Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast>moved to Virus Chest


  • Please log in to reply
7 replies to this topic

#1 peabo

peabo

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 11 February 2013 - 11:42 AM

After a recent "virus/blocked"alert from Avast I ran a full scan and and had these items show in virus chest:

 

Win32:Malware-gen

Win32:PuP-gen [PUP]

NSIS:Adware-HW [PUP]

Win32:Malware-gen

Java-Bitcoin-A [Trj]

Win32:Malware-gen

NSIS:Adware-HW [PUP]

Win32:PUP-gen [PUP]

--------------------------------

 

Done another Avast full scan which didn't detect anything nor did Malwarebytes.  Then done ESET online scan which didn't detect anything.......Should I still be concerened?

 

Thanks


Edited by peabo, 11 February 2013 - 11:45 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:32 PM

Posted 11 February 2013 - 11:56 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results


 



#3 peabo

peabo
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 11 February 2013 - 04:17 PM

TDSSKiller Log too long ........Error : post_too_long.  Is it ok to attach? 

 

ESET had no threats


 

 

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-11 13:39:48
-----------------------------
13:39:48.250    OS Version: Windows 5.1.2600 Service Pack 3
13:39:48.250    Number of processors: 1 586 0x2701
13:39:48.250    ComputerName: YOUR-B27FB1C401  UserName:
13:39:48.656    Initialize success
13:39:48.734    AVAST engine defs: 13021100
13:40:00.765    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-1b
13:40:00.765    Disk 0 Vendor: ST3200826A 3.03 Size: 190782MB BusType: 3
13:40:00.796    Disk 0 MBR read successfully
13:40:00.796    Disk 0 MBR scan
13:40:00.796    Disk 0 unknown MBR code
13:40:00.796    Disk 0 Partition 1 00     0B        FAT32 RECOVERY     6984 MB offset 63
13:40:00.812    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       183787 MB offset 14303520
13:40:00.812    Disk 0 scanning sectors +390700800
13:40:00.875    Disk 0 scanning C:\WINDOWS\system32\drivers
13:40:13.046    Service scanning
13:40:27.953    Modules scanning
13:40:31.968    Disk 0 trace - called modules:
13:40:32.000    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
13:40:32.500    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a54dab8]
13:40:32.500    3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\0000006a[0x8a551c80]
13:40:32.500    5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-1b[0x8a55ad98]
13:40:32.937    AVAST engine scan C:\WINDOWS
13:40:39.796    AVAST engine scan C:\WINDOWS\system32
13:42:44.234    AVAST engine scan C:\WINDOWS\system32\drivers
13:43:05.187    AVAST engine scan C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401.002
13:45:07.875    AVAST engine scan C:\Documents and Settings\All Users
13:46:20.375    Scan finished successfully
13:46:41.140    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401.002\Desktop\MBR.dat"
13:46:41.140    The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401.002\Desktop\aswMBR.txt"


 



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:32 PM

Posted 11 February 2013 - 05:06 PM


Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log



#5 peabo

peabo
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 11 February 2013 - 07:36 PM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.11.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
HP_Administrator :: YOUR-B27FB1C401 [administrator]

2/11/2013 5:40:23 PM
mbam-log-2013-02-11 (17-40-23).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 323738
Time elapsed: 7 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by HP_Administrator (administrator) on 11-02-2013 at 17:51:57
Running from "C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401.002\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : your-b27fb1c401

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

        Physical Address. . . . . . . . . : 00-13-D3-B3-BC-F8

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.103

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 70.60.17.20

                                            70.60.17.22

        Lease Obtained. . . . . . . . . . : Monday, February 11, 2013 1:52:02 PM

        Lease Expires . . . . . . . . . . : Tuesday, February 12, 2013 1:52:02 PM

Server:  rrcs-70-60-17-20.central.biz.rr.com
Address:  70.60.17.20

Name:    google.com
Addresses:  74.125.225.39, 74.125.225.32, 74.125.225.33, 74.125.225.38
      74.125.225.37, 74.125.225.35, 74.125.225.40, 74.125.225.36, 74.125.225.34
      74.125.225.41, 74.125.225.46



Pinging google.com [74.125.225.46] with 32 bytes of data:



Reply from 74.125.225.46: bytes=32 time=41ms TTL=52

Reply from 74.125.225.46: bytes=32 time=43ms TTL=52



Ping statistics for 74.125.225.46:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 41ms, Maximum = 43ms, Average = 42ms

Server:  rrcs-70-60-17-20.central.biz.rr.com
Address:  70.60.17.20

Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=132ms TTL=47

Reply from 206.190.36.45: bytes=32 time=213ms TTL=47



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 132ms, Maximum = 213ms, Average = 172ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 d3 b3 bc f8 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.103      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0    192.168.1.103   192.168.1.103      20
    192.168.1.103  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255    192.168.1.103   192.168.1.103      20
        224.0.0.0        240.0.0.0    192.168.1.103   192.168.1.103      20
  255.255.255.255  255.255.255.255    192.168.1.103   192.168.1.103      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/11/2013 01:34:27 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/11/2013 01:20:05 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/10/2013 07:47:19 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/10/2013 08:39:04 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/10/2013 08:29:34 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/10/2013 08:23:05 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/09/2013 10:50:42 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 18.0.1.4764, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/06/2013 07:21:11 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/05/2013 06:56:58 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/03/2013 08:33:58 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.


System errors:
=============
Error: (02/11/2013 01:34:28 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2

Error: (02/11/2013 01:31:16 PM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (02/11/2013 01:31:16 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort3

Error: (02/11/2013 01:31:16 PM) (Source: 0) (User: )
Description: \Device\CdRom0

Error: (02/11/2013 01:31:16 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort3

Error: (02/11/2013 01:27:55 PM) (Source: 0) (User: )
Description: \Device\CdRom1

Error: (02/11/2013 01:27:55 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort3

Error: (02/11/2013 01:27:55 PM) (Source: 0) (User: )
Description: \Device\CdRom0

Error: (02/11/2013 01:27:55 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort3

Error: (02/10/2013 07:47:28 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2


Microsoft Office Sessions:
=========================
Error: (02/11/2013 01:34:27 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/11/2013 01:20:05 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/10/2013 07:47:19 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/10/2013 08:39:04 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/10/2013 08:29:34 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/10/2013 08:23:05 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/09/2013 10:50:42 PM) (Source: Application Hang)(User: )
Description: firefox.exe18.0.1.4764hungapp0.0.0.000000000

Error: (02/06/2013 07:21:11 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/05/2013 06:56:58 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (02/03/2013 08:33:58 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.


=========================== Installed Programs ============================

7-Zip 9.22beta
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Agere Systems PCI Soft Modem
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
ATI Control Panel (Version: 6.14.10.5166)
ATI Display Driver (Version: 8.17-050813a1-027023C-HP)
Audacity 2.0.2 (Version: 2.0.2)
avast! Free Antivirus (Version: 7.0.1474.0)
BufferChm (Version: 53.0.13.000)
CameraDrivers (Version: 5.0.0.290)
CameraDrivers (Version: 5.0.0.328)
CardRd81 (Version: 4.00.0000.0004)
CCHelp (Version: 4.00.0000.0001)
CCScore (Version: 4.00.0001.0001)
CP_AtenaShokunin1Config (Version: 53.0.13.000)
CP_CalendarTemplates1 (Version: 53.0.13.000)
CP_Package_Basic1 (Version: 53.0.13.000)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
CP_Panorama1Config (Version: 53.0.13.000)
CR2 (Version: 4.00.0000.0003)
CueTour (Version: 53.0.13.000)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 5.2.0.0)
DocumentViewer (Version: 53.0.13.000)
DocumentViewerQFolder (Version: 1.00.0000)
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.9.8 Be
ESET Online Scanner v3
ESSAdpt (Version: 4.00.0001.0001)
ESSANUP (Version: 4.00.0001.0001)
ESSBrwr (Version: 4.00.0000.0001)
ESSCAM (Version: 4.00.0001.0001)
ESSCDBK (Version: 4.00.0001.0001)
ESScore (Version: 4.00.0001.0001)
ESSCT (Version: 4.00.0000.0101)
ESSEMAIL (Version: 4.00.0000.0000)
ESSgui (Version: 4.00.0000.0004)
ESShelp (Version: 4.00.0000.0003)
ESSini (Version: 4.00.0001.0101)
ESSPCD (Version: 4.00.0000.0001)
ESSSONIC (Version: 4.00.0000.0003)
ESSTUTOR (Version: 4.00.0000.0103)
ESSvpaht (Version: 4.00.0000.0003)
ESSvpot (Version: 4.00.0000.0101)
Fax (Version: 50.0.206.000)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.135)
Ham Radio Deluxe (Version: 5.24.38.0)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HLPCCTR (Version: 4.00.0000.0003)
HLPIndex (Version: 4.00.0000.0003)
HLPSFO (Version: 4.00.0000.0103)
HP Boot Optimizer (Version: 1.0.2)
HP Deskjet Printer Preload (Version: 10.1.0)
HP DigitalMedia Archive (Version: 1.2)
HP Document Viewer 5.3 (Version: 5.3)
HP Image Zone 5.3 (Version: 5.3)
HP Image Zone for Media Center PC (Version: 1.02.001)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP Multimedia Keyboard Software
HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1)
HP Photosmart Cameras 5.0 (Version: 5.0)
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HP Tunes (Version: 2.1.0.2)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 53.0.13.000)
HpSdpAppCoreApp (Version: 3.00.0000)
InstantShareAlert (Version: 1.00.0000)
InstantShareDevices (Version: 53.0.13.000)
IntelliMover Data Transfer Demo
InterVideo WinDVD Player
InterVideo WinDVD Player (Version: 5.0-B11.789)
iTunes (Version: 4.8.0.31)
Java 7 Update 13 (Version: 7.0.130)
Java Auto Updater (Version: 2.1.9.0)
Kodak EasyShare software
KSU (Version: 632.62.0002.0001)
LAME v3.99.3 (for Windows)
LightScribe  1.4.31.1 (Version: 1.4.31.1)
Lotto Calculator
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft ActiveSync (Version: 4.5.5096.0)
Microsoft Money 2005 (Version: 14)
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft Plus! Dancer LE (Version: 1.1.0.3522)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3500)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 08.04.0623)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
Mozilla Thunderbird 17.0.2 (x86 en-US) (Version: 17.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 4.0 (Version: 4.00.050)
muvee autoProducer unPlugged 1.1 - HPD (Version: 1.1.000)
Nero PhotoShow Express (Version: 3.0)
Nero Suite
NewCopy (Version: 50.0.206.000)
Notifier (Version: 4.00.0000.0101)
OfotoXMI (Version: 4.00.0001.0001)
OTtBP (Version: 4.00.0000.0003)
OTtBPSDK (Version: 4.00.0000.0000)
Otto
PanoStandAlone (Version: 53.0.13.000)
PC-Doctor 5 for Windows (Version: 5.00.2832.01)
PCDLNCH (Version: 4.00.0001.0001)
PeaZip 4.8
PhotoGallery (Version: 53.0.13.000)
PS2
PSPrinters08 (Version: 8.01.0000)
PSTAPlugin (Version: 8.01.0000)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3 (Version: 2.2.3)
Quicken 2010 (Version: 19.1.1.27)
Quicken WillMaker Plus 2007
QuickTime
QuickTime (Version: 7.73.80.64)
RandMap (Version: 53.0.13.000)
Readme (Version: 50.0.206.000)
REALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.80)
Samsung ML-2010 Series
Sansa Media Converter
Sansa Updater (Version: 1.313)
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
SFR (Version: 3.03.0000.0001)
SFR2 (Version: 3.03.0000.0002)
SkinsHP1 (Version: 53.0.13.000)
Smart Numbers QuickPick V1.0.6 (Version: 1.0.640)
SolutionCenter (Version: 50.0.152.000)
Sonic Encoders (Version: 1.00)
Sonic Express Labeler (Version: 2.1.0)
Sonic MyDVD Plus (Version: 6.1.3)
Sonic RecordNow Audio (Version: 2.0.2)
Sonic RecordNow Copy (Version: 2.0.2)
Sonic RecordNow Data (Version: 2.0.2)
Sonic Update Manager (Version: 3.0.0)
Sonic_PrimoSDK (Version: 53.0.13.000)
Status (Version: 53.0.13.000)
TrayApp (Version: 53.0.13.000)
Tunatic
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
Updates from HP (remove only)
VCAMCEN (Version: 4.00.0001.0002)
VPRINTOL (Version: 4.00.0000.0001)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Winamp (Version: 5.52 )
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows Media Player 10 Hotfix - KB894476
Windows Media Player 10 Hotfix [See KB889858 for more information]
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
Xilisoft DVD Ripper Ultimate (Version: 5.0.62.0115)
XML Paper Specification Shared Components Pack 1.0

