Possible virus and malware help needed.
Welcome, Guest. Please login or register. Did you miss your activation email?


Britec Computer Tech Help Support Forums  « Virus Removal « Virus/Trojan/Spyware/Malware « Possible virus and malware help needed.
Pages: [1]
« previous next »
  Print  
Author Topic: Possible virus and malware help needed.  (Read 438 times)
kmac_24
Newbie
*
Posts: 11


View Profile
« on: September 24, 2011, 06:37:27 PM »
I've posted in windows xp support but I want to make sure that I cover myself before I follow the steps there..  I'm working on a friend computer and he had advise me that was downloading a program and computer went haywire.  The screen is not at full length, no icon's on desktop, no task bar.  I can't right click or left click to get any options.  I have to access any and everything through task manager.  The last options that i was given in xp support was to reinstall windows but I want to make sure there is no virus or other malware that I missed so please forgive me.   I attached all logs below.


OTL logfile created on: 9/24/2011 6:58:48 PM - Run 1
OTL by OldTimer - Version 3.2.29.1     Folder = C:\Documents and Settings\Station 2\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 78.81% Memory free
3.84 Gb Paging File | 3.61 Gb Available in Paging File | 93.99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 118.78 Gb Free Space | 79.69% Space Free | Partition Type: NTFS
 
Computer Name: USER-B5ADE2BF47 | User Name: Station 2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/09/24 18:56:48 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Station 2\Desktop\OTL.exe
PRC - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/05/11 12:08:26 | 000,107,856 | ---- | M] () -- C:\Program Files\Clearwire\Connection Manager\DeviceLaunchSvc.exe
PRC - [2010/06/17 15:55:10 | 000,398,848 | ---- | M] () -- C:\Program Files\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2006/04/13 13:36:36 | 000,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006/03/14 14:30:16 | 000,593,920 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\SpTNA.exe
PRC - [2006/03/10 15:41:42 | 000,131,072 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
PRC - [2005/11/29 18:51:04 | 000,099,872 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/09/24 13:31:08 | 001,576,960 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11092401\algo.dll
MOD - [2011/09/23 11:41:29 | 000,212,640 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11092401\aswRep.dll
MOD - [2011/09/21 11:40:38 | 001,572,864 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11092101\algo.dll
MOD - [2011/09/20 11:20:03 | 000,212,640 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11092101\aswRep.dll
MOD - [2011/05/11 12:08:50 | 000,451,920 | ---- | M] () -- C:\Program Files\Clearwire\Connection Manager\libxvi010.dll
MOD - [2011/05/11 12:08:26 | 000,107,856 | ---- | M] () -- C:\Program Files\Clearwire\Connection Manager\DeviceLaunchSvc.exe
MOD - [2010/06/17 15:55:10 | 000,398,848 | ---- | M] () -- C:\Program Files\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe
MOD - [2006/02/28 14:39:02 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2006/02/28 14:39:02 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006/02/28 14:39:02 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2005/05/20 17:42:20 | 000,010,752 | ---- | M] () -- C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/05/11 12:08:34 | 000,120,144 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\Clearwire\Connection Manager\RcAppSvc.exe -- (CLEARWIRERcAppSvc)
SRV - [2011/05/11 12:08:26 | 000,107,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Clearwire\Connection Manager\DeviceLaunchSvc.exe -- (SMSI Device Launch Service)
SRV - [2010/06/17 15:55:10 | 000,398,848 | ---- | M] () [Auto | Running] -- C:\Program Files\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe -- (clearwireDeviceDiagnosticsService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/04/13 13:36:36 | 000,176,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2005/11/29 18:51:04 | 000,099,872 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE -- (PersonalSecureDriveService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/09/06 15:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 15:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 15:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 15:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 15:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 15:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 15:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/04/01 05:52:22 | 000,340,480 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drxvi314.sys -- (bcm)
DRV - [2011/04/01 05:52:20 | 000,048,768 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BcmBusCtr.sys -- (bcmbusctr)
DRV - [2010/08/05 07:55:24 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2010/08/05 00:44:24 | 000,039,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/08/21 23:49:58 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008/08/21 23:49:22 | 000,018,688 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/11/21 13:57:36 | 000,113,792 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2006/11/09 10:09:24 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2006/11/09 10:09:20 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2006/10/28 00:29:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2006/10/05 16:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2006/05/26 07:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/02/28 15:35:56 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/02/26 04:43:00 | 001,428,480 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006/02/21 18:32:32 | 000,226,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2005/11/29 18:50:58 | 000,036,768 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\psd.sys -- (PersonalSecureDrive)
DRV - [2005/10/21 11:19:34 | 000,036,352 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2005/10/18 16:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/10/18 16:52:34 | 000,202,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/10/18 16:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/10/17 08:43:00 | 000,241,408 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/11/22 14:31:10 | 000,108,767 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/06/18 16:12:50 | 000,071,961 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyPI.sys -- (SPI)
DRV - [2000/12/05 16:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 19:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
FF - prefs.js..extensions.enabledItems: firefox@facebook.com:1.7.3
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1289
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/08 15:17:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/10 16:14:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/10 16:14:56 | 000,000,000 | ---D | M]
 
[2011/02/16 17:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Station 2\Application Data\Mozilla\Extensions
[2011/09/24 16:35:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Station 2\Application Data\Mozilla\Firefox\Profiles\a5k70sea.default\extensions
[2011/09/08 17:17:26 | 000,000,000 | ---D | M] (Facebook Toolbar) -- C:\Documents and Settings\Station 2\Application Data\Mozilla\Firefox\Profiles\a5k70sea.default\extensions\firefox@facebook.com
[2011/09/24 16:35:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/13 11:11:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/09/08 15:17:53 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/09/13 11:11:04 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/09/01 13:04:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/09/10 22:59:51 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2011/09/11 00:13:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Clearwire Connection Manager] C:\Program Files\Clearwire\Connection Manager\ClearwireCM.exe (ClearwireCM)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [BIBLauncher] C:\Program Files\Business-in-a-Box\BIBLauncher.exe ()
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [ZipScript] C:\Program Files\WORDsearch 8\ZipScript.exe (WORDsearch Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://l.yimg.com/jh/games/web_games/popcap/chuzzle/popcaploader_v6.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3F200AC-0087-4B43-B545-6BD9EA225321}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (eexplorer.exe) -C:\WINDOWS\eexplorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\IfxWlxEN: DllName - (IfxWlxEN.dll) - C:\WINDOWS\System32\IfxWlxEN.dll (Infineon Technologies AG)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Station 2\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Station 2\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/06 07:15:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /A:* /L:1033 /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /dir:C:\Program)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/09/24 18:56:46 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Station 2\Desktop\OTL.exe
[2011/09/20 21:29:05 | 000,347,944 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Station 2\Desktop\MicrosoftFixit-portable.exe
[2011/09/20 21:08:02 | 076,692,368 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Station 2\Desktop\msert.exe
[2011/09/13 19:54:33 | 001,033,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\eexplorer.exe
[2011/09/13 11:11:07 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/09/13 11:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Softwin
[2011/09/11 19:51:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/09/11 12:28:14 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2011/09/11 00:03:33 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/09/10 23:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/09/10 23:00:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/09/10 23:00:06 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/09/10 23:00:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/09/10 23:00:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/09/10 23:00:06 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/09/10 22:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/09/10 22:57:37 | 016,897,824 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Station 2\Desktop\jre-6u27-windows-i586.exe
[2011/09/10 22:00:59 | 000,028,672 | ---- | C] (Doug Knox MS-MVP) -- C:\Documents and Settings\Station 2\Desktop\MessengerDisable.exe
[2011/09/10 20:37:17 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Station 2\Desktop\aswMBR.exe
[2011/09/10 16:24:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/09/10 16:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/09/10 16:23:43 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/09/10 16:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/09/10 16:14:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/09/10 16:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/09/10 16:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/09/08 22:05:26 | 000,000,000 | ---D | C] -- C:\MGTools
[2011/09/08 21:46:03 | 000,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Station 2\Desktop\RootRepeal.exe
[2011/09/08 21:45:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Station 2\Start Menu\Programs\WinRAR
[2011/09/08 21:45:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/09/08 21:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/09/08 19:33:52 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/09/08 19:31:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/09/08 19:31:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/09/08 19:31:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/09/08 19:31:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/09/08 19:31:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/08 19:31:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/08 19:31:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Station 2\Start Menu\Programs\Administrative Tools
[2011/09/08 15:57:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Station 2\Recent
[2011/09/08 15:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/09/08 15:54:02 | 003,480,352 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Station 2\Desktop\ccsetup310.exe
[2011/09/08 15:37:48 | 004,201,507 | R--- | C] (Swearware) -- C:\Documents and Settings\Station 2\Desktop\ComboFix.exe
[2011/09/08 15:37:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Station 2\Application Data\Malwarebytes
[2011/09/08 15:37:19 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/09/08 15:37:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/08 15:37:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/09/08 15:37:16 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/08 15:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/08 15:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Station 2\Application Data\SUPERAntiSpyware.com
[2011/09/08 15:32:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/09/08 15:32:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/09/08 15:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/09/08 15:29:22 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/09/08 15:18:11 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/08 15:18:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/09/08 15:18:10 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/08 15:18:08 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/08 15:18:07 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/08 15:18:07 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/08 15:18:06 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/08 15:18:06 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/08 15:18:05 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/09/08 15:17:51 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/08 15:17:50 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/08 15:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/08 15:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 05:17:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/09/24 18:56:48 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Station 2\Desktop\OTL.exe
[2011/09/24 17:19:00 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/24 16:24:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/24 16:24:45 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/09/24 16:24:44 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/24 16:12:17 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/20 21:29:05 | 000,347,944 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Station 2\Desktop\MicrosoftFixit-portable.exe
[2011/09/20 21:23:33 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Station 2\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/09/20 21:14:11 | 076,692,368 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Station 2\Desktop\msert.exe
[2011/09/20 20:37:40 | 000,000,262 | ---- | M] () -- C:\iconfix.reg
[2011/09/14 10:25:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/13 23:47:11 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/11 13:03:42 | 000,000,509 | ---- | M] () -- C:\Documents and Settings\Station 2\Desktop\contextmenu.reg
[2011/09/11 12:34:02 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Station 2\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/09/11 00:13:38 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/09/10 23:07:08 | 000,147,044 | ---- | M] () -- C:\MGlogs.zip
[2011/09/10 22:59:49 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/09/10 22:59:49 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/09/10 22:59:49 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/09/10 22:59:49 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/09/10 22:59:49 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/09/10 22:58:17 | 016,897,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Station 2\Desktop\jre-6u27-windows-i586.exe
[2011/09/10 22:53:43 | 004,201,507 | R--- | M] (Swearware) -- C:\Documents and Settings\Station 2\Desktop\ComboFix.exe
[2011/09/10 22:01:00 | 000,028,672 | ---- | M] (Doug Knox MS-MVP) -- C:\Documents and Settings\Station 2\Desktop\MessengerDisable.exe
[2011/09/10 21:19:28 | 000,684,297 | ---- | M] () -- C:\Documents and Settings\Station 2\Desktop\unhide.exe
[2011/09/10 20:51:23 | 002,419,835 | ---- | M] () -- C:\MGtools.exe
[2011/09/10 20:50:04 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Station 2\Desktop\MBR.dat
[2011/09/10 20:47:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/10 20:37:17 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Station 2\Desktop\aswMBR.exe
[2011/09/10 18:41:12 | 000,226,945 | ---- | M] () -- C:\Documents and Settings\Station 2\Local Settings\Application Data\census.cache
[2011/09/10 18:41:07 | 000,181,387 | ---- | M] () -- C:\Documents and Settings\Station 2\Local Settings\Application Data\ars.cache
[2011/09/10 18:33:57 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Station 2\Local Settings\Application Data\housecall.guid.cache
[2011/09/10 16:24:44 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/09/10 16:14:44 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/09/09 04:12:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/08 22:07:34 | 000,094,208 | ---- | M] () -- C:\Documents and Settings\Station 2\Desktop\XPHomeFiles.exe
[2011/09/08 21:46:27 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Station 2\Desktop\settings.dat
[2011/09/08 21:44:19 | 001,448,993 | ---- | M] () -- C:\Documents and Settings\Station 2\Desktop\wrar401.exe
[2011/09/08 19:33:59 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/09/08 16:34:31 | 000,436,276 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/08 16:34:31 | 000,069,006 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/09/08 15:54:50 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/09/08 15:54:03 | 003,480,352 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Station 2\Desktop\ccsetup310.exe
[2011/09/08 15:37:19 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/08 15:32:47 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/08 15:29:23 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/09/08 15:27:35 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Station 2\defogger_reenable
[2011/09/08 15:18:11 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/09/06 15:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/06 15:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/06 15:38:05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/06 15:37:53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/06 15:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/06 15:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/06 15:36:23 | 000,110,552 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/06 15:36:20 | 000,104,536 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/06 15:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/06 15:33:11 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/09/20 21:19:09 | 000,176,128 | ---- | C] () -- C:\Documents and Settings\Station 2\Desktop\TaskbarRepairToolPlus!.exe
[2011/09/20 20:37:37 | 000,000,262 | ---- | C] () -- C:\iconfix.reg
[2011/09/11 13:03:41 | 000,000,509 | ---- | C] () -- C:\Documents and Settings\Station 2\Desktop\contextmenu.reg
[2011/09/10 21:19:28 | 000,684,297 | ---- | C] () -- C:\Documents and Settings\Station 2\Desktop\unhide.exe
[2011/09/10 20:52:00 | 000,147,044 | ---- | C] () -- C:\MGlogs.zip
[2011/09/10 20:51:23 | 002,419,835 | ---- | C] () -- C:\MGtools.exe
[2011/09/10 20:50:04 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Station 2\Desktop\MBR.dat
[2011/09/10 18:41:12 | 000,226,945 | ---- | C] () -- C:\Documents and Settings\Station 2\Local Settings\Application Data\census.cache
[2011/09/10 18:41:07 | 000,181,387 | ---- | C] () -- C:\Documents and Settings\Station 2\Local Settings\Application Data\ars.cache
[2011/09/10 18:33:57 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Station 2\Local Settings\Application Data\housecall.guid.cache
[2011/09/10 16:24:44 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/09/10 16:14:44 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/09/08 22:07:33 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\Station 2\Desktop\XPHomeFiles.exe
[2011/09/08 21:46:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Station 2\Desktop\settings.dat
[2011/09/08 21:44:19 | 001,448,993 | ---- | C] () -- C:\Documents and Settings\Station 2\Desktop\wrar401.exe
[2011/09/08 19:33:59 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/09/08 19:33:57 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/09/08 19:31:35 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/09/08 19:31:35 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/08 19:31:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/09/08 19:31:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/09/08 19:31:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/08 16:37:12 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/09/08 15:54:50 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/09/08 15:37:19 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/08 15:32:47 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/08 15:27:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Station 2\defogger_reenable
[2011/09/08 15:18:11 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/06/24 17:10:56 | 000,000,273 | ---- | C] () -- C:\WINDOWS\System32\initparams.ini
[2011/02/26 13:13:13 | 000,039,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2011/02/16 10:07:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/13 18:59:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Station 2\Application Data\bibstats
[2010/10/08 22:16:21 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2010/10/08 22:15:57 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2010/10/08 22:12:24 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2010/10/08 22:11:58 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2010/10/08 22:07:03 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2010/05/06 12:44:52 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/11 20:34:10 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Station 2\Local Settings\Application Data\fusioncache.dat
[2010/02/11 20:14:50 | 000,112,924 | ---- | C] () -- C:\WINDOWS\hpoins07.dat.temp
[2010/02/11 20:14:50 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat.temp
[2010/02/10 00:24:29 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/12/14 12:39:27 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Station 2\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/05 13:58:54 | 001,899,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\macxvi200.bin
[2009/08/11 14:01:53 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009/08/11 13:13:33 | 000,112,346 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2009/08/11 13:13:33 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2009/08/06 22:12:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/08/06 18:54:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/08/06 18:53:17 | 000,303,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/06 07:51:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2009/08/06 07:17:25 | 000,002,048 | ---- | C] () -- C:\WINDOWS\bootstat.dat
[2009/08/06 07:12:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,436,276 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,069,006 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.exe >
[2011/09/10 20:51:23 | 002,419,835 | ---- | M] () -- C:\MGtools.exe
 
< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004/08/04 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004/08/04 07:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004/08/04 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
 
< %SYSTEMDRIVE%\sceclt.dll /s /md5 >
 
< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >
 
< %SYSTEMDRIVE%\logevent.dll /s /md5 >
 
< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
 
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
 
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\MGTools\temp\ERDNT\atapi.sys
[2004/08/04 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\MGTools\temp\NTSPU\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\MGTools\temp\SPF\atapi.sys
[2004/08/04 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys
 
< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >
 
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
 
========== Files - Unicode (All) ==========
[2011/05/01 22:16:39 | 000,000,036 | ---- | M] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\珘̓
[2011/05/01 22:16:39 | 000,000,036 | ---- | C] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\珘̓
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Station 2\Desktop\Nisqually.exe:SummaryInformation

< End of report >
Logged
Britec
Administrator
Hero Member
*****
Posts: 3497



View Profile
« Reply #1 on: September 26, 2011, 04:10:09 AM »
I sorry for delay, i will check your log later tonight, at a quick glance....it don't look bad.
I see a lot of removal software on there. have you been running these apps?

How is the system now and what's happening when you use the computer?
Logged


kmac_24
Newbie
*
Posts: 11


View Profile
« Reply #2 on: September 28, 2011, 02:44:55 PM »
Yes I have trying to find what this issue with why I can't see the full screen of the computer, I can't see any icons or taskbars.  Also having to access everything through the taskbar is not fun. I want to make that I took all necessary steps.  I know that in your post regarding this issue in the other forum that advise to do a reinstall of xp.  That will be my next step to follow.  But  2 issues.  1st issue is that the computer is XP professional.  I found a video you did that had the xp console iso on youtube but its for xp home.  So i need xp pro and wondering can you lead me in the direction of where i can find the pro version cause I dont have the original cd's.  Secondly the xp recovery console that I did get it doesnt have the ntoskrnl.exe file included to fix another issue that I'm having with a computer.  Can you please assist me, please. I really would appreciate it. I'm just trying to make sure I do all necessary steps.
Logged
Britec
Administrator
Hero Member
*****
Posts: 3497



View Profile
« Reply #3 on: September 29, 2011, 03:09:00 AM »
If you don't have a Windows CD its a good idea to buy one or buy Windows 7 and upgrade.
I can't post PIRATE links to Windows CD's sorry.
Logged


kmac_24
Newbie
*
Posts: 11


View Profile
« Reply #4 on: September 29, 2011, 08:00:56 PM »
Not was trying to having you do anything illegal.  I just trying find if there was a different route or if there something that I missed removing to cause the issue.  That's all.
Logged
Britec
Administrator
Hero Member
*****
Posts: 3497



View Profile
« Reply #5 on: September 30, 2011, 04:42:41 AM »
To do a Repair Install your going to need a Windows CD, If you have Restore Points you can use these to fix your issue.
If your still infected then your need to remove all of the infection before doing any of the above, unless your nuke and pave ie: format.
Logged


kmac_24
Newbie
*
Posts: 11


View Profile
« Reply #6 on: October 04, 2011, 11:16:45 PM »
Hi Britec,

I finally was able to do a repair install and got some results.  I was able to get the screen back to full size and actually the volume came back that I didn't know that went away.  Only issue left is that not able to see the icons or task bar.  Still can only access everything through task manager only.  I retried kelly fix 195 and 117 and not results..what should i do next?
 
Logged
Britec
Administrator
Hero Member
*****
Posts: 3497



View Profile
« Reply #7 on: October 05, 2011, 02:52:07 AM »
A Repair Install is just that, it repairs your Windows O/S now if your saying your issue with Task bar and Desktop Icons is still there, then you may still be infected?

All this should be fixed but in-case its not... here goes.

You might have reset them.
There is a setting for the desktop that you might have inadvertantly clobbered. Here's how to get them back:
 
Right-click on the desktop to bring up its context menu
Select Arrange Icons By to bring up a second context menu
Check "Show Desktop Icons"




All this should be fixed but in-case its not


1. Ctrl + Alt + Del to bring up Task Manager.
2. Click "New Task..." then click "Browse..."
3. Click My Computer on the left panel. Click C:\ - WINDOWS.
4. Navigate to explorer.exe, right click and copy explorer. Rename it to explorer1 (.exe)
5. Hit Cancel to go back to Create New Task window. Type regedit.exe and click OK.

6. In the registry editor, navigate to the following Key.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

With the Winlogon key selected, look in the right side window for the
'Shell" value.

Double click Shell. In the Value Data box, you should see Explorer.exe. Change it to
explorer1.exe and click OK.

Exit the registry editor and reboot the computer.

Hide or Show Desktop Icons
http://www.sevenforums.com/tutorials/3659-desktop-items-hide-show.html

How to Clear and Reset the Thumbnail Cache in Windows 7
http://www.sevenforums.com/tutorials/10797-thumbnail-cache-clear-reset.html

How to Rebuild the Icon Cache in Windows 7
http://www.sevenforums.com/tutorials/49819-icon-cache-rebuild.html
Logged


kmac_24
Newbie
*
Posts: 11


View Profile
« Reply #8 on: October 06, 2011, 11:29:06 AM »
Hi Britec

  I'm going to assume that I'm still infected. I still can't right click and get anything.  Your other option didn't work either with renaming explorer.exe.  I couldn't use the other options as it's for windows 7.  One thing i do notice is that the screen still has that funny look until you get to the login screen then the screen fills in full.  What other options are there.  Is there a virus that I'm not aware of or missed.  Please help.
Logged
Britec
Administrator
Hero Member
*****
Posts: 3497



View Profile
« Reply #9 on: October 07, 2011, 03:16:55 PM »
please list what scans you have run? ie malwarebytes full scan etc
Logged


kmac_24
Newbie
*
Posts: 11


View Profile
« Reply #10 on: October 09, 2011, 10:38:13 AM »
here is all what I've ran.

Avast antivirus
Malware bytes
combofix
super antispyware
root repeal
mg tools
Kaspersky online scan.
Logged
kmac_24
Newbie
*
Posts: 11


View Profile
« Reply #11 on: October 16, 2011, 02:45:20 PM »
Any suggestions Britec?
Logged
Pages: [1]
  Print  
« previous next »
 
Jump to: