Avast shield hacked at start/ rubotted not starting service

**picked** · 2012-07-13, 09:23

Khool as this malware looks, now let me give you some backgroud of everything.

i was not using antivirus last night. i was port scanning with every security measure being closed. I also downloaded some softwares from donationcoder.com a site known malicious in avast database, avast was blocking, so i closed avast :p
spybot s&d was closed along with avast. firewall comodo was also closed. so no security measures for useless experiments.

now from this morning, i start my computer, everything looks sunny except that avast shield was not working for some start up seconds. and the Rubotted also not working. i restart no help :s

please help..

**picked** · 2012-07-13, 09:36

OTL logfile created on: 7/13/2012 12:56:40 PM - Run 3
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Downloads\Softwares\Apps\Security
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.60 Gb Available Physical Memory | 30.33% Memory free
4.92 Gb Paging File | 3.56 Gb Available in Paging File | 72.29% Paging File free
Paging file location(s): c:\pagefile.sys 3000 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.73 Gb Total Space | 19.82 Gb Free Space | 40.68% Space Free | Partition Type: NTFS
Drive F: | 48.83 Gb Total Space | 1.24 Gb Free Space | 2.55% Space Free | Partition Type: NTFS
Drive G: | 51.39 Gb Total Space | 1.09 Gb Free Space | 2.12% Space Free | Partition Type: NTFS

Computer Name: PLANETCOMPUERS | User Name: planet compuers | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/03 21:51:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/03/12 02:43:21 | 001,983,232 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012/03/12 02:43:00 | 006,749,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012/03/09 21:16:25 | 000,049,152 | ---- | M] (Pablo Software Solutions) -- C:\Downloads\Softwares\Apps\MultiPing.exe
PRC - [2012/03/05 17:22:12 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Downloads\Softwares\Apps\Security\OTL.exe
PRC - [2011/12/30 05:06:10 | 000,329,824 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/11/22 04:30:52 | 000,482,992 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\st_rsser.exe
PRC - [2010/11/20 17:47:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 17:47:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/08/17 09:30:28 | 005,898,240 | ---- | M] () -- C:\Program Files\MMX310G 3G USB Manager\USB Modem.exe
PRC - [2009/02/27 23:54:32 | 002,351,104 | ---- | M] (DonationCoder.com) -- C:\Program Files\DrWindows\DrWindows.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