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 1982.48 MB
Available physical RAM: 1449.26 MB
Total Pagefile: 3874.91 MB
Available Pagefile: 3546.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.54 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:179.48 GB) (Free:109.94 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:6.81 GB) (Free:0.37 GB) FAT32

========================= Users: ========================================

User accounts for \\YOUR-B27FB1C401

Administrator            Guest                    HelpAssistant            
HP_Administrator         SUPPORT_388945a0         SUPPORT_fddfa904         


**** End of log ****

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Farbar Service Scanner Version: 10-02-2013
Ran by HP_Administrator (administrator) on 11-02-2013 at 18:55:26
Running from "C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401.002\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Other errors
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2012-02-01 12:04] - [2008-04-14 04:42] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2012-02-01 12:02] - [2009-02-06 06:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
aswTdi(8) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000008000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

# AdwCleaner v2.112 - Logfile created 02/11/2013 at 19:02:58
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : HP_Administrator - YOUR-B27FB1C401
# Boot Mode : Normal
# Running from : C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401.002\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
Folder Found : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

-\\ Google Chrome v [Unable to get version]

*************************

AdwCleaner[R1].txt - [843 octets] - [11/02/2013 19:02:58]

########## EOF - C:\AdwCleaner[R1].txt - [902 octets] ##########
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Microsoft Windows XP x86
Ran by HP_Administrator on Mon 02/11/2013 at 19:05:58.31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Search Bar
Successfully repaired: [Registry Value] hkey_users\\software\microsoft\internet explorer\main\\Search Bar
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Search Page
Successfully repaired: [Registry Value] hkey_users\\software\microsoft\internet explorer\main\\Search Page



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\start menu\programs\hot deals"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 02/11/2013 at 19:12:02.07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

 

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/11/2013 07:22:53 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe (PID: 2032) [WD-HEUR]
 * C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401.002\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (PID: 316) [UP-HEUR]
 * c:\windows\system\hpsysdrv.exe (PID: 2576) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 02/11/2013 07:23:24 PM
Execution time: 0 hours(s), 0 minute(s), and 31 seconds(s)

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "ATIPTA"    "ATI Desktop Control Panel"    "ATI Technologies, Inc."    "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
+ "avast"    "avast! Antivirus"    "AVAST Software"    "c:\program files\avast software\avast\avastui.exe"
+ "HPBootOp"    "HP Boot Optimizer"    "Hewlett-Packard Company"    "c:\program files\hewlett-packard\hp boot optimizer\hpbootop.exe"
+ "HPHUPD08"    "HPHupd08"    "Hewlett-Packard"    "c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe"
+ "ISUSPM Startup"    "InstallShield Update Service Update Manager"    "InstallShield Software Corporation"    "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "Samsung Common SM"    "Samsung Status Monitor Manager"    "Samsung Electronics."    "c:\windows\samsung\comsmmgr\ssmmgr.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup"    ""    ""    ""
+ "Adobe Gamma Loader.lnk"    "Adobe Gamma Loader"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\calibration\adobe gamma loader.exe"
+ "HP Digital Imaging Monitor.lnk"    "HP Digital Imaging Monitor"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\bin\hpqtra08.exe"
+ "Kodak EasyShare software.lnk"    "Kodak EasyShare software"    "Eastman Kodak Company"    "c:\program files\kodak\kodak easyshare software\bin\easyshare.exe"
+ "Updates from HP.lnk"    "Updates from HP"    "Hewlett-Packard"    "c:\program files\updates from hp\9972322\program\updates from hp.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "H/PC Connection Agent"    "ActiveSync Connection Manager"    "Microsoft Corporation"    "c:\program files\microsoft activesync\wcescomm.exe"
+ "PhotoShow Deluxe Media Manager"    ""    ""    "c:\program files\ahead\ahead\data\xtras\mssysmgr.exe"
+ "SansaDispatch"    "Sansa Dispatcher"    "SanDisk Corporation"    "c:\documents and settings\hp_administrator.your-b27fb1c401.002\application data\sandisk\sansa updater\sansadispatch.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office11\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "ms-itss"    "Microsoft® InfoTech Storage System Library"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "mso-offdap"    "Microsoft Office XP Web Components"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\web components\10\owc10.dll"
+ "mso-offdap11"    "Microsoft Office Web Components 2003"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""
+ "0"    ""    ""    "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers"    ""    ""    ""
+ "KodakPage"    "Shell Extension Resource DLL"    "Eastman Kodak Company"    "c:\program files\common files\kodak\ifscore\kodakshx.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "00avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "NeroDigitalColumnHandler Class"    "Nero Digital Shell Extension"    "Nero AG"    "c:\program files\common files\ahead\lib\nerodigitalext.dll"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "00avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! WebRep"    "avast! WebRep Plugin"    "AVAST Software"    "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\ssv.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "avast! WebRep"    "avast! WebRep Plugin"    "AVAST Software"    "c:\program files\avast software\avast\aswwebrepie.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "Connection Help"    ""    ""    "c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm"
+ "Create Mobile Favorite"    "ActiveSync Favorite Synchronization"    "Microsoft Corporation"    "c:\program files\microsoft activesync\inetrepl.dll"
+ "Create Mobile Favorite..."    "ActiveSync Favorite Synchronization"    "Microsoft Corporation"    "c:\program files\microsoft activesync\inetrepl.dll"
+ "Windows Messenger"    "Windows Messenger"    "Microsoft Corporation"    "c:\program files\messenger\msmsgs.exe"
"Task Scheduler"    ""    ""    ""
+ "Adobe Flash Player Updater.job"    "Adobe® Flash® Player Update Service 11.5 r502"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "avast! Emergency Update.job"    "avast! Emergency Update"    "AVAST Software"    "c:\program files\avast software\avast\avastemupdate.exe"
+ "Check for updates (Spybot - Search & Destroy).job"    "Update"    "Safer-Networking Ltd."    "c:\program files\spybot - search & destroy 2\sdupdate.exe"
+ "GoogleUpdateTaskMachineCore.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-3306204433-2456921004-2732487804-1008Core.job"    "Google Installer"    "Google Inc."    "c:\documents and settings\hp_administrator\local settings\application data\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-3306204433-2456921004-2732487804-1008UA.job"    "Google Installer"    "Google Inc."    "c:\documents and settings\hp_administrator\local settings\application data\google\update\googleupdate.exe"
+ "ReclaimerUpdateFiles_HP_Administrator.job"    "RealNetworks Installer"    "RealNetworks, Inc."    "c:\documents and settings\hp_administrator\application data\real\update\upgradehelper\realplayer\10.20\agent\rnupgagent.exe"
+ "ReclaimerUpdateXML_HP_Administrator.job"    "RealNetworks Installer"    "RealNetworks, Inc."    "c:\documents and settings\hp_administrator\application data\real\update\upgradehelper\realplayer\10.20\agent\rnupgagent.exe"
+ "Refresh immunization (Spybot - Search & Destroy).job"    "Pro-active browser protection"    "Safer-Networking Ltd."    "c:\program files\spybot - search & destroy 2\sdimmunize.exe"
+ "RNUpgradeHelperLogonPrompt_HP_Administrator.job"    "RealNetworks Installer"    "RealNetworks, Inc."    "c:\documents and settings\hp_administrator\application data\real\update\upgradehelper\realplayer\10.20\agent\rnupgagent.exe"
+ "Scan the system (Spybot - Search & Destroy).job"    "Malware Scanner"    "Safer-Networking Ltd."    "c:\program files\spybot - search & destroy 2\sdscan.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Ati HotKey Poller"    "ATI External Event Utility EXE Module"    "ATI Technologies Inc."    "c:\windows\system32\ati2evxx.exe"
+ "ATI Smart"    "ATI Smart"    ""    "c:\windows\system32\ati2sgag.exe"
+ "avast! Antivirus"    "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler."    "AVAST Software"    "c:\program files\avast software\avast\avastsvc.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "IDriverT"    "Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "iPodService"    "iPod hardware management services"    "Apple Computer, Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService"    "Prefetches JRE files for faster startup of Java applets and applications"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jqs.exe"
+ "LightScribeService"    "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work."    "Hewlett-Packard Company"    "c:\program files\common files\lightscribe\lssrvc.exe"
+ "MDM"    "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\vs7debug\mdm.exe"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "WPFFontCache_v0400"    "Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications."    ""    "File not found: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "Aavmker4"    "avast! Asynchronous Virus Monitor"    "AVAST Software"    "c:\windows\system32\drivers\aavmker4.sys"
+ "AgereSoftModem"    "SoftModem Device Driver"    "Agere Systems"    "c:\windows\system32\drivers\agrsm.sys"
+ "ALCXWDM"    "Realtek AC'97 Audio Driver (WDM)"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\alcxwdm.sys"
+ "AmdK8"    "AMD Processor Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdk8.sys"
+ "Aspi32"    "ASPI for WIN32 Kernel Driver"    "Adaptec"    "c:\windows\system32\drivers\aspi32.sys"
+ "aswFsBlk"    "avast! mini-filter driver (aswFsBlk)"    "AVAST Software"    "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMBR"    ""    ""    "File not found: C:\DOCUME~1\HP_ADM~1.002\LOCALS~1\Temp\aswMBR.sys"
+ "aswMon2"    "avast! Standard Shield Support"    "AVAST Software"    "c:\windows\system32\drivers\aswmon2.sys"
+ "AswRdr"    "avast! TDI Redirect driver"    "AVAST Software"    "c:\windows\system32\drivers\aswrdr.sys"
+ "aswSnx"    "avast! virtualization driver (aswSnx)"    "AVAST Software"    "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP"    "avast! Self Protection"    "AVAST Software"    "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi"    "avast! Network Shield TDI driver"    "AVAST Software"    "c:\windows\system32\drivers\aswtdi.sys"
+ "ati2mtag"    "ATI Radeon WindowsNT Miniport Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\ati2mtag.sys"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "DgiVecp"    "Windows NT 4.0 IEEE-1284 parallel class driver for ECP, Byte, and Nibble modes"    "DeviceGuys, Inc."    "c:\windows\system32\drivers\dgivecp.sys"
+ "ftsata2"    ""    ""    "File not found: system32\DRIVERS\ftsata2.sys"
+ "GEARAspiWDM"    "CDRom Class Filter Driver"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "iaStor"    "Intel Matrix Storage Manager driver"    "Intel Corporation"    "c:\windows\system32\drivers\iastor.sys"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "ltmodem5"    "LT Windows Modem"    "LT"    "c:\windows\system32\drivers\ltmdmnt.sys"
+ "MSI_MSIBIOS_010507"    ""    ""    "File not found: C:\Program Files\MSI\Live Update 5\msibios32_100507.sys"
+ "nmserial"    "Serial Device Driver"    "Windows ® Win 7 DDK provider"    "c:\windows\system32\drivers\nmserial.sys"
+ "NTIOLib_1_0_4"    ""    ""    "File not found: C:\Program Files\MSI\Live Update 5\NTIOLib.sys"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "pcouffin"    "low level access layer for CD/DVD/BD devices"    "VSO Software"    "c:\windows\system32\drivers\pcouffin.sys"
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ps2"    "PS2 SYS"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\ps2.sys"
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20"    "Px Engine Device Driver for Windows 2000/XP"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhelp20.sys"
+ "Rockusb"    "Fuzhou Rockchip USB Driver"    "Fuzhou Rockchip Electronics Co,Ltd."    "c:\windows\system32\drivers\rockusb.sys"
+ "RTL8023xp"    "Realtek 10/100/1000 NDIS 5.1 Driver                         "    "Realtek Semiconductor Corporation                           "    "c:\windows\system32\drivers\rtnicxp.sys"
+ "rtl8139"    "Realtek RTL8139 NDIS 5.0 Driver"    "Realtek Semiconductor Corporation"    "c:\windows\system32\drivers\rtl8139.sys"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "SISNIC"    "SiS PCI Fast Ethernet Adapter Driver"    "SiS Corporation"    "c:\windows\system32\drivers\sisnic.sys"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "vidc.LEAD"    "LEAD MCMP/MJPEG Codec"    "LEAD Technologies, Inc."    "c:\windows\system32\lcodccmp.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "ArcSoft MP3 Encoder"    "ArcSoft Mp3 Encoder"    ""    "c:\program files\common files\arcsoft\shared filters\arcmp3enc.ax"
+ "ArcSoft MP3 Encoder"    "ArcSoft Mp3 Encoder"    ""    "c:\program files\common files\arcsoft\shared filters\arcmp3enc.ax"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ArcGetDataSample"    "ArcGetDataSample"    "arcsoft"    "c:\program files\common files\arcsoft\shared filters\arcgetdatasample.ax"
+ "ArcSoft AAC Decoder"    "ArcSoft AAC Decoder"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\shared filters\aacdecode.ax"
+ "ArcSoft AAC Encoder"    "AACEncoder"    "ArcSoft"    "c:\program files\common files\arcsoft\shared filters\aacencoder.ax"
+ "ArcSoft AC3 Audio Decoder"    "ArcSoft AC3 Audio Decoder"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\mpeg engine\ac3dec.ax"
+ "ArcSoft AMR/AAC Reader"    "ArcSoft AMR/AAC Reader"    "ArcSoft"    "c:\program files\common files\arcsoft\shared filters\amraacreader.ax"
+ "Arcsoft AMRDecoder"    "AMRDecoder"    "ArcSoft"    "c:\program files\common files\arcsoft\shared filters\amrdecoder.ax"
+ "Arcsoft AMREncoder"    "AMREncoder"    "ArcSoft"    "c:\program files\common files\arcsoft\shared filters\amrencoder.ax"
+ "ArcSoft Convert DVD Filter"    "ConvertDVDFilter"    "ArcSoft, Inc."    "c:\program files\common files\arcsoft\shared filters\convertdvdfilter.ax"
+ "ArcSoft Deinterlace"    "deinterlace"    "ArcSoft"    "c:\program files\common files\arcsoft\mpeg engine\deinterlace.ax"
+ "Arcsoft DV Transition"    "DV Transition Buffer"    "Arcsoft"    "c:\program files\common files\arcsoft\mpeg engine\dvtransition.ax"
+ "Arcsoft LPCM Decoder"    "Lpcm decoder"    "Arcsoft"    "c:\program files\common files\arcsoft\shared filters\lpcmdec.ax"
+ "ArcSoft MP3 Encoder"    "ArcSoft Mp3 Encoder"    ""    "c:\program files\common files\arcsoft\shared filters\arcmp3enc.ax"
+ "ArcSoft MP4 Splitter"    "ArcSoft MP4 Splitter Filter "    "ArcSoft Co. (hangzhou, PRC)"    "c:\program files\common files\arcsoft\shared filters\mp4splitter.ax"
+ "ArcSoft MP4Muxer"    "ArcSoft MP4 Muxer Filter"    "ArcSoft"    "c:\program files\common files\arcsoft\shared filters\mp4muxer.ax"
+ "ArcSoft MPEG Audio Decoder"    "ArcSoft Audio Decoder"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\mpeg engine\mpgaudio.ax"
+ "ArcSoft Mpeg Encoder Filter"    ""    "ArcSoft"    "c:\program files\common files\arcsoft\mpeg engine\arcmpegcodec.ax"
+ "ArcSoft Mpeg Mplex Filter"    "MplexFilter"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\mpeg engine\arcmplexfilter.ax"
+ "ArcSoft MPEG Splitter"    "MPGSplitter Filter"    "ArcSoft, Inc."    "c:\program files\common files\arcsoft\mpeg engine\arcspl.ax"
+ "ArcSoft MPEG Video Decoder"    "ArcSoft Mpeg Video Decoder Filter"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\mpeg engine\mpgvideo.ax"
+ "Arcsoft Mpeg2Audio Encoder"    "Mpeg2AudioEncoder"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\mpeg engine\mpeg2audioencoder.ax"
+ "ArcSoft MPEG4 Decoder"    "ArcSoft MPEG-4(ASP) Video Decoder (Filter)"    "Arcsoft"    "c:\program files\common files\arcsoft\shared filters\mp4decoder.ax"
+ "ArcSoft MPEG4 Decoder"    "ArcSoft H.263 Video Decoder (Filter)"    "Arcsoft"    "c:\program files\common files\arcsoft\shared filters\h263dec.ax"
+ "ArcSoft MPEG4 Encoder"    "ArcSoft MPEG-4 Encoder Filter"    "ArcSoft Co. (hangzhou, PRC)"    "c:\program files\common files\arcsoft\shared filters\mp4encoder.ax"
+ "ArcSoft MPEG4 Encoder-EX"    "ArcSoft MPEG-4 Encoder Filter "    "ArcSoft Co. (hangzhou, PRC)"    "c:\program files\common files\arcsoft\shared filters\mp4encoder-ex.ax"
+ "ArcSoft RealMedia Audio Decoder"    "RealAudioDecoder"    "ArcSoft"    "c:\program files\common files\arcsoft\shared filters\realaudiodecoder.ax"
+ "ArcSoft RealMedia Splitter"    "RealMediaSplitter"    "Arcsoft, Inc."    "c:\program files\common files\arcsoft\shared filters\realmediasplitter.ax"
+ "ArcSoft RealMedia Video Decoder"    "RealVideoDecoder"    "ArcSoft"    "c:\program files\common files\arcsoft\shared filters\realvideodecoder.ax"
+ "Arcsoft Realtime Capture Encoder Filter"    "Arc Real time Capture Encoder Filter"    "Arcsoft"    "c:\program files\common files\arcsoft\mpeg engine\arccaptureencoder.ax"
+ "Arcsoft Source Buffer Filter"    "Device Source Buffer Filter"    "ArcSoft Inc."    "c:\program files\common files\arcsoft\mpeg engine\srcbuffer.ax"
+ "ArcSoft TS Stream"    "MPGSplitter Filter"    "ArcSoft, Inc."    "c:\program files\common files\arcsoft\mpeg engine\arctsspl.ax"
+ "Arcsoft WMV/ASF Splitter"    "ArcWmvSpl"    "Arcsoft, Inc."    "c:\program files\common files\arcsoft\shared filters\arcwmvspl.ax"
+ "Audio Destination"    "WAVDest Filter (Sample)"    "Microsoft Corporation"    "c:\program files\google\google earth\client\wavdest.ax"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "DirectShow Tap"    "Sonic DirectShow Tap Filter"    "Sonic Solutions"    "c:\program files\muvee technologies\muvee autoproducer 4.0 - hpd\directshowtap.ax"
+ "DirectShow Tap (Symphony)"    "Sonic DirectShowTap"    "Sonic Solutions"    "c:\windows\ehome\createdisc\filters\directshowtaps.ax"
+ "DV Scenes"    "DV-Timecode based Scenechange Detection"    "Ahead Software AG"    "c:\program files\ahead\nerovision\nvdv.dll"
+ "DV Source Filter"    "DV-Timecode based Scenechange Detection"    "Ahead Software AG"    "c:\program files\ahead\nerovision\nvdv.dll"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "HP Frame Grabber Filter"    "Videotoolkit - Directshow Filters"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\bin\hpqdsftr.ax"
+ "HP MPEG-1 Encoder"    "Videotoolkit - Directshow Filters"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\bin\hpqdsftr.ax"
+ "HP Resize Filter"    "Videotoolkit - Directshow Filters"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\bin\hpqdsftr.ax"
+ "HP Rotate Filter"    "Videotoolkit - Directshow Filters"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\bin\hpqdsftr.ax"
+ "HPITFLTR Source"    "HPITFLTR Dynamic Link Library"    "Hewlett-Packard Development Company, L.P."    "c:\hp\hptunes\hpitfltr.ax"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "InterVideo Audio Decoder"    "IVIAUDIO LOGID.29002"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Audio Processor"    ""    ""    "c:\program files\intervideo\common\bin\iviaudioprocess.ax"
+ "InterVideo Navigator"    "IVINAV LOGID.29002"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\ivinav.ax"
+ "InterVideo Video Decoder"    "IVIVIDEO LOGID.29002"    " InterVideo Inc."    "c:\program files\intervideo\common\bin\ivivideo.ax"
+ "LEAD MCMP/MJPEG Codec"    "LEAD MCMP/MJPEG Codec"    "LEAD Technologies, Inc."    "c:\program files\hp\digital imaging\bin\lcodccmp.dll"
+ "LEAD MCMP/MJPEG Decoder"    "LEAD MCMP/MJPEG Codec"    "LEAD Technologies, Inc."    "c:\program files\hp\digital imaging\bin\lcodccmp.dll"
+ "MainConcept MPEG Audio Decoder"    "MPEG Video and Audio Decoder"    "MainConcept AG"    "c:\program files\common files\muvee technologies\mainconcept\mcdsmpeg.ax"
+ "MainConcept MPEG Splitter"    "Mpeg I/II Splitter"    "MainConcept AG"    "c:\program files\common files\muvee technologies\mainconcept\mcspmpeg.ax"
+ "MainConcept MPEG Video Decoder"    "MPEG Video and Audio Decoder"    "MainConcept AG"    "c:\program files\common files\muvee technologies\mainconcept\mcdsmpeg.ax"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"
+ "muvee HXImage Filter"    "HXImage Filter for muvee autoProducer"    "muvee Technologies Pte Ltd"    "c:\program files\common files\muvee technologies\030625\hximagefilter.ax"
+ "muvee Music Analyser"    "Music Analyser Filter for muvee autoProducer"    "muvee Technologies Pte Ltd"    "c:\program files\common files\muvee technologies\030625\mvmanalyse.ax"
+ "muvee Video Analyser"    "Video Analyser Filter for muvee autoProducer"    "muvee Technologies Pte Ltd"    "c:\program files\common files\muvee technologies\030625\mvvanalyse.ax"
+ "Nero Audio CD Filter"    "Nero Audio CD Source Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Encoder"    " "    "Ahead Software AG
Karlsbad
Germany
Phone: ++49-7248-911-800
Fax: ++49-7248-911-888
E-Mail: info@nero.com"    "c:\program files\common files\ahead\dsfilter\neaudioenc.ax"
+ "Nero Audio Processor"    "Nero Audio Processor"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudioconv.ax"
+ "Nero Audio Source"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Digital Audio Decoder"    "Nero Digital Audio Decoding Filter"    "Nero AG and its licensors"    "c:\program files\common files\ahead\dsfilter\neaudio.ax"
+ "Nero Digital AVC Audio Encoder"    "LC AAC and HE AAC encoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer"    "Muxing filter for NeroDigital file format"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer"    "Muxing filter for NeroDigital file format"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer"    "Muxing filter for NeroDigital file format"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital Parser"    "NeroDigital / mp4 / avi / mov parser"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter"    "DV Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero DVD Decoder"    "MPEG-1/2/4 & AVC video decoder w/ DxVA"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero DVD Navigator"    "Nero DVD Navigator Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nedvd.ax"
+ "Nero ES Video Reader"    "NeroDigital / mp4 / avi / mov parser"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero File Source"    "Nero SVCD source filter"    "Nero AG "    "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)"    "NeFileSourceAsync"    "Ahead Software AG"    "c:\program files\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter"    "Push Mode VOB Source Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nefsource.ax"
+ "Nero Format Converter"    "NeroFormatConv"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Frame Capture"    "Direct Show frame grabber filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\necapture.ax"
+ "Nero Mpeg2 Encoder"    "MPEG 1/2 encoder filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Photo Source"    "NePhotoSource"    "Ahead Software AG"    "c:\program files\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PS Muxer"    "PS Muxer Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder"    "QuickTime™ Decoder Wrapper"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder"    "QuickTime™ Decoder Wrapper"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero Scene Change Detector"    "Scene Change Detector"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector"    "Scene Change Detector"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Splitter"    "Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Vcd Navigator"    "Nero Vcd Navigator Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer"    "Nero Video Analyzer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Decoder"    "MPEG-1/2/4 & AVC video decoder w/ DxVA"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero Video Processor"    "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Source"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Photo Story 2 Trial Source Filter"    "Plus! Photo Story 2 LE"    "Microsoft Corporation"    "c:\program files\microsoft plus! photo story 2 le\pssf2try.dll"
+ "QuickTime Encoder"    "QuickTime Encoder"    "muvee Technologies"    "c:\program files\common files\muvee technologies\030625\quicktimesink.ax"
+ "QuickTime Source Filter"    "QuickTimeSource Module"    ""    "c:\program files\common files\muvee technologies\030625\quicktimesource.dll"
+ "QuickTimeRenderer Filter"    "QuickTimeRenderer Filter"    "muvee Technologies Pte. Ltd."    "c:\program files\common files\muvee technologies\030625\quicktimerenderer.ax"
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "RTStreamSink"    "RTStream Sink Filter"    "Sonic Solutions"    "c:\program files\muvee technologies\muvee autoproducer 4.0 - hpd\rtstreamsink.ax"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Sonic Audio Depth Converter"    "AudioDepthConverter"    "Sonic Solutions"    "c:\program files\muvee technologies\muvee autoproducer 4.0 - hpd\audiodepthconverter.ax"
+ "Sonic Audio Depth Converter (Symphony)"    "Sonic AudioDepthConverter"    "Sonic Solutions"    "c:\windows\ehome\createdisc\filters\audiodepthconverters.ax"
+ "Sonic Cinemaster MPEG Splitter"    "Sonic MPEG Splitter"    ""    "c:\program files\muvee technologies\muvee autoproducer 4.0 - hpd\sonicmpegsplitter.dll"
+ "Sonic Cinemaster MPEG Splitter (Symphony)"    "Sonic MPEG Splitter"    "Sonic Solutions"    "c:\windows\ehome\createdisc\filters\sonicmpegsplitters.dll"
+ "Sonic MPEG Audio Decoder"    "SonicMPEGAudio"    "Sonic Solutions"    "c:\program files\muvee technologies\muvee autoproducer 4.0 - hpd\sonicmpegaudio.dll"
+ "Sonic MPEG Non-Pro Audio Decoder (Symphony)"    "Sonic MPEG Audio Decoder"    "Sonic Solutions"    "c:\windows\ehome\createdisc\filters\sonicmpegaudios.dll"
+ "Sonic MPEG Video Decoder"    "SonicMPEGVideo"    "Sonic Solutions"    "c:\program files\muvee technologies\muvee autoproducer 4.0 - hpd\sonicmpegvideo.dll"
+ "Sonic MPEG Video Decoder (Symphony)"    "Sonic MPEG Video Decoder"    "Sonic Solutions"    "c:\windows\ehome\createdisc\filters\sonicmpegvideos.dll"
+ "Sonic RTStreamSink (Symphony)"    "Sonic RTStreamSink"    "Sonic Solutions"    "c:\windows\ehome\createdisc\filters\rtstreamsinks.ax"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Tivo DirectShow Source Filter"    "TiVo DirectShow Filter"    "TiVo Inc."    "c:\program files\common files\tivo shared\directshow\tivodirectshowfilter.dll"
+ "WAV Dest Trial"    "Plus! Photo Story 2 LE"    "Microsoft Corporation"    "c:\program files\microsoft plus! photo story 2 le\wavd2try.dll"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "AtiExtEvent"    "ATI External Event Utility DLL Module"    "ATI Technologies Inc."    "c:\windows\system32\ati2evxx.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "HP Standard TCP/IP Port"    "Standard TCP/IP Port Monitor DLL"    "Hewlett Packard"    "c:\windows\system32\hptcpmon.dll"
+ "SUGS2 Langmon"    "Language Monitor for Status Monitor"    "Samsung Electronics."    "c:\windows\system32\sugs2lmk.dll"
 



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:32 PM

Posted 11 February 2013 - 10:30 PM

Run adware cleaner and make sure to select DELETE,post the new log

 

Current issues?



#7 peabo

peabo
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 12 February 2013 - 06:33 AM

Haven't had any issues..... If it was you, would it be wise to change all passwords at this time? 

 

 

Thank you for your help and time.icon_bananas.gif

 

 

 

 

 

# AdwCleaner v2.112 - Logfile created 02/12/2013 at 06:20:04
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : HP_Administrator - YOUR-B27FB1C401
# Boot Mode : Normal
# Running from : C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401.002\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

-\\ Google Chrome v [Unable to get version]

*************************

AdwCleaner[R1].txt - [970 octets] - [11/02/2013 19:02:58]
AdwCleaner[R2].txt - [724 octets] - [12/02/2013 06:20:04]
AdwCleaner[S1].txt - [382 octets] - [12/02/2013 06:19:15]

########## EOF - C:\AdwCleaner[R2].txt - [842 octets] ##########



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:32 PM

Posted 12 February 2013 - 09:01 AM

I will change the passwords :)

 

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users