AV Security Suite

Printable View

Show 40 post(s) from this thread on one page

July 1st, 2010, 10:05 PM
Broni

Quote:

Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

...
July 1st, 2010, 10:13 PM
kspeel

OTL logfile created on: 7/1/2010 22:03:12 - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\rex\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 61.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.09 Gb Total Space | 197.68 Gb Free Space | 68.62% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: REX-PC
Current User Name: rex
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/01 19:32:33 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\rex\Desktop\OTL.exe
PRC - [2010/06/07 13:13:53 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/05/22 18:08:34 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/05/11 11:51:52 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2010/01/26 20:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe
PRC - [2010/01/22 08:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/07/19 12:14:19 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/04/11 02:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/15 01:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
PRC - [2008/07/23 14:25:32 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/07/22 22:14:28 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008/06/11 15:18:30 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe

========== Modules (SafeList) ==========

MOD - [2010/07/01 19:32:33 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\rex\Desktop\OTL.exe
MOD - [2009/10/30 10:18:16 | 000,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009/04/11 02:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 22:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/22 08:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/07/22 22:14:28 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/06/11 15:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/05/05 18:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/07/23 14:28:32 | 002,152,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/07/22 22:14:24 | 001,203,808 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/06/11 15:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/05/02 10:46:00 | 007,460,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/03/25 01:38:20 | 001,048,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/25 08:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/02/14 20:03:08 | 000,068,922 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2003/07/01 13:51:00 | 000,015,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbbc.sys -- (Wdm1)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/05/22 18:09:32 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010/07/01 21:56:58 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
July 1st, 2010, 10:15 PM
kspeel

e: ([2010/07/01 21:56:58 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo1.walgreens.com/WalgreensActivia.cab (Snapfish Activia)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\rex\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\rex\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/07/01 21:59:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/07/01 21:55:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/01 21:55:53 | 000,000,000 | ---D | C] -- \_OTL
[2010/07/01 21:29:31 | 000,000,000 | ---D | C] -- C:\Users\rex\AppData\Local\Microsoft Help
[2010/07/01 21:29:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/07/01 21:29:23 | 000,000,000 | -HSD | C] -- \Config.Msi
[2010/07/01 20:22:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/01 19:32:30 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\rex\Desktop\OTL.exe
[2010/06/30 19:26:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/06/30 19:26:18 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN
[2010/06/30 19:21:24 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/06/30 19:21:24 | 000,000,000 | ---D | C] -- C:\Users\rex\AppData\Local\temp
[2010/06/30 19:07:13 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/06/30 06:33:29 | 000,000,000 | ---D | C] -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor
[2010/06/30 06:32:50 | 000,000,000 | ---D | C] -- C:\Linksys Driver
[2010/06/30 06:32:50 | 000,000,000 | ---D | C] -- \Linksys Driver
[2010/06/28 16:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/06/28 16:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/06/28 16:07:40 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010/06/28 16:07:39 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old
[2010/06/28 16:07:39 | 001,652,664 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/06/28 16:07:39 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010/06/28 16:07:26 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/06/28 16:07:26 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/06/28 16:07:25 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/06/28 16:07:25 | 000,088,040 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/06/28 16:07:21 | 000,063,360 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/06/28 16:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/06/28 16:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/06/28 16:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/06/28 16:06:46 | 036,597,872 | ---- | C] (PC Tools ) -- C:\Users\rex\Desktop\sdsetup_aff.exe
[2010/06/28 15:50:55 | 000,000,000 | ---D | C] -- C:\Users\rex\Desktop\SmitfraudFix
[2010/06/27 15:25:14 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/06/27 15:25:14 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/06/27 15:25:14 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/06/27 15:25:04 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/27 14:46:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/27 14:46:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/27 14:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/27 14:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/02 21:08:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/05/22 18:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared

========== Files - Modified Within 90 Days ==========

[2010/07/01 22:04:43 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/01 22:04:43 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/01 22:04:43 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/01 22:03:24 | 003,407,872 | -HS- | M] () -- C:\Users\rex\ntuser.dat
[2010/07/01 21:59:10 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/01 21:58:33 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010/07/01 21:58:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/01 21:58:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/01 21:58:22 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/01 21:58:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/01 21:58:16 | 3085,361,152 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/01 21:57:31 | 000,524,288 | -HS- | M] () -- C:\Users\rex\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/01 21:57:31 | 000,065,536 | -HS- | M] () -- C:\Users\rex\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/01 21:56:58 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010/07/01 21:55:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/01 21:35:16 | 000,001,006 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010/07/01 20:22:44 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/01 19:32:33 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\rex\Desktop\OTL.exe
[2010/07/01 19:27:56 | 000,867,892 | ---- | M] () -- C:\Users\rex\Desktop\SecurityCheck.exe
[2010/06/30 19:21:38 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/06/30 06:33:26 | 000,001,668 | ---- | M] () -- C:\Windows\System32\WLAN.INI
[2010/06/29 18:37:44 | 003,723,633 | ---- | M] () -- C:\Users\rex\Desktop\ComboFix.exe
[2010/06/28 16:46:14 | 000,000,680 | ---- | M] () -- C:\Users\rex\AppData\Local\d3d9caps.dat
[2010/06/28 16:31:36 | 000,001,802 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/06/28 16:07:24 | 000,001,761 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/06/28 16:01:40 | 036,597,872 | ---- | M] (PC Tools ) -- C:\Users\rex\Desktop\sdsetup_aff.exe
[2010/06/28 15:47:52 | 001,872,472 | ---- | M] () -- C:\Users\rex\Desktop\SmitfraudFix.exe
[2010/06/27 15:26:06 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010/06/27 15:25:59 | 000,001,016 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010/06/27 14:46:39 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\cheeseburger.lnk
[2010/06/13 15:40:26 | 000,210,944 | ---- | M] () -- C:\Users\rex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/11 03:23:28 | 000,307,192 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/07 22:16:01 | 000,763,832 | ---- | M] () -- C:\Windows\BDTSupport.dll
[2010/06/07 20:21:02 | 001,652,664 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/05/22 18:09:32 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/05/22 18:08:38 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/05/02 11:45:54 | 000,001,354 | ---- | M] () -- C:\Users\rex\Desktop\Cincinnati Reds Homepage.url
[2010/05/01 07:22:29 | 000,014,917 | ---- | M] () -- C:\Users\rex\Desktop\Intellicast.com - 1Km Storm Watch - Cincinnati, Ohio.url
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe
[2010/04/08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys

========== Files Created - No Company Name ==========

[2010/07/01 20:22:44 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/01 19:27:41 | 000,867,892 | ---- | C] () -- C:\Users\rex\Desktop\SecurityCheck.exe
[2010/06/30 18:54:22 | 000,000,109 | ---- | C] () -- \mbam-error.txt
[2010/06/30 06:33:26 | 000,001,668 | ---- | C] () -- C:\Windows\System32\WLAN.INI
[2010/06/30 06:30:45 | 3085,361,152 | -HS- | C] () -- C:\hiberfil.sys
[2010/06/30 06:30:45 | 3085,361,152 | -HS- | C] () --
[2010/06/29 19:02:20 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/06/29 18:39:58 | 003,723,633 | ---- | C] () -- C:\Users\rex\Desktop\ComboFix.exe
[2010/06/28 16:46:14 | 000,000,680 | ---- | C] () -- C:\Users\rex\AppData\Local\d3d9caps.dat
[2010/06/28 16:31:36 | 000,001,802 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/06/28 16:07:40 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/06/28 16:07:40 | 000,763,832 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/06/28 16:07:40 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010/06/28 16:07:40 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010/06/28 16:07:40 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010/06/28 16:07:39 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010/06/28 16:07:26 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/06/28 16:07:25 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/06/28 16:07:25 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/06/28 16:07:24 | 000,001,761 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/06/28 16:07:21 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/06/28 15:51:14 | 000,002,213 | ---- | C] () -- \rapport.txt
[2010/06/28 15:50:50 | 001,872,472 | ---- | C] () -- C:\Users\rex\Desktop\SmitfraudFix.exe
[2010/06/28 15:37:07 | 000,000,351 | ---- | C] () -- \rkill.log
[2010/06/27 15:26:06 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010/06/27 15:25:59 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010/06/27 15:25:14 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/06/27 15:25:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/06/27 15:25:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/06/27 15:25:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/06/27 14:46:39 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\cheeseburger.lnk
[2010/05/22 18:09:32 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2009/10/31 16:19:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/06/21 17:43:22 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dec_jl6.dll
[2009/03/01 20:02:08 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/03/01 10:41:09 | 000,015,576 | ---- | C] () -- C:\Windows\System32\drivers\usbbc.sys
[2009/01/16 14:02:33 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2006/11/22 18:16:18 | 000,003,612 | ---- | C] () -- C:\Windows\ReaderString.ini
[2006/11/21 14:50:06 | 000,000,037 | ---- | C] () -- C:\Windows\sunkist.ini
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/06/27 15:26:06 | 000,000,366 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010/07/01 21:57:09 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 158 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
July 1st, 2010, 10:16 PM
kspeel

damn i hope I got that right
July 1st, 2010, 10:19 PM
Broni
In my reply #19, I asked:

Quote:

Update your Java version here: http://www.java.com/en/download/installed.jsp
Uninstall all previous Java versions, through Add\Remove (Programs & Features in Vista/7).

===============================================================

Update your Adobe Reader.

================================================================

It hasn't been done.
Please, correct the issue.

When done...

1. Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

2. Go to Kaspersky website and perform an online antivirus scan.

1. Disable your active antivirus program.
2. Read through the requirements and privacy statement and click on Accept button.
3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
4. When the downloads have finished, click on Settings.
5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
- Archives
- Mail databases
6. Click on My Computer under Scan.
7. Once the scan is complete, it will display the results. Click on View Scan Report.
8. You will see a list of infected items there. Click on Save Report As....
9. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
July 1st, 2010, 10:47 PM
kspeel

did the ava update and temp file cleaner now downloading the files from kaspersky..will give results tommarrow...have to hit the bed ...got to work tommarrow
July 1st, 2010, 10:49 PM
Broni

No problem :)
July 2nd, 2010, 06:30 PM
kspeel

k on orignal puter not the one I am typing on..with Kaspersky it is say correct lauach with browse 7,0 ,,,any way it thinks I am runiining vista
July 2nd, 2010, 06:37 PM
kspeel

says hve to be admin to run this..has to be about done
July 2nd, 2010, 06:42 PM
kspeel

sorry none of kaspersy is working
July 2nd, 2010, 06:43 PM
kspeel

hold on might be working now
July 2nd, 2010, 06:43 PM
kspeel

sorry just llooks like scanning my computer
July 2nd, 2010, 07:26 PM
kspeel

Kas scanning now....on another point vd never remembers me I have to log in eveery time..what is up with that
July 3rd, 2010, 12:26 AM
Broni

Login to this forum?
July 3rd, 2010, 07:30 AM
kspeel

KASPERSKY ONLINE SCANNER 7.0: scan report
Saturday, July 3, 2010
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Friday, July 02, 2010 15:19:16
Records in database: 4259887
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\

Scan statistics:
Objects scanned: 152124
Threats found: 1
Infected objects found: 1
July 3rd, 2010, 12:27 PM
Broni
Hmm...it looks like Kaspersky log got cut off, because it doesn't say what was found.
If you still have that log, please, repost.
If you don't...

Please run a BitDefender Online Scan
- Disable your antivirus program.
- Click Start Scanner button.
- Click Start scan button
- Allow browser plug-in to be installed when prompted.
- Click I Agree to agree to the EULA.
- Please refrain from using the computer until the scan is finished.
- When the scan is finished, click on View log.
- Notepad will open with scan results.
- Save the report to your desktop and post its content in your next reply.
July 3rd, 2010, 04:06 PM
kspeel

bitdefende notworking
July 3rd, 2010, 04:55 PM
Broni

Can you be little bit more descriptive?
July 3rd, 2010, 07:23 PM
kspeel

it says"IE is not runnng with admin privleges so BitDefender Online Scanner will not work properly. please run IE as admin
July 3rd, 2010, 07:30 PM
Broni

Close IE.
Right click on IE icon, click "Run As Administrator".
Try BitDefender again.
July 3rd, 2010, 07:50 PM
kspeel

okay scanning now
July 3rd, 2010, 09:07 PM
kspeel

okay it scanned but dont see option to show log
July 3rd, 2010, 09:13 PM
kspeel

BitDefender Online Scanner

Scan report generated at: Sat, Jul 03, 2010 - 22:01:02

Scan path: C:\;D:\;E:\;F:\;G:\;H:\;

Statistics

Time
01:04:34

Files
310256

Folders
22892

Boot Sectors
0

Archives
3100

Packed Files
16059

Results

Identified Viruses
1

Infected Files
1

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
1

Engines Info

Virus Definitions
6370336

Engine build
AVCORE v2.1 Windows/i386 11.0.0.33 (Jun 10 2010)

Scan plugins
17

Archive plugins
44

Unpack plugins
10

E-mail plugins
6

System plugins
4

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\_OTL\MovedFiles\07012010_215553\C_Qoobox\Quarantine\C\Users\rex\AppData\Local\tnjimxkej\irkwdygtssd.exe.vir
Infected with: Trojan.Generic.KD.17665

C:\_OTL\MovedFiles\07012010_215553\C_Qoobox\Quarantine\C\Users\rex\AppData\Local\tnjimxkej\irkwdygtssd.exe.vir
Deleted
July 3rd, 2010, 09:15 PM
kspeel

why did bitdefender see otl as a threat and yet you have me install it...just interesed
July 3rd, 2010, 09:30 PM
Broni

Nothing to worry.
That was a file, which was removed by Combofix.
You're fine.

OTL Clean-Up
Clean up with OTL:

* Double-click OTL.exe to start the program.
* Close all other programs apart from OTL as this step will require a reboot
* On the OTL main screen, press the CLEANUP button
* Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

==========================================================

Your computer is clean https://discussions.virtualdr.com/

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point.

Turn off System Restore:

- Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
- Windows Vista and 7:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK

2. Restart computer.

3. Turn System Restore on.

4. Make sure, Windows Updates are current.

5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run defrag at your convenience.

8. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

9. Please, let me know, how is your computer doing.
July 3rd, 2010, 10:04 PM
kspeel

Thanks for all your help Broni....Checking out of intensive care..Again Virtual DR rocks
July 3rd, 2010, 10:19 PM
Broni

Cool https://discussions.virtualdr.com/
Good luck and stay safe :)

Show 40 post(s) from this thread on one page