Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: Can't remove Win32.FraudLoad.edt

  1. #11
    Junior Member
    Join Date
    Dec 2011
    Posts
    9

    Default

    OTL is continuesly Not Responding???

    Do i keep files hidden???

  2. #12
    Junior Member
    Join Date
    Dec 2011
    Posts
    9

    Default

    Virus Total
    Antivirus Version Last Update Result
    AhnLab-V3 2011.12.28.03 2011.12.28 -
    AntiVir 7.11.20.64 2011.12.29 -
    Antiy-AVL 2.0.3.7 2011.12.29 -
    Avast 6.0.1289.0 2011.12.28 -
    AVG 10.0.0.1190 2011.12.29 -
    BitDefender 7.2 2011.12.29 -
    ByteHero 1.0.0.1 2011.12.07 -
    CAT-QuickHeal 12.00 2011.12.29 -
    ClamAV 0.97.3.0 2011.12.29 -
    Commtouch 5.3.2.6 2011.12.29 -
    Comodo 11126 2011.12.29 -
    DrWeb 5.0.2.03300 2011.12.29 -
    Emsisoft 5.1.0.11 2011.12.29 -
    eSafe 7.0.17.0 2011.12.29 -
    eTrust-Vet 37.0.9652 2011.12.29 -
    F-Prot 4.6.5.141 2011.12.28 -
    F-Secure 9.0.16440.0 2011.12.29 -
    Fortinet 4.3.388.0 2011.12.29 -
    GData 22 2011.12.29 -
    Ikarus T3.1.1.109.0 2011.12.29 -
    Jiangmin 13.0.900 2011.12.28 -
    K7AntiVirus 9.120.5796 2011.12.28 -
    Kaspersky 9.0.0.837 2011.12.29 -
    McAfee 5.400.0.1158 2011.12.29 -
    McAfee-GW-Edition 2010.1E 2011.12.29 -
    Microsoft 1.7903 2011.12.29 -
    NOD32 6751 2011.12.29 -
    Norman 6.07.13 2011.12.28 -
    nProtect 2011-12-29.01 2011.12.29 -
    Panda 10.0.3.5 2011.12.29 -
    PCTools 8.0.0.5 2011.12.29 -
    Prevx 3.0 2011.12.29 -
    Rising 23.90.03.02 2011.12.29 -
    Sophos 4.72.0 2011.12.29 -
    SUPERAntiSpyware 4.40.0.1006 2011.12.28 -
    Symantec 20111.2.0.82 2011.12.29 -
    TheHacker 6.7.0.1.367 2011.12.29 -
    TrendMicro 9.500.0.1008 2011.12.29 -
    TrendMicro-HouseCall 9.500.0.1008 2011.12.29 -
    VBA32 3.12.16.4 2011.12.29 -
    VIPRE 11319 2011.12.29 -
    ViRobot 2011.12.29.4852 2011.12.29 -
    VirusBuster 14.1.138.0 2011.12.28 -
    Additional information
    MD5 : 7c06ced2f7b9272a126d53a2a9f52ac0
    SHA1 : 63911e2cb0b19beddeff84c128857d654c734953
    SHA256: 95046903cc4ad0d71e5b768a319ecdc8e0689a877d9873da1b87f5c71fad1af1
    ssdeep: 192:ILA4oWUS6E9a5q/cvBWENVNujkwGJ1KDJD/sWcc3CwYE0:IU47Uh6a5Ac5jRj1KDiWcqCwJ
    File size : 14848 bytes
    First seen: 2007-03-02 18:07:31
    Last seen : 2011-12-29 09:42:08
    TrID:
    Win32 Executable Generic (42.3%)
    Win32 Dynamic Link Library (generic) (37.6%)
    Generic Win/DOS Executable (9.9%)
    DOS Executable Generic (9.9%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
    sigcheck:
    publisher....: Microsoft Corporation
    copyright....: (c) Microsoft Corporation. All rights reserved.
    product......: HTML Help
    description..: Microsoft_ HTML Help Executable
    original name: HH.exe
    internal name: HH 1.41
    file version.: 6.0.6000.16386 (vista_rtm.061101-2205)
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    PEInfo: PE structure information

    [[ basic data ]]
    entrypointaddress: 0x1B2F
    timedatestamp....: 0x4549B636 (Thu Nov 02 09:11:18 2006)
    machinetype......: 0x14c (I386)

    [[ 4 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0x140E, 0x1600, 6.07, 52e8f67a3d802e77d260b0f2e66361be
    .data, 0x3000, 0x380, 0x200, 0.30, 26d2af9b5ae35538e55951b8e598e42b
    .rsrc, 0x4000, 0x1BA0, 0x1C00, 3.71, 9765d0da6d2482adda6c805dd4f93a0e
    .reloc, 0x6000, 0x1C8, 0x200, 4.57, 7ce9ec4eb40e829c58dd1f470e64cff1

    [[ 3 import(s) ]]
    ADVAPI32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
    KERNEL32.dll: ExpandEnvironmentStringsA, FreeLibrary, GetProcAddress, LoadLibraryA, HeapSetInformation, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, GetStartupInfoA, InterlockedCompareExchange, Sleep, InterlockedExchange, UnhandledExceptionFilter
    msvcrt.dll: __p__commode, __set_app_type, _terminate@@YAXXZ, _except_handler4_common, _controlfp, _adjust_fdiv, __setusermatherr, _amsg_exit, _initterm, _acmdln, exit, _ismbblead, _XcptFilter, _exit, _cexit, __getmainargs, memset, _vsnprintf, __p__fmode
    ExifTool:
    file metadata
    CharacterSet: Unicode
    CodeSize: 5632
    CompanyName: Microsoft Corporation
    EntryPoint: 0x1b2f
    FileDescription: Microsoft HTML Help Executable
    FileFlagsMask: 0x003f
    FileOS: Windows NT 32-bit
    FileSize: 14 kB
    FileSubtype: 0
    FileType: Win32 EXE
    FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
    FileVersionNumber: 6.0.6000.16386
    ImageVersion: 6.0
    InitializedDataSize: 8704
    InternalName: HH 1.41
    LanguageCode: English (U.S.)
    LegalCopyright: Microsoft Corporation. All rights reserved.
    LinkerVersion: 8.0
    MIMEType: application/octet-stream
    MachineType: Intel 386 or later, and compatibles
    OSVersion: 6.0
    ObjectFileType: Executable application
    OriginalFilename: HH.exe
    PEType: PE32
    ProductName: HTML Help
    ProductVersion: 6.0.6000.16386
    ProductVersionNumber: 6.0.6000.16386
    Subsystem: Windows GUI
    SubsystemVersion: 6.0
    TimeStamp: 2006:11:02 10:11:18+01:00
    UninitializedDataSize: 0

  3. #13
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Stamford, CT
    Posts
    14,203

    Default

    Ok, that file is fine. Keep it so we can view files again if we need to, we can change it back when where done.

    Lets do this

    Download ComboFix from one of these locations:

    Link 1
    Link 2


    * IMPORTANT !!! Save ComboFix.exe to your Desktop


    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    • See this Link for programs that need to be disabled and instruction on how to disable them.
    • Remember to re-enable them when we're done.

    • Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.




    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    *If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  4. #14
    Junior Member
    Join Date
    Dec 2011
    Posts
    9

