also @ TechSpot: Mozilla brings near-native application performance to the web with asm.js

Re-Direct Virus (Plomedia, etc) Completed all scans, logs attached

Discussion in 'Virus and Malware Removal' started by MarkZaff, Mar 12, 2011.

Page 2 of 4

  1. MarkZaff Newcomer, in training Posts: 45

    Restore Point, final tasks...Squeeky Clean :)

    Thanks Dude....things are screaming along now.

    Now we just need to fix my other laptop from crashing during bootup....off to my other thread

    TechSpot is THE BEST!!

    All processes killed
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Andreita
    ->Temp folder emptied: 240786 bytes
    ->Temporary Internet Files folder emptied: 3371436 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    RecycleBin emptied: 106537 bytes

    Total Files Cleaned = 4.00 mb


    [EMPTYFLASH]

    User: Administrator
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Andreita
    ->Flash cache emptied: 0 bytes

    User: Default

    User: Default User

    User: Public

    Total Flash Files Cleaned = 0.00 mb



    OTL by OldTimer - Version 3.2.22.3 log created on 03132011_182934

    Files\Folders moved on Reboot...
    C:\Users\Andreita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZBM5EQAN\crosspixel-dest[1].htm moved successfully.
    C:\Users\Andreita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TF3KSFOX\sh33[1].html moved successfully.
    C:\Users\Andreita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5IBRCSF6\topic162398[1].html moved successfully.
    C:\Users\Andreita\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

    Registry entries deleted on Reboot...
    MarkZaff, Mar 13, 2011
    #21

  2. Broni Malware Annihilator Posts: 39,375   +177

    Way to go!! [IMG]
    Good luck and stay safe :)
    Broni, Mar 13, 2011
    #22

  3. MarkZaff Newcomer, in training Posts: 45

    COMPLETELY Screwed it up

    Broni...

    Not sure you can help but perhaps point me elsewhere...

    Updated everything without incident. Running SP2 now. Launched my real estate MLS system which is ActiveX and JS dependent and it would not perform searches. Kept creating an error:

    Log : JS Exception caught in http://sef.mlxchange.com/5.2.06.12571/Search/Listing/ListingSearchFrame.asp - Window.OnError: JS Exception caught in SearchFrame.js - searchCheckAndShow: JS Exception caught in SearchFrame.js - searchSaveCheck: JS Exception caught in ClientListMS.htc - GetValue (-2146827850): Object doesn't support this property or method in line 510 Call Stack: searchSubmit(sTarget,p_bEnforceLimit,p_bDisplay,p_bWithResults)
    Date : Sun Mar 13 2011 - 23:32:43 EDT

    In spite of the Redirect Virus...the system was functional before our "scrubbing" over the weekend.

    Spent 4 hours on phone with the service's tech support to no avail. We loaded and reloaded all the ActiveX controls but it still didnt work. I thought (my first problem) it might be remnants of the Java registry entries and did an uninstall of ALL Java and had the Advanced System Care's uninstaller remove all the registry stuff.

    I now cannot download or fix JRE...won't even download from java.com page (IE crashes)

    Java control panel is present (icon) but unreponsive.

    Any ideas?

    Mark
    MarkZaff, Mar 14, 2011
    #23

  4. Broni Malware Annihilator Posts: 39,375   +177

    Well, I'm surely not familiar with your program, so I doubt I can help there, but....did you try different browser, like Firefox?
    Broni, Mar 14, 2011
    #24

  5. MarkZaff Newcomer, in training Posts: 45

    Firefox....No can do

    The system is ONLY compatable with IE
    MarkZaff, Mar 14, 2011
    #25

  6. Broni Malware Annihilator Posts: 39,375   +177

    You can download Java with Firefox, if this is what you need.
    Broni, Mar 14, 2011
    #26
     

  7. MarkZaff Newcomer, in training Posts: 45

    Fixed

    Got the problem with Java resolved using windows remover then coplete reinstall. Have not resolved the real problem of why this is the only maching I cannot load the listing database.

    The search continues

    MZ
    MarkZaff, Mar 15, 2011
    #27

  8. MarkZaff Newcomer, in training Posts: 45

    It's BAAAACK!!!! :-(

    Can you believe it?!?!

    Must have slipped through during all the troubleshooting of my other problem.

    Where shall we start?

    MZ
    MarkZaff, Mar 15, 2011
    #28

  9. Broni Malware Annihilator Posts: 39,375   +177

    Good news, but start what exactly?
    Broni, Mar 15, 2011
    #29

  10. MarkZaff Newcomer, in training Posts: 45

    Redirect is back

    Restart the whole process from Saturday? Should we start a new thread or continue here? I am running the preliminaries now.

    MZ
    MarkZaff, Mar 15, 2011
    #30

  11. Broni Malware Annihilator Posts: 39,375   +177

    Do you mean the infection is back?
    Broni, Mar 15, 2011
    #31

  12. MarkZaff Newcomer, in training Posts: 45

    Exactly

    Yes....another infection. This one behaves a little differently with pop-ups too
    MarkZaff, Mar 15, 2011
    #32

  13. Broni Malware Annihilator Posts: 39,375   +177

    Re-run all preliminaries, post all logs.
    Broni, Mar 15, 2011
    #33

  14. MarkZaff Newcomer, in training Posts: 45

    GMER crashes with BSOD a few min into scan. Doesn't stay on screen long enough to catch error code. Something about a page when no page present
    MarkZaff, Mar 16, 2011
    #34

  15. MarkZaff Newcomer, in training Posts: 45

    AVG

    "Scan ""Scan specific files or folders"" completed."
    "Warnings";"2";"2";"0"
    "Folders selected for scanning:";"C:\;"
    "Scan started:";"Tuesday, March 15, 2011, 3:22:53 PM"
    "Scan finished:";"Tuesday, March 15, 2011, 5:11:13 PM (1 hour(s) 48 minute(s) 20 second(s))"
    "Total object scanned:";"263940"
    "User who launched the scan:";"Andreita"

    "Warnings"
    "File";"Infection";"Result"
    "C:\Users\Andreita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I82FDNQW\fjdtwin[1].exe";"Corrupted executable file";"Moved to Virus Vault"
    "C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ko.lproj\QuickTimeAudioSupportLocalized.dll";"Corrupted executable file";"Moved to Virus Vault"


    Malwarebytes' Anti-Malware 1.50.1.1100www.malwarebytes.org

    Database version: 6067

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.19019

    3/15/2011 3:19:44 PM
    mbam-log-2011-03-15 (15-19-43).txt

    Scan type: Quick scan
    Objects scanned: 158129
    Time elapsed: 26 minute(s), 18 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
    MarkZaff, Mar 16, 2011
    #35

  16. MarkZaff Newcomer, in training Posts: 45

    TFC

    Getting user folders.

    Stopping running processes.

    Emptying Temp folders.


    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Andreita
    ->Temp folder emptied: 264732 bytes
    ->Temporary Internet Files folder emptied: 3186417 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 434 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 302 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
    %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes

    Emptying RecycleBin. Do not interrupt.

    RecycleBin emptied: 5300173 bytes
    Process complete!

    Total Files Cleaned = 8.00 mb
    MarkZaff, Mar 16, 2011
    #36

  17. MarkZaff Newcomer, in training Posts: 45

    GMER Crashes:

    BSOD

    \device\harddiskvolumeshadowcopy1
    kwldquog.sys
    PAGE_FAULT_IN_NONPAGED_AREA

    Code ABB93EED
    MarkZaff, Mar 16, 2011
    #37

  18. Broni Malware Annihilator Posts: 39,375   +177

    Skip GMER for now.
    Broni, Mar 16, 2011
    #38

  19. MarkZaff Newcomer, in training Posts: 45

    DDS

    .
    DDS (Ver_11-03-05.01) - NTFSx86
    Run by Andreita at 12:52:20.05 on Wed 03/16/2011
    Internet Explorer: 8.0.6001.19019
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1014.327 [GMT -4:00]
    .
    AV: AVG Anti-Virus Free *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Program Files\AVG\AVG9\avgchsvx.exe
    C:\Program Files\AVG\AVG9\avgrsx.exe
    C:\Windows\system32\lsm.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\agrsmsvc.exe
    C:\Acer\ALaunch\ALaunchSvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG9\avgwdsvc.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    C:\Acer\Empowering Technology\eNet\eNet Service.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\AVG\AVG9\avgnsx.exe
    C:\Windows\system32\lxddcoms.exe
    C:\Acer\Mobility Center\MobilityService.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Launch Manager\QtZgAcer.EXE
    C:\Acer\Empowering Technology\eAudio\eAudio.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVG\AVG9\avgtray.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Lexmark 2500 Series\lxddamon.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Users\Andreita\AppData\Local\Temp\RtkBtMnt.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Andreita\Desktop\Downloads\dds.scr
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    uSearch Bar = Preserve
    uStart Page = about:blank
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
    BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\windows\system32\ActiveToolBand.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
    BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [LManager] c:\progra~1\launch~1\QtZgAcer.EXE
    mRun: [eAudio] "c:\acer\empowering technology\eaudio\eAudio.exe"
    mRun: [PLFSet] rundll32.exe c:\windows\PLFSet.dll,PLFDefSetting
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [lxddmon.exe] "c:\program files\lexmark 2500 series\lxddmon.exe"
    mRun: [lxddamon] "c:\program files\lexmark 2500 series\lxddamon.exe"
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Trusted Zone: mlxchange.com\sef
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {0D859AF0-C75E-11D4-B760-00E0B81077E8} - hxxp://sef.mlxchange.com/5.2.06.12571/Control/FileCruiser.cab
    DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Agatha%20Christie/Images/stg_drm.ocx
    DPF: {16FD824B-8E7B-11D2-9855-00802962956C} - hxxp://sef.mlxchange.com/5.2.06.12571/Control/Specfile.cab
    DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo2.walgreens.com/WalgreensActivia.cab
    DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
    DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab
    DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
    DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
    DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
    DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} - hxxp://sef.mlxchange.com/5.2.06.12571/Control/MLSClientUtils.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {78523E50-56EB-11D3-B739-CAA1986A452F} - hxxp://sef.mlxchange.com/5.2.06.12571/Control/LiteGrid.cab
    DPF: {7A7537FC-5988-11D3-8B33-00104B9E5A4A} - hxxp://sef.mlxchange.com/5.2.06.12571/Control/IRCWebPrint.cab
    DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} - hxxp://sef.mlxchange.com/5.2.06.12571/Control/IRCSharc.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {B198A72B-B4C3-42B5-B8DA-B364E76429AA} - hxxp://sef.mlxchange.com/5.2.06.12571/Control/WebDog.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Agatha%20Christie/Images/armhelper.ocx
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {F060A272-A18A-11D3-B75B-00E0B81077E8} - hxxp://sef.mlxchange.com/5.2.06.12571/Control/AspCustomCtrls.cab
    DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - hxxp://fdl.msn.com/public/chat/msnchat45.cab
    DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs: avgrsstx.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2011-3-15 216400]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2011-3-15 29584]
    R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2011-3-15 243024]
    R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\play movie\000.fcl [2007-8-13 13560]
    R2 ALaunchService;ALaunch Service;c:\acer\alaunch\ALaunchSvc.exe [2007-8-12 46592]
    R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2011-3-15 308136]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-30 21504]
    R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\drivers\winbondcir.sys [2007-3-28 43008]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-7-22 180736]
    S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-3-15 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
    .
    =============== Created Last 30 ================
    .
    2011-03-15 19:46:30 -------- d--h--w- C:\$AVG
    2011-03-15 18:49:56 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-03-15 18:49:55 -------- d-----w- c:\progra~2\Malwarebytes
    2011-03-15 18:49:51 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-03-15 18:49:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-03-15 15:49:22 -------- d-----w- c:\progra~2\App4rTemp
    2011-03-15 15:41:56 -------- d-----w- c:\windows\en
    2011-03-15 15:41:36 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
    2011-03-15 15:36:24 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
    2011-03-15 15:18:40 15712 ----a-w- c:\program files\common files\windows live\.cache\438545691cbe32410\MeshBetaRemover.exe
    2011-03-15 15:18:38 469256 ----a-w- c:\program files\common files\windows live\.cache\3f9d83e91cbe3240f\InstallManager_WLE_WLE.exe
    2011-03-15 15:17:28 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
    2011-03-15 15:17:28 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
    2011-03-15 15:17:22 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
    2011-03-15 15:17:00 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
    2011-03-15 15:14:23 94040 ----a-w- c:\program files\common files\windows live\.cache\a9e729091cbe32309\DSETUP.dll
    2011-03-15 15:14:23 525656 ----a-w- c:\program files\common files\windows live\.cache\a9e729091cbe32309\DXSETUP.exe
    2011-03-15 15:14:23 1691480 ----a-w- c:\program files\common files\windows live\.cache\a9e729091cbe32309\dsetup32.dll
    2011-03-15 15:13:55 94040 ----a-w- c:\program files\common files\windows live\.cache\9795d4491cbe32307\DSETUP.dll
    2011-03-15 15:13:55 525656 ----a-w- c:\program files\common files\windows live\.cache\9795d4491cbe32307\DXSETUP.exe
    2011-03-15 15:13:55 1691480 ----a-w- c:\program files\common files\windows live\.cache\9795d4491cbe32307\dsetup32.dll
    2011-03-15 14:58:46 -------- d-----w- c:\users\andreita\appdata\roaming\Lexmark Productivity Studio
    2011-03-15 14:53:43 -------- d-----w- c:\program files\Lx_cats
    2011-03-15 14:53:02 -------- d-----w- C:\logs
    2011-03-15 14:52:33 103936 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\lxdddrpp.dll
    2011-03-15 14:47:13 -------- d-----w- c:\program files\Lexmark Toolbar
    2011-03-15 14:47:05 -------- d-----w- c:\program files\Lexmark 2500 Series
    2011-03-15 14:44:08 -------- d-----w- C:\drivers
    2011-03-15 14:08:01 -------- d-----w- c:\program files\Windows Portable Devices
    2011-03-15 13:42:44 -------- d-----w- c:\users\andreita\appdata\local\Windows Live
    2011-03-15 13:38:46 754688 ----a-w- c:\windows\system32\webservices.dll
    2011-03-15 13:36:31 92672 ----a-w- c:\windows\system32\UIAnimation.dll
    2011-03-15 13:36:30 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
    2011-03-15 13:36:30 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
    2011-03-15 13:35:29 369664 ----a-w- c:\windows\system32\WMPhoto.dll
    2011-03-15 13:35:27 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2011-03-15 13:35:27 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
    2011-03-15 13:35:27 252928 ----a-w- c:\windows\system32\dxdiag.exe
    2011-03-15 13:35:27 195584 ----a-w- c:\windows\system32\dxdiagn.dll
    2011-03-15 13:35:27 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
    2011-03-15 13:35:26 519680 ----a-w- c:\windows\system32\d3d11.dll
    2011-03-15 13:31:46 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2011-03-15 13:31:44 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2011-03-15 13:31:44 234496 ----a-w- c:\windows\system32\oleacc.dll
    2011-03-15 05:55:28 12536 ----a-w- c:\windows\system32\avgrsstx.dll
    2011-03-15 05:55:24 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
    2011-03-15 05:55:05 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2011-03-15 05:54:49 -------- d-----w- c:\windows\system32\drivers\Avg
    2011-03-15 05:51:17 -------- d-----w- c:\program files\AVG
    2011-03-15 05:50:52 -------- d-----w- c:\progra~2\avg9
    2011-03-15 02:59:10 3584 ----a-r- c:\users\andreita\appdata\roaming\microsoft\installer\{121634b0-2f4b-11d3-ada3-00c04f52dd52}\Icon386ED4E3.exe
    2011-03-15 02:59:10 -------- d-----w- c:\program files\Windows Installer Clean Up
    2011-03-15 01:17:52 29272 ----a-r- c:\windows\system32\AdobePDF.dll
    2011-03-14 23:00:54 -------- d-----w- c:\windows\system32\eu-ES
    2011-03-14 23:00:54 -------- d-----w- c:\windows\system32\ca-ES
    2011-03-14 23:00:43 -------- d-----w- c:\windows\system32\vi-VN
    2011-03-14 21:43:44 -------- d-----w- c:\windows\system32\EventProviders
    2011-03-14 21:41:15 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
    2011-03-14 21:41:10 3408896 ----a-w- c:\windows\system32\SLsvc.exe
    2011-03-14 21:41:10 1081344 ----a-w- c:\windows\system32\SLCExt.dll
    2011-03-14 21:41:07 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
    2011-03-14 21:41:07 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
    2011-03-14 21:41:05 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
    2011-03-14 21:41:01 1480704 ----a-w- c:\windows\system32\mssrch.dll
    2011-03-14 21:39:59 1985024 ----a-w- c:\windows\system32\authui.dll
    2011-03-14 21:38:59 92918 ----a-w- c:\windows\system32\slmgr.vbs
    2011-03-14 21:37:59 75264 ----a-w- c:\windows\system32\dot3msm.dll
    2011-03-14 21:36:57 17408 ----a-w- c:\windows\system32\vdmdbg.dll
    2011-03-14 21:35:56 218624 ----a-w- c:\windows\system32\wdscore.dll
    2011-03-14 21:35:54 130560 ----a-w- c:\windows\system32\PkgMgr.exe
    2011-03-14 21:35:27 247808 ----a-w- c:\windows\system32\drvstore.dll
    2011-03-14 20:15:51 420352 ----a-w- c:\windows\system32\vbscript.dll
    2011-03-14 20:15:30 429056 ----a-w- c:\windows\system32\EncDec.dll
    2011-03-14 20:15:30 322560 ----a-w- c:\windows\system32\sbe.dll
    2011-03-14 20:15:30 177664 ----a-w- c:\windows\system32\mpg2splt.ax
    2011-03-14 20:15:30 153088 ----a-w- c:\windows\system32\sbeio.dll
    2011-03-14 20:15:24 677888 ----a-w- c:\windows\system32\mstsc.exe
    2011-03-14 20:15:24 63488 ----a-w- c:\windows\system32\tscupgrd.exe
    2011-03-14 20:15:24 2067968 ----a-w- c:\windows\system32\mstscax.dll
    2011-03-14 19:18:03 -------- d-----w- c:\program files\VS Revo Group
    2011-03-14 18:30:50 -------- d--h--w- c:\progra~2\Common Files
    2011-03-14 16:14:41 231424 ----a-w- c:\windows\system32\msshsq.dll
    2011-03-14 03:50:44 -------- d-----w- c:\program files\IObit
    2011-03-13 22:29:35 -------- d-----w- C:\_OTL(19)
    2011-03-13 20:04:27 -------- d-----w- c:\users\andreita\appdata\local\NOS
    2011-03-13 17:26:38 -------- d-----w- c:\program files\ESET
    2011-03-13 16:51:51 -------- d-----w- C:\_OTL
    2011-03-13 03:30:49 5943120 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{13f85aa5-c7ef-41f1-a332-c1415cf23048}\mpengine.dll
    2011-03-13 02:43:31 -------- d-sh--w- C:\$RECYCLE.BIN
    2011-03-13 02:43:18 -------- d-----w- c:\users\andreita\appdata\local\temp
    2011-03-13 02:11:08 89088 ----a-w- c:\windows\MBR.exe
    2011-03-13 02:11:08 256512 ----a-w- c:\windows\PEV.exe
    2011-03-13 02:11:08 161792 ----a-w- c:\windows\SWREG.exe
    2011-03-13 02:11:07 98816 ----a-w- c:\windows\sed.exe
    2011-03-05 21:01:17 2048 ----a-w- c:\windows\system32\winrsmgr.dll
    2011-03-05 21:01:02 40448 ----a-w- c:\windows\system32\winrs.exe
    2011-03-05 21:01:02 20480 ----a-w- c:\windows\system32\winrshost.exe
    2011-03-05 21:01:02 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
    2011-03-05 21:01:00 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
    2011-03-05 21:01:00 10240 ----a-w- c:\windows\system32\winrssrv.dll
    2011-03-05 04:52:30 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2011-03-05 04:51:52 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
    2011-03-05 01:39:35 -------- d-----w- c:\users\andreita\appdata\roaming\AVG9
    2011-03-02 14:28:26 -------- d-----w- c:\users\andreita\appdata\local\offsync
    2011-03-02 14:23:23 -------- d-----w- c:\users\andreita\appdata\local\Starfield
    2011-02-25 14:24:30 73728 ----a-w- c:\windows\system32\APISlice_AVG_RESTORED.dll
    2011-02-25 14:24:29 73728 ----a-w- c:\windows\system32\APISlice.dll
    2011-02-24 23:37:28 -------- d-----w- c:\program files\common files\Macrovision Shared
    2011-02-24 22:49:07 -------- d-----w- c:\users\andreita\appdata\roaming\Malwarebytes
    .
    ==================== Find3M ====================
    .
    2011-03-15 03:23:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-02-10 02:45:46 1409 ----a-w- c:\windows\QTFont.for
    2011-02-02 22:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
    2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
    2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
    2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
    2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
    2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
    2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
    2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
    2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
    2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
    2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
    2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
    2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
    2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
    2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
    2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
    2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
    2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
    2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
    2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
    2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
    2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
    2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
    2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
    2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll
    2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll
    2011-01-08 08:47:50 34304 ----a-w- c:\windows\system32\atmlib.dll
    2011-01-08 06:28:49 292352 ----a-w- c:\windows\system32\atmfd.dll
    2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys
    2010-12-28 15:55:03 413696 ----a-w- c:\windows\system32\odbc32.dll
    2010-12-18 06:27:04 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-12-18 06:22:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-12-18 06:22:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2010-12-18 06:22:11 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-12-18 06:22:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-12-18 05:25:26 385024 ----a-w- c:\windows\system32\html.iec
    2010-12-18 04:48:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2007-11-13 19:47:02 4364800 ----a-w- c:\program files\openofficeorg23.msi
    2002-03-11 09:06:30 1822520 ----a-w- c:\program files\instmsiw.exe
    2002-03-11 08:45:04 1708856 ----a-w- c:\program files\instmsia.exe
    .
    ============= FINISH: 12:57:12.57 ===============



    ATTACH.txt

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 9/25/2007 8:08:54 AM
    System Uptime: 3/16/2011 11:56:08 AM (1 hours ago)
    .
    Motherboard: Acer, Inc. | | Nestos
    Processor: Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz | U2E1 | 1467/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 69 GiB total, 14.889 GiB free.
    D: is FIXED (NTFS) - 69 GiB total, 68.325 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Broadcom NetLink (TM) Gigabit Ethernet
    Device ID: PCI\VEN_14E4&DEV_1693&SUBSYS_011D1025&REV_02\4&3B390CB8&0&00E2
    Manufacturer: Broadcom
    Name: Broadcom NetLink (TM) Gigabit Ethernet
    PNP Device ID: PCI\VEN_14E4&DEV_1693&SUBSYS_011D1025&REV_02\4&3B390CB8&0&00E2
    Service: b57nd60x
    .
    ==== System Restore Points ===================
    .
    .
    ==== Installed Programs ======================
    .
    AAC Decoder
    Acer Arcade Deluxe
    Acer Assist
    Acer Crystal Eye webcam
    Acer eAudio Management
    Acer eDataSecurity Management
    Acer eLock Management
    Acer Empowering Technology
    Acer eNet Management
    Acer ePower Management
    Acer ePresentation Management
    Acer eSettings Management
    Acer GridVista
    Acer Mobility Center Plug-In
    Acer Registration
    Acer ScreenSaver
    Acer Tour
    Adobe Acrobat 8 Professional - English, Français, Deutsch
    Adobe Acrobat 8.1.5 - CPSID_49013
    Adobe Acrobat 8.1.5 Professional
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 8.2.1
    Agere Systems HDA Modem
    Apple Mobile Device Support
    Apple Software Update
    AutoUpdate
    AVG Free 9.0
    Broadcom Gigabit Integrated Controller
    Compatibility Pack for the 2007 Office system
    D3DX10
    DivX Codec
    DivX Player
    DivX Plus DirectShow Filters
    DivX Version Checker
    DivX Web Player
    doPDF 5.3 printer
    ESET Online Scanner v3
    H.264 Decoder
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Matrix Storage Manager
    IrfanView (remove only)
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 24
    Junk Mail filter update
    Launch Manager
    Lexmark 2500 Series
    LightScribe 1.4.142.1
    Malwarebytes' Anti-Malware
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft WSE 3.0 Runtime
    MKV Splitter
    Move Networks Media Player for Internet Explorer
    MSVCRT
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB941833)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NTI Backup NOW! 4.7
    NTI CD & DVD-Maker
    OGA Notifier 2.0.0048.0
    OpenOffice.org 3.1
    Picasa 3
    PowerProducer 3.72
    QuickTime
    Realtek High Definition Audio Driver
    Revo Uninstaller 1.91
    Rhapsody Player Engine
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Segoe UI
    Skype™ 5.0
    Spelling Dictionaries Support For Adobe Reader 8
    Synaptics Pointing Device Driver
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    VC80CRTRedist - 8.0.50727.762
    Winbond CIR Drivers
    Windows Installer Clean Up
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    .
    ==== End Of File ===========================
    MarkZaff, Mar 16, 2011
    #39

  20. Broni Malware Annihilator Posts: 39,375   +177

    Download MBRCheck to your desktop

    Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
    It will show a black screen with some data on it.
    Enter N to exit.
    A report called MBRcheckxxxx.txt will be on your desktop
    Open this report and post its content in your next reply.

    ==================================================================

    Please download Rootkit Unhooker from one of the following links and save it to your desktop.
    In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

    • Double-click on RKUnhookerLE.exe to start the program.
      Vista/Windows 7 users right-click and select Run As Administrator.
    • Click the Report tab, then click Scan.
    • Check Drivers, Stealth, and uncheck the rest.
    • Click OK.
    • Wait until it's finished and then go to File > Save Report.
    • Save the report to your Desktop.
    • Copy and paste the contents of the report into your next reply.
    -- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".
    Broni, Mar 16, 2011
    #40
Page 2 of 4
Topic Status:
Not open for further replies.

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.