Jump to content

Recommended Posts

Hello,

I got infected by the said names above and I have been using MBAM to remove them. However, they have been coming back "everyday". So I figured, there was an exploit that keeps my pc re-infected.

I downloaded and ran Kaspersky Rescue Disk 10 and it found some trojan downloader etc.. and I removed it.

Now I ran MBAM and updated again and it did not find anything anymore... so I was expecting everything is okay. (by the way I also tried TDSSKiller by Kaspersky and it did not find anything)

My issue now is that when I google something and click on the link on the results... It still redirect me to a numeric ip with /c.php?blahblah something.

I went ahead and downloaded and ran ComboFix and below is the result. (please delete after) Thanks!

===============================================================

ComboFix 12-05-10.04 - michaelrp 05/10/2012 14:31:37.2.8 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16366.14243 [GMT -7:00]

Running from: c:\users\michaelrp\Desktop\ComboFix.exe

SP: PC Tools Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-04-10 to 2012-05-10 )))))))))))))))))))))))))))))))

.

.

2012-05-10 21:34 . 2012-05-10 21:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-05-10 21:34 . 2012-05-10 21:34 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-10 18:13 . 2012-04-13 21:28 85192 ----a-w- c:\windows\system32\drivers\PCTBD64.sys

2012-05-10 18:10 . 2012-04-23 21:18 251528 ----a-w- c:\windows\system32\drivers\PCTSD64.sys

2012-05-10 18:10 . 2012-05-10 18:12 -------- d-----w- c:\programdata\PC Tools

2012-05-10 18:10 . 2012-05-10 18:10 -------- d-----w- c:\users\michaelrp\AppData\Roaming\TestApp

2012-05-10 17:12 . 2012-05-10 17:12 -------- d-----w- C:\TDSSKiller_Quarantine

2012-05-10 16:39 . 2012-05-10 16:39 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-10 16:39 . 2012-05-10 16:39 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-05-10 02:48 . 2012-05-10 03:12 -------- d-----w- c:\users\michaelrp\DoctorWeb

2012-05-10 02:29 . 2012-05-10 02:29 -------- d-----w- c:\windows\system32\appmgmt

2012-05-08 21:32 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll

2012-05-08 21:32 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-05-08 21:32 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-08 21:32 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-05-08 21:32 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-05-08 21:32 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys

2012-05-08 21:32 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-05-08 21:32 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-05-08 21:32 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2012-05-08 21:32 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-08 21:32 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2012-05-08 21:32 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-08 21:31 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2012-05-08 21:29 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E798604E-7681-4A80-8BE7-1DC15512EB01}\mpengine.dll

2012-05-06 00:01 . 2012-05-06 00:01 -------- d-----w- c:\program files (x86)\TopCMM

2012-05-02 06:21 . 2012-05-02 06:21 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-05-02 06:21 . 2012-05-02 06:21 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-05-02 06:21 . 2012-05-02 06:21 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2012-04-12 10:00 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-04-12 10:00 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-04-12 10:00 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2012-04-12 10:00 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2012-04-12 10:00 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-04-12 10:00 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-04-12 10:00 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-04-11 18:16 . 2012-05-06 07:16 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-04-11 00:14 . 2012-04-11 00:31 -------- d-----w- c:\program files (x86)\Canon

2012-04-11 00:14 . 2012-04-11 00:14 -------- d-----w- c:\programdata\Canon IJ Network Tool

2012-04-11 00:14 . 2012-04-11 00:14 -------- d-----w- c:\programdata\CanonIJFAX

2012-04-11 00:14 . 2010-09-13 21:44 106496 ----a-w- c:\windows\SysWow64\CNC880U.dll

2012-04-11 00:14 . 2010-09-07 00:03 315392 ----a-w- c:\windows\SysWow64\CNC880L.dll

2012-04-11 00:14 . 2008-08-26 01:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll

2012-04-11 00:14 . 2012-04-11 00:14 -------- d-----w- c:\windows\system32\STRING

2012-04-11 00:14 . 2010-09-08 23:27 37376 ----a-w- c:\windows\system32\CNMN6UI.DLL

