002/08/28 23:41:28 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/03 12:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004/08/03 12:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2002/08/28 23:41:28 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/08/31 22:16:15 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/08/31 22:16:15 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/08/31 22:16:15 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/08/31 22:16:19 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/08/31 22:16:19 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/08/31 22:16:19 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2004/08/03 12:56:58 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2004/08/03 12:56:58 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2004/08/03 12:56:58 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "%programfiles%\Internet Explorer\iexplore.exe" [2004/08/03 12:56:52 | 000,093,184 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/06/27 12:38:40 | 000,094,208 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/11/03 07:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/11/03 07:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/11/03 07:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/11/03 07:11:24 | 002,388,264 | ---- | M] (Apple Inc.)

< CREATERESTOREPOINT >

========== Files - Unicode (All) ==========
[2010/09/20 03:14:50 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\martin\My Documents\~$NG M?.doc) -- C:\Documents and Settings\martin\My Documents\~$NG MẸ.doc
[2010/09/20 03:14:50 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\martin\My Documents\~$NG M?.doc) -- C:\Documents and Settings\martin\My Documents\~$NG MẸ.doc
[2010/03/01 23:34:14 | 000,024,064 | ---- | M] ()(C:\Documents and Settings\martin\My Documents\M?y bài hát dã tìm du?c sau dây.doc) -- C:\Documents and Settings\martin\My Documents\Mấy bài hát đã tìm được sau đây.doc
[2010/02/19 23:23:17 | 000,024,064 | ---- | M] ()(C:\Documents and Settings\martin\My Documents\LÒNG M?.doc) -- C:\Documents and Settings\martin\My Documents\LÒNG MẸ.doc
[2009/10/25 14:44:46 | 000,024,064 | ---- | C] ()(C:\Documents and Settings\martin\My Documents\LÒNG M?.doc) -- C:\Documents and Settings\martin\My Documents\LÒNG MẸ.doc
[2009/09/14 03:53:37 | 000,024,064 | ---- | C] ()(C:\Documents and Settings\martin\My Documents\M?y bài hát dã tìm du?c sau dây.doc) -- C:\Documents and Settings\martin\My Documents\Mấy bài hát đã tìm được sau đây.doc

========== Alternate Data Streams ==========

@Alternate Data Stream - 40 bytes -> C:\WINDOWS\system32:a55f1216.zreglib
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:96C6A6062CF55019
< End of report >

[maliprog]

Hi profphat,

Sorry for delay...

Start OTLPE as you did previously from CD
Copy the attached Fix.txt to a USB

• Insert your USB drive with fix.txt on it
• Start OTLPE
• Drag and drop fix.txt into the Custom scans and fixes box
  
  • If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done to normal mode if possible

Attached Files

•  Fix.txt   256bytes   259 downloads

[profphat]

Hey Maliprog
It didnt work
Heres the results

[profphat]

Hey Maliprog
It didnt work
Heres the results

Attached Files

•  09202011_013600.log   908bytes   250 downloads

[maliprog]

New we will try fix that worked last time. Let me know results after the fix.

Please start OTLPE
Double-click on the MBRFix icon, a command window will open


In the command window type in the following lines and press enter after each:

MbrFix  /drive  0  savembr  C:\Backup_MBR_0.bin

then enter this line:

MbrFix  /drive  0  fixmbr  /yes

Try and reboot normally into your computer.

[profphat]

Yep MBRfix fixed it again!
woohoo

[maliprog]

We need to be sure that infection won't come back. Please run AVP tool and post log here for me.

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right



Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan


Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post

[profphat]

Kasperky detected a trojan.
should i delete or skip?

[maliprog]

As I sad in AVP instruction... remove all detections. Remove everything AVP finds.

[profphat]

here u go

Attached Files

•  0911.txt   386bytes   246 downloads

[maliprog]

I think we got it! How is your system now? Any problems?

[profphat]

No problems
slightly slower startup.
thanks once again

[maliprog]

Hi profphat,

Your logs and system are clean now. I'm glad we fix up your computer. We need to clean up your PC from programs we used.

Step 1

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end. Remove all other application we used to clean your PC.

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Enable Windows Update

• Click Start, click Run, type sysdm.cpl, and then press ENTER.
• Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them option.
• Click OK button

2. Delete Temp files

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

3. Make Backups of Important Files

Please read this article Home Computer Data Backup.


4. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.