Jump to content

Recommended Posts

I recently had a bunch of threats blocked from AVG, and a few backdoor trojans removed. Now Ping.exe is running at 100% and messing with my internet connection. My browsers keep changing to connect to a proxy server. I ran more scans from AVG and MBAM and nothing was found. How do I get rid of this? Thanks.

Here's my hijackthis log.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 4:31:14 AM, on 10/22/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\ProgramData\TVersity\Media Server\berkelium.exe

C:\Users\Kristin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Users\Kristin\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54606

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AdblockIE - {90EFF544-3981-4d46-85C9-C0361D0931D6} - mscoree.dll (file missing)

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Adblock Pro - {F385C231-605B-4d8f-ACA9-DBFF765BBE17} - C:\Program Files (x86)\Adblock Pro\AdblockPro.dll

O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [adblock pro] C:\Program Files (x86)\Adblock Pro\abpmain.exe -m

O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=SUFOUEctN1NBSVItTlVRVTItQTRFRkItSFBZU04tVg"&"inst=NzYtOTMxNDk3NDAxLUNJQTEwKzItU1AxKzEtVFVHKzMtQ0lQKzItU1AxUzMrMS1TVUQrMS1TMUkrMS1TVTMrMS1ERFQrMC1GSSsxLUZMMTArMS1ERDEwRisxLVNUMTBGQVBQKzEtTDEwTSsxLUYxME0xMkFOKzMtRjEwTTEyQSsxLUYxME0xMkFCKzEtVTEwKzEtU1QxMkZPSSsxLUYxME0xMkFVKzEtU1QxMkFQUCsxLVNUVDEwTTEyQVVGKzEtRVVMQSsx"&"prod=94"&"ver=2012.0.1809"&"mid=9415b7c96b2d47d6807fd16f2a9cc473-ac0f05dcb5a0e4976fe47cc19638a672c755121b

O4 - HKCU\..\Run: [MusicManager] "C:\Users\Kristin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')

O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files (x86)\Adblock Pro\blockimg.html

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

O9 - Extra button: Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files (x86)\Adblock Pro\AdblockPro.dll

O9 - Extra 'Tools' menuitem: Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files (x86)\Adblock Pro\AdblockPro.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Brother BRAdminPro Scheduler (BRA_Scheduler) - Unknown owner - C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: lxdu_device - - C:\windows\system32\lxducoms.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Spybot S&D 2 Live Protection Service (SDHookService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12350 bytes

Here's my Combofix log.

ComboFix 11-10-21.06 - Kristin 10/22/2011 12:58:22.1.1 - x64 MINIMAL

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1916.1432 [GMT -5:00]

Running from: c:\users\Kristin\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Spybot - Search & Destroy *Enabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\consrv.dll

c:\windows\system32\Thumbs.db

c:\windows\System64

.

.

((((((((((((((((((((((((( Files Created from 2011-09-22 to 2011-10-22 )))))))))))))))))))))))))))))))

.

.

2011-10-22 18:22 . 2011-10-22 18:22 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5C3067E4-A4C1-4012-A2E3-24E60048466E}\offreg.dll

2011-10-22 18:22 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5C3067E4-A4C1-4012-A2E3-24E60048466E}\mpengine.dll

2011-10-22 18:10 . 2011-10-22 18:10 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{09474B80-0663-4853-8FDF-6E6E97DDE69B}\offreg.dll

2011-10-22 18:06 . 2011-10-22 18:06 -------- d-----w- c:\users\iPhone\AppData\Local\temp

2011-10-22 18:06 . 2011-10-22 18:06 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-10-22 03:39 . 2011-10-22 09:16 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE

2011-10-22 01:41 . 2011-10-22 01:41 -------- d-----w- c:\users\Kristin\AppData\Roaming\BiivvD33on

2011-10-22 01:41 . 2011-10-22 01:41 -------- d-----w- c:\users\Kristin\AppData\Roaming\qcADoFm5Q

2011-10-22 01:41 . 2011-10-22 01:41 -------- d-----w- c:\users\Kristin\AppData\Roaming\j111ibbD3on4am6

2011-10-22 01:41 . 2011-10-22 01:41 -------- d-----w- c:\users\Kristin\AppData\Roaming\CkkkIIVOSaTxucb

2011-10-22 01:41 . 2011-10-22 01:41 -------- d-----w- c:\users\Kristin\AppData\Roaming\pjjUCekkIBzONxA

2011-10-22 01:40 . 2011-10-22 01:40 -------- d-----w- c:\users\Kristin\AppData\Roaming\WwUeIrNx3m5Jd8R

2011-10-22 01:40 . 2011-10-22 01:40 -------- d-----w- c:\users\Kristin\AppData\Roaming\hOOONyyxA0uS2bF

2011-10-22 01:40 . 2011-10-22 01:40 -------- d-----w- c:\users\Kristin\AppData\Roaming\q2bpGKhXjeIrxuS

2011-10-22 01:40 . 2011-10-22 01:40 -------- d-----w- c:\users\Kristin\AppData\Roaming\xppmmG55sQJdE8f

2011-10-22 01:40 . 2011-10-22 01:40 -------- d-----w- c:\users\Kristin\AppData\Roaming\hD3nas7LRhkB0c1

2011-10-22 01:40 . 2011-10-22 01:40 -------- d-----w- c:\users\Kristin\AppData\Roaming\qGGG4aamH6sJ

2011-10-22 01:39 . 2011-10-22 01:39 -------- d-----w- c:\users\Kristin\AppData\Roaming\EfLqklB0c1DoFm5

2011-10-22 01:39 . 2011-10-22 01:39 -------- d-----w- c:\users\Kristin\AppData\Roaming\CNNNtxP0ucSib3o

2011-10-22 01:39 . 2011-10-22 01:39 -------- d-----w- c:\users\Kristin\AppData\Roaming\atPyAv2np5JdKR9

2011-10-22 01:39 . 2011-10-22 01:39 -------- d-----w- c:\users\Kristin\AppData\Roaming\V44aamH5sWJ7dLg

2011-10-22 01:39 . 2011-10-22 01:39 -------- d-----w- c:\users\Kristin\AppData\Roaming\l6E8RhXje

2011-10-22 01:39 . 2011-10-22 01:39 -------- d-----w- c:\users\Kristin\AppData\Roaming\BjeItNcA1uvDob4

2011-10-22 01:38 . 2011-10-22 01:38 -------- d-----w- c:\users\Kristin\AppData\Roaming\xfZhwClBzy1voF

2011-10-22 01:38 . 2011-10-22 01:38 -------- d-----w- c:\users\Kristin\AppData\Roaming\v44ppmGG5sJ6d8R

2011-10-22 01:38 . 2011-10-22 01:38 -------- d-----w- c:\users\Kristin\AppData\Roaming\vCkVz0Sb3GaHWEg

2011-10-22 01:38 . 2011-10-22 01:38 -------- d-----w- c:\users\Kristin\AppData\Roaming\A66ddWKK8fL9

2011-10-22 01:38 . 2011-10-22 01:38 -------- d-----w- c:\users\Kristin\AppData\Roaming\vGaHdKR9XY

2011-10-22 01:38 . 2011-10-22 01:38 -------- d-----w- c:\users\Kristin\AppData\Roaming\SeekkIBrrz

2011-10-22 01:37 . 2011-10-22 01:37 -------- d-----w- c:\users\Kristin\AppData\Roaming\Z3p5Q6W7LgXYeOt

2011-10-22 01:37 . 2011-10-22 01:37 -------- d-----w- c:\users\Kristin\AppData\Roaming\aJJJ6ddWK8fL9Tq

2011-10-22 01:37 . 2011-10-22 01:37 -------- d-----w- c:\users\Kristin\AppData\Roaming\dQKR9XjCIzy0v23

2011-10-22 01:37 . 2011-10-22 01:37 -------- d-----w- c:\users\Kristin\AppData\Roaming\givvD22onF4mHs

2011-10-22 01:37 . 2011-10-22 01:37 -------- d-----w- c:\users\Kristin\AppData\Roaming\LOBxySiDmsJEgqX

2011-10-22 01:37 . 2011-10-22 01:37 -------- d-----w- c:\users\Kristin\AppData\Roaming\T88ggTTZqhYwkVr

2011-10-22 01:36 . 2011-10-22 01:36 -------- d-----w- c:\users\Kristin\AppData\Roaming\u5QdKR9YjVlBPyA

2011-10-22 01:36 . 2011-10-22 01:36 -------- d-----w- c:\users\Kristin\AppData\Roaming\qBBttzP0ycAiv2o

2011-10-22 01:36 . 2011-10-22 01:36 -------- d-----w- c:\users\Kristin\AppData\Roaming\HcAuDFpGJE8RhXj

2011-10-22 01:36 . 2011-10-22 01:36 -------- d-----w- c:\users\Kristin\AppData\Roaming\Y99hTTXwjU

2011-10-22 01:36 . 2011-10-22 01:36 -------- d-----w- c:\users\Kristin\AppData\Roaming\v8R9XjVltPy1voF

2011-10-22 01:36 . 2011-10-22 01:36 -------- d-----w- c:\users\Kristin\AppData\Roaming\PppmmH55sJ7dK8R

2011-10-22 01:35 . 2011-10-22 01:35 -------- d-----w- c:\users\Kristin\AppData\Roaming\jwjeIrNx1S

2011-10-22 01:35 . 2011-10-22 01:35 -------- d-----w- c:\users\Kristin\AppData\Roaming\HZ999hTXwjUelIr

2011-10-22 01:35 . 2011-10-22 01:35 -------- d-----w- c:\users\Kristin\AppData\Roaming\Ap56fwIN1aWLqkz

2011-10-22 01:35 . 2011-10-22 01:35 -------- d-----w- c:\users\Kristin\AppData\Roaming\JccAA1uuvD2b

2011-10-22 01:35 . 2011-10-22 01:35 -------- d-----w- c:\users\Kristin\AppData\Roaming\lXqUkBNAu2b3naH

2011-10-22 01:35 . 2011-10-22 01:35 -------- d-----w- c:\users\Kristin\AppData\Roaming\AuuvvS22ob3p

2011-10-22 01:34 . 2011-10-22 01:34 -------- d-----w- c:\users\Kristin\AppData\Roaming\xoFsLqUt025dUG

2011-10-22 01:34 . 2011-10-22 01:34 -------- d-----w- c:\users\Kristin\AppData\Roaming\yyyycSSD3onF4m5

2011-10-22 01:34 . 2011-10-22 01:34 -------- d-----w- c:\users\Kristin\AppData\Roaming\rycuDo4m5

2011-10-22 01:34 . 2011-10-22 01:34 -------- d-----w- c:\users\Kristin\AppData\Roaming\VIIIBttzPNyA1uD

2011-10-22 01:34 . 2011-10-22 01:34 -------- d-----w- c:\users\Kristin\AppData\Roaming\RS2bpGQ6KR9

2011-10-22 01:34 . 2011-10-22 01:34 -------- d-----w- c:\users\Kristin\AppData\Roaming\nhTTXwjjUClI

2011-10-22 01:33 . 2011-10-22 01:33 -------- d-----w- c:\users\Kristin\AppData\Roaming\ZkVOt0c2bp4Q6K7

2011-10-22 01:33 . 2011-10-22 01:33 -------- d-----w- c:\users\Kristin\AppData\Roaming\JL99gTqjY

2011-10-22 01:33 . 2011-10-22 01:33 -------- d-----w- c:\users\Kristin\AppData\Roaming\uK8ZTjClzyAvp56

2011-10-22 01:33 . 2011-10-22 01:33 -------- d-----w- c:\users\Kristin\AppData\Roaming\ss6EK8fRZ9hTwjC

2011-10-22 01:33 . 2011-10-22 01:33 -------- d-----w- c:\users\Kristin\AppData\Roaming\CwUltPci2np

2011-10-22 01:33 . 2011-10-22 01:33 -------- d-----w- c:\users\Kristin\AppData\Roaming\asQQJ77d8gRhYwU

2011-10-22 01:32 . 2011-10-22 01:32 -------- d-----w- c:\users\Kristin\AppData\Roaming\HuucciDpn4aQ6sK

2011-10-22 01:32 . 2011-10-22 01:32 -------- d-----w- c:\users\Kristin\AppData\Roaming\kUCCByxAAuv2iFp

2011-10-22 01:32 . 2011-10-22 01:32 -------- d-----w- c:\program files (x86)\5DB8A

2011-10-22 01:32 . 2011-10-22 01:32 -------- d-----w- c:\users\Kristin\AppData\Roaming\cjeOv356f9XjeIN

2011-10-22 01:31 . 2011-10-22 01:31 -------- d-----w- c:\users\Kristin\AppData\Roaming\NRRLL9hTXqjUCkz

2011-10-22 01:31 . 2011-10-22 06:34 -------- d-----w- c:\users\Kristin\AppData\Roaming\D4B5D

2011-10-22 01:31 . 2011-10-22 01:31 -------- d-----w- c:\program files (x86)\LP

2011-10-22 00:42 . 2011-10-22 00:42 -------- d-----w- c:\users\Kristin\AppData\Local\Macroplant

2011-10-21 17:25 . 2011-10-07 04:16 8570192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{09474B80-0663-4853-8FDF-6E6E97DDE69B}\mpengine.dll

2011-10-20 09:56 . 2011-10-22 08:54 -------- d-----r- c:\users\Kristin\Dropbox

2011-10-20 09:54 . 2011-10-22 08:55 -------- d-----w- c:\users\Kristin\AppData\Roaming\Dropbox

2011-10-20 09:37 . 2011-10-22 03:34 -------- d-----w- c:\program files (x86)\Unlocker

2011-10-18 01:06 . 2011-10-18 01:06 -------- d-----w- c:\programdata\AVS4YOU

2011-10-18 01:04 . 2010-05-25 19:40 774144 ----a-w- c:\windows\SysWow64\htmlayout.dll

2011-10-18 01:04 . 2011-10-18 04:03 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia

2011-10-18 01:04 . 2010-07-21 19:32 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll

2011-10-18 01:04 . 2010-07-21 19:31 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll

2011-10-18 01:04 . 2011-10-18 04:04 -------- d-----w- c:\program files (x86)\AVS4YOU

2011-10-17 08:19 . 2011-10-17 08:19 -------- d-----w- c:\users\Kristin\AppData\Roaming\Youtube Downloader HD

2011-10-16 02:31 . 2011-10-16 02:31 -------- d-----w- c:\users\iPhone\AppData\Roaming\Youtube Downloader HD

2011-10-16 02:22 . 2011-10-22 03:35 -------- d--h--w- c:\program files (x86)\InstallJammer Registry

2011-10-14 08:37 . 2011-10-14 08:38 -------- d-----w- c:\program files (x86)\Safari

2011-10-12 21:11 . 2011-10-17 04:06 -------- d-----w- c:\users\iPhone\AppData\Roaming\uTorrent

2011-10-12 21:11 . 2011-10-12 21:11 -------- d-----w- c:\users\iPhone\AppData\Local\uTorrent

2011-10-12 10:19 . 2011-10-12 10:19 -------- d-----w- c:\windows\system32\Macromed

2011-10-12 05:01 . 2011-10-12 05:09 -------- d-----w- c:\users\iPhone\AppData\Local\Microsoft Games

2011-10-12 01:09 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys

2011-10-12 01:09 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-12 01:09 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-12 01:09 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll

2011-10-12 01:09 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax

2011-10-12 01:09 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll

2011-10-12 01:09 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-12 01:09 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2011-10-12 01:09 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll

2011-10-11 19:09 . 2011-10-11 19:09 -------- d-----w- c:\program files\iPod

2011-10-11 19:09 . 2011-10-11 19:10 -------- d-----w- c:\program files\iTunes

2011-10-11 19:09 . 2011-10-11 19:10 -------- d-----w- c:\program files (x86)\iTunes

2011-10-11 19:04 . 2011-10-11 19:04 -------- d-----w- c:\program files\Bonjour

2011-10-11 19:04 . 2011-10-11 19:04 -------- d-----w- c:\program files (x86)\Bonjour

2011-10-11 17:59 . 2011-10-04 09:42 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2011-10-11 17:59 . 2011-10-11 17:58 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B5BB67F-0443-478C-A1EC-5CD0DBFBF94A}\gapaengine.dll

2011-10-08 00:15 . 2011-10-08 00:15 -------- d-----w- c:\program files (x86)\Adblock Pro

2011-10-06 06:23 . 2011-10-06 06:23 -------- d-----w- C:\adobeTemp

2011-10-06 06:22 . 2011-10-06 06:27 -------- d-----w- c:\program files\Common Files\Adobe

2011-10-04 20:03 . 2011-10-07 04:16 8570192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-10-04 09:36 . 2011-10-04 09:36 -------- d-----w- c:\program files (x86)\Microsoft Security Client

2011-10-04 09:35 . 2011-10-04 09:36 -------- d-----w- c:\program files\Microsoft Security Client

2011-10-04 09:06 . 2011-10-04 09:06 -------- d-----w- c:\program files (x86)\AAC to MP3 Converter

2011-10-03 17:35 . 2011-10-03 17:35 -------- d-----w- c:\program files (x86)\InteractBooks

2011-09-26 12:15 . 2011-09-26 12:16 -------- d-----w- c:\program files (x86)\AVG Secure Search

2011-09-26 12:15 . 2011-09-26 12:15 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2011-09-26 12:15 . 2011-09-26 12:15 -------- d-----w- c:\windows\SysWow64\drivers\AVG

2011-09-26 09:33 . 2011-09-26 09:33 -------- d-----w- c:\program files (x86)\TVersity Codec Pack

2011-09-26 09:32 . 2011-09-26 09:32 -------- d-----w- c:\programdata\TVersity

2011-09-26 09:02 . 2011-09-26 09:25 -------- d-----w- c:\users\Kristin\AppData\Local\Nero

2011-09-25 15:03 . 2011-09-25 15:03 -------- d-----w- c:\users\Kristin\AppData\Roaming\AVG2012

2011-09-25 15:03 . 2011-09-25 15:03 -------- d-----w- c:\users\iPhone\AppData\Roaming\AVG2012

2011-09-25 15:02 . 2011-09-26 12:18 -------- d-----w- c:\programdata\AVG2012

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-16 18:50 . 2011-06-19 06:36 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-09-22 02:37 . 2011-09-22 02:36 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-09-13 11:30 . 2011-09-13 11:30 37456 ----a-w- c:\windows\system32\drivers\avgrkx64.sys

2011-08-31 22:00 . 2011-06-26 06:02 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-31 04:05 . 2011-08-31 04:05 96104 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-31 04:05 . 2011-08-31 04:05 85864 ----a-w- c:\windows\system32\dnssd.dll

2011-08-31 04:05 . 2011-08-31 04:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll

2011-08-31 04:05 . 2011-08-31 04:05 212840 ----a-w- c:\windows\system32\dnssdX.dll

2011-08-31 04:05 . 2011-08-31 04:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe

2011-08-31 04:05 . 2011-08-31 04:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll

2011-08-31 04:05 . 2011-08-31 04:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll

2011-08-31 04:05 . 2011-08-31 04:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll

2011-08-29 08:00 . 2011-09-12 09:55 74752 ----a-w- c:\windows\SysWow64\ff_vfw.dll

2011-08-20 16:30 . 2011-08-20 16:30 20 ----a-w- c:\windows\system32\WVC1DMOD.DLL

2011-08-08 11:08 . 2011-08-08 11:08 46672 ----a-w- c:\windows\system32\drivers\avgmfx64.sys

2009-02-13 16:02 . 2009-02-13 16:02 80896 ----a-w- c:\program files\devcon_amd64.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

Supplementary scan did not complete!

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-3703056132-3205361447-3472650107-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="SafariDownload"

.

[HKEY_USERS\S-1-5-21-3703056132-3205361447-3472650107-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]

@Denied: (2) (S-1-5-21-3703056132-3205361447-3472650107-1000)

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-3703056132-3205361447-3472650107-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]

@Denied: (2) (S-1-5-21-3703056132-3205361447-3472650107-1000)

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-3703056132-3205361447-3472650107-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="SafariExtension"

.

[HKEY_USERS\S-1-5-21-3703056132-3205361447-3472650107-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]

@Denied: (2) (S-1-5-21-3703056132-3205361447-3472650107-1000)

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-3703056132-3205361447-3472650107-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="SafariHTML"

.

[HKEY_USERS\S-1-5-21-3703056132-3205361447-3472650107-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="SafariHTML"

.

[HKEY_USERS\S-1-5-21-3703056132-3205361447-3472650107-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]

@Denied: (2) (S-1-5-21-3703056132-3205361447-3472650107-1000)

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-3703056132-3205361447-3472650107-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]

@Denied: (2) (S-1-5-21-3703056132-3205361447-3472650107-1000)

@Denied: (2) (LocalSystem)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-3703056132-3205361447-3472650107-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="SafariHTML"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe

c:\program files (x86)\Brother\BRAdmin Professional 3\bratimer.exe

c:\program files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe

c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

c:\programdata\TVersity\Media Server\MediaServer.exe

c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe

c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe

c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

c:\programdata\TVersity\Media Server\berkelium.exe

c:\program files (x86)\Nero\Update\NASvc.exe

c:\program files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

c:\users\Kristin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

.

**************************************************************************

.

Completion time: 2011-10-22 13:29:44 - machine was rebooted

ComboFix-quarantined-files.txt 2011-10-22 18:29

.

Pre-Run: 106,060,009,472 bytes free

Post-Run: 106,993,500,160 bytes free

.

- - End Of File - - 4D1F39FA37AE52F0B29DCB16E5BFA288

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

I notice that you are using more than one antivirus program (AVG and Microsoft). This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you go to Start -> Control Panel -> Add or Remove Programs and uninstall all but one antivirus program.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.