2012-04-11 00:14 . 2010-09-08 23:27 328192 ----a-w- c:\windows\system32\CNMN6PPM.DLL

2012-04-11 00:14 . 2010-09-08 23:26 342016 ----a-w- c:\windows\SysWow64\CNMNPPM.DLL

2012-04-11 00:13 . 2012-04-11 00:13 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information

2012-04-11 00:13 . 2012-04-11 00:13 -------- d-----w- c:\programdata\CanonBJ

2012-04-11 00:13 . 2010-10-18 12:00 88576 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAN.DLL

2012-04-11 00:13 . 2010-10-18 12:00 29696 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAN.DLL

2012-04-11 00:13 . 2010-10-18 12:00 374784 ----a-w- c:\windows\system32\CNMLMAN.DLL

2012-04-11 00:13 . 2010-10-19 12:00 302080 ----a-w- c:\windows\system32\CNCALAN.DLL

2012-04-11 00:13 . 2010-09-07 17:58 248320 ----a-w- c:\windows\system32\CNMIUAN.DLL

2012-04-11 00:13 . 2012-04-11 00:13 -------- d-----w- c:\program files\CanonBJ

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-13 20:55 . 2012-05-10 18:13 3488 ----a-w- c:\windows\UDB.zip

2012-04-13 20:55 . 2012-05-10 18:13 131 ----a-w- c:\windows\IDB.zip

2012-04-04 22:56 . 2012-03-05 04:14 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-07 22:45 . 2012-03-08 23:50 69632 ----a-w- C:\nporbit.dll

2012-02-25 05:40 . 2012-02-25 05:40 31232 ----a-w- c:\windows\SysWow64\prevhost.exe

2012-02-25 05:40 . 2012-02-25 05:40 31232 ----a-w- c:\windows\system32\prevhost.exe

2012-02-25 05:40 . 2012-02-25 05:40 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe

2012-02-25 05:40 . 2012-02-25 05:40 778752 ----a-w- c:\windows\system32\mssvp.dll

2012-02-25 05:40 . 2012-02-25 05:40 75264 ----a-w- c:\windows\system32\msscntrs.dll

2012-02-25 05:40 . 2012-02-25 05:40 666624 ----a-w- c:\windows\SysWow64\mssvp.dll

2012-02-25 05:40 . 2012-02-25 05:40 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll

2012-02-25 05:40 . 2012-02-25 05:40 591872 ----a-w- c:\windows\system32\SearchIndexer.exe

2012-02-25 05:40 . 2012-02-25 05:40 491520 ----a-w- c:\windows\system32\mssph.dll

2012-02-25 05:40 . 2012-02-25 05:40 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2012-02-25 05:40 . 2012-02-25 05:40 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe

2012-02-25 05:40 . 2012-02-25 05:40 337408 ----a-w- c:\windows\SysWow64\mssph.dll

2012-02-25 05:40 . 2012-02-25 05:40 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll

2012-02-25 05:40 . 2012-02-25 05:40 288256 ----a-w- c:\windows\system32\mssphtb.dll

2012-02-25 05:40 . 2012-02-25 05:40 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe

2012-02-25 05:40 . 2012-02-25 05:40 2315776 ----a-w- c:\windows\system32\tquery.dll

2012-02-25 05:40 . 2012-02-25 05:40 2223616 ----a-w- c:\windows\system32\mssrch.dll

2012-02-25 05:40 . 2012-02-25 05:40 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll

2012-02-25 05:40 . 2012-02-25 05:40 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe

2012-02-25 05:40 . 2012-02-25 05:40 1549312 ----a-w- c:\windows\SysWow64\tquery.dll

2012-02-25 05:40 . 2012-02-25 05:40 1401344 ----a-w- c:\windows\SysWow64\mssrch.dll

2012-02-25 05:40 . 2012-02-25 05:40 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe

2012-02-25 05:40 . 2012-02-25 05:40 976896 ----a-w- c:\windows\system32\inetcomm.dll

2012-02-25 05:40 . 2012-02-25 05:40 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS

2012-02-25 05:40 . 2012-02-25 05:40 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax

2012-02-25 05:40 . 2012-02-25 05:40 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll

2012-02-25 05:40 . 2012-02-25 05:40 723456 ----a-w- c:\windows\system32\EncDec.dll

2012-02-25 05:40 . 2012-02-25 05:40 70656 ----a-w- c:\windows\SysWow64\fontsub.dll

2012-02-25 05:40 . 2012-02-25 05:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll

2012-02-25 05:40 . 2012-02-25 05:40 613888 ----a-w- c:\windows\system32\psisdecd.dll

2012-02-25 05:40 . 2012-02-25 05:40 552960 ----a-w- c:\windows\system32\drivers\bthport.sys

2012-02-25 05:40 . 2012-02-25 05:40 534528 ----a-w- c:\windows\SysWow64\EncDec.dll

2012-02-25 05:40 . 2012-02-25 05:40 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll

2012-02-25 05:40 . 2012-02-25 05:40 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-02-25 05:40 . 2012-02-25 05:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll

2012-02-25 05:40 . 2012-02-25 05:40 404480 ----a-w- c:\windows\system32\umpnpmgr.dll

2012-02-25 05:40 . 2012-02-25 05:40 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-02-25 05:40 . 2012-02-25 05:40 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-02-25 05:40 . 2012-02-25 05:40 294912 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-02-25 05:40 . 2012-02-25 05:40 2871808 ----a-w- c:\windows\explorer.exe

2012-02-25 05:40 . 2012-02-25 05:40 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2012-02-25 05:40 . 2012-02-25 05:40 2616320 ----a-w- c:\windows\SysWow64\explorer.exe

2012-02-25 05:40 . 2012-02-25 05:40 252928 ----a-w- c:\windows\SysWow64\drvinst.exe

2012-02-25 05:40 . 2012-02-25 05:40 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2012-02-25 05:40 . 2012-02-25 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2012-02-25 05:40 . 2012-02-25 05:40 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll

2012-02-25 05:40 . 2012-02-25 05:40 1395712 ----a-w- c:\windows\system32\mfc42.dll

2012-02-25 05:40 . 2012-02-25 05:40 1359872 ----a-w- c:\windows\system32\mfc42u.dll

2012-02-25 05:40 . 2012-02-25 05:40 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll

2012-02-25 05:40 . 2012-02-25 05:40 1139200 ----a-w- c:\windows\system32\FntCache.dll

2012-02-25 05:40 . 2012-02-25 05:40 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll

2012-02-25 05:40 . 2012-02-25 05:40 108032 ----a-w- c:\windows\system32\psisrndr.ax

2012-02-25 05:40 . 2012-02-25 05:40 100864 ----a-w- c:\windows\system32\fontsub.dll

2012-02-25 05:40 . 2012-02-25 05:40 961024 ----a-w- c:\windows\system32\CPFilters.dll

2012-02-25 05:40 . 2012-02-25 05:40 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-02-25 05:40 . 2012-02-25 05:40 861696 ----a-w- c:\windows\system32\oleaut32.dll

2012-02-25 05:40 . 2012-02-25 05:40 850944 ----a-w- c:\windows\SysWow64\sbe.dll

2012-02-25 05:40 . 2012-02-25 05:40 7680 ----a-w- c:\windows\SysWow64\instnm.exe

2012-02-25 05:40 . 2012-02-25 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2012-02-25 05:40 . 2012-02-25 05:40 715776 ----a-w- c:\windows\system32\kerberos.dll

2012-02-25 05:40 . 2012-02-25 05:40 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll

2012-02-25 05:40 . 2012-02-25 05:40 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2012-02-25 05:40 . 2012-02-25 05:40 542208 ----a-w- c:\windows\SysWow64\kerberos.dll

2012-02-25 05:40 . 2012-02-25 05:40 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2012-02-25 05:40 . 2012-02-25 05:40 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-02-25 05:40 . 2012-02-25 05:40 421888 ----a-w- c:\windows\system32\KernelBase.dll

2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 362496 ----a-w- c:\windows\system32\wow64win.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-05-10_18.46.37 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-07-14 04:54 . 2012-05-10 21:06 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-05-10 18:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-05-10 21:06 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-10 18:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-10 21:06 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-10 18:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-11-21 03:09 . 2012-05-10 21:07 41036 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-05-10 21:07 41066 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2012-03-02 01:44 . 2012-05-10 21:12 98488 c:\windows\system32\perfc014.dat

- 2012-03-02 01:44 . 2012-05-10 18:45 98488 c:\windows\system32\perfc014.dat

+ 2012-03-02 01:17 . 2012-05-10 21:12 88106 c:\windows\system32\perfc00D.dat

- 2012-03-02 01:17 . 2012-05-10 18:45 88106 c:\windows\system32\perfc00D.dat

+ 2012-03-02 01:13 . 2012-05-10 21:12 97996 c:\windows\system32\perfc001.dat

- 2012-03-02 01:13 . 2012-05-10 18:45 97996 c:\windows\system32\perfc001.dat

- 2012-02-29 04:40 . 2012-05-10 16:42 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2012-02-29 04:40 . 2012-05-10 19:45 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2012-02-29 04:40 . 2012-05-10 19:45 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2012-02-29 04:40 . 2012-05-10 16:42 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-10 19:45 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-10 16:42 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-03-02 00:06 . 2012-05-10 21:07 3752 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2901076305-1060788400-636371674-1001_UserData.bin

- 2012-05-10 18:26 . 2012-05-10 18:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-05-10 21:06 . 2012-05-10 21:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-05-10 18:26 . 2012-05-10 18:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-05-10 21:06 . 2012-05-10 21:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-03-02 01:39 . 2012-05-10 18:45 674092 c:\windows\system32\perfh01D.dat

+ 2012-03-02 01:39 . 2012-05-10 21:12 674092 c:\windows\system32\perfh01D.dat

- 2012-03-02 01:46 . 2012-05-10 18:45 734876 c:\windows\system32\perfh019.dat

+ 2012-03-02 01:46 . 2012-05-10 21:12 734876 c:\windows\system32\perfh019.dat

- 2012-03-02 01:44 . 2012-05-10 18:45 504926 c:\windows\system32\perfh014.dat

+ 2012-03-02 01:44 . 2012-05-10 21:12 504926 c:\windows\system32\perfh014.dat

+ 2012-03-02 01:28 . 2012-05-10 21:12 753522 c:\windows\system32\perfh013.dat

- 2012-03-02 01:28 . 2012-05-10 18:45 753522 c:\windows\system32\perfh013.dat

+ 2012-03-02 01:36 . 2012-05-10 21:12 439728 c:\windows\system32\perfh012.dat

- 2012-03-02 01:36 . 2012-05-10 18:45 439728 c:\windows\system32\perfh012.dat

+ 2012-03-02 01:14 . 2012-05-10 21:12 750344 c:\windows\system32\perfh010.dat

- 2012-03-02 01:14 . 2012-05-10 18:45 750344 c:\windows\system32\perfh010.dat

- 2012-03-02 01:23 . 2012-05-10 18:45 693830 c:\windows\system32\perfh00E.dat

+ 2012-03-02 01:23 . 2012-05-10 21:12 693830 c:\windows\system32\perfh00E.dat

+ 2012-03-02 01:17 . 2012-05-10 21:12 403136 c:\windows\system32\perfh00D.dat

- 2012-03-02 01:17 . 2012-05-10 18:45 403136 c:\windows\system32\perfh00D.dat

- 2012-03-02 01:13 . 2012-05-10 18:45 755808 c:\windows\system32\perfh00C.dat

+ 2012-03-02 01:13 . 2012-05-10 21:12 755808 c:\windows\system32\perfh00C.dat

- 2012-03-02 01:25 . 2012-05-10 18:45 491790 c:\windows\system32\perfh00B.dat

+ 2012-03-02 01:25 . 2012-05-10 21:12 491790 c:\windows\system32\perfh00B.dat

- 2012-03-02 01:20 . 2012-05-10 18:45 755652 c:\windows\system32\perfh00A.dat

+ 2012-03-02 01:20 . 2012-05-10 21:12 755652 c:\windows\system32\perfh00A.dat

- 2009-07-14 02:36 . 2012-05-10 18:45 672700 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-05-10 21:12 672700 c:\windows\system32\perfh009.dat

+ 2012-03-02 01:41 . 2012-05-10 21:12 617028 c:\windows\system32\perfh008.dat

- 2012-03-02 01:41 . 2012-05-10 18:45 617028 c:\windows\system32\perfh008.dat

+ 2012-03-02 01:10 . 2012-05-10 21:12 707092 c:\windows\system32\perfh007.dat

- 2012-03-02 01:10 . 2012-05-10 18:45 707092 c:\windows\system32\perfh007.dat

+ 2012-03-02 01:34 . 2012-05-10 21:12 678848 c:\windows\system32\perfh005.dat

- 2012-03-02 01:34 . 2012-05-10 18:45 678848 c:\windows\system32\perfh005.dat

+ 2012-03-02 01:13 . 2012-05-10 21:12 489570 c:\windows\system32\perfh001.dat

- 2012-03-02 01:13 . 2012-05-10 18:45 489570 c:\windows\system32\perfh001.dat

+ 2012-03-02 01:39 . 2012-05-10 21:12 145680 c:\windows\system32\perfc01D.dat

- 2012-03-02 01:39 . 2012-05-10 18:45 145680 c:\windows\system32\perfc01D.dat

+ 2012-03-02 01:46 . 2012-05-10 21:12 153686 c:\windows\system32\perfc019.dat

- 2012-03-02 01:46 . 2012-05-10 18:45 153686 c:\windows\system32\perfc019.dat

+ 2012-03-02 01:28 . 2012-05-10 21:12 156122 c:\windows\system32\perfc013.dat

- 2012-03-02 01:28 . 2012-05-10 18:45 156122 c:\windows\system32\perfc013.dat

+ 2012-03-02 01:36 . 2012-05-10 21:12 123688 c:\windows\system32\perfc012.dat

- 2012-03-02 01:36 . 2012-05-10 18:45 123688 c:\windows\system32\perfc012.dat

- 2012-03-02 01:14 . 2012-05-10 18:45 149994 c:\windows\system32\perfc010.dat

+ 2012-03-02 01:14 . 2012-05-10 21:12 149994 c:\windows\system32\perfc010.dat

- 2012-03-02 01:23 . 2012-05-10 18:45 174190 c:\windows\system32\perfc00E.dat

+ 2012-03-02 01:23 . 2012-05-10 21:12 174190 c:\windows\system32\perfc00E.dat

+ 2012-03-02 01:13 . 2012-05-10 21:12 152498 c:\windows\system32\perfc00C.dat

- 2012-03-02 01:13 . 2012-05-10 18:45 152498 c:\windows\system32\perfc00C.dat

+ 2012-03-02 01:25 . 2012-05-10 21:12 104338 c:\windows\system32\perfc00B.dat

- 2012-03-02 01:25 . 2012-05-10 18:45 104338 c:\windows\system32\perfc00B.dat

+ 2012-03-02 01:20 . 2012-05-10 21:12 161530 c:\windows\system32\perfc00A.dat

- 2012-03-02 01:20 . 2012-05-10 18:45 161530 c:\windows\system32\perfc00A.dat

- 2009-07-14 02:36 . 2012-05-10 18:45 125400 c:\windows\system32\perfc009.dat

+ 2009-07-14 02:36 . 2012-05-10 21:12 125400 c:\windows\system32\perfc009.dat

- 2012-03-02 01:41 . 2012-05-10 18:45 114198 c:\windows\system32\perfc008.dat

+ 2012-03-02 01:41 . 2012-05-10 21:12 114198 c:\windows\system32\perfc008.dat

- 2012-03-02 01:10 . 2012-05-10 18:45 151988 c:\windows\system32\perfc007.dat

+ 2012-03-02 01:10 . 2012-05-10 21:12 151988 c:\windows\system32\perfc007.dat

- 2012-03-02 01:34 . 2012-05-10 18:45 144302 c:\windows\system32\perfc005.dat

+ 2012-03-02 01:34 . 2012-05-10 21:12 144302 c:\windows\system32\perfc005.dat

+ 2012-05-10 19:34 . 2012-05-10 19:34 352176 c:\windows\system32\FNTCACHE.DAT

- 2012-05-10 18:26 . 2012-05-10 18:26 352176 c:\windows\system32\FNTCACHE.DAT

- 2009-07-14 05:01 . 2012-05-10 18:25 298528 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-05-10 21:05 298528 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2012-03-01 20:08 . 2012-05-10 21:05 37816072 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2901076305-1060788400-636371674-1001-8192.dat

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]

2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\BitTorrentBar\prxtbBitT.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"googletalk"="c:\users\michaelrp\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 257696]

R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]

R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-02 129976]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240]

R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-04-23 402336]

R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [x]

R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [x]

R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS [2009-06-26 16752]

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]

S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [x]

S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x]

S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-03-21 89600]

S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2011-03-22 15296]

S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-04-13 575416]

S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-21 135440]

S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-04 2372096]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE [2011-09-22 1692480]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-10 382272]

S2 ZcfgSvc7;Intel® PROSet/Wireless ZeroConfig Service;c:\program files\Intel\WiFi\bin\ZCfgSvc7.exe [2011-11-01 994064]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x]

S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [x]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 16:39]

.

2012-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2901076305-1060788400-636371674-1001Core.job

- c:\users\michaelrp\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-29 02:50]

.

2012-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2901076305-1060788400-636371674-1001UA.job

- c:\users\michaelrp\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-29 02:50]

.

2012-03-02 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\AlienAutopsy\uaclauncher.exe [2012-02-07 23:24]

.

2012-03-02 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\AlienAutopsy\uaclauncher.exe [2012-02-07 23:24]

.

.

--------- x86-64 -----------

.

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://search.orbitdownloader.com

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201

IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204

IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202

LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\michaelrp\AppData\Roaming\Mozilla\Firefox\Profiles\5om7u5hj.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.pinoypinay.tv/videos

FF - prefs.js: network.proxy.type - 0

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2901076305-1060788400-636371674-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BFCF35CD-3309-B6C8-8B8B-B688139B5834}*]

"jbdbldihdmojaplakaihnknfbimmhlaikjgofmjfamgknenllcll"=hex:68,61,68,64,66,6e,

66,68,63,67,6b,6c,6c,6c,63,65,00,00

"dbdbldihdmojaplakaihlkicbmlakhahmgghicpm"=hex:62,61,6f,70,00,00

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-05-10 14:36:38

ComboFix-quarantined-files.txt 2012-05-10 21:36

ComboFix2.txt 2012-05-10 18:48

.

Pre-Run: 125,811,314,688 bytes free

Post-Run: 125,556,989,952 bytes free

.

- - End Of File - - 8517F4BE3642ECBCE4A5C31EE9BA59BA

Link to post
Share on other sites

Hello and welcome to Malwarebytes

If you think you are infected, here are the steps needed to get your computer cleaned....

Please read the following so that you can begin the cleaning process:

IMPORTANT: Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:

  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support

OPTION 1

As we don't deal with malware removal in the General Malwarebytes' Anti-Malware Forum, you need to start a topic in the

Malware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have.

  • Please read and follow the directions >>Right HERE<<, skipping any steps you are unable to complete.
  • After posting your new post, make sure under options, you select Track this topic and choose Immediate Email Notification,
    so that you're alerted when someone has replied to your post.

NOTE: Please do not post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies.

If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

  • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
    Or
  • You may send a Private Message to a Moderator asking for assistance.

OPTION 2

Alternatively, as a paying customer, you can contact the help desk by filling out the form located >>Right HERE<<

OPTION 3

If you would like to use our Malwarebytes Premium Services, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our Malwarebytes Premium Services support site --> >>Right HERE<<

Please be patient, someone will assist you as soon as possible.

PS: Please use the "Reply to this topic" oeXUf.png button not the Reply button when you start replying.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.