    Default

    ComboFix 11-12-29.05 - HMvB 29-12-2011 23:05:08.1.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1033.18.2429.814 [GMT 1:00]
    Gestart vanuit: c:\users\HMvB\Downloads\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\HMvB\AppData\Roaming\.#
    c:\users\HMvB\Favorites\BackupManager.list
    c:\windows\IsUn0413.exe
    c:\windows\system32\1551694079
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-11-28 to 2011-12-29 ))))))))))))))))))))))))))))))
    .
    .
    2011-12-29 22:17 . 2011-12-29 22:17 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-12-29 07:38 . 2011-12-29 07:38 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D512DF15-D33B-4FF5-82B4-9C0A72B66C09}\MpKsl10ae3c9a.sys
    2011-12-29 07:37 . 2011-12-29 07:37 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D512DF15-D33B-4FF5-82B4-9C0A72B66C09}\offreg.dll
    2011-12-29 07:36 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D512DF15-D33B-4FF5-82B4-9C0A72B66C09}\mpengine.dll
    2011-12-28 18:55 . 2011-12-28 18:55 -------- d-----w- c:\program files\ESET
    2011-12-27 23:49 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-12-27 23:49 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-12-27 23:49 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-12-27 23:49 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-12-27 23:49 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-12-27 23:49 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-12-27 23:47 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
    2011-12-27 23:47 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
    2011-12-27 22:49 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-12-27 12:44 . 2011-12-27 12:44 -------- d-----w- c:\users\HMvB\IOption
    2011-12-27 12:44 . 2011-12-27 12:44 -------- d-----w- c:\programdata\BackupManager
    2011-12-24 04:27 . 2011-12-24 04:27 -------- d-----w- c:\users\HMvB\AppData\Roaming\AVG2012
    2011-12-24 04:25 . 2011-12-25 21:42 -------- d-----w- c:\programdata\AVG Secure Search
    2011-12-24 04:24 . 2011-12-25 21:43 -------- d-----w- c:\program files\Common Files\AVG Secure Search
    2011-12-24 04:24 . 2011-12-24 04:24 -------- d--h--w- c:\programdata\Common Files
    2011-12-24 04:17 . 2011-12-24 04:17 -------- d-----w- c:\users\HMvB\AppData\Roaming\Auslogics
    2011-12-24 04:17 . 2011-12-27 23:34 -------- d-----w- c:\programdata\AVG2012
    2011-12-24 04:16 . 2011-12-24 04:16 -------- d-----w- c:\program files\Auslogics
    2011-12-24 04:14 . 2011-12-24 04:14 -------- d-----w- c:\program files\AVG
    2011-12-23 10:58 . 2011-06-30 13:17 16432 ----a-w- c:\windows\system32\lsdelete.exe
    2011-12-22 08:56 . 2011-12-22 09:00 -------- d-----w- C:\ERUNT
    2011-12-22 08:46 . 2011-12-22 09:04 -------- d-----w- c:\program files\ERUNT
    2011-12-20 19:47 . 2011-12-20 20:10 -------- d-----w- c:\users\HMvB\AppData\Roaming\GetRightToGo
    2011-12-20 17:03 . 2011-12-20 17:03 388096 ----a-r- c:\users\HMvB\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-12-20 17:03 . 2011-12-25 21:43 -------- d-----w- c:\program files\Trend Micro
    2011-12-20 13:36 . 2011-12-24 08:37 -------- d-----w- c:\programdata\AVAST Software
    2011-12-20 13:36 . 2011-12-20 13:36 -------- d-----w- c:\program files\AVAST Software
    2011-12-18 22:46 . 2011-12-25 21:43 -------- d-----w- c:\program files\QuickTime
    2011-12-16 11:56 . 2011-11-23 13:37 2043904 ----a-w- c:\windows\system32\win32k.sys
    2011-12-16 11:56 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll
    2011-12-16 11:55 . 2011-10-27 08:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-12-16 11:55 . 2011-10-27 08:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-12-16 11:55 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2011-12-16 11:55 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll
    2011-12-16 11:55 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-12-13 23:13 . 2011-12-13 23:13 -------- d-----w- c:\program files\iPod
    2011-12-13 23:13 . 2011-12-13 23:14 -------- d-----w- c:\program files\iTunes
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-16 21:24 . 2011-05-29 09:23 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-12-12 09:07 . 2011-06-30 13:13 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2011-11-21 10:47 . 2010-03-08 12:57 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2011-10-11 20:53 . 2011-10-11 20:54 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B5A84CA5-2C20-4A04-B238-58E5F56780DD}\gapaengine.dll
    2011-10-03 03:06 . 2011-09-06 16:50 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-11-05 06:53 . 2011-03-23 03:13 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2009-05-14 22:02 120104 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-19 68856]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
    "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-12-16 735608]
    "Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-24 619352]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-19 30192]
    "TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2010-11-26 274608]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
    "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
    .
    c:\users\HMvB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    ZooskMessenger.lnk - c:\program files\ZooskMessenger\ZooskMessenger.exe [N/A]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKLM\~\startupfolder\C:^Users^HMvB^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
    path=c:\users\HMvB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
    backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management]
    2009-04-03 18:54 698912 ----a-w- c:\program files\Acer\Acer ePower Management\ePowerTray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun]
    2008-10-24 20:18 237568 ----a-w- c:\program files\AmIcoSingLun\AmIcoSinglun.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
    2009-01-20 23:41 156968 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
    2009-04-11 18:32 249600 ----a-w- c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
    2008-03-18 01:06 1848648 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
    2008-03-11 01:20 689488 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
    2009-01-20 23:41 202024 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecLiveUpdate]
    2009-05-13 18:39 199464 ----a-w- c:\program files\EgisTec Egis Software Update\EgisUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
    2010-08-19 01:00 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2011-12-08 00:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
    2009-02-24 00:16 870920 ----a-w- c:\program files\Launch Manager\LManager.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2010-11-10 00:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
    2009-05-14 22:03 345384 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
    2008-12-26 16:30 173288 ------w- c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
    2008-07-29 18:29 200704 ----a-w- c:\windows\PLFSetI.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg]
    2008-11-17 08:47 135168 ----a-w- c:\program files\Acer\WR_PopUp\ProductReg.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
    2009-03-11 00:48 6957600 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
    2009-03-11 00:49 1833504 ----a-w- c:\program files\Realtek\Audio\HDA\SkyTel.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
    2009-03-18 20:34 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2011-06-09 11:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2010-01-19 19:58 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
    2011-12-16 15:22 735608 ----a-w- c:\program files\uTorrent\uTorrent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
    .
    R0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
    R1 MpKsl001c7aa7;MpKsl001c7aa7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A7E6F4A-5733-4CFA-BB52-2835842DFC8B}\MpKsl001c7aa7.sys [x]
    R1 MpKsl046e81d8;MpKsl046e81d8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F1EFA03-D526-4F20-977B-E072B134C528}\MpKsl046e81d8.sys [x]
    R1 MpKsl0bf29767;MpKsl0bf29767;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{46443532-7132-4B1A-B020-AD29F165A162}\MpKsl0bf29767.sys [x]
    R1 MpKsl1026bf0d;MpKsl1026bf0d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B9CF4B7-1511-4144-B2F5-21BA05CA2723}\MpKsl1026bf0d.sys [x]
    R1 MpKsl15f771f0;MpKsl15f771f0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8198F10A-D6DF-448C-B20A-4D36EE298A18}\MpKsl15f771f0.sys [x]
    R1 MpKsl1f48bae3;MpKsl1f48bae3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98A2975E-1BC3-480B-B6A5-31876D07E8EA}\MpKsl1f48bae3.sys [x]
    R1 MpKsl33ba2253;MpKsl33ba2253;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{572A226D-6807-4A37-B3F9-2ACF56FB74EB}\MpKsl33ba2253.sys [x]
    R1 MpKsl5431f22b;MpKsl5431f22b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{38032A1D-FF1D-419A-A077-4DA46A35E0B1}\MpKsl5431f22b.sys [x]
    R1 MpKsl7e0c57b4;MpKsl7e0c57b4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FD821B66-C3CC-4DB3-B91C-116392DC3ACE}\MpKsl7e0c57b4.sys [x]
    R1 MpKsl83c2c4bb;MpKsl83c2c4bb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40388940-175A-48C8-B4BF-4323FA3EFDAF}\MpKsl83c2c4bb.sys [x]
    R1 MpKsl8b5bbfd4;MpKsl8b5bbfd4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABC5C962-839E-45B2-977E-798FF0DC87AA}\MpKsl8b5bbfd4.sys [x]
    R1 MpKsl9b3812d8;MpKsl9b3812d8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B6728DE2-9AC9-442D-BC12-2D1280BB0DCC}\MpKsl9b3812d8.sys [x]
    R1 MpKsla22bf45a;MpKsla22bf45a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8586F001-F811-47B9-A6A1-E9D2D33D72BB}\MpKsla22bf45a.sys [x]
    R1 MpKsla3b0c331;MpKsla3b0c331;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7F698F31-3F36-4E1E-B816-2ECCB1762494}\MpKsla3b0c331.sys [x]
    R1 MpKslb13aeb82;MpKslb13aeb82;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{66C03A71-977E-4282-809D-D46530ED4644}\MpKslb13aeb82.sys [x]
    R1 MpKslbbe7a69c;MpKslbbe7a69c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6FEFB36D-50C8-4172-9BBD-72804C9AD59C}\MpKslbbe7a69c.sys [x]
    R1 MpKslc220a990;MpKslc220a990;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABC5C962-839E-45B2-977E-798FF0DC87AA}\MpKslc220a990.sys [x]
    R1 MpKslc49fcadd;MpKslc49fcadd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F1EFA03-D526-4F20-977B-E072B134C528}\MpKslc49fcadd.sys [x]
    R1 MpKsle06937c5;MpKsle06937c5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0EBA03B3-4151-4BCB-A70E-A0E0FC1D552E}\MpKsle06937c5.sys [x]
    R1 MpKsle791c1f2;MpKsle791c1f2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{66C03A71-977E-4282-809D-D46530ED4644}\MpKsle791c1f2.sys [x]
    R1 MpKslebd1dc15;MpKslebd1dc15;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7F984E55-997A-44F6-9C81-5ACA2156AFB3}\MpKslebd1dc15.sys [x]
    R1 MpKslf011f89a;MpKslf011f89a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{191ABBBF-27B9-4B37-A4FB-4893C9C847AE}\MpKslf011f89a.sys [x]
    R1 MpKslf5044cff;MpKslf5044cff;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B492EB8D-7D2B-41FF-9725-1B4FC1A3D0EC}\MpKslf5044cff.sys [x]
