Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problem Tracking Cookies


  • This topic is locked This topic is locked
5 replies to this topic

#1 Astr4twin

Astr4twin

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 26 March 2010 - 09:42 AM

Hello, i am new to the site, actually came across it while trying to repair my computer and glad i found you.

I have quite a few tracking cookies that are abviously linked to one another. They keep slowing my connection right down or stopping firefox altogether. There are too many to name but i will try and name a few.

connextra.com
ads.adsbrite.com
yieldmanager
pubads ect ect....

I have tried loads of programs such as spybot search & destroy, Ad-Aware, AVG, Avast No Adware plus many more and none seem to be able to remove it, although one quarantines 6 items which reappear the next time i scan.

I have taken a log file, any help on this would be really appreciated.

Thank's in advance


Logfile of random's system information tool 1.06 (written by random/random)
Run by Paul Kettlewell at 2010-03-26 14:23:20
Microsoft® Windows Vista™ Home Premium
System drive C: has 117 GB (50%) free of 234 GB
Total RAM: 1021 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:24:54, on 26/03/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\PURE Flow Server\TwonkyMediaServer.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Paul Kettlewell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent\utorrent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\PURE Flow Server\twonkymediaserverconfig.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Paul Kettlewell\Pictures\COVERS\RSIT.exe
C:\Users\Paul Kettlewell\Pictures\COVERS\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Paul Kettlewell\Pictures\COVERS\RSIT.exe
C:\Program Files\trend micro\Paul Kettlewell.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [µTorrent] "C:\Users\Paul Kettlewell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [EPSON Stylus Photo R360 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOE.EXE /FU "C:\Windows\TEMP\E_S17C9.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: PURE Flow Server Tray Control.lnk = C:\Program Files\PURE Flow Server\twonkymediaserverconfig.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PURE Flow Server - PacketVideo - C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 8632 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2010-03-01 1006264]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-02-15 141608]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2009-09-01 75048]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2009-04-27 50472]
"MSConfig"=C:\Windows\system32\msconfig.exe [2006-11-02 222208]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-03-01 1232896]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-04-15 177152]
"µTorrent"=C:\User [2007-02-19 2]
"EPSON Stylus Photo R360 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOE.EXE [2006-05-29 139264]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantBurn]
C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe [2009-10-29 681256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-10-16 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-10-26 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Paul Kettlewell^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
PURE Flow Server Tray Control.lnk - C:\Program Files\PURE Flow Server\twonkymediaserverconfig.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72322f25-2cd9-11df-9544-001676ae8a42}]
shell\AutoRun\command - L:\cold\hott\iexplore.exe
shell\Explore\command - L:\cold\hott\iexplore.exe
shell\open\command - L:\cold\hott\iexplore.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72322f3f-2cd9-11df-9544-001676ae8a42}]
shell\AutoRun\command - M:\InstallTomTomHOME.exe


======List of files/folders created in the last 1 months======

2010-03-26 14:23:17 ----D---- C:\Program Files\trend micro
2010-03-26 14:23:10 ----D---- C:\rsit
2010-03-26 13:17:11 ----A---- C:\Windows\system32\aswBoot.exe
2010-03-26 13:16:47 ----D---- C:\ProgramData\Alwil Software
2010-03-26 13:16:47 ----D---- C:\Program Files\Alwil Software
2010-03-26 12:56:36 ----D---- C:\Program Files\AVG
2010-03-26 12:42:26 ----D---- C:\ProgramData\avg9
2010-03-26 12:04:01 ----A---- C:\Windows\wininit.ini
2010-03-26 11:06:33 ----A---- C:\Windows\BDTSupport.dll
2010-03-26 10:54:41 ----D---- C:\ProgramData\PC Tools
2010-03-26 10:54:41 ----D---- C:\Program Files\Spyware Doctor
2010-03-26 10:54:41 ----D---- C:\Program Files\Common Files\PC Tools
2010-03-26 10:51:49 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-03-25 21:28:56 ----HDC---- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-03-25 21:27:54 ----D---- C:\ProgramData\Lavasoft
2010-03-25 21:05:55 ----D---- C:\Program Files\Exterminate It!
2010-03-25 20:30:22 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2010-03-25 20:29:31 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\SUPERAntiSpyware.com
2010-03-25 20:29:31 ----D---- C:\Program Files\SUPERAntiSpyware
2010-03-25 20:23:03 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-03-14 11:09:14 ----D---- C:\ProgramData\TomTom
2010-03-14 11:07:21 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\TomTom
2010-03-14 11:07:13 ----D---- C:\Program Files\TomTom International B.V
2010-03-14 11:06:53 ----D---- C:\Program Files\TomTom HOME 2
2010-03-10 18:58:57 ----D---- C:\ProgramData\vsosdk
2010-03-10 18:20:47 ----A---- C:\Users\Paul Kettlewell\AppData\Roaming\inst.exe
2010-03-10 18:20:36 ----A---- C:\Windows\system32\wvc1dmod.dll
2010-03-10 18:20:36 ----A---- C:\Windows\system32\vp7vfw.dll
2010-03-10 18:20:36 ----A---- C:\Windows\system32\sipr3260.dll
2010-03-10 18:20:36 ----A---- C:\Windows\system32\Pncrt.dll
2010-03-10 18:20:36 ----A---- C:\Windows\system32\drv43260.dll
2010-03-10 18:20:36 ----A---- C:\Windows\system32\drv33260.dll
2010-03-10 18:20:36 ----A---- C:\Windows\system32\drv23260.dll
2010-03-10 18:20:36 ----A---- C:\Windows\system32\cook3260.dll
2010-03-10 18:20:33 ----D---- C:\Program Files\VSO
2010-03-06 08:50:18 ----D---- C:\Program Files\Common Files\Adobe
2010-03-06 08:48:55 ----D---- C:\ProgramData\Adobe
2010-03-06 08:48:46 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-03-05 17:31:22 ----D---- C:\Windows\pss
2010-03-02 14:12:59 ----D---- C:\Program Files\Microsoft
2010-03-02 14:12:44 ----D---- C:\Program Files\Windows Live SkyDrive
2010-03-02 14:12:28 ----D---- C:\Program Files\Windows Live
2010-03-02 14:12:13 ----D---- C:\Windows\PCHEALTH
2010-03-02 14:09:05 ----D---- C:\Program Files\Common Files\Windows Live
2010-03-02 13:29:58 ----D---- C:\ProgramData\LightScribe
2010-03-02 12:28:00 ----D---- C:\Program Files\Common Files\LightScribe
2010-03-02 11:48:57 ----D---- C:\ProgramData\PURE Flow Server
2010-03-02 11:48:56 ----D---- C:\Program Files\PURE Flow Server
2010-03-01 18:17:14 ----D---- C:\Program Files\Common Files\CyberLink
2010-03-01 16:50:06 ----D---- C:\Program Files\uTorrent
2010-03-01 16:24:19 ----A---- C:\Windows\system32\msxml3a.dll
2010-03-01 16:17:25 ----D---- C:\MyWorks
2010-03-01 16:17:21 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\CyberLink
2010-03-01 16:06:23 ----A---- C:\Windows\system32\msvcr71.dll
2010-03-01 16:06:23 ----A---- C:\Windows\system32\msvcp71.dll
2010-03-01 16:06:23 ----A---- C:\Windows\system32\MFC71u.dll
2010-03-01 16:06:22 ----A---- C:\Windows\system32\MFC71.dll
2010-03-01 16:05:42 ----D---- C:\Program Files\Common Files\InstallShield
2010-03-01 16:05:38 ----D---- C:\Program Files\CyberLink
2010-03-01 16:05:29 ----D---- C:\ProgramData\CyberLink
2010-03-01 16:04:34 ----AD---- C:\ProgramData\Temp
2010-03-01 15:55:29 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-01 15:47:27 ----A---- C:\Windows\system32\E_FLBBOE.DLL
2010-03-01 15:47:27 ----A---- C:\Windows\system32\E_DCINST.DLL
2010-03-01 15:47:26 ----A---- C:\Windows\system32\E_FD4BBOE.DLL
2010-03-01 15:47:03 ----D---- C:\ProgramData\EPSON
2010-03-01 15:45:58 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\Epson
2010-03-01 15:45:02 ----D---- C:\Program Files\Epson Software
2010-03-01 15:36:01 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\InstallShield
2010-03-01 15:34:12 ----D---- C:\Program Files\MagicDisc
2010-03-01 15:27:02 ----D---- C:\Program Files\Blackra1n
2010-03-01 15:25:06 ----D---- C:\Program Files\RatioMaster
2010-03-01 15:21:04 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\abgx360
2010-03-01 15:19:51 ----D---- C:\Program Files\abgx360
2010-03-01 15:19:24 ----A---- C:\Windows\system32\riched32.dll
2010-03-01 15:19:24 ----A---- C:\Windows\system32\riched20.dll
2010-03-01 15:19:22 ----A---- C:\Windows\system32\rasser.dll
2010-03-01 15:19:22 ----A---- C:\Windows\system32\rasmxs.dll
2010-03-01 15:19:22 ----A---- C:\Windows\system32\rasdiag.dll
2010-03-01 15:19:22 ----A---- C:\Windows\system32\rascfg.dll
2010-03-01 15:19:22 ----A---- C:\Windows\system32\netcfgx.dll
2010-03-01 15:19:22 ----A---- C:\Windows\system32\msftedit.dll
2010-03-01 15:19:21 ----A---- C:\Windows\system32\ipnathlp.dll
2010-03-01 15:19:21 ----A---- C:\Windows\system32\icsunattend.exe
2010-03-01 15:19:20 ----A---- C:\Windows\system32\wshqos.dll
2010-03-01 15:19:20 ----A---- C:\Windows\system32\traffic.dll
2010-03-01 15:19:20 ----A---- C:\Windows\system32\pacerprf.dll
2010-03-01 15:19:20 ----A---- C:\Windows\system32\dps.dll
2010-03-01 15:19:20 ----A---- C:\Windows\system32\cdd.dll
2010-03-01 15:19:00 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-03-01 15:19:00 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-03-01 15:19:00 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-03-01 15:18:37 ----A---- C:\Windows\system32\wtsapi32.dll
2010-03-01 15:18:34 ----A---- C:\Windows\system32\sysmain.dll
2010-03-01 15:16:46 ----A---- C:\Windows\system32\es.dll
2010-03-01 15:16:11 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-03-01 15:15:44 ----A---- C:\Windows\system32\mcmde.dll
2010-03-01 15:15:44 ----A---- C:\Windows\system32\EncDec.dll
2010-03-01 15:15:43 ----A---- C:\Windows\system32\psisdecd.dll
2010-03-01 15:14:27 ----A---- C:\Windows\system32\msshsq.dll
2010-03-01 15:14:16 ----A---- C:\Windows\system32\hcrstco.dll
2010-03-01 15:14:16 ----A---- C:\Windows\system32\hccoin.dll
2010-03-01 15:14:04 ----A---- C:\Windows\system32\kerberos.dll
2010-03-01 15:14:03 ----A---- C:\Windows\system32\schannel.dll
2010-03-01 15:13:38 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-01 15:13:20 ----A---- C:\Windows\system32\slwmi.dll
2010-03-01 15:13:20 ----A---- C:\Windows\system32\SLC.dll
2010-03-01 15:13:20 ----A---- C:\Windows\system32\mcbuilder.exe
2010-03-01 15:13:19 ----A---- C:\Windows\system32\SLUINotify.dll
2010-03-01 15:13:19 ----A---- C:\Windows\system32\SLUI.exe
2010-03-01 15:13:19 ----A---- C:\Windows\system32\SLLUA.exe
2010-03-01 15:13:19 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-03-01 15:13:18 ----A---- C:\Windows\system32\SLsvc.exe
2010-03-01 15:13:18 ----A---- C:\Windows\system32\slcinst.dll
2010-03-01 15:12:54 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-03-01 15:12:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-03-01 15:12:52 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-03-01 15:12:21 ----A---- C:\Windows\system32\ntprint.exe
2010-03-01 15:12:21 ----A---- C:\Windows\system32\ntprint.dll
2010-03-01 15:12:20 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-03-01 15:12:20 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-03-01 15:12:20 ----A---- C:\Windows\system32\dhcpcmonitor.dll
2010-03-01 15:12:20 ----A---- C:\Windows\system32\authui.dll
2010-03-01 15:12:18 ----A---- C:\Windows\system32\sendmail.dll
2010-03-01 15:10:10 ----D---- C:\ProgramData\NVIDIA
2010-03-01 15:08:53 ----D---- C:\Program Files\NVIDIA Corporation
2010-03-01 15:07:33 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-03-01 15:07:33 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-03-01 15:07:33 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-03-01 15:07:33 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-03-01 15:07:33 ----A---- C:\Windows\system32\msdrm.dll
2010-03-01 15:07:32 ----A---- C:\Windows\system32\secproc_isv.dll
2010-03-01 15:07:32 ----A---- C:\Windows\system32\secproc.dll
2010-03-01 15:07:32 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-03-01 15:07:32 ----A---- C:\Windows\system32\RMActivate.exe
2010-03-01 15:07:03 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-03-01 15:07:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-03-01 15:06:40 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-03-01 15:06:38 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-03-01 15:06:37 ----A---- C:\Windows\system32\gameux.dll
2010-03-01 15:06:18 ----A---- C:\Windows\system32\connect.dll
2010-03-01 15:06:07 ----A---- C:\Windows\system32\crypt32.dll
2010-03-01 15:05:20 ----A---- C:\Windows\system32\wmploc.DLL
2010-03-01 15:05:19 ----A---- C:\Windows\system32\wmp.dll
2010-03-01 15:05:19 ----A---- C:\Windows\system32\spwmp.dll
2010-03-01 15:05:18 ----A---- C:\Windows\system32\dxmasf.dll
2010-03-01 15:05:14 ----A---- C:\Windows\system32\unregmp2.exe
2010-03-01 14:59:02 ----D---- C:\Program Files\OfflineList 0.7.2
2010-03-01 14:54:22 ----A---- C:\Windows\system32\Chip.dll
2010-03-01 14:27:08 ----D---- C:\Windows\Program Files
2010-03-01 14:24:46 ----D---- C:\ProgramData\NOS
2010-03-01 10:36:57 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\uTorrent
2010-03-01 04:04:53 ----D---- C:\Windows\Panther
2010-03-01 02:21:59 ----A---- C:\Windows\system32\t2embed.dll
2010-03-01 02:21:59 ----A---- C:\Windows\system32\atmfd.dll
2010-03-01 02:21:58 ----A---- C:\Windows\system32\lpk.dll
2010-03-01 02:21:58 ----A---- C:\Windows\system32\fontsub.dll
2010-03-01 02:21:58 ----A---- C:\Windows\system32\dciman32.dll
2010-03-01 02:21:58 ----A---- C:\Windows\system32\atmlib.dll
2010-03-01 02:19:38 ----A---- C:\Windows\system32\iedkcs32.dll
2010-03-01 02:19:38 ----A---- C:\Windows\system32\ieakui.dll
2010-03-01 02:19:38 ----A---- C:\Windows\system32\ieaksie.dll
2010-03-01 02:19:38 ----A---- C:\Windows\system32\advpack.dll
2010-03-01 02:19:38 ----A---- C:\Windows\system32\admparse.dll
2010-03-01 02:19:37 ----A---- C:\Windows\system32\ieapfltr.dll
2010-03-01 02:19:36 ----A---- C:\Windows\system32\wininet.dll
2010-03-01 02:19:36 ----A---- C:\Windows\system32\jsproxy.dll
2010-03-01 02:19:36 ----A---- C:\Windows\system32\dxtrans.dll
2010-03-01 02:19:35 ----A---- C:\Windows\system32\dxtmsft.dll
2010-03-01 02:19:34 ----A---- C:\Windows\system32\msfeeds.dll
2010-03-01 02:19:34 ----A---- C:\Windows\system32\ieui.dll
2010-03-01 02:19:33 ----A---- C:\Windows\system32\ieframe.dll
2010-03-01 02:19:31 ----A---- C:\Windows\system32\mshtmler.dll
2010-03-01 02:19:31 ----A---- C:\Windows\system32\mshtmled.dll
2010-03-01 02:19:31 ----A---- C:\Windows\system32\ieencode.dll
2010-03-01 02:19:30 ----A---- C:\Windows\system32\mshtml.dll
2010-03-01 02:19:27 ----A---- C:\Windows\system32\mstime.dll
2010-03-01 02:19:27 ----A---- C:\Windows\system32\icardie.dll
2010-03-01 02:19:25 ----A---- C:\Windows\system32\ieUnatt.exe
2010-03-01 02:19:24 ----A---- C:\Windows\system32\occache.dll
2010-03-01 02:19:23 ----A---- C:\Windows\system32\urlmon.dll
2010-03-01 02:19:23 ----A---- C:\Windows\system32\pngfilt.dll
2010-03-01 02:19:23 ----A---- C:\Windows\system32\iertutil.dll
2010-03-01 02:19:22 ----A---- C:\Windows\system32\iesetup.dll
2010-03-01 02:19:22 ----A---- C:\Windows\system32\iernonce.dll
2010-03-01 02:19:22 ----A---- C:\Windows\system32\ie4uinit.exe
2010-03-01 02:17:11 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-03-01 02:17:10 ----A---- C:\Windows\system32\winipsec.dll
2010-03-01 02:17:10 ----A---- C:\Windows\system32\polstore.dll
2010-03-01 02:17:10 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-03-01 02:14:50 ----A---- C:\Windows\system32\msoert2.dll
2010-03-01 02:14:50 ----A---- C:\Windows\system32\msoeacct.dll
2010-03-01 02:14:50 ----A---- C:\Windows\system32\ACCTRES.dll
2010-03-01 02:13:34 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-03-01 02:13:34 ----A---- C:\Windows\system32\netiohlp.dll
2010-03-01 02:13:34 ----A---- C:\Windows\system32\netevent.dll
2010-03-01 02:13:34 ----A---- C:\Windows\system32\MRINFO.EXE
2010-03-01 02:13:34 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-03-01 02:13:34 ----A---- C:\Windows\system32\finger.exe
2010-03-01 02:13:33 ----A---- C:\Windows\system32\ROUTE.EXE
2010-03-01 02:13:33 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-03-01 02:13:33 ----A---- C:\Windows\system32\ARP.EXE
2010-03-01 02:12:05 ----A---- C:\Windows\system32\WebClnt.dll
2010-03-01 02:11:00 ----A---- C:\Windows\system32\L2SecHC.dll
2010-03-01 02:10:59 ----A---- C:\Windows\system32\wlansvc.dll
2010-03-01 02:10:59 ----A---- C:\Windows\system32\wlansec.dll
2010-03-01 02:10:59 ----A---- C:\Windows\system32\wlanmsm.dll
2010-03-01 02:10:59 ----A---- C:\Windows\system32\wlanhlp.dll
2010-03-01 02:10:59 ----A---- C:\Windows\system32\wlanapi.dll
2010-03-01 02:09:44 ----A---- C:\Windows\system32\msxml3.dll
2010-03-01 02:09:43 ----A---- C:\Windows\system32\msxml6r.dll
2010-03-01 02:09:43 ----A---- C:\Windows\system32\msxml6.dll
2010-03-01 02:09:43 ----A---- C:\Windows\system32\msxml3r.dll
2010-03-01 02:08:26 ----A---- C:\Windows\system32\wdigest.dll
2010-03-01 02:08:26 ----A---- C:\Windows\system32\secur32.dll
2010-03-01 02:08:26 ----A---- C:\Windows\system32\msv1_0.dll
2010-03-01 02:08:26 ----A---- C:\Windows\system32\lsass.exe
2010-03-01 02:08:26 ----A---- C:\Windows\system32\lsasrv.dll
2010-03-01 02:07:16 ----A---- C:\Windows\system32\winsrv.dll
2010-03-01 02:07:16 ----A---- C:\Windows\system32\csrsrv.dll
2010-03-01 02:06:14 ----A---- C:\Windows\system32\rrinstaller.exe
2010-03-01 02:06:14 ----A---- C:\Windows\system32\mfps.dll
2010-03-01 02:06:14 ----A---- C:\Windows\system32\mf.dll
2010-03-01 02:06:13 ----A---- C:\Windows\system32\mfpmp.exe
2010-03-01 02:06:13 ----A---- C:\Windows\system32\mferror.dll
2010-03-01 02:06:12 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-03-01 02:03:43 ----A---- C:\Windows\system32\winhttp.dll
2010-03-01 02:01:26 ----A---- C:\Windows\system32\atl.dll
2010-03-01 02:00:21 ----A---- C:\Windows\system32\gdi32.dll
2010-03-01 01:56:48 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-03-01 01:55:48 ----A---- C:\Windows\system32\xolehlp.dll
2010-03-01 01:55:48 ----A---- C:\Windows\system32\msdtcprx.dll
2010-03-01 01:54:44 ----A---- C:\Windows\system32\wkssvc.dll
2010-03-01 01:53:40 ----A---- C:\Windows\system32\tsgqec.dll
2010-03-01 01:53:40 ----A---- C:\Windows\system32\mstscax.dll
2010-03-01 01:53:40 ----A---- C:\Windows\system32\aaclient.dll
2010-03-01 01:52:30 ----A---- C:\Windows\system32\wmpeffects.dll
2010-03-01 01:50:18 ----A---- C:\Windows\system32\msscp.dll
2010-03-01 01:49:13 ----A---- C:\Windows\system32\wfapigp.dll
2010-03-01 01:49:13 ----A---- C:\Windows\system32\MPSSVC.dll
2010-03-01 01:49:13 ----A---- C:\Windows\system32\icfupgd.dll
2010-03-01 01:49:13 ----A---- C:\Windows\system32\FirewallAPI.dll
2010-03-01 01:49:12 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-03-01 01:49:12 ----A---- C:\Windows\system32\cmifw.dll
2010-03-01 01:48:12 ----A---- C:\Windows\system32\netapi32.dll
2010-03-01 01:45:33 ----A---- C:\Windows\system32\shell32.dll
2010-03-01 01:44:19 ----A---- C:\Windows\system32\tzres.dll
2010-03-01 01:43:12 ----A---- C:\Windows\system32\localspl.dll
2010-03-01 01:42:17 ----A---- C:\Windows\system32\DWWIN.EXE
2010-03-01 01:41:25 ----A---- C:\Windows\explorer.exe
2010-03-01 01:40:52 ----N---- C:\Windows\system32\MpSigStub.exe
2010-03-01 01:39:18 ----A---- C:\Windows\system32\netcfg.exe
2010-03-01 01:38:02 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2010-03-01 01:38:02 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2010-03-01 01:38:02 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2010-03-01 01:38:01 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2010-03-01 01:38:01 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2010-03-01 01:38:01 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2010-03-01 01:38:01 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2010-03-01 01:38:00 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2010-03-01 01:37:59 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2010-03-01 01:37:58 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2010-03-01 01:37:58 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2010-03-01 01:37:57 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2010-03-01 01:37:57 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2010-03-01 01:37:56 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2010-03-01 01:37:56 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2010-03-01 01:37:54 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2010-03-01 01:37:53 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2010-03-01 01:37:53 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2010-03-01 01:37:52 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-03-01 01:37:52 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2010-03-01 01:37:50 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-03-01 01:37:49 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2010-03-01 01:37:49 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2010-03-01 01:37:48 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2010-03-01 01:37:48 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2010-03-01 01:37:47 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2010-03-01 01:37:47 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2010-03-01 01:37:46 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2010-03-01 01:37:46 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2010-03-01 01:37:45 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2010-03-01 01:37:45 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2010-03-01 01:37:44 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2010-03-01 01:37:44 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2010-03-01 01:37:44 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2010-03-01 01:37:43 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2010-03-01 01:37:43 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2010-03-01 01:37:42 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2010-03-01 01:37:41 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2010-03-01 01:37:40 ----A---- C:\Windows\system32\NlsModels0011.dll
2010-03-01 01:37:40 ----A---- C:\Windows\system32\NlsData0045.dll
2010-03-01 01:37:39 ----A---- C:\Windows\system32\NlsData0047.dll
2010-03-01 01:37:39 ----A---- C:\Windows\system32\NlsData0046.dll
2010-03-01 01:37:38 ----A---- C:\Windows\system32\NlsData0049.dll
2010-03-01 01:37:38 ----A---- C:\Windows\system32\NlsData0039.dll
2010-03-01 01:37:37 ----A---- C:\Windows\system32\NlsData0021.dll
2010-03-01 01:37:37 ----A---- C:\Windows\system32\NlsData0020.dll
2010-03-01 01:37:36 ----A---- C:\Windows\system32\NlsData0026.dll
2010-03-01 01:37:36 ----A---- C:\Windows\system32\NlsData0024.dll
2010-03-01 01:37:36 ----A---- C:\Windows\system32\NlsData0022.dll
2010-03-01 01:37:35 ----A---- C:\Windows\system32\NlsData0027.dll
2010-03-01 01:37:35 ----A---- C:\Windows\system32\NlsData0013.dll
2010-03-01 01:37:35 ----A---- C:\Windows\system32\NlsData0011.dll
2010-03-01 01:37:35 ----A---- C:\Windows\system32\NlsData0010.dll
2010-03-01 01:37:34 ----A---- C:\Windows\system32\NlsData0019.dll
2010-03-01 01:37:34 ----A---- C:\Windows\system32\NlsData0018.dll
2010-03-01 01:37:34 ----A---- C:\Windows\system32\NlsData0000.dll
2010-03-01 01:37:33 ----A---- C:\Windows\system32\NlsData0003.dll
2010-03-01 01:37:33 ----A---- C:\Windows\system32\NlsData0002.dll
2010-03-01 01:37:33 ----A---- C:\Windows\system32\NlsData0001.dll
2010-03-01 01:37:32 ----A---- C:\Windows\system32\NlsData0007.dll
2010-03-01 01:37:31 ----A---- C:\Windows\system32\NlsData004a.dll
2010-03-01 01:37:31 ----A---- C:\Windows\system32\NlsData0009.dll
2010-03-01 01:37:30 ----A---- C:\Windows\system32\NlsData004e.dll
2010-03-01 01:37:30 ----A---- C:\Windows\system32\NlsData004c.dll
2010-03-01 01:37:30 ----A---- C:\Windows\system32\NlsData004b.dll
2010-03-01 01:37:29 ----A---- C:\Windows\system32\NlsData003e.dll
2010-03-01 01:37:29 ----A---- C:\Windows\system32\NlsData002a.dll
2010-03-01 01:37:29 ----A---- C:\Windows\system32\NlsData001a.dll
2010-03-01 01:37:28 ----A---- C:\Windows\system32\NlsData001b.dll
2010-03-01 01:37:27 ----A---- C:\Windows\system32\NlsData001d.dll
2010-03-01 01:37:27 ----A---- C:\Windows\system32\NlsData000a.dll
2010-03-01 01:37:26 ----A---- C:\Windows\system32\NlsData000f.dll
2010-03-01 01:37:26 ----A---- C:\Windows\system32\NlsData000d.dll
2010-03-01 01:37:26 ----A---- C:\Windows\system32\NlsData000c.dll
2010-03-01 01:37:25 ----A---- C:\Windows\system32\NlsData0414.dll
2010-03-01 01:37:24 ----A---- C:\Windows\system32\NlsData0416.dll
2010-03-01 01:37:24 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-03-01 01:37:23 ----A---- C:\Windows\system32\NlsData081a.dll
2010-03-01 01:37:23 ----A---- C:\Windows\system32\NlsData0816.dll
2010-03-01 01:37:22 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2010-03-01 01:37:22 ----A---- C:\Windows\system32\NlsData0c1a.dll
2010-03-01 01:33:35 ----A---- C:\Windows\system32\setupapi.dll
2010-03-01 01:32:58 ----A---- C:\Windows\system32\srclient.dll
2010-03-01 01:32:58 ----A---- C:\Windows\system32\rstrui.exe
2010-03-01 01:32:57 ----A---- C:\Windows\system32\wpd_ci.dll
2010-03-01 01:32:57 ----A---- C:\Windows\system32\srdelayed.exe
2010-03-01 01:32:57 ----A---- C:\Windows\system32\srcore.dll
2010-03-01 01:32:57 ----A---- C:\Windows\system32\kd1394.dll
2010-03-01 01:32:56 ----A---- C:\Windows\system32\winresume.exe
2010-03-01 01:32:56 ----A---- C:\Windows\system32\winload.exe
2010-03-01 01:32:56 ----A---- C:\Windows\system32\ci.dll
2010-03-01 01:32:55 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-03-01 01:32:55 ----A---- C:\Windows\system32\kbd106n.dll
2010-03-01 01:32:55 ----A---- C:\Windows\system32\drvinst.exe
2010-03-01 01:32:55 ----A---- C:\Windows\system32\dpx.dll
2010-03-01 01:32:55 ----A---- C:\Windows\system32\cfgmgr32.dll
2010-03-01 01:32:54 ----A---- C:\Windows\system32\unlodctr.exe
2010-03-01 01:32:54 ----A---- C:\Windows\system32\oleaut32.dll
2010-03-01 01:32:54 ----A---- C:\Windows\system32\lodctr.exe
2010-03-01 01:32:53 ----A---- C:\Windows\system32\prflbmsg.dll
2010-03-01 01:32:53 ----A---- C:\Windows\system32\loadperf.dll
2010-03-01 01:32:52 ----A---- C:\Windows\system32\schedsvc.dll
2010-03-01 01:32:52 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-03-01 01:32:52 ----A---- C:\Windows\system32\batt.dll
2010-03-01 01:32:51 ----A---- C:\Windows\system32\dispci.dll
2010-03-01 01:31:24 ----A---- C:\Windows\system32\rpcss.dll
2010-03-01 01:31:23 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-03-01 01:31:23 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-03-01 01:31:21 ----A---- C:\Windows\system32\iasdatastore.dll
2010-03-01 01:31:21 ----A---- C:\Windows\system32\iasads.dll
2010-03-01 01:31:20 ----A---- C:\Windows\system32\sdohlp.dll
2010-03-01 01:31:20 ----A---- C:\Windows\system32\iasrecst.dll
2010-03-01 01:30:23 ----A---- C:\Windows\system32\jscript.dll
2010-03-01 01:28:41 ----A---- C:\Windows\system32\WMASF.DLL
2010-03-01 01:28:41 ----A---- C:\Windows\system32\LAPRXY.DLL
2010-03-01 01:28:41 ----A---- C:\Windows\system32\asferror.dll
2010-03-01 01:27:52 ----A---- C:\Windows\system32\kernel32.dll
2010-03-01 01:27:50 ----A---- C:\Windows\system32\apilogen.dll
2010-03-01 01:27:50 ----A---- C:\Windows\system32\amxread.dll
2010-03-01 01:26:45 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-01 01:26:45 ----A---- C:\Windows\system32\httpapi.dll
2010-03-01 01:25:05 ----A---- C:\Windows\system32\win32spl.dll
2010-03-01 01:25:05 ----A---- C:\Windows\system32\printcom.dll
2010-03-01 01:22:18 ----A---- C:\Windows\system32\wshrm.dll
2010-03-01 01:20:48 ----A---- C:\Windows\system32\wmpdxm.dll
2010-03-01 01:19:23 ----A---- C:\Windows\system32\sbunattend.exe
2010-03-01 01:17:26 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-03-01 01:17:26 ----A---- C:\Windows\system32\dnscacheugc.exe
2010-03-01 01:17:26 ----A---- C:\Windows\system32\dnsapi.dll
2010-03-01 01:16:32 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-03-01 01:16:32 ----A---- C:\Windows\system32\netiougc.exe
2010-03-01 01:10:57 ----A---- C:\Windows\system32\infocardapi.dll
2010-03-01 01:10:57 ----A---- C:\Windows\system32\icardres.dll
2010-03-01 01:10:57 ----A---- C:\Windows\system32\icardagt.exe
2010-03-01 01:10:48 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-03-01 01:10:46 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-03-01 01:10:46 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-03-01 01:10:46 ----A---- C:\Windows\system32\PresentationHost.exe
2010-03-01 01:01:25 ----A---- C:\Windows\system32\dfshim.dll
2010-03-01 01:01:24 ----A---- C:\Windows\system32\netfxperf.dll
2010-03-01 01:01:21 ----A---- C:\Windows\system32\mscorier.dll
2010-03-01 01:01:21 ----A---- C:\Windows\system32\mscoree.dll
2010-03-01 01:01:20 ----A---- C:\Windows\system32\mscories.dll
2010-03-01 00:53:40 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-03-01 00:53:40 ----A---- C:\Windows\system32\logagent.exe
2010-03-01 00:53:06 ----A---- C:\Windows\system32\INETRES.dll
2010-03-01 00:53:06 ----A---- C:\Windows\system32\inetcomm.dll
2010-03-01 00:52:56 ----A---- C:\Windows\system32\msasn1.dll
2010-03-01 00:52:38 ----A---- C:\Windows\system32\wmi.dll
2010-03-01 00:52:38 ----A---- C:\Windows\system32\imagehlp.dll
2010-03-01 00:52:32 ----A---- C:\Windows\system32\rpcrt4.dll
2010-03-01 00:52:15 ----A---- C:\Windows\system32\raschap.dll
2010-03-01 00:52:14 ----A---- C:\Windows\system32\rastls.dll
2010-03-01 00:52:02 ----A---- C:\Windows\system32\WSDApi.dll
2010-03-01 00:51:11 ----A---- C:\Windows\system32\poqexec.exe
2010-03-01 00:51:07 ----A---- C:\Windows\system32\user32.dll
2010-03-01 00:50:51 ----A---- C:\Windows\system32\msyuv.dll
2010-03-01 00:50:51 ----A---- C:\Windows\system32\iyuv_32.dll
2010-03-01 00:50:50 ----A---- C:\Windows\system32\tsbyuv.dll
2010-03-01 00:50:50 ----A---- C:\Windows\system32\quartz.dll
2010-03-01 00:50:50 ----A---- C:\Windows\system32\msvidc32.dll
2010-03-01 00:50:50 ----A---- C:\Windows\system32\msvfw32.dll
2010-03-01 00:50:50 ----A---- C:\Windows\system32\msrle32.dll
2010-03-01 00:50:50 ----A---- C:\Windows\system32\mciavi32.dll
2010-03-01 00:50:50 ----A---- C:\Windows\system32\avifil32.dll
2010-03-01 00:50:50 ----A---- C:\Windows\system32\avicap32.dll
2010-03-01 00:50:27 ----A---- C:\Windows\system32\qmgr.dll
2010-03-01 00:50:14 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-03-01 00:22:38 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\Apple Computer
2010-03-01 00:21:06 ----A---- C:\Windows\system32\GEARAspi.dll
2010-03-01 00:21:05 ----DC---- C:\Windows\system32\DRVSTORE
2010-03-01 00:17:02 ----D---- C:\Program Files\iPod
2010-03-01 00:16:01 ----D---- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-03-01 00:09:49 ----D---- C:\Program Files\Bonjour
2010-03-01 00:07:39 ----D---- C:\Program Files\QuickTime
2010-03-01 00:07:35 ----D---- C:\ProgramData\Apple Computer
2010-03-01 00:06:17 ----D---- C:\Program Files\Apple Software Update
2010-02-28 23:58:06 ----D---- C:\Program Files\Unlocker
2010-02-28 23:57:04 ----D---- C:\ProgramData\Apple
2010-02-28 23:57:04 ----D---- C:\Program Files\Common Files\Apple
2010-02-28 23:52:11 ----SHD---- C:\Windows\Installer
2010-02-28 23:41:43 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\Macromedia
2010-02-28 23:41:42 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\Adobe
2010-02-28 23:41:36 ----D---- C:\Windows\system32\Macromed
2010-02-28 23:21:40 ----A---- C:\Windows\system32\wups2.dll
2010-02-28 23:21:40 ----A---- C:\Windows\system32\wucltux.dll
2010-02-28 23:21:40 ----A---- C:\Windows\system32\wuaueng.dll
2010-02-28 23:21:40 ----A---- C:\Windows\system32\wuauclt.exe
2010-02-28 23:21:16 ----A---- C:\Windows\system32\wups.dll
2010-02-28 23:21:16 ----A---- C:\Windows\system32\wudriver.dll
2010-02-28 23:21:16 ----A---- C:\Windows\system32\wuapi.dll
2010-02-28 23:20:49 ----A---- C:\Windows\system32\wuwebv.dll
2010-02-28 23:20:49 ----A---- C:\Windows\system32\wuapp.exe
2010-02-28 23:12:20 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\Mozilla
2010-02-28 23:08:09 ----D---- C:\Program Files\Mozilla Firefox
2010-02-28 23:01:58 ----D---- C:\Program Files\Adobe
2010-02-28 22:55:03 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\ImgBurn
2010-02-28 22:54:36 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\Vso
2010-02-28 22:53:47 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\WinRAR
2010-02-28 22:53:25 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\URSoft
2010-02-28 22:52:35 ----D---- C:\Program Files\NoAdware3
2010-02-28 22:47:32 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\Identities
2010-02-28 22:46:55 ----SD---- C:\Users\Paul Kettlewell\AppData\Roaming\Microsoft
2010-02-28 22:46:55 ----D---- C:\Users\Paul Kettlewell\AppData\Roaming\Media Center Programs
2010-02-28 20:13:59 ----D---- C:\Windows\SoftwareDistribution
2010-02-28 20:12:38 ----D---- C:\Windows\Debug
2010-02-28 20:06:08 ----D---- C:\Windows\Prefetch
2010-02-28 19:32:39 ----SHD---- C:\Boot
2010-02-28 10:27:23 ----RAS---- C:\BOOTSECT.BAK
2010-02-28 09:33:53 ----D---- C:\$UPGRADE.~OS

======List of files/folders modified in the last 1 months======

2010-03-26 14:23:17 ----RD---- C:\Program Files
2010-03-26 14:23:17 ----D---- C:\Windows\Temp
2010-03-26 14:11:56 ----SHD---- C:\System Volume Information
2010-03-26 13:17:43 ----D---- C:\Windows\system32\drivers
2010-03-26 13:17:39 ----SHD---- C:\Config.Msi
2010-03-26 13:17:39 ----D---- C:\Windows\winsxs
2010-03-26 13:17:11 ----D---- C:\Windows\System32
2010-03-26 13:16:47 ----HD---- C:\ProgramData
2010-03-26 12:53:38 ----D---- C:\Windows
2010-03-26 12:51:32 ----D---- C:\Program Files\Common Files
2010-03-26 12:49:56 ----D---- C:\Windows\system32\catroot2
2010-03-26 12:26:56 ----D---- C:\Windows\system32\WDI
2010-03-26 12:18:35 ----D---- C:\Windows\inf
2010-03-26 12:18:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-26 12:15:37 ----D---- C:\Windows\Tasks
2010-03-26 10:06:16 ----D---- C:\Windows\system32\Tasks
2010-03-26 10:05:36 ----D---- C:\Windows\Logs
2010-03-25 21:39:23 ----D---- C:\Windows\system32\catroot
2010-03-21 19:47:16 ----D---- C:\Windows\system32\NDF
2010-03-02 14:12:49 ----D---- C:\Program Files\Common Files\microsoft shared
2010-03-02 14:08:50 ----SD---- C:\ProgramData\Microsoft
2010-03-02 13:04:43 ----RSD---- C:\Windows\Fonts
2010-03-02 09:21:45 ----D---- C:\Windows\Microsoft.NET
2010-03-02 09:21:44 ----RSD---- C:\Windows\assembly
2010-03-02 09:18:15 ----D---- C:\Windows\rescache
2010-03-02 09:16:47 ----D---- C:\Program Files\Windows Calendar
2010-03-02 09:16:46 ----D---- C:\Windows\system32\ras
2010-03-02 09:16:46 ----D---- C:\Windows\system32\icsxml
2010-03-02 09:16:45 ----D---- C:\Windows\system32\wbem
2010-03-02 09:16:44 ----D---- C:\Windows\ehome
2010-03-02 09:16:44 ----D---- C:\Program Files\Windows Defender
2010-03-02 09:16:41 ----D---- C:\Windows\system32\SLUI
2010-03-02 09:16:41 ----D---- C:\Windows\system32\en-US
2010-03-02 09:16:40 ----D---- C:\Windows\AppPatch
2010-03-02 09:16:40 ----D---- C:\Program Files\Windows Mail
2010-03-02 09:16:39 ----D---- C:\Program Files\Windows Media Player
2010-03-01 18:39:50 ----D---- C:\Windows\system32\LogFiles
2010-03-01 15:11:26 ----D---- C:\Windows\system
2010-03-01 15:09:59 ----D---- C:\Windows\Help
2010-03-01 14:55:16 ----D---- C:\Program Files\WinRAR
2010-03-01 09:42:07 ----ASH---- C:\Program Files\desktop.ini
2010-03-01 09:35:45 ----D---- C:\Windows\system32\migration
2010-03-01 09:35:45 ----D---- C:\Program Files\Internet Explorer
2010-03-01 09:35:44 ----D---- C:\Program Files\Common Files\System
2010-03-01 09:35:39 ----D---- C:\Windows\servicing
2010-03-01 09:35:37 ----D---- C:\Windows\system32\manifeststore
2010-03-01 09:35:36 ----D---- C:\Program Files\Windows Sidebar
2010-03-01 09:35:35 ----D---- C:\Windows\system32\XPSViewer
2010-03-01 00:21:01 ----D---- C:\Program Files\iTunes
2010-03-01 00:12:23 ----D---- C:\Program Files\Windows NT
2010-02-28 23:20:18 ----D---- C:\Windows\system32\restore
2010-02-28 22:47:46 ----SHD---- C:\$Recycle.Bin
2010-02-28 22:46:45 ----RD---- C:\Users
2010-02-28 19:27:11 ----D---- C:\Program Files\Your Uninstaller
2010-02-28 19:26:29 ----D---- C:\Program Files\ImgBurn
2010-02-28 15:27:58 ----D---- C:\Temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-03-09 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-03-09 162640]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-03-09 46672]
R1 CLBStor;InstantBurn Storage Helper Driver; C:\Windows\system32\drivers\CLBStor.sys [2009-10-07 15784]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/03/02 13:01:23]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl [2009-09-01 87536]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl [2008-10-07 61424]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-03-09 19024]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-03-09 51792]
R2 CLBUDF;CyberLink InstantBurn UDF Filesystem; C:\Windows\system32\drivers\CLBUDF.sys [2009-10-07 163368]
R3 E100B;Intel® PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hcwPP2;Hauppauge WinTV PVR PCI II ([23|25|26]xxx); C:\Windows\system32\DRIVERS\hcwPP2.sys [2007-02-06 185728]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-03-10 47360]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
R4 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640]
R2 PURE Flow Server;PURE Flow Server; C:\Program Files\PURE Flow Server\twonkymediaserverwatchdog.exe [2009-10-29 239248]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-08-20 244904]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576]

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,618 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:44 PM

Posted 30 March 2010 - 03:01 PM

Hello ,
And welcome.gif to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • GMER log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#3 Astr4twin

Astr4twin
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 01 April 2010 - 02:56 PM

Thank you for getting back to me, i will follow instructions as advised and report back tomorrow. Off to bed with manflu smile.gif

#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,618 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:44 PM

Posted 01 April 2010 - 03:07 PM

Okay, thanks for letting me know smile.gif

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,618 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:44 PM

Posted 08 April 2010 - 12:53 PM

Hello, are you still there?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,618 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:44 PM

Posted 17 April 2010 - 02:19 PM

Due to lack of feedback this topic is now closed.

If you are the original topic starter and you need this topic reopened, please send me a PM.

Everyone else, please start a new topic.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users