========== Modules (No Company Name) ==========

MOD - [2012/07/10 09:39:00 | 000,438,296 | ---- | M] () -- C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
MOD - [2012/07/10 09:38:59 | 003,972,120 | ---- | M] () -- C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012/07/10 09:37:39 | 000,554,520 | ---- | M] () -- C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.57\libglesv2.dll
MOD - [2012/07/10 09:37:37 | 000,117,784 | ---- | M] () -- C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.57\libegl.dll
MOD - [2012/07/10 09:37:22 | 000,140,328 | ---- | M] () -- C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012/07/10 09:37:21 | 000,262,184 | ---- | M] () -- C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012/07/10 09:37:19 | 002,386,984 | ---- | M] () -- C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012/07/10 07:47:27 | 009,255,112 | ---- | M] () -- C:\Users\PLANET~1\AppData\Local\Google\Chrome\APPLIC~1\20.0.1132.57\gcswf32.dll
MOD - [2012/07/10 07:47:27 | 009,255,112 | ---- | M] () -- C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
MOD - [2011/07/19 02:34:08 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2011/04/15 06:31:33 | 000,548,854 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2010/08/17 09:33:42 | 000,049,152 | ---- | M] () -- C:\Program Files\MMX310G 3G USB Manager\Driver\modemInst.dll
MOD - [2010/08/17 09:30:28 | 005,898,240 | ---- | M] () -- C:\Program Files\MMX310G 3G USB Manager\USB Modem.exe
MOD - [2010/07/05 03:02:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010/02/25 18:25:38 | 000,065,536 | ---- | M] () -- C:\Program Files\MMX310G 3G USB Manager\Dll\DialAction_Win7.dll
MOD - [2009/07/14 06:45:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/19 21:49:02 | 000,113,120 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/12 02:43:21 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012/02/15 13:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/13 22:43:36 | 000,000,115 | ---- | M] () [Disabled | Stopped] -- C:\Windows\MINIUPDATE.INI -- (miniupdate)
SRV - [2011/11/22 04:30:52 | 000,482,992 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2011/02/18 21:46:33 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/12/17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe -- (RUBotSrv)
SRV - [2009/07/14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NLNdisPT)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NLNdisMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MFE_RR)
DRV - [2012/07/13 12:52:52 | 000,098,992 | ---- | M] (Kaspersky Lab, GERT) [File_System | Boot | Unknown] -- C:\Windows\System32\drivers\43070774.sys -- (54830784)
DRV - [2012/07/13 12:36:40 | 000,098,992 | ---- | M] (Kaspersky Lab, GERT) [File_System | Boot | Unknown] -- C:\Windows\System32\drivers\25429362.sys -- (35949157)
DRV - [2012/07/03 21:51:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 21:51:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 21:51:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 21:51:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/07/03 21:51:53 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\Drivers\aswrdr2.sys -- (aswRdr)
DRV - [2012/07/03 21:51:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/12 02:43:36 | 000,039,640 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012/03/12 02:43:35 | 000,491,816 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012/03/07 05:32:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/12/20 00:29:14 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011/06/21 11:24:06 | 000,032,768 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011/03/23 17:20:32 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tapoas.sys -- (tapoas)
DRV - [2011/03/12 19:50:28 | 000,168,960 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2011/03/12 19:50:28 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011/03/12 19:50:28 | 000,051,712 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - [2010/11/20 18:00:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 18:00:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 18:00:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 15:54:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 15:51:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 15:29:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 14:44:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 14:44:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/04/27 07:55:16 | 000,076,544 | ---- | M] (mobiletop) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbtusbser.sys -- (sshpmdm)
DRV - [2010/04/27 07:55:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 07:55:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2010/04/27 07:55:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010/04/21 06:02:00 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rminiv3.sys -- (mirrorv3)
DRV - [2010/02/25 18:25:22 | 000,105,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV - [2010/02/16 13:44:18 | 000,146,904 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cbfs.sys -- (CbFs)
DRV - [2010/01/21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/12/30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/12/30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/12/30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/07/14 05:15:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/14 03:32:52 | 000,214,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2009/03/19 14:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/22 10:41:48 | 000,104,320 | ---- | M] (ZTEMT Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ztemtusbser.sys -- (zteusbser)
DRV - [2008/05/07 07:09:20 | 000,125,200 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008/01/14 18:39:16 | 000,025,600 | ---- | M] (MobileTop) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SHPUSB.sys -- (sshpusb)
DRV - [2008/01/14 18:39:16 | 000,006,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SHPACMFilter.sys -- (sshpmdfl)
DRV - [2008/01/14 15:36:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2645238

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B AC 39 D5 7A 50 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://google.com/
IE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={C3DF53C1-6989-4639-9A6F-EFCC62B6651B}&mid=e3a400460a4147d1bd7363b84b027283-6d7bb7f06e27becf16c2d1a95deb6cc5d7b8731d&lang=en&ds=AVG&pr=fr&d=2011-11-21 19:04:27&v=8.0.0.40&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = fastun.com:7000

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..network.proxy.http: "fastun.com"
FF - prefs.js..network.proxy.http_port: 7000
FF - prefs.js..network.proxy.socks: "fastun.com"
FF - prefs.js..network.proxy.socks_port: 7000

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\planet compuers\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\planet compuers\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\planet compuers\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\planet compuers\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\planet compuers\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011/07/23 18:38:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/04 14:11:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/19 21:49:05 | 000,000,000 | ---D | M]

[2012/05/06 00:29:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\planet compuers\AppData\Roaming\mozilla\Extensions
[2012/07/04 11:16:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\planet compuers\AppData\Roaming\mozilla\Firefox\Profiles\32t8jnsw.default\extensions
[2012/05/17 22:26:21 | 000,000,000 | ---D | M] (WOT) -- C:\Users\planet compuers\AppData\Roaming\mozilla\Firefox\Profiles\32t8jnsw.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/05/06 00:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/19 21:49:04 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/19 21:48:59 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/19 21:48:59 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\planet compuers\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\planet compuers\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\planet compuers\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\planet compuers\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\planet compuers\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\planet compuers\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\planet compuers\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Google Translation Bar = C:\Users\planet compuers\AppData\Local\Google\Chrome\User Data\Default\Extensions\innppdgohibodgdhonllhfggjddbplgb\1.4_0\

O1 HOSTS File: ([2012/06/15 21:07:44 | 000,443,012 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15215 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [DrWindows] C:\Program Files\DrWindows\DrWindows.exe (DonationCoder.com)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download all links with IDM - Reg Error: Value error. File not found
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Download with IDM - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\CEmLSP.dll (COMODO CA Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\CEmLSP.dll (COMODO CA Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\CEmLSP.dll (COMODO CA Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\CEmLSP.dll (COMODO CA Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\CEmLSP.dll (COMODO CA Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\CEmLSP.dll (COMODO CA Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\CEmLSP.dll (COMODO CA Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} http://java.sun.com/products/plugin/...ndows-i586.cab (Java Plug-in 1.4.2_01)
O16 - DPF: {CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Java Plug-in 1.5.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EEF2E866-A658-44DC-B306-0FA6C294C572}: NameServer = 8.8.4.4 62.128.175.14
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - () - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6e6331c9-3b39-11e0-8bc0-001fd0f77a12}\Shell - "" = AutoRun
O33 - MountPoints2\{6e6331c9-3b39-11e0-8bc0-001fd0f77a12}\Shell\AutoRun\command - "" = D:\
O33 - MountPoints2\{6e6331c9-3b39-11e0-8bc0-001fd0f77a12}\Shell\linuxlive\command - "" = VirtualBox\Virtualize_This_Key.exe
O33 - MountPoints2\{6e6331c9-3b39-11e0-8bc0-001fd0f77a12}\Shell\linuxlive2\command - "" = VirtualBox\VirtualBox.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\
O33 - MountPoints2\D\Shell\linuxlive\command - "" = VirtualBox\Virtualize_This_Key.exe
O33 - MountPoints2\D\Shell\linuxlive2\command - "" = VirtualBox\VirtualBox.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\.\ShowModem.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\
O33 - MountPoints2\I\Shell\linuxlive\command - "" = VirtualBox\Virtualize_This_Key.exe
O33 - MountPoints2\I\Shell\linuxlive2\command - "" = VirtualBox\VirtualBox.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/07/13 12:52:52 | 000,098,992 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\System32\drivers\43070774.sys
[2012/07/13 12:36:40 | 000,098,992 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\System32\drivers\25429362.sys
[2012/07/13 05:08:20 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\Documents\DrWindows
[2012/07/13 05:08:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dr.Windows
[2012/07/13 05:08:12 | 000,000,000 | ---D | C] -- C:\Program Files\DrWindows
[2012/07/13 04:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSD Fresh
[2012/07/13 04:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\SSD Fresh
[2012/07/13 03:41:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\rserver30
[2012/07/13 03:22:06 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\AppData\Local\Eric_Wong
[2012/07/13 03:21:36 | 000,000,000 | ---D | C] -- C:\Program Files\WebCam Signature_1_3_0_0
[2012/07/13 03:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Unicode Paster 2.1
[2012/07/13 02:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
[2012/07/13 02:56:51 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced IP Scanner v2
[2012/07/12 23:53:01 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\AppData\Roaming\Subversion
[2012/07/12 21:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dataram RAMDisk
[2012/07/12 21:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\RAMDisk
[2012/07/12 21:01:03 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced Port Scanner
[2012/07/12 21:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Port Scanner
[2012/07/12 21:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced Port Scanner
[2012/07/12 03:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IRS
[2012/07/11 19:05:00 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Contacts Email Extractor
[2012/07/11 19:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Contacts Email Extractor
[2012/07/11 13:41:32 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\AppData\Local\Macromedia
[2012/07/06 14:38:11 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\AppData\Roaming\Spyware Terminator
[2012/07/06 14:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2012/07/06 14:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2012/07/06 14:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2012/07/05 16:08:14 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\Desktop\New folder (2)
[2012/06/27 01:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/06/27 01:48:13 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\AppData\Local\uTorrent
[2012/06/26 01:04:16 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/06/26 01:04:16 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/06/26 01:03:57 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/06/26 01:01:51 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/26 00:20:10 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/06/25 04:42:47 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/06/20 18:48:53 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\Desktop\namebench 2012-06-20 18 48 34.231000_files
[2012/06/16 08:17:23 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
[2012/06/16 08:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2012/06/15 20:27:05 | 000,000,000 | ---D | C] -- C:\Users\planet compuers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/06/15 18:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/06/15 18:46:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/06/15 18:46:54 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/06/15 05:14:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2012/06/14 00:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MMX310G 3G USB Manager
[2012/06/13 18:19:05 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll

========== Files - Modified Within 30 Days ==========

[2012/07/13 13:04:50 | 000,018,520 | ---- | M] () -- C:\Users\planet compuers\Desktop\catstfytfy.jpg
[2012/07/13 13:03:48 | 000,062,464 | -H-- | M] () -- C:\Users\planet compuers\Desktop\photothumb.db
[2012/07/13 13:02:31 | 000,018,346 | ---- | M] () -- C:\Users\planet compuers\Desktop\cats6yru.jpg
[2012/07/13 13:01:45 | 000,012,969 | ---- | M] () -- C:\Users\planet compuers\Desktop\catsdfyr.jpg
[2012/07/13 12:52:52 | 000,098,992 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\System32\drivers\43070774.sys
[2012/07/13 12:36:40 | 000,098,992 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\System32\drivers\25429362.sys
[2012/07/13 12:11:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/13 12:09:53 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1389538379-1606445692-3891605040-1000UA.job
[2012/07/13 11:51:02 | 000,016,384 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/13 11:51:02 | 000,016,384 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/13 11:48:58 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/07/13 11:46:12 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/13 11:45:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/13 11:45:44 | 1603,969,024 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/13 03:51:40 | 000,000,046 | ---- | M] () -- C:\Users\planet compuers\advanced_ip_scanner_MAC.bin
[2012/07/13 01:58:20 | 000,035,380 | ---- | M] () -- C:\Users\planet compuers\AppData\Local\recently-used.xbel
[2012/07/13 01:43:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juwwanecm_01009.Wdf
[2012/07/13 01:40:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcecm_01009.Wdf
[2012/07/13 00:47:45 | 000,310,018 | ---- | M] () -- C:\Users\planet compuers\Desktop\catskjh-horz-horz.jpg
[2012/07/12 23:08:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1389538379-1606445692-3891605040-1000Core.job
[2012/07/12 22:56:53 | 000,000,000 | -H-- | M] () -- C:\Users\planet compuers\Documents\Default.rdp
[2012/07/12 22:09:25 | 000,001,128 | ---- | M] () -- C:\Users\planet compuers\Application Data\Microsoft\Internet Explorer\Quick Launch\FreshDiagnose.lnk
[2012/07/12 20:50:33 | 000,011,609 | ---- | M] () -- C:\Users\planet compuers\Desktop\399515_10151023240249916_1288714627_n.jpg
[2012/07/12 18:12:14 | 000,056,580 | ---- | M] () -- C:\Users\planet compuers\Desktop\426052_348001605223082_845899888_n.jpg
[2012/07/12 04:49:17 | 000,022,854 | ---- | M] () -- C:\Users\planet compuers\Desktop\396552_352873311402578_1601643066_n.jpg
[2012/07/12 04:13:30 | 000,085,230 | ---- | M] () -- C:\Users\planet compuers\Desktop\catsrtraetert.jpg
[2012/07/12 01:41:36 | 000,283,784 | ---- | M] () -- C:\Users\planet compuers\Desktop\Admin_page_of_reliance.png
[2012/07/11 23:04:36 | 000,061,165 | ---- | M] () -- C:\Users\planet compuers\Desktop\9f9.jpg
[2012/07/11 21:04:06 | 000,005,728 | ---- | M] () -- C:\Users\planet compuers\Desktop\Document 1.pdf
[2012/07/11 19:50:06 | 000,082,036 | ---- | M] () -- C:\Users\planet compuers\Desktop\catsTFUXTFX.jpg
[2012/07/11 19:12:24 | 000,103,356 | ---- | M] () -- C:\Users\planet compuers\Desktop\catsrtdz.jpg
[2012/07/11 13:40:40 | 000,023,150 | ---- | M] () -- C:\Users\planet compuers\Desktop\561454_318561098234381_2060711387_n.jpg
[2012/07/11 13:28:35 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/11 13:28:35 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/10 21:07:49 | 000,001,234 | ---- | M] () -- C:\Users\planet compuers\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/07/10 20:47:03 | 000,006,312 | ---- | M] () -- C:\Windows\wininit.ini
[2012/07/09 23:07:15 | 000,106,026 | ---- | M] () -- C:\Users\planet compuers\Desktop\catsurtuy.jpg
[2012/07/05 21:38:01 | 000,054,078 | ---- | M] () -- C:\Users\planet compuers\Desktop\catstytfy.jpg
[2012/07/04 14:11:08 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/07/03 21:51:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/07/03 21:51:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/07/03 21:51:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/07/03 21:51:53 | 000,057,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/07/03 21:51:53 | 000,044,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/07/03 21:51:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/07/03 21:51:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/03 21:51:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/06/29 19:36:16 | 000,035,784 | ---- | M] () -- C:\Users\planet compuers\Desktop\539628_180564618741430_450581864_n.jpg
[2012/06/29 17:58:20 | 000,093,371 | ---- | M] () -- C:\Users\planet compuers\Desktop\catshgjgjk.jpg
[2012/06/27 01:48:38 | 000,000,901 | ---- | M] () -- C:\Users\planet compuers\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/06/27 01:48:38 | 000,000,877 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/06/26 17:00:31 | 000,303,676 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/26 17:00:31 | 000,035,734 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/26 16:16:58 | 000,562,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/26 01:04:16 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/06/26 01:04:16 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/06/26 01:01:51 | 002,343,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/26 00:20:10 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/06/21 13:58:57 | 000,000,852 | ---- | M] () -- C:\Users\planet compuers\Desktop\Kukku photo sign - Shortcut.lnk
[2012/06/15 21:07:44 | 000,443,012 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/06/14 00:34:58 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\MMX310G 3G USB Manager.lnk

========== Files Created - No Company Name ==========

[2012/07/13 13:02:31 | 000,018,346 | ---- | C] () -- C:\Users\planet compuers\Desktop\cats6yru.jpg
[2012/07/13 13:01:45 | 000,012,969 | ---- | C] () -- C:\Users\planet compuers\Desktop\catsdfyr.jpg
[2012/07/13 13:01:28 | 000,055,296 | -H-- | C] () -- C:\Users\planet compuers\Desktop\photothumb.db
[2012/07/13 04:06:02 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2012/07/13 03:51:40 | 000,000,046 | ---- | C] () -- C:\Users\planet compuers\advanced_ip_scanner_MAC.bin
[2012/07/13 01:58:20 | 000,035,380 | ---- | C] () -- C:\Users\planet compuers\AppData\Local\recently-used.xbel
[2012/07/13 01:43:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juwwanecm_01009.Wdf
[2012/07/13 01:40:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcecm_01009.Wdf
[2012/07/13 00:47:45 | 000,310,018 | ---- | C] () -- C:\Users\planet compuers\Desktop\catskjh-horz-horz.jpg
[2012/07/12 22:56:53 | 000,000,000 | -H-- | C] () -- C:\Users\planet compuers\Documents\Default.rdp
[2012/07/12 20:50:39 | 000,011,609 | ---- | C] () -- C:\Users\planet compuers\Desktop\399515_10151023240249916_1288714627_n.jpg
[2012/07/12 18:12:19 | 000,056,580 | ---- | C] () -- C:\Users\planet compuers\Desktop\426052_348001605223082_845899888_n.jpg
[2012/07/12 04:49:22 | 000,022,854 | ---- | C] () -- C:\Users\planet compuers\Desktop\396552_352873311402578_1601643066_n.jpg
[2012/07/12 03:53:59 | 000,085,230 | ---- | C] () -- C:\Users\planet compuers\Desktop\catsrtraetert.jpg
[2012/07/12 01:40:35 | 000,283,784 | ---- | C] () -- C:\Users\planet compuers\Desktop\Admin_page_of_reliance.png
[2012/07/11 23:04:40 | 000,061,165 | ---- | C] () -- C:\Users\planet compuers\Desktop\9f9.jpg
[2012/07/11 21:04:04 | 000,005,728 | ---- | C] () -- C:\Users\planet compuers\Desktop\Document 1.pdf
[2012/07/11 19:50:06 | 000,082,036 | ---- | C] () -- C:\Users\planet compuers\Desktop\catsTFUXTFX.jpg
[2012/07/11 19:12:24 | 000,103,356 | ---- | C] () -- C:\Users\planet compuers\Desktop\catsrtdz.jpg
[2012/07/11 13:40:39 | 000,023,150 | ---- | C] () -- C:\Users\planet compuers\Desktop\561454_318561098234381_2060711387_n.jpg
[2012/07/09 23:07:15 | 000,106,026 | ---- | C] () -- C:\Users\planet compuers\Desktop\catsurtuy.jpg
[2012/07/06 15:25:50 | 000,158,620 | ---- | C] () -- C:\Users\planet compuers\Desktop\Picture of me 9.png
[2012/07/05 21:38:01 | 000,054,078 | ---- | C] () -- C:\Users\planet compuers\Desktop\catstytfy.jpg
[2012/06/29 20:05:25 | 000,035,784 | ---- | C] () -- C:\Users\planet compuers\Desktop\539628_180564618741430_450581864_n.jpg
[2012/06/29 17:58:20 | 000,093,371 | ---- | C] () -- C:\Users\planet compuers\Desktop\catshgjgjk.jpg
[2012/06/27 01:48:38 | 000,000,901 | ---- | C] () -- C:\Users\planet compuers\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/06/27 01:48:38 | 000,000,877 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/06/21 13:58:57 | 000,000,852 | ---- | C] () -- C:\Users\planet compuers\Desktop\Kukku photo sign - Shortcut.lnk
[2012/06/15 18:47:06 | 000,001,234 | ---- | C] () -- C:\Users\planet compuers\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/06/14 00:34:58 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\MMX310G 3G USB Manager.lnk
[2012/05/31 11:45:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/05/31 11:42:22 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/05/31 09:21:57 | 000,552,993 | ---- | C] () -- C:\Users\planet compuers\AppData\Local\census.cache
[2012/05/31 09:21:29 | 000,233,453 | ---- | C] () -- C:\Users\planet compuers\AppData\Local\ars.cache
[2012/03/09 16:51:49 | 000,000,020 | ---- | C] () -- C:\Windows\cmm.dat
[2012/02/27 22:44:56 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2012/02/27 22:44:55 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2012/02/02 02:42:42 | 000,000,600 | ---- | C] () -- C:\Users\planet compuers\AppData\Roaming\winscp.rnd
[2012/01/28 03:22:35 | 000,000,115 | ---- | C] () -- C:\Windows\MINIUPDATE.INI
[2012/01/19 22:46:49 | 000,000,600 | ---- | C] () -- C:\Users\planet compuers\AppData\Local\PUTTY.RND
[2012/01/19 15:40:51 | 000,014,784 | ---- | C] () -- C:\Users\planet compuers\AppData\Roaming\ekiga.conf
[2012/01/15 16:33:02 | 000,408,064 | ---- | C] () -- C:\Windows\libtiff-5.dll
[2012/01/15 16:33:02 | 000,204,288 | ---- | C] () -- C:\Windows\libjpeg-8.dll
[2012/01/15 16:33:02 | 000,180,224 | ---- | C] () -- C:\Windows\libwebp-2.dll
[2012/01/15 16:33:02 | 000,151,552 | ---- | C] () -- C:\Windows\libpng15-15.dll
[2012/01/15 16:33:02 | 000,100,352 | ---- | C] () -- C:\Windows\zlib1.dll
[2012/01/15 16:33:02 | 000,051,200 | ---- | C] () -- C:\Windows\SDL_image.dll
[2012/01/10 01:30:48 | 004,346,880 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2012/01/08 03:52:00 | 000,172,032 | ---- | C] () -- C:\Windows\System32\libbluray.dll
[2012/01/08 03:51:50 | 006,366,094 | ---- | C] () -- C:\Windows\System32\avcodec-lav-53.dll
[2012/01/08 03:51:50 | 001,007,151 | ---- | C] () -- C:\Windows\System32\avformat-lav-53.dll
[2012/01/08 03:51:50 | 000,354,979 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll
[2012/01/08 03:51:50 | 000,203,306 | ---- | C] () -- C:\Windows\System32\avutil-lav-51.dll
[2012/01/08 03:51:50 | 000,138,727 | ---- | C] () -- C:\Windows\System32\avfilter-lav-2.dll
[2012/01/05 17:03:16 | 000,028,716 | ---- | C] () -- C:\Windows\nsreg.dat
[2012/01/05 17:03:03 | 000,635,129 | ---- | C] () -- C:\Windows\ld32403.exe
[2012/01/05 16:11:58 | 000,099,840 | ---- | C] () -- C:\Windows\System32\SPROF32.DLL
[2011/12/26 17:26:05 | 000,000,000 | ---- | C] () -- C:\Users\planet compuers\AppData\Roaming\.googlewebacchosts
[2011/12/21 00:20:04 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/12/21 00:19:56 | 000,099,328 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2011/12/21 00:19:54 | 000,158,720 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2011/12/21 00:19:54 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2011/12/21 00:19:52 | 001,525,248 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2011/12/21 00:19:52 | 000,212,480 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2011/12/21 00:19:52 | 000,115,200 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2011/12/21 00:19:50 | 000,328,704 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2011/12/21 00:19:50 | 000,260,608 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2011/12/21 00:19:50 | 000,137,728 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2011/12/08 01:02:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
[2011/11/29 19:45:08 | 000,021,939 | ---- | C] () -- C:\Windows\cscmondump.bin
[2011/11/24 17:10:35 | 000,000,025 | ---- | C] () -- C:\Windows\wpd99.drv
[2011/11/24 17:10:33 | 000,051,716 | ---- | C] () -- C:\Windows\System32\pdf995mon.dll
[2011/11/23 22:37:04 | 000,000,204 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2011/11/23 22:31:19 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011/10/31 03:05:28 | 000,006,451 | ---- | C] () -- C:\Windows\System32\config.ini
[2011/09/08 19:30:52 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2011/09/08 19:30:48 | 000,142,336 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2011/09/08 19:30:42 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2011/09/08 19:30:38 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2011/09/08 19:30:34 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2011/09/08 19:30:24 | 000,154,624 | ---- | C] () -- C:\Windows\System32\ts.dll
[2011/09/08 19:30:10 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2011/09/08 19:30:06 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2011/09/08 19:29:54 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2011/09/08 19:29:52 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2011/08/06 00:08:44 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/08/04 02:20:48 | 000,055,808 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2011/08/04 02:20:47 | 000,441,705 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2011/07/27 05:01:26 | 000,271,660 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/07/02 23:23:08 | 000,007,613 | ---- | C] () -- C:\Users\planet compuers\AppData\Local\Resmon.ResmonCfg
[2011/06/21 01:52:54 | 000,006,312 | ---- | C] () -- C:\Windows\wininit.ini
[2011/06/19 22:25:01 | 000,015,365 | ---- | C] () -- C:\Users\planet compuers\AppData\Roaming\TFProfile.Img
[2011/05/30 19:12:50 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/05/23 13:16:30 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/05/14 00:55:58 | 000,010,240 | ---- | C] () -- C:\Users\planet compuers\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/11 00:30:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/05/03 16:05:20 | 000,000,938 | ---- | C] () -- C:\Windows\psmplay.ini
[2011/05/01 13:34:38 | 000,061,440 | ---- | C] () -- C:\Windows\wpuninst.exe
[2011/03/16 18:47:51 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/03/15 18:49:40 | 000,000,000 | ---- | C] () -- C:\Windows\kahncc.INI
[2011/03/03 17:09:56 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2011/03/03 17:08:10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2011/03/03 17:07:50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2011/02/18 20:08:41 | 000,006,656 | ---- | C] () -- C:\Windows\System32\drivers\SHPACMFilter.sys
[2011/02/18 13:38:55 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2011/02/18 13:37:10 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/08/19 01:26:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\Registration.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

**picked** · 2012-07-13, 12:58

no help:(

**tashi** · 2012-07-13, 15:12

Hello,

Originally Posted by picked

i was not using antivirus last night. i was port scanning with every security measure being closed. I also downloaded some softwares from donationcoder.com a site known malicious in avast database, avast was blocking, so i closed avast :p
spybot s&d was closed along with avast. firewall comodo was also closed. so no security measures for useless experiments.

Originally Posted by picked

no help:(

You started the topic today, this is not a shop. The forum sticky: "BEFORE You POST"(Please read this Procedure Before Requesting Assistance)

"C:\Program Files\uTorrent" File Sharing, otherwise known as Peer To Peer. (P2P)

Your username has been edited as the original may be found inappropriate for a family site.

Best regards,
------------------------------------------
Edit
Apparently you have been responded to at another site, I will not link because AFAIK the person is not trained to give malware removal advice.

However, from this forum's sticky FAQ.

Posters who start topics at multiple sites for their PC problem waste valuable volunteer resources as our analysts assist people at several forums. Worse scenario would be to run fixes given at one site unbeknown to the person helping the same user elsewhere.

Thread: Avast shield hacked at start/ rubotted not starting service

Thread Tools

Display

Avast shield hacked at start/ rubotted not starting service

Posting Permissions