    R1 MpKslf55d7464;MpKslf55d7464;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{955DBED9-12FC-42A5-8166-C12FC4D238C0}\MpKslf55d7464.sys [x]
    R1 MpKslf9d7dacd;MpKslf9d7dacd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0ECDB0F1-06F6-44F3-B570-030B29E6E305}\MpKslf9d7dacd.sys [x]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
    R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 Firefox Service;Firefox Service;c:\users\HMvB\AppData\Roaming\Mozilla\Firefox\Profiles\7xbljf0i.default\extensions\startup.service@mozilla.com\svc.exe [2011-03-10 83456]
    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 136176]
    R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
    R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
    R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 23040]
    R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-19 30192]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 136176]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
    R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-12-12 64512]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-18 691696]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 MpKsl10ae3c9a;MpKsl10ae3c9a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D512DF15-D33B-4FF5-82B4-9C0A72B66C09}\MpKsl10ae3c9a.sys [2011-12-29 29904]
    S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2008-12-04 19504]
    S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2008-12-04 16432]
    S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2008-12-04 59952]
    S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-06-29 101720]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-24 494424]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
    S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-12-18 75048]
    S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-04-03 723488]
    S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2008-01-21 21504]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-12-23 2152152]
    S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
    S2 MWLService;MyWinLocker Service;c:\program files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-05-14 305448]
    S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-04-11 61184]
    S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-24 869216]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2009-03-19 4386304]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2009-03-19 93184]
    S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-09-04 223232]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
    S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
    .
    .
    --- Andere Services/Drivers In Geheugen ---
    .
    *NewlyCreated* - MPKSL10AE3C9A
    *NewlyCreated* - MPKSL95FE6BDF
    *NewlyCreated* - MPKSLA12EC0A6
    *Deregistered* - Lavasoft Kernexplorer
    *Deregistered* - MpKsl95fe6bdf
    *Deregistered* - MpKsla12ec0a6
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HsfXAudioService REG_MULTI_SZ HsfXAudioService
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 09:02]
    .
    2011-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 09:02]
    .
    .
    ------- Bijkomende Scan -------
    .
    uStart Page = https://mail.google.com/mail/?hl=en&...t&shva=1#inbox
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
    FF - ProfilePath - c:\users\HMvB\AppData\Roaming\Mozilla\Firefox\Profiles\7xbljf0i.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?source=gama&hl=en
    FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bda0b6794-02d7-409b-9344-dcd5a4ecb917%7D&mid=7cfdccc063fd47d1a9b2d156505ed0f4-40c790bcf55dc492292f2b87f02d8f1ebdc2e7bd&ds=AVG&v=9.0.0.23&lang=nl&pr=pr&d=2011-12-24%2005%3A25%3A26&sap=ku&q=
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    URLSearchHooks-{a386d4b0-fddb-4e1c-ae61-4f014013cd9b} - (no file)
    URLSearchHooks-{87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
    BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    WebBrowser-{A386D4B0-FDDB-4E1C-AE61-4F014013CD9B} - (no file)
    WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
    WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
    HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
    HKCU-Run-uTray - c:\program files\ITknowledge24\uTray.exe
    HKLM-Run-vProt - c:\program files\AVG Secure Search\vprot.exe
    ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\SUPERAntiSpyware\SASSEH.DLL
    Notify-!SASWinLogon - c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    SafeBoot-mcmscsvc
    SafeBoot-MCODS
    MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
    MSConfigStartUp-MSSE - c:\program files\Microsoft Security Essentials\msseces.exe
    MSConfigStartUp-SynTPEnh - c:\program files\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0413.EXE
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-12-29 23:17
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scannen van verborgen processen ...
    .
    scannen van verborgen autostart items ...
    .
    scannen van verborgen bestanden ...
    .
    .
    C:\## aswSnx private storage
    .
    Scan succesvol afgerond
    verborgen bestanden: 1
    .
    **************************************************************************
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    Voltooingstijd: 2011-12-29 23:23:42
    ComboFix-quarantined-files.txt 2011-12-29 22:23
    .
    Pre-Run: 118.437.138.432 bytes free
    Post-Run: 118.338.523.136 bytes free
    .
    - - End Of File - - ACD5731BA417B0BE14A5FF4268F9AE44

