OTL is continuesly Not Responding???
Do i keep files hidden???
OTL is continuesly Not Responding???
Do i keep files hidden???
Virus Total
Antivirus Version Last Update Result
AhnLab-V3 2011.12.28.03 2011.12.28 -
AntiVir 7.11.20.64 2011.12.29 -
Antiy-AVL 2.0.3.7 2011.12.29 -
Avast 6.0.1289.0 2011.12.28 -
AVG 10.0.0.1190 2011.12.29 -
BitDefender 7.2 2011.12.29 -
ByteHero 1.0.0.1 2011.12.07 -
CAT-QuickHeal 12.00 2011.12.29 -
ClamAV 0.97.3.0 2011.12.29 -
Commtouch 5.3.2.6 2011.12.29 -
Comodo 11126 2011.12.29 -
DrWeb 5.0.2.03300 2011.12.29 -
Emsisoft 5.1.0.11 2011.12.29 -
eSafe 7.0.17.0 2011.12.29 -
eTrust-Vet 37.0.9652 2011.12.29 -
F-Prot 4.6.5.141 2011.12.28 -
F-Secure 9.0.16440.0 2011.12.29 -
Fortinet 4.3.388.0 2011.12.29 -
GData 22 2011.12.29 -
Ikarus T3.1.1.109.0 2011.12.29 -
Jiangmin 13.0.900 2011.12.28 -
K7AntiVirus 9.120.5796 2011.12.28 -
Kaspersky 9.0.0.837 2011.12.29 -
McAfee 5.400.0.1158 2011.12.29 -
McAfee-GW-Edition 2010.1E 2011.12.29 -
Microsoft 1.7903 2011.12.29 -
NOD32 6751 2011.12.29 -
Norman 6.07.13 2011.12.28 -
nProtect 2011-12-29.01 2011.12.29 -
Panda 10.0.3.5 2011.12.29 -
PCTools 8.0.0.5 2011.12.29 -
Prevx 3.0 2011.12.29 -
Rising 23.90.03.02 2011.12.29 -
Sophos 4.72.0 2011.12.29 -
SUPERAntiSpyware 4.40.0.1006 2011.12.28 -
Symantec 20111.2.0.82 2011.12.29 -
TheHacker 6.7.0.1.367 2011.12.29 -
TrendMicro 9.500.0.1008 2011.12.29 -
TrendMicro-HouseCall 9.500.0.1008 2011.12.29 -
VBA32 3.12.16.4 2011.12.29 -
VIPRE 11319 2011.12.29 -
ViRobot 2011.12.29.4852 2011.12.29 -
VirusBuster 14.1.138.0 2011.12.28 -
Additional information
MD5 : 7c06ced2f7b9272a126d53a2a9f52ac0
SHA1 : 63911e2cb0b19beddeff84c128857d654c734953
SHA256: 95046903cc4ad0d71e5b768a319ecdc8e0689a877d9873da1b87f5c71fad1af1
ssdeep: 192:ILA4oWUS6E9a5q/cvBWENVNujkwGJ1KDJD/sWcc3CwYE0:IU47Uh6a5Ac5jRj1KDiWcqCwJ
File size : 14848 bytes
First seen: 2007-03-02 18:07:31
Last seen : 2011-12-29 09:42:08
TrID:
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: HTML Help
description..: Microsoft_ HTML Help Executable
original name: HH.exe
internal name: HH 1.41
file version.: 6.0.6000.16386 (vista_rtm.061101-2205)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0x1B2F
timedatestamp....: 0x4549B636 (Thu Nov 02 09:11:18 2006)
machinetype......: 0x14c (I386)
[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x140E, 0x1600, 6.07, 52e8f67a3d802e77d260b0f2e66361be
.data, 0x3000, 0x380, 0x200, 0.30, 26d2af9b5ae35538e55951b8e598e42b
.rsrc, 0x4000, 0x1BA0, 0x1C00, 3.71, 9765d0da6d2482adda6c805dd4f93a0e
.reloc, 0x6000, 0x1C8, 0x200, 4.57, 7ce9ec4eb40e829c58dd1f470e64cff1
[[ 3 import(s) ]]
ADVAPI32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
KERNEL32.dll: ExpandEnvironmentStringsA, FreeLibrary, GetProcAddress, LoadLibraryA, HeapSetInformation, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, GetStartupInfoA, InterlockedCompareExchange, Sleep, InterlockedExchange, UnhandledExceptionFilter
msvcrt.dll: __p__commode, __set_app_type, _terminate@@YAXXZ, _except_handler4_common, _controlfp, _adjust_fdiv, __setusermatherr, _amsg_exit, _initterm, _acmdln, exit, _ismbblead, _XcptFilter, _exit, _cexit, __getmainargs, memset, _vsnprintf, __p__fmode
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 5632
CompanyName: Microsoft Corporation
EntryPoint: 0x1b2f
FileDescription: Microsoft HTML Help Executable
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 14 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileVersionNumber: 6.0.6000.16386
ImageVersion: 6.0
InitializedDataSize: 8704
InternalName: HH 1.41
LanguageCode: English (U.S.)
LegalCopyright: Microsoft Corporation. All rights reserved.
LinkerVersion: 8.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 6.0
ObjectFileType: Executable application
OriginalFilename: HH.exe
PEType: PE32
ProductName: HTML Help
ProductVersion: 6.0.6000.16386
ProductVersionNumber: 6.0.6000.16386
Subsystem: Windows GUI
SubsystemVersion: 6.0
TimeStamp: 2006:11:02 10:11:18+01:00
UninitializedDataSize: 0
Ok, that file is fine. Keep it so we can view files again if we need to, we can change it back when where done.
Lets do this
Download ComboFix from one of these locations:
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
- See this Link for programs that need to be disabled and instruction on how to disable them.
- Remember to re-enable them when we're done.
- Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014
ERROR MESSAGE 386
No KeyBoard Detected
Press F1 To Continue
Just a reminder that threads will be closed if no reply in 3 days.
ComboFix 11-12-29.05 - HMvB 29-12-2011 23:05:08.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1033.18.2429.814 [GMT 1:00]
Gestart vanuit: c:\users\HMvB\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\HMvB\AppData\Roaming\.#
c:\users\HMvB\Favorites\BackupManager.list
c:\windows\IsUn0413.exe
c:\windows\system32\1551694079
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-11-28 to 2011-12-29 ))))))))))))))))))))))))))))))
.
.
2011-12-29 22:17 . 2011-12-29 22:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-29 07:38 . 2011-12-29 07:38 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D512DF15-D33B-4FF5-82B4-9C0A72B66C09}\MpKsl10ae3c9a.sys
2011-12-29 07:37 . 2011-12-29 07:37 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D512DF15-D33B-4FF5-82B4-9C0A72B66C09}\offreg.dll
2011-12-29 07:36 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D512DF15-D33B-4FF5-82B4-9C0A72B66C09}\mpengine.dll
2011-12-28 18:55 . 2011-12-28 18:55 -------- d-----w- c:\program files\ESET
2011-12-27 23:49 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-12-27 23:49 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-12-27 23:49 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-12-27 23:49 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-12-27 23:49 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-27 23:49 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-12-27 23:47 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2011-12-27 23:47 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-12-27 22:49 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-27 12:44 . 2011-12-27 12:44 -------- d-----w- c:\users\HMvB\IOption
2011-12-27 12:44 . 2011-12-27 12:44 -------- d-----w- c:\programdata\BackupManager
2011-12-24 04:27 . 2011-12-24 04:27 -------- d-----w- c:\users\HMvB\AppData\Roaming\AVG2012
2011-12-24 04:25 . 2011-12-25 21:42 -------- d-----w- c:\programdata\AVG Secure Search
2011-12-24 04:24 . 2011-12-25 21:43 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2011-12-24 04:24 . 2011-12-24 04:24 -------- d--h--w- c:\programdata\Common Files
2011-12-24 04:17 . 2011-12-24 04:17 -------- d-----w- c:\users\HMvB\AppData\Roaming\Auslogics
2011-12-24 04:17 . 2011-12-27 23:34 -------- d-----w- c:\programdata\AVG2012
2011-12-24 04:16 . 2011-12-24 04:16 -------- d-----w- c:\program files\Auslogics
2011-12-24 04:14 . 2011-12-24 04:14 -------- d-----w- c:\program files\AVG
2011-12-23 10:58 . 2011-06-30 13:17 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-12-22 08:56 . 2011-12-22 09:00 -------- d-----w- C:\ERUNT
2011-12-22 08:46 . 2011-12-22 09:04 -------- d-----w- c:\program files\ERUNT
2011-12-20 19:47 . 2011-12-20 20:10 -------- d-----w- c:\users\HMvB\AppData\Roaming\GetRightToGo
2011-12-20 17:03 . 2011-12-20 17:03 388096 ----a-r- c:\users\HMvB\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-20 17:03 . 2011-12-25 21:43 -------- d-----w- c:\program files\Trend Micro
2011-12-20 13:36 . 2011-12-24 08:37 -------- d-----w- c:\programdata\AVAST Software
2011-12-20 13:36 . 2011-12-20 13:36 -------- d-----w- c:\program files\AVAST Software
2011-12-18 22:46 . 2011-12-25 21:43 -------- d-----w- c:\program files\QuickTime
2011-12-16 11:56 . 2011-11-23 13:37 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-12-16 11:56 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-16 11:55 . 2011-10-27 08:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-16 11:55 . 2011-10-27 08:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-16 11:55 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-12-16 11:55 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-16 11:55 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-13 23:13 . 2011-12-13 23:13 -------- d-----w- c:\program files\iPod
2011-12-13 23:13 . 2011-12-13 23:14 -------- d-----w- c:\program files\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-16 21:24 . 2011-05-29 09:23 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-12 09:07 . 2011-06-30 13:13 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-11-21 10:47 . 2010-03-08 12:57 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-11 20:53 . 2011-10-11 20:54 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B5A84CA5-2C20-4A04-B238-58E5F56780DD}\gapaengine.dll
2011-10-03 03:06 . 2011-09-06 16:50 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-05 06:53 . 2011-03-23 03:13 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-05-14 22:02 120104 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-19 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-12-16 735608]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-24 619352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-19 30192]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2010-11-26 274608]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
c:\users\HMvB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ZooskMessenger.lnk - c:\program files\ZooskMessenger\ZooskMessenger.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^HMvB^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\HMvB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management]
2009-04-03 18:54 698912 ----a-w- c:\program files\Acer\Acer ePower Management\ePowerTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun]
2008-10-24 20:18 237568 ----a-w- c:\program files\AmIcoSingLun\AmIcoSinglun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
2009-01-20 23:41 156968 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
2009-04-11 18:32 249600 ----a-w- c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-18 01:06 1848648 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-11 01:20 689488 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2009-01-20 23:41 202024 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecLiveUpdate]
2009-05-13 18:39 199464 ----a-w- c:\program files\EgisTec Egis Software Update\EgisUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-08-19 01:00 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-12-08 00:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2009-02-24 00:16 870920 ----a-w- c:\program files\Launch Manager\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-11-10 00:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
2009-05-14 22:03 345384 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
2008-12-26 16:30 173288 ------w- c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
2008-07-29 18:29 200704 ----a-w- c:\windows\PLFSetI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg]
2008-11-17 08:47 135168 ----a-w- c:\program files\Acer\WR_PopUp\ProductReg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2009-03-11 00:48 6957600 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2009-03-11 00:49 1833504 ----a-w- c:\program files\Realtek\Audio\HDA\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-03-18 20:34 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 11:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-01-19 19:58 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-12-16 15:22 735608 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
R1 MpKsl001c7aa7;MpKsl001c7aa7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A7E6F4A-5733-4CFA-BB52-2835842DFC8B}\MpKsl001c7aa7.sys [x]
R1 MpKsl046e81d8;MpKsl046e81d8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F1EFA03-D526-4F20-977B-E072B134C528}\MpKsl046e81d8.sys [x]
R1 MpKsl0bf29767;MpKsl0bf29767;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{46443532-7132-4B1A-B020-AD29F165A162}\MpKsl0bf29767.sys [x]
R1 MpKsl1026bf0d;MpKsl1026bf0d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B9CF4B7-1511-4144-B2F5-21BA05CA2723}\MpKsl1026bf0d.sys [x]
R1 MpKsl15f771f0;MpKsl15f771f0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8198F10A-D6DF-448C-B20A-4D36EE298A18}\MpKsl15f771f0.sys [x]
R1 MpKsl1f48bae3;MpKsl1f48bae3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98A2975E-1BC3-480B-B6A5-31876D07E8EA}\MpKsl1f48bae3.sys [x]
R1 MpKsl33ba2253;MpKsl33ba2253;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{572A226D-6807-4A37-B3F9-2ACF56FB74EB}\MpKsl33ba2253.sys [x]
R1 MpKsl5431f22b;MpKsl5431f22b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{38032A1D-FF1D-419A-A077-4DA46A35E0B1}\MpKsl5431f22b.sys [x]
R1 MpKsl7e0c57b4;MpKsl7e0c57b4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FD821B66-C3CC-4DB3-B91C-116392DC3ACE}\MpKsl7e0c57b4.sys [x]
R1 MpKsl83c2c4bb;MpKsl83c2c4bb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40388940-175A-48C8-B4BF-4323FA3EFDAF}\MpKsl83c2c4bb.sys [x]
R1 MpKsl8b5bbfd4;MpKsl8b5bbfd4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABC5C962-839E-45B2-977E-798FF0DC87AA}\MpKsl8b5bbfd4.sys [x]
R1 MpKsl9b3812d8;MpKsl9b3812d8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B6728DE2-9AC9-442D-BC12-2D1280BB0DCC}\MpKsl9b3812d8.sys [x]
R1 MpKsla22bf45a;MpKsla22bf45a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8586F001-F811-47B9-A6A1-E9D2D33D72BB}\MpKsla22bf45a.sys [x]
R1 MpKsla3b0c331;MpKsla3b0c331;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7F698F31-3F36-4E1E-B816-2ECCB1762494}\MpKsla3b0c331.sys [x]
R1 MpKslb13aeb82;MpKslb13aeb82;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{66C03A71-977E-4282-809D-D46530ED4644}\MpKslb13aeb82.sys [x]
R1 MpKslbbe7a69c;MpKslbbe7a69c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6FEFB36D-50C8-4172-9BBD-72804C9AD59C}\MpKslbbe7a69c.sys [x]
R1 MpKslc220a990;MpKslc220a990;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABC5C962-839E-45B2-977E-798FF0DC87AA}\MpKslc220a990.sys [x]
R1 MpKslc49fcadd;MpKslc49fcadd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F1EFA03-D526-4F20-977B-E072B134C528}\MpKslc49fcadd.sys [x]
R1 MpKsle06937c5;MpKsle06937c5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0EBA03B3-4151-4BCB-A70E-A0E0FC1D552E}\MpKsle06937c5.sys [x]
R1 MpKsle791c1f2;MpKsle791c1f2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{66C03A71-977E-4282-809D-D46530ED4644}\MpKsle791c1f2.sys [x]
R1 MpKslebd1dc15;MpKslebd1dc15;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7F984E55-997A-44F6-9C81-5ACA2156AFB3}\MpKslebd1dc15.sys [x]
R1 MpKslf011f89a;MpKslf011f89a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{191ABBBF-27B9-4B37-A4FB-4893C9C847AE}\MpKslf011f89a.sys [x]
R1 MpKslf5044cff;MpKslf5044cff;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B492EB8D-7D2B-41FF-9725-1B4FC1A3D0EC}\MpKslf5044cff.sys [x]
R1 MpKslf55d7464;MpKslf55d7464;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{955DBED9-12FC-42A5-8166-C12FC4D238C0}\MpKslf55d7464.sys [x]
R1 MpKslf9d7dacd;MpKslf9d7dacd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0ECDB0F1-06F6-44F3-B570-030B29E6E305}\MpKslf9d7dacd.sys [x]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Firefox Service;Firefox Service;c:\users\HMvB\AppData\Roaming\Mozilla\Firefox\Profiles\7xbljf0i.default\extensions\startup.service@mozilla.com\svc.exe [2011-03-10 83456]
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 136176]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 23040]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-19 30192]
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 136176]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-12-12 64512]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-18 691696]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 MpKsl10ae3c9a;MpKsl10ae3c9a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D512DF15-D33B-4FF5-82B4-9C0A72B66C09}\MpKsl10ae3c9a.sys [2011-12-29 29904]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2008-12-04 19504]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2008-12-04 16432]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2008-12-04 59952]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-06-29 101720]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-24 494424]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-12-18 75048]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-04-03 723488]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-12-23 2152152]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 MWLService;MyWinLocker Service;c:\program files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-05-14 305448]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-04-11 61184]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-24 869216]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2009-03-19 4386304]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2009-03-19 93184]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-09-04 223232]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MPKSL10AE3C9A
*NewlyCreated* - MPKSL95FE6BDF
*NewlyCreated* - MPKSLA12EC0A6
*Deregistered* - Lavasoft Kernexplorer
*Deregistered* - MpKsl95fe6bdf
*Deregistered* - MpKsla12ec0a6
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HsfXAudioService REG_MULTI_SZ HsfXAudioService
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
.
2011-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 09:02]
.
2011-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 09:02]
.
.
------- Bijkomende Scan -------
.
uStart Page = https://mail.google.com/mail/?hl=en&...t&shva=1#inbox
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\HMvB\AppData\Roaming\Mozilla\Firefox\Profiles\7xbljf0i.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?source=gama&hl=en
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bda0b6794-02d7-409b-9344-dcd5a4ecb917%7D&mid=7cfdccc063fd47d1a9b2d156505ed0f4-40c790bcf55dc492292f2b87f02d8f1ebdc2e7bd&ds=AVG&v=9.0.0.23&lang=nl&pr=pr&d=2011-12-24%2005%3A25%3A26&sap=ku&q=
.
- - - - ORPHANS VERWIJDERD - - - -
.
URLSearchHooks-{a386d4b0-fddb-4e1c-ae61-4f014013cd9b} - (no file)
URLSearchHooks-{87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{A386D4B0-FDDB-4E1C-AE61-4F014013CD9B} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
HKCU-Run-uTray - c:\program files\ITknowledge24\uTray.exe
HKLM-Run-vProt - c:\program files\AVG Secure Search\vprot.exe
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\SUPERAntiSpyware\SASSEH.DLL
Notify-!SASWinLogon - c:\program files\SUPERAntiSpyware\SASWINLO.DLL
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
MSConfigStartUp-MSSE - c:\program files\Microsoft Security Essentials\msseces.exe
MSConfigStartUp-SynTPEnh - c:\program files\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0413.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-29 23:17
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
.
C:\## aswSnx private storage
.
Scan succesvol afgerond
verborgen bestanden: 1
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Voltooingstijd: 2011-12-29 23:23:42
ComboFix-quarantined-files.txt 2011-12-29 22:23
.
Pre-Run: 118.437.138.432 bytes free
Post-Run: 118.338.523.136 bytes free
.
- - End Of File - - ACD5731BA417B0BE14A5FF4268F9AE44
Hello,
Things running any better ? On your initial DDS log you had Microsoft Security Essentials installed and now I am looking at Avast also, when did you install it ? You should only have one Anti Virus program running, more than one is overkill and can severely hamper system performance, I would suggest uninstalling Avast via Programs and Features in the Control Panel.
While your in there I would also strongly suggest that you uninstall uTorrent, File Sharing programs are very dangerous, your downloading that file from an unknown source and most contain some sort or malware.
Drag OTL to the trash and go back to link # 10 and redownload it and see if it will run now, if it wont run try running it in Safemode, then post the log please
To Enter Safemode
- Go to Start> Shut off your Computer> Restart
- As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu.- Use the Up and Down Arrow Keys to scroll up to Safemode with Networking
- Then press the Enter Key on your Keyboard
Tutorial if you need it How to boot into Safemode
Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014
ERROR MESSAGE 386
No KeyBoard Detected
Press F1 To Continue
Just a reminder that threads will be closed if no reply in 3 days.
Removed all recommended! Downloaded OTL again but same problem! Continuesly Not Responding!
Quick question: what should i use to download torrents?
I always dwnld from the same sites from the same people such as eztv.
I've been at my moms whos laptop this is but i'm getting ready to go home and might not be able to get back in touch in the next 3 days eventhough i will try!!!
Otherwise is it possible that i contact you through another e-mail incase this thread closes?
My e-mail is
Last edited by ken545; 2011-12-30 at 14:24. Reason: Removed users email address for security
Hi,
Outside of OTL not responding , how is your computer behaving now ?
These forums are read by people from all over the world, I removed your email address for safety, dont post any personal info. In the event this thread is closed before you get back you can just PM me or a moderator to reopen it.
As far as the torrents, there bad news, a lot of things that can be downloaded with them are sometimes illegal or infected, I have been at this for many years and the greater percentage of people posting in these forums infected there computers via the torrents, I would no way no how let anyone that has access to any of my systems use any kind of File Sharing.
Read this
http://www.us-cert.gov/cas/tips/ST05-007.html
http://forums.spybot.info/showthread.php?t=282
Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
We have noticed that many people seeking help from us are coming with infections contracted from the use of P2P programs.
Because of this, we changed our malware forum's policy on the use of P2P file sharing programs.
- If your helper detects the presence of such programs on your computer he/she will ask you to remove them. Help will be withdrawn should you not agree to their removal.
- If we clean your computer of infection, and you return to us a short time later with an infection contracted by the use of P2P programs, volunteer analysts will refuse their help.
We do not ask you to do this without reason.
P2P (File Sharing ) programs form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P program is not configured correctly you may be sharing more files than you realize. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.
Many of the programs come bundled with other unwanted programs, but even the ones free of any bundled software are not safe to use.
This article from InfoWorld illustrates the dangers of a poorly configured P2P program.
http://www.infoworld.com/article/07/09/06/...ID-theft_1.html
When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.
Last edited by tashi; 2012-01-14 at 01:07. Reason: Thank you Ken545
Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014
ERROR MESSAGE 386
No KeyBoard Detected
Press F1 To Continue
Just a reminder that threads will be closed if no reply in 3 days.