Looks like a Google redirect virus?

Status
Not open for further replies.
Hello,
While the computer is working much better, i am still receiving "Thret" messages from AVG. Just now it was for I believe a file called display.ini. I am unable to find the event in AVG (?).
Is there a way to rid this laptop of these evil files, short of restoring the box to factory settings?

Thank You in advance.!!!!!

The days are getting shorter. Enjoy what is left of the summer!! Winter comes too soon and lasts too long.
 
Hello douglasvjohnson

Thank you for the information.

The next time you get the threat message please copy it word for word (it is important that we have the path to the file the is reported as infected).

There are still a few things we can try:

Please re-run aswMBR and post the new log in your next reply along with a new set of DDS logs.
 
Hello Again,
DDS log
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by doug at 17:51:32 on 2012-08-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.874 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxducoms.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduMsdMon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduMsdMon.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\atibtmon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\AVG\AVG2012\avgui.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRunOnce: [SpybotDeletingB1692] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"
uRunOnce: [SpybotDeletingD8990] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"
uRunOnce: [SpybotDeletingB6272] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini"
uRunOnce: [SpybotDeletingD702] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini"
uRunOnce: [SpybotDeletingB5637] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl"
uRunOnce: [SpybotDeletingD6103] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl"
uRunOnce: [SpybotDeletingB1718] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log"
uRunOnce: [SpybotDeletingD8498] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log"
uRunOnce: [SpybotDeletingB3567] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk"
uRunOnce: [SpybotDeletingD2511] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk"
uRunOnce: [SpybotDeletingB9860] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url"
uRunOnce: [SpybotDeletingD6309] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url"
uRunOnce: [SpybotDeletingB6902] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url"
uRunOnce: [SpybotDeletingD7609] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url"
uRunOnce: [SpybotDeletingB3368] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"
uRunOnce: [SpybotDeletingD9232] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"
uRunOnce: [SpybotDeletingB5487] command.com /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl"
uRunOnce: [SpybotDeletingD8114] cmd.exe /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [SpybotDeletingA7861] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"
mRunOnce: [SpybotDeletingC1790] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"
mRunOnce: [SpybotDeletingA8917] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini"
mRunOnce: [SpybotDeletingC4505] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl"
mRunOnce: [SpybotDeletingA559] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl"
mRunOnce: [SpybotDeletingA8052] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log"
mRunOnce: [SpybotDeletingC6461] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log"
mRunOnce: [SpybotDeletingA5190] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk"
mRunOnce: [SpybotDeletingC4155] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk"
mRunOnce: [SpybotDeletingA9376] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url"
mRunOnce: [SpybotDeletingC4988] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url"
mRunOnce: [SpybotDeletingA4255] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url"
mRunOnce: [SpybotDeletingC9958] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url"
mRunOnce: [SpybotDeletingA9427] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"
mRunOnce: [SpybotDeletingC9297] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"
mRunOnce: [SpybotDeletingA435] command.com /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl"
mRunOnce: [SpybotDeletingC6089] cmd.exe /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl"
StartupFolder: C:\Users\doug\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Video Converter... - C:\Program Files (x86)\Media Player Utilities 5.22\AVIConverter\grab.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{63125ED7-4121-4BD2-9811-309F5E911E4E} : DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{63125ED7-4121-4BD2-9811-309F5E911E4E}\2375942554432323 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{63125ED7-4121-4BD2-9811-309F5E911E4E}\342465D23547166666 : DhcpNameServer = 192.168.0.20 192.168.0.41
TCP: Interfaces\{63125ED7-4121-4BD2-9811-309F5E911E4E}\C696E6B6379737 : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{C05AD519-926E-46DA-A286-D6B3A0E85834} : DhcpNameServer = 40.6.1.100
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [SpybotDeletingA7861] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"
mRunOnce-x64: [SpybotDeletingC1790] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"
mRunOnce-x64: [SpybotDeletingA8917] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini"
mRunOnce-x64: [SpybotDeletingC4505] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl"
mRunOnce-x64: [SpybotDeletingA559] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl"
mRunOnce-x64: [SpybotDeletingA8052] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log"
mRunOnce-x64: [SpybotDeletingC6461] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log"
mRunOnce-x64: [SpybotDeletingA5190] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk"
mRunOnce-x64: [SpybotDeletingC4155] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk"
mRunOnce-x64: [SpybotDeletingA9376] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url"
mRunOnce-x64: [SpybotDeletingC4988] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url"
mRunOnce-x64: [SpybotDeletingA4255] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url"
mRunOnce-x64: [SpybotDeletingC9958] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url"
mRunOnce-x64: [SpybotDeletingA9427] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"
mRunOnce-x64: [SpybotDeletingC9297] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"
mRunOnce-x64: [SpybotDeletingA435] command.com /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl"
mRunOnce-x64: [SpybotDeletingC6089] cmd.exe /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\doug\AppData\Roaming\Mozilla\Firefox\Profiles\7o6nkz82.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B04ae27d3-b243-48bd-b214-db703be9693b%7D&mid=dd937770430147d6914ab57816bfae0c-41703a7d52e139f598cda7297c5bbf77f1c1caa4&ds=AVG&v=11.1.0.7&lang=en&pr=fr&d=2011-09-27%2019%3A08%3A03&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 64952]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-10-18 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]
R2 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
R2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 lxdu_device;lxdu_device;C:\Windows\system32\lxducoms.exe -service --> C:\Windows\system32\lxducoms.exe -service [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-2 655944]
R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-24 315392]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-3-12 1153368]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-7-9 935008]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-8 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-17 250056]
S3 CASprint;Sprint Con App Svc;"C:\Program Files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe" /n "CASprint" --> C:\Program Files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-8 136176]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-08 21:33:07 -------- d-----w- C:\Users\doug\AppData\Local\{411E0A09-7D01-487D-A8FE-A2AAFFA2E56B}
2012-08-08 00:56:46 -------- d-----w- C:\Users\doug\AppData\Local\{F9E6676F-40B1-486C-A610-C05A5FF473CD}
2012-08-08 00:56:17 -------- d-----w- C:\Users\doug\AppData\Local\{1591014E-2C76-4477-B8E8-079FFAF4DD02}
2012-08-04 22:45:50 -------- d-----w- C:\Users\doug\AppData\Local\{AE164A15-5D29-4FA6-882C-FEB65BFA5640}
2012-08-04 22:45:20 -------- d-----w- C:\Users\doug\AppData\Local\{DFF717D2-EDF3-4C5D-9782-C47B598CC620}
2012-08-04 22:44:36 -------- d-sh--w- C:\$RECYCLE.BIN
2012-08-04 22:27:03 -------- d-----w- C:\Users\doug\AppData\Local\temp
2012-08-03 00:29:21 -------- d-----w- C:\Program Files (x86)\ESET
2012-08-02 23:51:51 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-02 23:51:50 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-02 23:51:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-02 01:18:08 98816 ----a-w- C:\Windows\sed.exe
2012-08-02 01:18:08 518144 ----a-w- C:\Windows\SWREG.exe
2012-08-02 01:18:08 256000 ----a-w- C:\Windows\PEV.exe
2012-08-02 01:18:08 208896 ----a-w- C:\Windows\MBR.exe
2012-07-31 23:43:38 -------- d-----w- C:\Users\doug\AppData\Local\{08079659-218E-47DC-8529-D3138B809D4A}
2012-07-31 23:42:53 -------- d-----w- C:\Users\doug\AppData\Local\{DE5F7621-44F1-44F3-B815-E75B736B5EBF}
2012-07-31 23:30:57 -------- d-----w- C:\Users\doug\AppData\Local\{BBE25211-19D1-426F-8B51-9A1BA04C5CF8}
2012-07-31 00:51:52 -------- d-----w- C:\Users\doug\AppData\Local\{DCBE59E4-06D8-4DEB-A02E-D0D3CA9AB39C}
2012-07-31 00:51:36 -------- d-----w- C:\Users\doug\AppData\Local\{1BDAECD8-883D-4A94-9E69-45EC0FAC0BA9}
2012-07-29 15:14:40 -------- d-----w- C:\Users\doug\AppData\Local\{894DAB99-34F3-4323-9B23-76447CB4CB09}
2012-07-29 15:14:31 -------- d-----w- C:\Users\doug\AppData\Local\{6F029FA1-6A9F-46A2-913D-97FB48CA970F}
2012-07-28 17:01:09 -------- d-----w- C:\Users\doug\AppData\Local\{70EDBB24-1301-423D-BE64-5BF8F976387F}
2012-07-28 17:00:42 -------- d-----w- C:\Users\doug\AppData\Local\{A5494F1E-230F-4CF3-9F16-1662C7238FD3}
2012-07-27 03:52:03 -------- d-----w- C:\Users\doug\AppData\Local\{9D86C0C6-6CBF-4117-B523-4B2F8F493FC7}
2012-07-27 03:33:53 -------- d-----w- C:\Users\doug\AppData\Local\{576FB0AE-AC64-41A0-8EA8-0025087588DF}
2012-07-25 23:48:17 -------- d-----w- C:\Users\doug\AppData\Local\{B6758768-45EF-4E79-8378-9EEA7CF3C11D}
2012-07-25 23:47:56 -------- d-----w- C:\Users\doug\AppData\Local\{C821C7B5-B58B-4B21-9136-0BDF2CF6F90E}
2012-07-24 23:04:53 -------- d-----w- C:\Users\doug\AppData\Local\{55F822EA-D35E-4E87-B15B-0193FB2A6CC0}
2012-07-24 23:04:23 -------- d-----w- C:\Users\doug\AppData\Local\{ACC1CCF6-A046-4A1B-85CF-D722D692E01D}
2012-07-23 23:00:33 -------- d-----w- C:\Users\doug\AppData\Local\{D4A858C2-51C3-4FE0-88B6-C355DB6D7E8C}
2012-07-23 23:00:08 -------- d-----w- C:\Users\doug\AppData\Local\{D4D9214B-C67A-4624-9B83-F539DDB0F396}
2012-07-23 22:59:51 -------- d-----w- C:\Users\doug\AppData\Roaming\PerformerSoft
2012-07-21 02:31:10 -------- d-----w- C:\ProgramData\IBUpdaterService
2012-07-21 02:30:29 -------- d-----w- C:\Program Files (x86)\Conduit
2012-07-21 02:30:27 19000 ----a-w- C:\Windows\System32\roboot64.exe
2012-07-21 02:26:13 -------- d-----w- C:\Program Files (x86)\Yahoo!
2012-07-15 18:20:53 -------- d-----w- C:\Users\doug\AppData\Local\Macromedia
2012-07-15 17:56:42 -------- d-----w- C:\Users\doug\AppData\Local\{5B699BC4-7578-4233-85FD-1EF2C2AF6E69}
2012-07-15 17:56:26 -------- d-----w- C:\Users\doug\AppData\Local\{BFD953BA-4EE5-45CD-8006-5712BD3D1507}
2012-07-14 17:29:49 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-07-14 15:11:26 -------- d-----w- C:\Users\doug\AppData\Local\{06CEC55E-9177-437B-8FBB-E51C0DEADD93}
2012-07-13 21:27:24 -------- d-----w- C:\Users\doug\AppData\Local\{E97DF82E-E9FF-4C74-9C1D-DD1C3C665AAB}
2012-07-13 01:56:59 -------- d-----w- C:\Users\doug\AppData\Local\{E5E13261-2BE0-44A5-A47D-61ABA06EA83F}
2012-07-13 01:56:46 -------- d-----w- C:\Users\doug\AppData\Local\{D5782E74-ABEB-41C5-BDF9-040D2CB898B3}
2012-07-12 10:59:21 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-12 10:48:35 -------- d-----w- C:\Users\doug\AppData\Local\{CC8A390E-10EE-4BC4-854A-C685EE40DC99}
2012-07-11 21:57:07 -------- d-----w- C:\Users\doug\AppData\Local\{5B000D8A-BE94-42C2-99FD-2486B2573DA2}
2012-07-11 01:01:42 -------- d-----w- C:\Users\doug\AppData\Local\{F9778629-1A0E-448B-BC25-967C86DC4781}
2012-07-11 01:01:31 -------- d-----w- C:\Users\doug\AppData\Local\{279B1882-91A9-4F9D-895B-317A90EB5998}
2012-07-10 12:07:14 -------- d-----w- C:\Users\doug\AppData\Local\{458D767A-FAE3-4FB7-8B1D-0B54D788DA89}
.
==================== Find3M ====================
.
2012-08-03 02:09:19 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-03 02:09:19 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 17:52:04.00 ===============
ASW log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/12/2011 5:07:01 PM
System Uptime: 8/7/2012 7:50:57 PM (22 hours ago)
.
Motherboard: Hewlett-Packard | | 1444
Processor: AMD Athlon(tm) II P320 Dual-Core Processor | Socket S1G4 | 798/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 280 GiB total, 192.126 GiB free.
D: is FIXED (NTFS) - 17 GiB total, 2.5 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.057 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP182: 6/11/2012 5:45:03 AM - Windows Update
RP183: 6/14/2012 11:55:02 AM - Windows Update
RP184: 6/17/2012 8:40:07 PM - Windows Backup
RP185: 6/17/2012 10:15:28 PM - Removed BabylonObjectInstaller
RP186: 6/17/2012 10:20:40 PM - Removed BabylonObjectInstaller
RP187: 6/18/2012 7:38:14 PM - Windows Update
RP188: 6/19/2012 6:38:03 AM - Windows Live Essentials
RP189: 6/19/2012 6:39:21 AM - Installed DirectX
RP190: 6/19/2012 6:40:11 AM - Installed DirectX
RP191: 6/19/2012 6:40:43 AM - WLSetup
RP192: 6/21/2012 7:58:59 PM - Windows Update
RP193: 6/24/2012 9:21:26 PM - Windows Backup
RP194: 7/1/2012 7:14:50 PM - Windows Backup
RP196: 7/12/2012 5:48:34 AM - Windows Update
RP197: 7/15/2012 7:00:44 PM - Windows Backup
RP198: 7/23/2012 6:09:31 PM - Windows Backup
RP199: 7/23/2012 6:15:27 PM - Configured PhotoNow
RP200: 7/23/2012 6:16:48 PM - Configured Power2Go
RP201: 7/23/2012 6:20:25 PM - Configured PowerDirector
RP202: 7/23/2012 6:30:48 PM - Removed WeatherBug
RP203: 7/23/2012 6:35:02 PM - Removed Google Talk Plugin
RP204: 7/28/2012 12:21:48 PM - ComboFix created restore point
RP205: 7/29/2012 9:25:06 PM - Windows Backup
RP206: 7/31/2012 8:18:01 PM - Windows Backup
RP207: 8/4/2012 4:56:34 PM - ComboFix created restore point
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
Adobe Shockwave Player 11.5
AMD USB Filter Driver
Apple Application Support
Apple Software Update
Ask Toolbar
Atheros Driver Installation Program
AVG Security Toolbar
Bejeweled 2 Deluxe
Bing Rewards Client Installer
Blackhawk Striker 2
Build-a-lot 2
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
CinemaNow Media Manager
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
D3DX10
Diner Dash 2 Restaurant Rescue
Dora's Carnival Adventure
Energy Star Digital Logo
ERUNT 1.1j
Escape Rosecliff Island
ESET Online Scanner v3
ESU for Microsoft Windows 7
FATE
Final Drive Nitro
Google Chrome
Google Earth Plug-in
Google Update Helper
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.1.2.0
HP Advisor
HP Customer Experience Enhancements
HP Documentation
HP Game Console
HP Games
HP MediaSmart CinemaNow 2.0
HP Photo Creations
HP Power Manager
HP Quick Launch
HP Setup
HP Software Framework
HP Support Assistant
Java Auto Updater
Java(TM) 6 Update 31
Jewel Quest 3
Jewel Quest Solitaire 2
Junk Mail filter update
LabelPrint
Lexmark Printable Web
LightScribe System Software
Malwarebytes Anti-Malware version 1.62.0.1300
Media Player Utilities 5.22
Mesh Runtime
Messenger Companion
Microsoft Office File Validation Add-In
Microsoft Office Outlook Connector
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 3.0 Runtime
Mozilla Firefox 11.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NETGEAR Live Parental Controls Management Utility 2.1.3
NETGEAR Live Parental Controls User Utility 1.0b40
Penguins!
Plants vs. Zombies
Poker Superstars III
Polar Bowler
Polar Golfer
Professor Teaches QuickBooks 2009
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Recovery Manager
Roxio CinemaNow 2.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Spybot - Search & Destroy
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Virtual Families
Virtual Villagers - The Secret City
Visual Studio 2008 x64 Redistributables
Wheel of Fortune 2
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Detect
Yahoo! Software Update
Yahoo! Toolbar
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
8/7/2012 7:55:48 PM, Error: Microsoft-Windows-GroupPolicy [1096] - The processing of Group Policy failed. Windows could not apply the registry-based policy settings for the Group Policy object LocalGPO. Group Policy settings will not be resolved until this event is resolved. View the event details for more information on the file name and path that caused the failure.
8/7/2012 7:55:09 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
8/7/2012 7:53:04 PM, Error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).
8/7/2012 7:52:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live Family Safety Service service to connect.
8/7/2012 7:52:22 PM, Error: Service Control Manager [7000] - The Windows Live Family Safety Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/6/2012 4:29:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
8/6/2012 4:29:00 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/4/2012 5:45:46 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: A device attached to the system is not functioning.
8/4/2012 5:18:08 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
8/1/2012 8:28:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
.
==== End Of File ===========================


ONCE AGAIN, THANK YOU FOR YOUR PATIENCE AND TIME
 
Hello douglas

It does not look as though the aswMBR log was included.

Can you please re-post it?
 
Here is the ASW scan result:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-24 18:12:31
-----------------------------
18:12:31.122 OS Version: Windows x64 6.1.7601 Service Pack 1
18:12:31.122 Number of processors: 2 586 0x603
18:12:31.123 ComputerName: DOUG-HP UserName: doug
18:12:37.902 Initialize success
18:13:30.384 AVAST engine defs: 12072401
18:13:45.204 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
18:13:45.219 Disk 0 Vendor: ST932032 0005 Size: 305245MB BusType: 11
18:13:45.235 Disk 0 MBR read successfully
18:13:45.251 Disk 0 MBR scan
18:13:45.251 Disk 0 unknown MBR code
18:13:45.266 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
18:13:45.297 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287180 MB offset 409600
18:13:45.329 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17761 MB offset 588554240
18:13:45.360 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
18:13:45.422 Disk 0 scanning C:\Windows\system32\drivers
18:14:03.440 Service scanning
18:14:42.690 Modules scanning
18:14:42.714 Disk 0 trace - called modules:
18:14:42.758 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
18:14:42.770 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031de060]
18:14:42.780 3 CLASSPNP.SYS[fffff8800196b43f] -> nt!IofCallDriver -> [0xfffffa8003184040]
18:14:42.791 5 amdxata.sys[fffff880011227a8] -> nt!IofCallDriver -> \Device\0000005e[0xfffffa800317e060]
18:14:45.770 AVAST engine scan C:\Windows
18:14:49.435 AVAST engine scan C:\Windows\system32
18:19:17.563 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
18:19:25.948 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
18:22:35.555 AVAST engine scan C:\Windows\system32\drivers
18:23:02.971 AVAST engine scan C:\Users\doug
18:24:04.521 Disk 0 MBR has been saved successfully to "C:\Users\doug\Desktop\MBR.dat"
18:24:04.537 The log file has been saved successfully to "C:\Users\doug\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-08 17:46:44
-----------------------------
17:46:44.740 OS Version: Windows x64 6.1.7601 Service Pack 1
17:46:44.740 Number of processors: 2 586 0x603
17:46:44.740 ComputerName: DOUG-HP UserName: doug
17:46:47.797 Initialize success
17:46:58.872 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005f
17:46:58.872 Disk 0 Vendor: ST932032 0005 Size: 305245MB BusType: 11
17:46:58.903 Disk 0 MBR read successfully
17:46:58.903 Disk 0 MBR scan
17:46:58.903 Disk 0 unknown MBR code
17:46:58.919 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
17:46:58.934 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287180 MB offset 409600
17:46:58.965 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17761 MB offset 588554240
17:46:58.997 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
17:46:59.043 Disk 0 scanning C:\Windows\system32\drivers
17:47:09.917 Service scanning
17:47:35.810 Modules scanning
17:47:35.825 Disk 0 trace - called modules:
17:47:35.903 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
17:47:35.919 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031bf060]
17:47:35.935 3 CLASSPNP.SYS[fffff8800199543f] -> nt!IofCallDriver -> [0xfffffa80021d9040]
17:47:35.950 5 amdxata.sys[fffff880011457a8] -> nt!IofCallDriver -> \Device\0000005f[0xfffffa800315f060]
17:47:35.966 Scan finished successfully
17:47:44.989 Disk 0 MBR has been saved successfully to "C:\Users\doug\Desktop\MBR.dat"
17:47:44.989 The log file has been saved successfully to "C:\Users\doug\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-11 16:16:38
-----------------------------
16:16:38.216 OS Version: Windows x64 6.1.7601 Service Pack 1
16:16:38.216 Number of processors: 2 586 0x603
16:16:38.216 ComputerName: DOUG-HP UserName: doug
16:16:41.165 Initialize success
16:16:55.339 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005f
16:16:55.339 Disk 0 Vendor: ST932032 0005 Size: 305245MB BusType: 11
16:16:55.370 Disk 0 MBR read successfully
16:16:55.370 Disk 0 MBR scan
16:16:55.386 Disk 0 unknown MBR code
16:16:55.401 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
16:16:55.417 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287180 MB offset 409600
16:16:55.464 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17761 MB offset 588554240
16:16:55.479 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
16:16:55.542 Disk 0 scanning C:\Windows\system32\drivers
16:17:10.253 Service scanning
16:17:38.021 Modules scanning
16:17:38.036 Disk 0 trace - called modules:
16:17:38.052 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
16:17:38.067 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031bf060]
16:17:38.083 3 CLASSPNP.SYS[fffff8800199543f] -> nt!IofCallDriver -> [0xfffffa80021d9040]
16:17:38.083 5 amdxata.sys[fffff880011457a8] -> nt!IofCallDriver -> \Device\0000005f[0xfffffa800315f060]
16:17:38.099 Scan finished successfully
16:17:53.964 Disk 0 MBR has been saved successfully to "C:\Users\doug\Desktop\MBR.dat"
16:17:54.042 The log file has been saved successfully to "C:\Users\doug\Desktop\aswMBR.txt"




Thank You
 
Hello douglasvjohnson

Your latest scan logs appear to be clean :)

Are you still receiving the warning message from AVG?

If so, scan the machine with AVG and post the list of detected items for me to review.
 
Hello,
I have been distracted but have not given up.
Here is the most recent part of the Resident Shield log

Resident Shield detection
Infection;"Object";"Result";"Detection time";"Object Type";"Process"
Found Tracking cookie.Mediaplex;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\9KRIO8JY.txt";"";"8/14/2012, 6:39:59 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Atdmt;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\4EJ4AUQ3.txt";"";"8/14/2012, 6:39:58 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Pointroll;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\WAS5RST9.txt";"";"8/14/2012, 6:39:58 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Pointroll;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\IR00S7T6.txt";"";"8/14/2012, 6:39:58 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Advertising;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\7GV69PVS.txt";"";"8/14/2012, 6:39:57 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Advertising;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\NXLGR1SV.txt";"";"8/14/2012, 6:39:57 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Advertising;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\8G4YL9ZC.txt";"";"8/14/2012, 6:39:57 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Advertising;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\U31VFWJI.txt";"";"8/14/2012, 6:39:57 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Advertising;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\XB90WNN1.txt";"";"8/14/2012, 6:39:57 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\ZVJEFNRA.txt";"";"8/14/2012, 6:39:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\G2REH138.txt";"";"8/14/2012, 6:39:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\EYIFRW6Y.txt";"";"8/14/2012, 6:39:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Advertising;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\ADA3QYKY.txt";"";"8/14/2012, 6:39:55 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\OLPQL9V5.txt";"";"8/14/2012, 6:39:55 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\UJBW2CQT.txt";"";"8/14/2012, 6:39:54 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\O7VYMXXY.txt";"";"8/14/2012, 6:39:54 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\2LGCCZ1X.txt";"";"8/14/2012, 6:39:52 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Zedo;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\YO43VBAY.txt";"";"8/14/2012, 6:39:47 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Zedo;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\55HB6TND.txt";"";"8/14/2012, 6:39:47 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Zedo;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\M3ZCVGM9.txt";"";"8/14/2012, 6:39:47 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Zedo;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\L570FYON.txt";"";"8/14/2012, 6:39:45 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Zedo;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\BU4AQ5LR.txt";"";"8/14/2012, 3:25:03 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Zedo;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\ZG7LDOOF.txt";"";"8/14/2012, 3:25:03 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Liveperson;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\2UXDNVI5.txt";"";"8/14/2012, 3:24:38 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Atdmt;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\E30E52OX.txt";"";"8/14/2012, 3:23:06 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Atdmt;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\N2TGKWCZ.txt";"";"8/14/2012, 3:23:06 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Adbrite;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\GCKOO1FX.txt";"";"8/14/2012, 3:21:50 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Adbrite;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\XCK5LIXF.txt";"";"8/14/2012, 3:21:50 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Fastclick;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\VF5I1UO8.txt";"";"8/14/2012, 3:21:50 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Fastclick;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\V8M3Z9AR.txt";"";"8/14/2012, 3:20:28 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Burstnet;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\C5UCZMQ3.txt";"";"8/14/2012, 3:20:26 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\LDW8IEZW.txt";"";"8/14/2012, 3:20:26 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Serving-sys;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\DVODQUS7.txt";"";"8/11/2012, 4:58:11 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\2LGCCZ1X.txt";"";"8/11/2012, 4:58:11 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\XQDPB333.txt";"";"8/11/2012, 4:58:09 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\Q1K7ZP61.txt";"";"8/11/2012, 4:58:09 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Serving-sys;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\AIWA3XK6.txt";"";"8/11/2012, 4:58:09 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\TFXW16B5.txt";"";"8/11/2012, 4:58:09 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\ITLDZ3RI.txt";"";"8/11/2012, 4:58:09 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Serving-sys;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\JJGWUVAT.txt";"";"8/11/2012, 4:58:08 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Serving-sys;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\doug_2@bs.serving-sys[1].txt";"";"8/11/2012, 4:58:08 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Serving-sys;"c:\Users\Doug_2\AppData\Roaming\Microsoft\Windows\Cookies\661NAREH.txt";"";"8/11/2012, 4:58:07 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\P322LG4B.txt";"";"8/11/2012, 4:15:01 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Atdmt;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\A6YEZBCY.txt";"";"8/11/2012, 4:14:55 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\9EZCX6TK.txt";"";"8/11/2012, 4:14:54 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\Y7HFS5WM.txt";"";"8/11/2012, 4:14:54 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\XQIUD8SB.txt";"";"8/11/2012, 4:14:54 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\QXBKGXV8.txt";"";"8/11/2012, 4:14:54 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\OD85V10K.txt";"";"8/11/2012, 4:14:39 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\1EVCJLUB.txt";"";"8/11/2012, 4:14:39 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\RZFR64Z0.txt";"";"8/11/2012, 4:14:37 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Tribalfusion;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\57ZE6OVS.txt";"";"8/11/2012, 4:11:23 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Zedo;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\94YTJU1A.txt";"";"8/11/2012, 4:11:22 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\RZFR64Z0.txt";"";"8/11/2012, 4:11:22 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\ZUI331IV.txt";"";"8/11/2012, 4:11:22 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\GEGFSNF6.txt";"";"8/11/2012, 4:11:22 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Zedo;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\ESL5NPQE.txt";"";"8/11/2012, 4:11:21 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Tribalfusion;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\A4HSL0EN.txt";"";"8/11/2012, 4:11:21 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Tribalfusion;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\8A9TQORZ.txt";"";"8/11/2012, 4:11:20 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Tribalfusion;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\4985SA9A.txt";"";"8/11/2012, 4:11:20 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\8W1BZIY3.txt";"";"8/11/2012, 4:10:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\DU2A5EJJ.txt";"";"8/11/2012, 4:10:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\YHSZHRLX.txt";"";"8/11/2012, 4:10:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\XL751PWG.txt";"";"8/11/2012, 4:10:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\IXLHKTA1.txt";"";"8/11/2012, 4:10:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\1PFQVMCE.txt";"";"8/11/2012, 4:10:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\XM07UPHT.txt";"";"8/11/2012, 4:10:54 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Questionmarket;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\X3KTSEUN.txt";"";"8/11/2012, 4:10:54 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Questionmarket;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\Z3DVC0ZZ.txt";"";"8/11/2012, 4:10:54 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Questionmarket;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\ZTTFBL4V.txt";"";"8/11/2012, 4:10:54 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Questionmarket;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\JDYNBOYC.txt";"";"8/11/2012, 4:10:53 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Atdmt;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\A6YEZBCY.txt";"";"8/11/2012, 4:10:53 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\XM07UPHT.txt";"";"8/11/2012, 4:10:09 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\RZSXNPEZ.txt";"";"8/11/2012, 4:10:09 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\8QK4FDI2.txt";"";"8/11/2012, 4:10:09 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\ABWG3C33.txt";"";"8/11/2012, 4:10:09 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\261F8EP1.txt";"";"8/11/2012, 4:10:09 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\ENLWJVBH.txt";"";"8/11/2012, 4:10:02 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\RWEOA48C.txt";"";"8/11/2012, 4:10:02 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\7RF6XV0S.txt";"";"8/11/2012, 4:10:02 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\MWTGRH6N.txt";"";"8/11/2012, 4:10:02 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\0CLAEM0U.txt";"";"8/11/2012, 4:10:02 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\NV0B9M7P.txt";"";"8/11/2012, 4:10:02 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Questionmarket;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\JDYNBOYC.txt";"";"8/11/2012, 4:09:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Questionmarket;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\QBA8B5GI.txt";"";"8/11/2012, 4:09:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Questionmarket;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\EE3A8GFY.txt";"";"8/11/2012, 4:09:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Questionmarket;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\8ILY9PPB.txt";"";"8/11/2012, 4:09:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Questionmarket;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\Z51RT0S4.txt";"";"8/11/2012, 4:09:56 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\GY5T4EWW.txt";"";"8/11/2012, 4:09:55 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\XZ9UCRFA.txt";"";"8/11/2012, 4:09:55 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\G3W3DTHI.txt";"";"8/11/2012, 4:09:55 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Found Tracking cookie.Yieldmanager;"c:\Users\doug\AppData\Roaming\Microsoft\Windows\Cookies\7MMGZA4K.txt";"";"8/11/2012, 4:09:55 PM";"file";"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
================================

I hope this helps, and Thank You
 
Hello douglasvjohnson

Tracking cookies are nothing major to worry about. You can either remove them with AVG (if the option is available) or the following tool will do the same job:

  1. SuperAntiSpyware

    • Download SuperAntiSpyware by clicking here and save the file (called superantispyware.exe) to your desktop.
    • Once the download is complete, close all windows and double click on the superantispyware.exe icon to start the installation (If running Vista/Win7 you may need to Right click and select Run as Administrator).
    • Follow any prompts you receive (do not make any changes to the default settings provided).
    • Click on "Finish" to complete the installation.
    • SuperAntiSpyware will automatically open. Select your preferred language and click on "OK".
    • You will now be prompted to update the SuperAntiSpyware definitions. Please press the "Yes" button to allow the program to download and install the latest updates so that it can properly detect and remove the latest malware.
    • Follow the prompts and click on the "Finish" button.
    • The main menu will now appear.
    • Click on the "Scan your computer" button and choose "Complete scan" then click on "Next" to begin the scan.
    • If SuperAntiSpyware detects any Malware, allow the program to quarantine what it finds.
    • For more detailed instructions on running SuperAntiSpyware click here.

    Your latest scans are clean and AVG is clean also.

    Once you have dealt with the tracking cookies (if you choose to do so) we can remove our tools:

  2. Please Uninstall Combofix

    • Hold down the Windows key (has the Windows symbol on it) and press the "R" key.
    • A Run box will open.
    • Type combofix /uninstall in the run box and click "OK". Please note the space between the "x" and the "/Uninstall", it needs to be there.

  3. Removal of Tools

    • You no longer need DDS, aswMBR or SystemLook. Please delete them from your machine.

  4. Please re-enable Spybot Teatimer

    • Launch Spybot S&D, go to the Mode menu and make sure "Advanced Mode" is selected.
    • On the left hand side, click "Tools", then click on the "Resident" icon in the list.
    • Check the "Resident "TeaTimer" (Protection of overall system settings) active" box.
    • Click the "System Startup" icon in the List.
    • Check the "TeaTimer" box and "OK" any prompts.
    • If Teatimer gives you a warning that changes were made, click the "Allow Change" box when prompted.
    • Exit Spybot S&D when done.


    Once you have completed the above steps you should be good to go! If you have any further questions, please feel free to ask.

  5. Finally, please take the time to read through the information provided below:

    Enhance your System Security
    • For an excellent list of free anti virus software, free online virus scanners, free spyware detection/removal and free firewalls, click here.
    • IMPORTANT! Please make sure you only have ONE firewall and ONE real-time antivirus installed on your system. When using "on demand" scanners, first update the detection signature files, then disconnect from the internet and disable your resident security program before running the scan.
    • Once complete, remember to re-engage your resident security before going online.

    Web Browsers and Browser Security

    Firefox
    • You can download Firefox from here.

    No-Script
    • If you use Firefox as your default browser, No-Script can provide additional security by preventing malicious scripts from being executed on your system.
    • You can download No-Script by clicking here.

    Internet Explorer
    • The newest version of Internet Explorer is available from here.
    • Please Note: IE9 is not configured to run on XP machines.

    SpywareBlaster
    • If you use Internet Explorer as your default browser, SpywareBlaster would be a valuable addition to your online security.
    • SpywareBlaster prevents malicious ActiveX objects from being downloaded onto your system.
    • You can download SpywareBlaster by clicking here.

    Web of Trust
    • When using search engines, Web of Trust provides you with an easy way of telling the good sites from the bad and is compatible with both Firefox and Internet Explorer.
    • Coloured symbols are displayed next to search results, giving you more confidence in the links you choose to click on: Green (To go), Yellow (Caution) and Red (Stop).
    • You can download Web of Trust by clicking here.

    Keep your Software Updated
    • Outdated software can sometimes have vulnerabilities that are exploitable by malware.
    • Check if there are available updates for your installed software with Secunia's Online Software Inspector by clicking here.

    Passwords
    • Learn how to create strong passwords by clicking here and test the strength of the passwords you already use by clicking here.

    General Reading
    Learn How To Combat Malware
    • Would you like to learn how to fight back against malware and help others? Enroll at the What The Tech (Formerly Tom Coyotes) Malware Classroom by clicking here.
 
Since this problem appears to be resolved this topic is now closed.

Glad we could help :)

Best wishes
JonTom
 
Status
Not open for further replies.
Back
Top