  5. #15
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Stamford, CT
    Posts
    14,203

    Default

    Hello,

    Things running any better ? On your initial DDS log you had Microsoft Security Essentials installed and now I am looking at Avast also, when did you install it ? You should only have one Anti Virus program running, more than one is overkill and can severely hamper system performance, I would suggest uninstalling Avast via Programs and Features in the Control Panel.

    While your in there I would also strongly suggest that you uninstall uTorrent, File Sharing programs are very dangerous, your downloading that file from an unknown source and most contain some sort or malware.


    Drag OTL to the trash and go back to link # 10 and redownload it and see if it will run now, if it wont run try running it in Safemode, then post the log please


    To Enter Safemode
    • Go to Start> Shut off your Computer> Restart
    • As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
      this will bring up a menu.
    • Use the Up and Down Arrow Keys to scroll up to Safemode with Networking
    • Then press the Enter Key on your Keyboard

    Tutorial if you need it How to boot into Safemode
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  6. #16
    Junior Member
    Join Date
    Dec 2011
    Posts
    9

    Default

    Removed all recommended! Downloaded OTL again but same problem! Continuesly Not Responding!
    Quick question: what should i use to download torrents?
    I always dwnld from the same sites from the same people such as eztv.
    I've been at my moms whos laptop this is but i'm getting ready to go home and might not be able to get back in touch in the next 3 days eventhough i will try!!!
    Otherwise is it possible that i contact you through another e-mail incase this thread closes?
    My e-mail is
    Last edited by ken545; 2011-12-30 at 14:24. Reason: Removed users email address for security

  7. #17
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Stamford, CT
    Posts
    14,203

    Default

    Hi,

    Outside of OTL not responding , how is your computer behaving now ?

    These forums are read by people from all over the world, I removed your email address for safety, dont post any personal info. In the event this thread is closed before you get back you can just PM me or a moderator to reopen it.


    As far as the torrents, there bad news, a lot of things that can be downloaded with them are sometimes illegal or infected, I have been at this for many years and the greater percentage of people posting in these forums infected there computers via the torrents, I would no way no how let anyone that has access to any of my systems use any kind of File Sharing.

    Read this

    http://www.us-cert.gov/cas/tips/ST05-007.html

    http://forums.spybot.info/showthread.php?t=282



    Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

    We have noticed that many people seeking help from us are coming with infections contracted from the use of P2P programs.

    Because of this, we changed our malware forum's policy on the use of P2P file sharing programs.

    • If your helper detects the presence of such programs on your computer he/she will ask you to remove them. Help will be withdrawn should you not agree to their removal.
    • If we clean your computer of infection, and you return to us a short time later with an infection contracted by the use of P2P programs, volunteer analysts will refuse their help.


    We do not ask you to do this without reason.


    P2P (File Sharing ) programs form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P program is not configured correctly you may be sharing more files than you realize. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.

    Many of the programs come bundled with other unwanted programs, but even the ones free of any bundled software are not safe to use.

    This article from InfoWorld illustrates the dangers of a poorly configured P2P program.
    http://www.infoworld.com/article/07/09/06/...ID-theft_1.html

    When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.
    Last edited by tashi; 2012-01-14 at 01:07. Reason: Thank you Ken545
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •