-
Possible Virus Please Help
Hi Ken545,
Please find the the OTL custom fix Log below and the OTL log in next post. Please note there was no Extras.txt produced.
Thanks.
_____________________________________
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{24ED1F25-AEA4-4A4A-B914-32F266843651}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24ED1F25-AEA4-4A4A-B914-32F266843651}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{372C5994-42DE-45AF-8CFE-0ED3D9A88E32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{372C5994-42DE-45AF-8CFE-0ED3D9A88E32}\ not found.
Registry key HKEY_USERS\S-1-5-21-507268109-3519426565-122146191-1000\Software\Microsoft\Internet Explorer\SearchScopes\{24ED1F25-AEA4-4A4A-B914-32F266843651}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24ED1F25-AEA4-4A4A-B914-32F266843651}\ not found.
Registry key HKEY_USERS\S-1-5-21-507268109-3519426565-122146191-1000\Software\Microsoft\Internet Explorer\SearchScopes\{372C5994-42DE-45AF-8CFE-0ED3D9A88E32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{372C5994-42DE-45AF-8CFE-0ED3D9A88E32}\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Alan\Desktop\cmd.bat deleted successfully.
C:\Users\Alan\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYJAVA]
User: Alan
User: All Users
User: Default
User: Default User
User: Public
Total Java Files Cleaned = 0.00 mb
[EMPTYTEMP]
User: Alan
->Temp folder emptied: 2284799 bytes
->Temporary Internet Files folder emptied: 37404636 bytes
->Flash cache emptied: 458 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49649 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 38.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04232014_125723
Files\Folders moved on Reboot...
C:\Users\Alan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
Possible Virus Please Help
___________________________________
OTL.txt HAS BEEN SPLIT INTO TWO POSTS DUE TO LENGTH
OTL logfile created on: 23/04/2014 13:45:54 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alan\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16575)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 59.73% Memory free
4.22 Gb Paging File | 3.28 Gb Available in Paging File | 77.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 324.95 Gb Total Space | 299.06 Gb Free Space | 92.03% Space Free | Partition Type: NTFS
Drive D: | 10.40 Gb Total Space | 1.43 Gb Free Space | 13.70% Space Free | Partition Type: NTFS
Computer Name: ALAN-PC | User Name: Alan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Users\Alan\Desktop\OTL.exe (OldTimer Tools)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\WINDOWS\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\47b2e1d9030f551f685dfea0b618e7fd\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a4fd3b000abfd4712b02ec223df3e9dd\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\38b9d09539b67b08ee996db6c71f8a9b\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6d75eb3ca10a514754f5e87cc2134f07\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\19d027c3381110e60c003f2c8bd307ee\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\57ac9ba5419d6bf4b79f2979b0755428\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c068708e16abf0be77a21b9f29817d83\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2955.38824__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2955.38783__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2955.38836__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2955.38998__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2955.38965__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2955.38815__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2955.38924__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2955.38802__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2955.39027__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2955.38973__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2955.39033__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2955.38978__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2955.38796__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.2955.39051__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2955.38972__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2955.39025__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2955.38932__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2955.38848__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2955.38926__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2955.38803__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2955.38991__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2955.38919__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2955.38843__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2955.38947__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2955.38931__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2955.38925__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2955.38853__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2955.38931__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2955.38946__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2955.38958__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2886.28819__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2886.28812__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.2886.28852__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2886.28804__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2886.28823__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2886.28850__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2886.28860__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2886.28801__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2886.28885__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2886.28803__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2886.28859__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2886.28837__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2886.28825__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2886.28817__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2886.28813__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2886.28829__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2886.28836__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2886.28837__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2886.28819__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2886.28838__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2886.28862__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2886.28831__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2886.28863__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2886.28850__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2886.28849__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2886.28830__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2886.28839__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2886.28848__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2886.28832__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2886.28801__90ba9c70f846762e\AEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2886.28839__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2886.28831__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2886.28819__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2955.38790__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2955.38810__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2955.39018__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2955.38775__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2955.39017__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2886.28834__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2886.28809__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2886.28825__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2955.39044__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2886.28814__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2886.28826__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2886.28834__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2886.28832__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2955.38773__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2955.38775__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2955.38775__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2955.38774__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2955.39018__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2886.28851__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\WINDOWS\System32\atitmmxx.dll ()
========== Services (SafeList) ==========
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
-
Possible Virus Please Help
========== Driver Services (SafeList) ==========
DRV - (SymIMMP) -- system32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- system32\DRIVERS\SymIM.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (atikmdag) -- C:\WINDOWS\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (nvrd32) -- C:\WINDOWS\System32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\WINDOWS\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\WINDOWS\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (netr73) -- C:\WINDOWS\System32\drivers\netr73.sys (Ralink Technology, Corp.)
DRV - (Ps2) -- C:\WINDOWS\System32\drivers\PS2.sys (Hewlett-Packard Company)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-507268109-3519426565-122146191-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-507268109-3519426565-122146191-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-507268109-3519426565-122146191-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-507268109-3519426565-122146191-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-507268109-3519426565-122146191-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-507268109-3519426565-122146191-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-507268109-3519426565-122146191-1000\..\SearchScopes\{851A8443-B5A8-47F0-9639-C15E516C4C7B}: "URL" = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
IE - HKU\S-1-5-21-507268109-3519426565-122146191-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2014/04/23 12:57:24 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-507268109-3519426565-122146191-1000..\Run: [BrowserChoice] C:\Windows\System32\browserchoice.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-507268109-3519426565-122146191-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-507268109-3519426565-122146191-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-507268109-3519426565-122146191-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-507268109-3519426565-122146191-1000\..Trusted Domains: live.com ([login] https in Trusted sites)
O15 - HKU\S-1-5-21-507268109-3519426565-122146191-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC8A0FF6-6E48-45C7-BD7D-7AAB53E677A3}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\awave.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\awave.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/27 23:33:50 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/04/23 13:31:36 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2014/04/23 13:31:36 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2014/04/23 13:31:36 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2014/04/23 13:31:36 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2014/04/23 13:31:36 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2014/04/23 13:31:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2014/04/23 13:31:15 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2014/04/23 13:30:36 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2014/04/23 13:30:36 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2014/04/23 13:30:36 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2014/04/23 13:30:14 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2014/04/23 13:30:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2014/04/23 13:30:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2014/04/23 13:30:14 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2014/04/23 13:30:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2014/04/23 13:30:14 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2014/04/23 13:30:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2014/04/23 13:30:14 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2014/04/23 13:29:27 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2014/04/23 13:29:26 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2014/04/23 13:29:26 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2014/04/23 13:29:26 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2014/04/23 13:29:26 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2014/04/23 13:29:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2014/04/23 13:29:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/04/23 13:27:57 | 002,855,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014/04/23 13:27:57 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2014/04/23 13:27:57 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2014/04/23 13:27:56 | 002,433,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2014/04/23 13:27:56 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2014/04/23 13:27:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2014/04/23 13:27:33 | 003,504,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014/04/23 13:27:33 | 003,470,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/04/23 13:25:41 | 000,500,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2014/04/23 13:25:41 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2014/04/23 13:25:23 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2014/04/23 13:25:23 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014/04/23 13:25:01 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2014/04/23 13:24:23 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2014/04/23 13:23:01 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2014/04/23 13:23:01 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2014/04/23 13:23:01 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2014/04/23 13:23:01 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2014/04/23 13:23:01 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2014/04/23 13:23:01 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2014/04/23 13:23:01 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2014/04/23 13:23:01 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2014/04/23 13:21:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014/04/23 13:21:08 | 000,110,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2014/04/23 13:21:08 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2014/04/23 13:20:56 | 002,923,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/04/23 13:20:17 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2014/04/23 13:19:38 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014/04/23 13:19:38 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2014/04/23 13:19:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2014/04/23 13:19:37 | 000,944,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014/04/23 13:19:37 | 000,905,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014/04/23 13:19:37 | 000,620,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2014/04/23 13:19:37 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2014/04/23 13:19:37 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2014/04/23 13:19:37 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2014/04/23 13:19:36 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2014/04/23 13:19:36 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2014/04/23 13:19:36 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2014/04/23 13:19:36 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2014/04/23 13:19:36 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2014/04/23 13:19:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2014/04/23 13:19:35 | 000,035,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2014/04/23 13:19:35 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2014/04/23 13:19:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2014/04/23 13:19:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2014/04/23 13:19:02 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2014/04/23 13:19:01 | 000,654,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2014/04/23 13:19:01 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2014/04/23 13:19:01 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2014/04/23 13:19:00 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2014/04/23 13:19:00 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2014/04/23 13:18:47 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2014/04/23 13:18:47 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2014/04/23 13:18:30 | 000,213,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/04/23 13:18:30 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2014/04/23 13:18:30 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2014/04/23 13:18:11 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2014/04/23 13:17:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2014/04/23 13:17:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2014/04/23 13:17:50 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2014/04/23 13:17:49 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014/04/23 13:17:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2014/04/23 13:17:16 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/04/23 13:17:11 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2014/04/23 13:17:11 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2014/04/23 13:17:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2014/04/23 13:17:02 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2014/04/23 13:16:27 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014/04/23 13:16:27 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014/04/23 13:16:27 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014/04/23 13:16:27 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014/04/23 13:16:27 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014/04/23 13:16:26 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014/04/23 13:16:26 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014/04/23 13:16:26 | 000,473,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014/04/23 13:16:26 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014/04/23 13:16:09 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2014/04/23 12:57:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/04/22 19:11:33 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/22 19:04:05 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Alan\Desktop\JRT.exe
[2014/04/22 18:56:03 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/22 18:23:08 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2014/04/22 18:23:05 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2014/04/22 18:23:05 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2014/04/22 18:16:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2014/04/22 18:16:37 | 004,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2014/04/22 18:16:37 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2014/04/22 18:16:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2014/04/22 18:16:14 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2014/04/22 18:14:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014/04/22 18:14:08 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2014/04/22 18:13:50 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2014/04/22 18:13:25 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2014/04/22 18:12:16 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2014/04/22 18:12:10 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2014/04/22 18:11:49 | 001,327,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2014/04/22 18:11:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2014/04/22 18:11:48 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2014/04/22 18:11:37 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2014/04/22 18:11:29 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2014/04/22 18:11:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2014/04/22 18:11:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2014/04/22 18:11:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2014/04/22 18:11:24 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2014/04/22 16:58:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
========== Files - Modified Within 30 Days ==========
[2014/04/23 13:44:13 | 000,622,906 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/04/23 13:44:13 | 000,108,122 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/04/23 13:37:11 | 000,001,591 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2014/04/23 13:37:05 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/23 13:37:05 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/23 13:36:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/23 13:36:41 | 2145,968,128 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/23 13:33:54 | 000,288,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/04/23 13:31:36 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2014/04/23 13:31:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2014/04/23 13:31:36 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2014/04/23 13:31:36 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2014/04/23 13:31:36 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2014/04/23 13:31:16 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2014/04/23 13:31:15 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2014/04/23 13:30:36 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2014/04/23 13:30:36 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2014/04/23 13:30:36 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2014/04/23 13:30:14 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2014/04/23 13:30:14 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2014/04/23 13:30:14 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2014/04/23 13:30:14 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2014/04/23 13:30:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2014/04/23 13:30:14 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2014/04/23 13:30:14 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2014/04/23 13:30:14 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2014/04/23 13:29:27 | 001,657,350 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2014/04/23 13:29:27 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2014/04/23 13:29:26 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2014/04/23 13:29:26 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2014/04/23 13:29:26 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2014/04/23 13:29:26 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2014/04/23 13:29:02 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2014/04/23 13:29:02 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/04/23 13:27:57 | 002,855,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014/04/23 13:27:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2014/04/23 13:27:57 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2014/04/23 13:27:56 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2014/04/23 13:27:56 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2014/04/23 13:27:56 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2014/04/23 13:27:33 | 003,504,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014/04/23 13:27:33 | 003,470,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/04/23 13:25:41 | 000,500,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2014/04/23 13:25:41 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2014/04/23 13:25:23 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2014/04/23 13:25:23 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014/04/23 13:25:01 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2014/04/23 13:24:23 | 000,713,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2014/04/23 13:23:01 | 001,244,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2014/04/23 13:23:01 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2014/04/23 13:23:01 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2014/04/23 13:23:01 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2014/04/23 13:23:01 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2014/04/23 13:23:01 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2014/04/23 13:23:01 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2014/04/23 13:21:41 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014/04/23 13:21:08 | 000,110,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2014/04/23 13:21:08 | 000,045,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2014/04/23 13:20:56 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/04/23 13:20:17 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2014/04/23 13:19:39 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\i8042prt.sys.mui
[2014/04/23 13:19:39 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\sermouse.sys.mui
[2014/04/23 13:19:39 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\mouclass.sys.mui
[2014/04/23 13:19:39 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
[2014/04/23 13:19:39 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\mouhid.sys.mui
[2014/04/23 13:19:39 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\kbdhid.sys.mui
[2014/04/23 13:19:38 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014/04/23 13:19:38 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2014/04/23 13:19:38 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2014/04/23 13:19:37 | 000,944,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014/04/23 13:19:37 | 000,905,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014/04/23 13:19:37 | 000,620,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2014/04/23 13:19:37 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2014/04/23 13:19:37 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2014/04/23 13:19:37 | 000,019,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2014/04/23 13:19:36 | 000,260,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2014/04/23 13:19:36 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2014/04/23 13:19:36 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2014/04/23 13:19:36 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2014/04/23 13:19:36 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2014/04/23 13:19:36 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2014/04/23 13:19:35 | 000,035,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2014/04/23 13:19:35 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2014/04/23 13:19:35 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2014/04/23 13:19:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2014/04/23 13:19:02 | 000,654,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2014/04/23 13:19:02 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2014/04/23 13:19:01 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2014/04/23 13:19:01 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2014/04/23 13:19:00 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2014/04/23 13:19:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2014/04/23 13:18:47 | 000,220,672 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2014/04/23 13:18:47 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2014/04/23 13:18:30 | 000,213,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/04/23 13:18:30 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2014/04/23 13:18:30 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2014/04/23 13:18:11 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2014/04/23 13:17:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2014/04/23 13:17:59 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2014/04/23 13:17:50 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2014/04/23 13:17:49 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014/04/23 13:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2014/04/23 13:17:16 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/04/23 13:17:11 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2014/04/23 13:17:11 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2014/04/23 13:17:02 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2014/04/23 13:17:02 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2014/04/23 13:16:28 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014/04/23 13:16:27 | 000,435,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014/04/23 13:16:27 | 000,431,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014/04/23 13:16:27 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014/04/23 13:16:27 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014/04/23 13:16:26 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014/04/23 13:16:26 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014/04/23 13:16:26 | 000,473,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014/04/23 13:16:26 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014/04/23 13:16:09 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2014/04/23 12:57:24 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014/04/22 19:04:54 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Alan\Desktop\JRT.exe
[2014/04/22 18:54:01 | 001,345,299 | ---- | M] () -- C:\Users\Alan\Desktop\AdwCleaner.exe
[2014/04/22 18:29:11 | 033,095,680 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2014/04/22 18:29:11 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2014/04/22 18:29:11 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2014/04/22 18:23:08 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2014/04/22 18:23:05 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2014/04/22 18:23:05 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2014/04/22 18:16:40 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2014/04/22 18:16:38 | 004,247,552 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2014/04/22 18:16:37 | 001,686,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2014/04/22 18:16:15 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2014/04/22 18:16:15 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2014/04/22 18:14:08 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2014/04/22 18:13:50 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2014/04/22 18:13:25 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2014/04/22 18:12:16 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2014/04/22 18:12:10 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2014/04/22 18:11:48 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2014/04/22 18:11:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2014/04/22 18:11:37 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2014/04/22 18:11:30 | 008,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2014/04/22 18:11:28 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2014/04/22 18:11:28 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2014/04/22 18:11:24 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2014/04/22 16:58:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
[2014/04/03 09:51:10 | 000,051,416 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/04/03 09:51:00 | 000,073,432 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/04/03 09:50:56 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2014/04/23 13:37:11 | 000,001,591 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2014/04/23 13:29:27 | 001,657,350 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2014/04/22 18:53:54 | 001,345,299 | ---- | C] () -- C:\Users\Alan\Desktop\AdwCleaner.exe
[2014/04/22 18:25:36 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2014/04/22 18:25:36 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2014/04/22 18:25:35 | 033,095,680 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2013/08/12 15:17:25 | 000,000,680 | ---- | C] () -- C:\Users\Alan\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/04/23 13:22:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/04/23 13:19:01 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 10:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
========== Purity Check ==========
< End of report >
___________________________________
-
Good, you should still have aswMBR on your desktop, run a new scan (DONT FIX ANYTHING) I just want to see the report to see if that bad java entry is gone
-
Possible Virus Please Help
Hi Ken545,
Due to the time/ date issue the Malwarebytes trial version is showing as out of date by over a year. I tried uninstalling and reinstalling Malwarebytes; however, the new version also detailed the trial as expired and requested that I bought the premium version.
That said, the Malwarebytes database did appear to update and the program did let me run a threat scan; the results are below.
Thanks once more.
__________________________________
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 23/04/2014
Scan Time: 14:34:31
Logfile:
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.23.05
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
OS: Windows Vista
CPU: x86
File System: NTFS
User: Alan
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 216753
Time Elapsed: 5 min, 48 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
-
-
Possible Virus Please Help
Thanks Ken545,
Apologies for wasting your time. Here is the log:
__________________________________________
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-04-23 14:53:16
-----------------------------
14:53:16.093 OS Version: Windows 6.0.6000
14:53:16.093 Number of processors: 2 586 0x6B02
14:53:16.093 ComputerName: ALAN-PC UserName: Alan
14:53:17.419 Initialize success
15:01:16.751 AVAST engine defs: 14042300
15:01:46.500 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004b
15:01:46.516 Disk 0 Vendor: ST336032 3.CH Size: 343399MB BusType: 6
15:01:46.641 Disk 0 MBR read successfully
15:01:46.641 Disk 0 MBR scan
15:01:46.672 Disk 0 unknown MBR code
15:01:46.687 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 332744 MB offset 63
15:01:46.750 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10652 MB offset 681461235
15:01:46.812 Disk 0 scanning sectors +703277505
15:01:46.999 Disk 0 scanning C:\Windows\system32\drivers
15:02:01.882 Service scanning
15:02:31.569 Modules scanning
15:02:34.533 Disk 0 trace - called modules:
15:02:34.548 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll tcpip.sys NETIO.SYS storport.sys nvstor32.sys
15:02:34.564 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84d1c3d0]
15:02:34.564 3 ntkrnlpa.exe[81cb0d35] -> nt!IofCallDriver -> [0x83a85520]
15:02:34.564 5 acpi.sys[8023232a] -> nt!IofCallDriver -> \Device\0000004b[0x83a85740]
15:02:35.469 AVAST engine scan C:\Windows
15:02:38.526 AVAST engine scan C:\Windows\system32
15:07:36.275 AVAST engine scan C:\Windows\system32\drivers
15:08:11.656 AVAST engine scan C:\Users\Alan
15:09:03.635 AVAST engine scan C:\ProgramData
15:10:02.556 Scan finished successfully
15:10:34.016 Disk 0 MBR has been saved successfully to "C:\Users\Alan\Desktop\MBR.dat"
15:10:34.016 The log file has been saved successfully to "C:\Users\Alan\Desktop\aswMBR.txt"
-
Your not wasting my time, not to worry, this stuff when your new can be sometimes confusing
aswMBR shows the infected file as gone
We need to update your Java to keep you more secure
- Go to your Control Panel and click on the Java Icon ( looks like a little coffee cup ) click on About and you should have Version 7 Update 55, if not proceed with the instructions.
- Go to the update Tab and update it
- Important, during the upgrade UNCHECK ASK TOOL BAR. ( you do not need or want this )
- Then go to your Add Remove Programs (WIN XP) or Programs and Features (Vista / Win 7) in the Control Panel and uninstall all previous versions.
You can verify the installation Here
How is your computer behaving now ???
-
Possible Virus Please Help
Hi Ken545,
Java is updated - thanks.
Re: PC status
The HP w 1907v monitor drivers keep crashing and recovering.
The constant website security certificate issues haven't happened yet; but, I have set the time correctly again today and it takes a little while to lose the correct time; so, that will probably happen again. I set the time yesterday and the PC managed to lose it by one year today.
When I try to sign in into Hotmail explorer opens up tab after tab after tab.... when I click the sign in button - could this be a time issue too?
Thanks.
-
This is what I would like you to do as this forum is just for malware removal, post at this site that we use in there windows forum, we help each other out
Go here and register, use the same user name your using here so that I can find you and offer my two cents, just like Safer its free
www.whatthetech.com
After your registered, go here
http://forums.whatthetech.com/index.php?showforum=119
This is there windows forum, you can tell them you posted here and link them back to this thread so they can see what we have done, explain in detail whats going on including changing your battery, I am sure that will clear some issues.
If you want to post back here after you posted at the other forum please do and I can give one of the helpers a heads up
Ken
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules