Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: 1 2 3 [4]  All   Go Down

Author Topic: Please help, being hijacked while web surfing...  (Read 31503 times)

0 Members and 1 Guest are viewing this topic.

jwfilion

    Topic Starter


    Intermediate

    Re: Please help, being hijacked while web surfing...
    « Reply #45 on: October 14, 2010, 05:20:34 PM »
    Hey, I'm starting to get the hang of this computer stuff. I was able to disable StopZilla at startup and tried the ComboFix again. It ran the very first time! This is the log it produced...


    ComboFix 10-10-12.03 - Wayne 10/14/2010  17:38:26.4.1 - x86
    Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.2031.1262 [GMT -5:00]
    Running from: c:\documents and settings\Wayne\Desktop\ComboFix.exe
    Command switches used :: c:\documents and settings\Wayne\Desktop\CFScript.txt
    AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: PC Tools Firewall Plus *disabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
    .

    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\TEMP\q6m3suwq.vbt
    .
    ---- Previous Run -------
    .
    c:\windows\system32\ccrpTmr6.dll

    .
    (((((((((((((((((((((((((   Files Created from 2010-09-14 to 2010-10-14  )))))))))))))))))))))))))))))))
    .

    2010-10-10 19:10 . 2010-10-10 20:26   --------   d-----w-   c:\documents and settings\Wayne\Local Settings\Application Data\Temp
    2010-10-07 00:41 . 2010-10-07 00:41   --------   d-----w-   c:\program files\7-Zip
    2010-10-05 18:22 . 2010-10-05 18:22   --------   d-----w-   c:\documents and settings\Wayne\Application Data\Foxit Software
    2010-09-29 19:13 . 2010-10-14 22:17   --------   d-----w-   c:\program files\Mozilla Thunderbird
    2010-09-26 20:50 . 2010-09-26 20:51   --------   d-----w-   c:\documents and settings\Wayne\Application Data\PCToolsFirewallPlus
    2010-09-26 20:46 . 2009-11-23 18:54   88040   ----a-w-   c:\windows\system32\drivers\PCTAppEvent.sys
    2010-09-26 20:46 . 2009-11-09 16:20   207792   ----a-w-   c:\windows\system32\drivers\PCTCore.sys
    2010-09-26 20:45 . 2010-01-07 17:40   233136   ----a-w-   c:\windows\system32\drivers\pctgntdi.sys
    2010-09-26 20:44 . 2010-09-26 20:46   --------   d-----w-   c:\program files\Common Files\PC Tools
    2010-09-26 20:44 . 2010-01-12 14:34   70664   ----a-w-   c:\windows\system32\drivers\pctNdis-PacketFilter.sys
    2010-09-26 20:44 . 2010-01-07 16:35   58816   ----a-w-   c:\windows\system32\drivers\pctNdis.sys
    2010-09-26 20:44 . 2010-01-07 16:35   32680   ----a-w-   c:\windows\system32\drivers\pctNdis-DNS.sys
    2010-09-26 20:44 . 2010-01-13 13:59   115216   ----a-w-   c:\windows\system32\drivers\pctplfw.sys
    2010-09-26 20:44 . 2010-09-28 03:24   --------   d-----w-   c:\program files\PC Tools Firewall Plus
    2010-09-26 09:53 . 2010-09-26 09:54   --------   d-----w-   c:\program files\CCleaner
    2010-09-25 15:42 . 2010-09-25 15:42   --------   d-----w-   c:\program files\STOPzilla!
    2010-09-25 15:42 . 2010-10-14 22:55   --------   d-----w-   c:\documents and settings\All Users\Application Data\STOPzilla!
    2010-09-25 15:42 . 2010-09-25 15:42   --------   d-----w-   c:\program files\Common Files\iS3
    2010-09-25 05:00 . 2010-09-25 05:00   --------   d-----w-   C:\671feffc3b70b88a397bd6f620fbac40
    2010-09-24 16:25 . 2010-09-25 19:46   --------   d-----w-   c:\program files\UnHackMe
    2010-09-24 15:57 . 2010-09-24 16:26   2   --shatr-   c:\windows\winstart.bat
    2010-09-24 01:33 . 2010-09-24 01:33   12872   ----a-w-   c:\windows\system32\bootdelete.exe
    2010-09-24 01:26 . 2010-10-12 00:34   16968   ----a-w-   c:\windows\system32\drivers\hitmanpro35.sys
    2010-09-24 01:23 . 2010-09-24 01:33   --------   d-----w-   c:\documents and settings\All Users\Application Data\Hitman Pro
    2010-09-24 01:23 . 2010-09-24 01:23   --------   d-----w-   c:\program files\Hitman Pro 3.5
    2010-09-21 06:28 . 2010-10-07 22:26   --------   d-----w-   c:\program files\ESET
    2010-09-20 23:08 . 2010-09-20 23:08   546256   ----a-r-   c:\windows\system32\SZComp5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   22992   ----a-r-   c:\windows\system32\SZIO5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   132560   ----a-r-   c:\windows\system32\IS3HTUI5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   99792   ----a-r-   c:\windows\system32\IS3Svc5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   67024   ----a-r-   c:\windows\system32\IS3Hks5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   452048   ----a-r-   c:\windows\system32\SZBase5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   398800   ----a-r-   c:\windows\system32\IS3DBA5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   28624   ----a-r-   c:\windows\system32\IS3XDat5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   99792   ----a-r-   c:\windows\system32\IS3Inet5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   738768   ----a-r-   c:\windows\system32\IS3Base5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   390608   ----a-r-   c:\windows\system32\IS3UI5.dll
    2010-09-20 23:08 . 2010-09-20 23:08   230864   ----a-r-   c:\windows\system32\IS3Win325.dll
    2010-09-16 00:51 . 2010-09-16 00:51   --------   d-----w-   c:\program files\WinPcap

    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-12-21 19:43 . 2008-09-06 19:16   67688   ----a-w-   c:\program files\mozilla firefox\components\jar50.dll
    2008-12-21 19:43 . 2008-09-06 19:16   54368   ----a-w-   c:\program files\mozilla firefox\components\jsd3250.dll
    2008-12-21 19:43 . 2008-09-06 19:16   34944   ----a-w-   c:\program files\mozilla firefox\components\myspell.dll
    2008-12-21 19:43 . 2008-09-06 19:16   46712   ----a-w-   c:\program files\mozilla firefox\components\spellchk.dll
    2008-12-21 19:43 . 2008-09-06 19:16   172136   ----a-w-   c:\program files\mozilla firefox\components\xpinstal.dll
    .

    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Google Update"="c:\documents and settings\Wayne\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-10-10 136176]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-10-11 2424560]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
    "VTPreset"="VTPreset.exe" [2004-02-25 45056]
    "BtcMaestro"="c:\program files\KMaestro\KMaestro.exe" [2004-05-05 237568]
    "EssSpkPhone"="essspk.exe" [2002-05-31 167936]
    "basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
    "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-10-04 2067808]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
    "OneTouch Monitor"="c:\program files\Visioneer OneTouch\OneTouchMon.exe" [2002-05-20 86016]
    "CXMon"="c:\program files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe" [2001-08-09 45056]
    "00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2010-01-12 3168216]

    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-11-19 805392]
    Sonic CinePlayer Quick Launch.lnk - c:\program files\Common Files\Sonic Shared\CineTray.exe [2006-7-25 114688]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2009-10-08 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
    2010-07-19 00:47   12536   ----a-w-   c:\windows\system32\avgrsstx.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
    2008-05-02 08:42   72208   ----a-w-   c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Cloudmark SpamNet for OE.lnk]
    backup=c:\windows\pss\Cloudmark SpamNet for OE.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^dpcstart.lnk]
    backup=c:\windows\pss\dpcstart.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^Wayne^Start Menu^Programs^Startup^ClickTray Calendar.lnk]
    backup=c:\windows\pss\ClickTray Calendar.lnkStartup

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
    "c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\RpcAgentSrv.exe"=
    "c:\\WINDOWS\\system32\\mmc.exe"=
    "c:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"=
    "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\WNt500x86\\RpcSandraSrv.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
    "AllowInboundEchoRequest"= 1 (0x1)

    R0 szkg5;szkg5;c:\windows\system32\drivers\SZKG.sys [12/7/2009 5:59 PM 61328]
    R0 szkgfs;szkgfs;c:\windows\system32\drivers\SZKGFS.sys [5/12/2010 6:01 PM 59280]
    R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/27/2008 11:57 PM 216400]
    R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/27/2008 11:57 PM 243024]
    R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [9/26/2010 3:45 PM 233136]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/29/2008 4:03 PM 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/29/2008 4:03 PM 67656]
    R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [7/18/2010 7:46 PM 921440]
    R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7/18/2010 7:47 PM 308136]
    R2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [5/29/2010 8:14 PM 20072]
    R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [9/26/2010 3:46 PM 88040]
    R2 SnapTHN;SnapTHN;c:\windows\system32\drivers\SNAPTHN.SYS [2/23/1998 5:56 PM 31104]
    R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [9/26/2010 3:44 PM 70664]
    R3 pctNDIS;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [9/26/2010 3:44 PM 58816]
    R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [9/26/2010 3:44 PM 115216]
    S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [12/7/2009 5:59 PM 61328]
    S3 Dual Mode;Dual Mode Video Capture;c:\windows\system32\DRIVERS\CoachVc.sys --> c:\windows\system32\DRIVERS\CoachVc.sys [?]
    S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11/6/2007 3:22 PM 34064]
    S3 nuvaudio;Hauppauge WinTV USB Pro Audio Service;c:\windows\system32\DRIVERS\nuvaudio.sys --> c:\windows\system32\DRIVERS\nuvaudio.sys [?]
    S3 NuVision;Hauppauge WinTV USB Live Pro;c:\windows\system32\drivers\Nuvision.sys [12/19/2002 3:56 PM 260144]
    S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/16/2006 4:51 PM 12872]
    S3 USBNDIS;%USBNDIS.Service.DispName%;c:\windows\system32\DRIVERS\usbndis.sys --> c:\windows\system32\DRIVERS\usbndis.sys [?]
    S4 DPCUSB;Satellite Receiver USB Driver;c:\windows\system32\Drivers\DPCUSB.sys --> c:\windows\system32\Drivers\DPCUSB.sys [?]
    .
    Contents of the 'Scheduled Tasks' folder

    2010-10-12 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

    2010-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3025990876-1698683601-3399203189-1006Core.job
    - c:\documents and settings\Wayne\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-10 19:10]

    2010-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3025990876-1698683601-3399203189-1006UA.job
    - c:\documents and settings\Wayne\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-10 19:10]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.canoe.ca/
    uInternet Settings,ProxyOverride = <local>
    uInternet Settings,ProxyServer = http=localhost:8080
    IE: Refresh Pa&ge with Full Quality - c:\program files\MTS Accelerator\pac-page.html
    IE: Refresh Pi&cture with Full Quality - c:\program files\MTS Accelerator\pac-image.html
    DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    FF - ProfilePath - c:\documents and settings\Wayne\Application Data\Mozilla\Firefox\Profiles\d1lib2qr.default\
    FF - prefs.js: browser.startup.homepage - hxxp://en.canoe.ca/home.html
    FF - prefs.js: keyword.URL - hxxp://www.veerboo.com/results.php?q=
    FF - component: c:\documents and settings\Wayne\Application Data\Mozilla\Firefox\Profiles\d1lib2qr.default\extensions\[email protected]\components\PACMozComponent.dll
    FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
    .
    - - - - ORPHANS REMOVED - - - -

    Notify-TPSvc - TPSvc.dll
    AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
    AddRemove-{E1E502E2-C006-49DB-9C0C-F2196E51826F}_is1 - c:\documents and settings\Wayne\Desktop\RkU3.8.388.590\MustBeRandomlyNamed\unins000.exe


    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8F7EC739-D5DE-8DF0-851B2E09AF27478A}\{9DB8FF8F-3E0D-CA6E-8233451919EA27FD}\{89229253-B827-099C-CFFB852028D69EA1}*]
    "WE6X3HNHJXRI2CPMH2OUMP32VF1"=hex:01,00,01,00,00,00,00,00,6d,db,9e,e2,89,b8,a5,
       65,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(700)
    c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
    c:\program files\common files\logishrd\bluetooth\LBTServ.dll

    - - - - - - - > 'explorer.exe'(3396)
    c:\windows\system32\WININET.dll
    c:\program files\Logitech\SetPoint\lgscroll.dll
    c:\windows\system32\ieframe.dll
    c:\program files\KMaestro\HidKeybd.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Common Files\iS3\Anti-Spyware\SZServer.exe
    c:\program files\AVG\AVG9\avgchsvx.exe
    c:\program files\AVG\AVG9\avgrsx.exe
    c:\program files\AVG\AVG9\avgcsrvx.exe
    c:\program files\Seagate\Basics\Service\SyncServicesBasics.exe
    c:\program files\PC Tools Firewall Plus\FWService.exe
    c:\windows\System32\locator.exe
    c:\program files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
    c:\program files\AVG\AVG9\avgnsx.exe
    c:\program files\AVG\AVG9\avgcsrvx.exe
    c:\windows\system32\wscntfy.exe
    c:\windows\essspk.exe
    c:\documents and settings\Wayne\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe
    c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    c:\program files\STOPzilla!\STOPzilla.exe
    .
    **************************************************************************
    .
    Completion time: 2010-10-14  18:09:12 - machine was rebooted
    ComboFix-quarantined-files.txt  2010-10-14 23:08

    Pre-Run: 275,573,174,272 bytes free
    Post-Run: 275,562,561,536 bytes free

    - - End Of File - - DB88A25472011ED62CAB7C60CB122CBB
    Logged

    jwfilion

      Topic Starter


      Intermediate

      Re: Please help, being hijacked while web surfing...
      « Reply #46 on: October 14, 2010, 11:16:27 PM »
      Jacked again. Ran the OTL scan (Minimal Output, LOP & Purity checked)

      OTL logfile created on: 10/14/2010 10:15:19 PM - Run 9
      OTL by OldTimer - Version 3.2.15.1     Folder = C:\Documents and Settings\Wayne\Desktop
      Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 7.0.5730.11)
      Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
       
      2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
      2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
      Paging file location(s): C:\pagefile.sys 360 720 [binary data]
       
      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
      Drive C: | 298.09 Gb Total Space | 256.63 Gb Free Space | 86.09% Space Free | Partition Type: NTFS
       
      Computer Name: OWNER-X35LSKRDA | User Name: Wayne | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
       
      ========== Processes (SafeList) ==========
       
      PRC - C:\Documents and Settings\Wayne\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe (Google Inc.)
      PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files\STOPzilla!\STOPzilla.exe (iS3, Inc.)
      PRC - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe (iS3, Inc.)
      PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
      PRC - C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
      PRC - C:\Program Files\MTS Accelerator\PropelAC.exe (Propel Software Corporation)
      PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
      PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
      PRC - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe (SiSoftware)
      PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      PRC - C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe (Maxtor Corporation)
      PRC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe (Seagate Technology LLC)
      PRC - C:\Program Files\Common Files\Sonic Shared\CineTray.exe (Sonic Solutions)
      PRC - C:\Program Files\KMaestro\Kmaestro.exe (BTC)
      PRC - C:\WINDOWS\essspk.exe ()
      PRC - C:\Program Files\Visioneer OneTouch\OneTouchMon.exe (Visioneer Inc)
       
       
      ========== Modules (SafeList) ==========
       
      MOD - C:\Documents and Settings\Wayne\Desktop\OTL.exe (OldTimer Tools)
      MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
      MOD - C:\Program Files\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
      MOD - C:\WINDOWS\system32\hid.dll (Microsoft Corporation)
      MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
      MOD - C:\Program Files\KMaestro\HidKeybd.dll (BTC)
       
       
      ========== Win32 Services (SafeList) ==========
       
      SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
      SRV - (szserver) -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe (iS3, Inc.)
      SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
      SRV - (PCToolsFirewallPlus) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
      SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
      SRV - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe (SiSoftware)
      SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)
      SRV - (Basics Service) -- C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe (Seagate Technology LLC)
      SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
       
       
      ========== Driver Services (SafeList) ==========
       
      DRV - (USBNDIS) -- C:\WINDOWS\System32\DRIVERS\usbndis.sys File not found
      DRV - (nuvaudio) -- C:\WINDOWS\System32\DRIVERS\nuvaudio.sys File not found
      DRV - (LMouKE) -- C:\WINDOWS\System32\Drivers\LMouKE.sys File not found
      DRV - (LHidUsbK) -- C:\WINDOWS\System32\Drivers\LHidUsbK.Sys File not found
      DRV - (Dual Mode) -- C:\WINDOWS\System32\DRIVERS\CoachVc.sys File not found
      DRV - (DPCUSB) -- C:\WINDOWS\System32\Drivers\DPCUSB.sys File not found
      DRV - (CoachUsb) -- C:\WINDOWS\System32\DRIVERS\CoachUsb.sys File not found
      DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
      DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
      DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
      DRV - (szkgfs) -- C:\WINDOWS\system32\drivers\szkgfs.sys (iS3, Inc.)
      DRV - (cpuz133) -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys (Windows (R) Win 7 DDK provider)
      DRV - (pctplfw) -- C:\WINDOWS\system32\drivers\pctplfw.sys (PC Tools)
      DRV - (PCTFW-PacketFilter) -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys (PC Tools)
      DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)
      DRV - (pctNDIS) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)
      DRV - (szkg5) -- C:\WINDOWS\system32\DRIVERS\szkg.sys (iS3 Inc.)
      DRV - (is3srv) -- C:\WINDOWS\system32\drivers\is3srv.sys (iS3 Inc.)
      DRV - (PCTAppEvent) -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools)
      DRV - (FiltUSBEMPIA) -- C:\WINDOWS\system32\drivers\emFilter.sys (eMPIA Technology, Inc.)
      DRV - (ScanUSBEMPIA) -- C:\WINDOWS\system32\drivers\emScan.sys (eMPIA Technology, Inc.)
      DRV - (DCamUSBEMPIA) -- C:\WINDOWS\system32\drivers\emDevice.sys (eMPIA Technology, Inc.)
      DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
      DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
      DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
      DRV - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\sandra.sys (SiSoftware)
      DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
      DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
      DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
      DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies)
      DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
      DRV - (USB28xxBGA) -- C:\WINDOWS\system32\drivers\emBDA.sys (eMPIA Technology, Inc.)
      DRV - (USB28xxOEM) -- C:\WINDOWS\system32\drivers\emOEM.sys (eMPIA Technology, Inc.)
      DRV - (emAudio) -- C:\WINDOWS\system32\drivers\emAudio.sys (eMPIA Technology, Inc.)
      DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
      DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
      DRV - (VIAudio) Vinyl AC'97 Audio Controller (WDM) -- C:\WINDOWS\system32\drivers\vinyl97.sys (VIA Technologies, Inc.)
      DRV - (NuVision) -- C:\WINDOWS\system32\drivers\Nuvision.sys (Hauppauge Computer Works)
      DRV - (S3Psddr) -- C:\WINDOWS\system32\drivers\s3gnbm.sys (S3 Graphics, Inc.)
      DRV - (Edspport) -- C:\WINDOWS\system32\drivers\es56hpi.sys (ESS Technology, Inc.)
      DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()
      DRV - (viaagp1) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
      DRV - (VIAPFD) -- C:\WINDOWS\System32\Drivers\VIAPFD.SYS (VIA Technologies. Inc.)
      DRV - (ViaIde) -- C:\WINDOWS\System32\DRIVERS\viaidexp.sys (VIA Technologies, Inc.)
      DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
      DRV - (SnapTHN) -- C:\WINDOWS\System32\drivers\SNAPTHN.SYS (Play Incorporated)
       
       
      ========== Standard Registry (SafeList) ==========
       
       
      ========== Internet Explorer ==========
       
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
       
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.canoe.ca/
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:8080
       
      ========== FireFox ==========
       
      FF - prefs.js..browser.search.defaultenginen ame: "www.google-feed.net"
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..browser.startup.homepage: "http://en.canoe.ca/home.html"
      FF - prefs.js..extensions.enabledItems: {34274bf4-1d97-a289-e984-17e546307e4f}:0.5.3.043
      FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.0
      FF - prefs.js..extensions.enabledItems: {1d5287d1-8a92-0001-1f31-1cec198018d8}:2.0.20080718
      FF - prefs.js..extensions.enabledItems: {F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}:2.2008.5.13
      FF - prefs.js..extensions.enabledItems: {62760FD6-B943-48C9-AB09-F99C6FE96088}:1.6.4
      FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:3.13
      FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.3.1
      FF - prefs.js..keyword.URL: "http://www.veerboo.com/results.php?q="
       
      FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/09/24 19:05:39 | 000,000,000 | ---D | M]
      FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/30 23:33:14 | 000,000,000 | ---D | M]
      FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/30 23:33:14 | 000,000,000 | ---D | M]
      FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/09/29 14:13:07 | 000,000,000 | ---D | M]
      FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/10/05 13:21:09 | 000,000,000 | ---D | M]
       
      [2010/09/22 13:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Extensions
      [2010/09/22 13:59:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
      [2010/10/14 21:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\d1lib2qr.default\extensions
      [2008/09/07 19:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\d1lib2qr.default\extensions\[email protected]
      [2010/09/15 19:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\d1lib2qr.default\extensions\SearchHelper
      [2008/05/27 22:59:05 | 000,001,162 | ---- | M] () -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\d1lib2qr.default\searchplugins\dictionary.xml
      [2010/09/15 19:51:59 | 000,000,003 | ---- | M] () -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\d1lib2qr.default\searchplugins\GoogleFeed.xml
      [2010/10/14 21:53:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
      [2010/05/23 00:24:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
      [2010/08/21 02:47:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
      [2008/12/20 00:22:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
      [2008/12/21 14:43:06 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
      [2008/12/21 14:43:06 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
      [2008/12/21 14:43:06 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
      [2008/12/21 14:43:06 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
      [2008/12/21 14:43:07 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
      [2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
      [2010/10/05 13:18:11 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
       
      O1 HOSTS File: ([2010/10/14 17:53:21 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1       localhost
      O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
      O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
      O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
      O2 - BHO: (Accelerator Plugin) - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\MTS Accelerator\prpl_IePopupBlocker.dll (Propel Software Corporation)
      O2 - BHO: (STOPzilla Browser Helper Object) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll (iS3, Inc.)
      O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
      O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
      O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
      O4 - HKLM..\Run: [basicsmssmenu] C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe (Maxtor Corporation)
      O4 - HKLM..\Run: [BtcMaestro] C:\Program Files\KMaestro\Kmaestro.exe (BTC)
      O4 - HKLM..\Run: [CXMon] C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe (Hewlett-Packard Company)
      O4 - HKLM..\Run: [EssSpkPhone] C:\WINDOWS\essspk.exe ()
      O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
      O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
      O4 - HKLM..\Run: [OneTouch Monitor] C:\Program Files\Visioneer OneTouch\OneTouchMon.exe (Visioneer Inc)
      O4 - HKLM..\Run: [VTPreset] C:\WINDOWS\System32\VTPreset.exe (S3 Graphics, Inc.)
      O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
      O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
      O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
      O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\CineTray.exe (Sonic Solutions)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O8 - Extra context menu item: Refresh Pa&ge with Full Quality - C:\Program Files\MTS Accelerator\pac-page.html ()
      O8 - Extra context menu item: Refresh Pi&cture with Full Quality - C:\Program Files\MTS Accelerator\pac-image.html ()
      O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
      O16 - DPF: {33363249-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/i263_32.cab (Reg Error: Key error.)
      O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe (Reg Error: Key error.)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
      O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37623.4285648148 (Reg Error: Key error.)
      O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Crucial cpcScan)
      O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
      O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
      O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
      O24 - Desktop WallPaper: C:\WINDOWS\aptera.bmp
      O24 - Desktop BackupWallPaper: C:\WINDOWS\aptera.bmp
      O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2002/10/08 09:25:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O35 - HKCU\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKCU\...exe [@ = exefile] -- "%1" %*
       
      ========== Files/Folders - Created Within 30 Days ==========
       
      [2010/10/14 18:21:35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
      [2010/10/14 17:49:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
      [2010/10/14 17:35:58 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
      [2010/10/13 20:52:15 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
      [2010/10/13 20:35:38 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2010/10/11 23:42:12 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
      [2010/10/10 14:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Local Settings\Application Data\Temp
      [2010/10/10 00:52:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Desktop\Art Stuff
      [2010/10/10 00:50:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Desktop\Desktop Nudes
      [2010/10/10 00:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Desktop\Fixed Folder
      [2010/10/10 00:21:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Desktop\MyStuff
      [2010/10/10 00:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Desktop\Recipes
      [2010/10/10 00:15:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Desktop\Temp Pics
      [2010/10/10 00:10:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Desktop\Video Editing
      [2010/10/10 00:10:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Desktop\Desktop
      [2010/10/06 19:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
      [2010/10/05 13:22:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Application Data\Foxit Software
      [2010/10/03 23:37:50 | 000,000,000 | RHSD | C] -- C:\cmdcons
      [2010/10/03 23:13:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
      [2010/10/03 23:13:33 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
      [2010/10/03 22:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\My Documents\New Folder
      [2010/09/30 20:34:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Wayne\Recent
      [2010/09/29 14:13:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
      [2010/09/26 15:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\Application Data\PCToolsFirewallPlus
      [2010/09/26 15:46:02 | 000,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
      [2010/09/26 15:46:02 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
      [2010/09/26 15:45:54 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
      [2010/09/26 15:44:31 | 000,070,664 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
      [2010/09/26 15:44:31 | 000,058,816 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
      [2010/09/26 15:44:31 | 000,032,680 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
      [2010/09/26 15:44:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
      [2010/09/26 15:44:28 | 000,115,216 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
      [2010/09/26 15:44:25 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus
      [2010/09/26 04:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2010/09/25 10:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\STOPzilla!
      [2010/09/25 10:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
      [2010/09/25 10:42:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
      [2010/09/25 00:00:27 | 000,000,000 | ---D | C] -- C:\671feffc3b70b88a397bd6f620fbac40
      [2010/09/24 11:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
      [2010/09/24 10:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wayne\My Documents\RegRun2
      [2010/09/23 20:33:42 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
      [2010/09/23 20:23:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
      [2010/09/23 20:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
      [2010/09/21 01:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
      [2010/09/20 18:08:16 | 000,546,256 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZComp5.dll
      [2010/09/20 18:08:16 | 000,132,560 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3HTUI5.dll
      [2010/09/20 18:08:16 | 000,022,992 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZIO5.dll
      [2010/09/20 18:08:14 | 000,452,048 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\SZBase5.dll
      [2010/09/20 18:08:14 | 000,398,800 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3DBA5.dll
      [2010/09/20 18:08:14 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Svc5.dll
      [2010/09/20 18:08:14 | 000,067,024 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Hks5.dll
      [2010/09/20 18:08:14 | 000,028,624 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3XDat5.dll
      [2010/09/20 18:08:12 | 000,738,768 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Base5.dll
      [2010/09/20 18:08:12 | 000,390,608 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3UI5.dll
      [2010/09/20 18:08:12 | 000,230,864 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Win325.dll
      [2010/09/20 18:08:12 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Inet5.dll
      [2010/09/15 19:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
      [2010/05/26 00:21:38 | 000,121,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll
      [2001/07/06 16:59:54 | 000,372,736 | ---- | C] (Ed Halley - http://www.halley.cc/stuff/) -- C:\Program Files\Dragnifier.exe
      [24 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
      [126 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
       
      ========== Files - Modified Within 30 Days ==========
       
      [2010/10/14 22:15:10 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3025990876-1698683601-3399203189-1006UA.job
      [2010/10/14 22:04:38 | 000,000,303 | ---- | M] () -- C:\WINDOWS\vuepro32.ini
      [2010/10/14 22:03:51 | 000,100,660 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Puppy.jpg
      [2010/10/14 18:18:39 | 066,317,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
      [2010/10/14 18:10:29 | 000,000,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
      [2010/10/14 17:54:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
      [2010/10/14 17:53:21 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
      [2010/10/14 17:52:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2010/10/14 14:15:01 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3025990876-1698683601-3399203189-1006Core.job
      [2010/10/14 01:23:39 | 001,066,274 | ---- | M] () -- C:\WINDOWS\aptera.bmp
      [2010/10/13 20:12:07 | 003,878,092 | R--- | M] () -- C:\Documents and Settings\Wayne\Desktop\ComboFix.exe
      [2010/10/12 15:25:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
      [2010/10/12 00:58:10 | 000,001,257 | ---- | M] () -- C:\WINDOWS\goldwave.ini
      [2010/10/11 23:43:37 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
      [2010/10/11 19:34:34 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
      [2010/10/10 15:26:55 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Google Chrome.lnk
      [2010/10/10 15:26:55 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Wayne\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
      [2010/10/10 13:33:15 | 000,736,854 | ---- | M] () -- C:\WINDOWS\CNorris.bmp
      [2010/10/09 23:20:30 | 000,736,854 | ---- | M] () -- C:\WINDOWS\Preponvue2.bmp
      [2010/10/08 00:49:40 | 000,736,854 | ---- | M] () -- C:\WINDOWS\Preponvue.bmp
      [2010/10/07 18:05:51 | 000,736,854 | ---- | M] () -- C:\WINDOWS\EmmaB.bmp
      [2010/10/07 14:39:21 | 000,736,854 | ---- | M] () -- C:\WINDOWS\Alicia2.bmp
      [2010/10/07 00:23:32 | 000,736,854 | ---- | M] () -- C:\WINDOWS\Abbyvue2.bmp
      [2010/10/06 13:06:11 | 000,736,854 | ---- | M] () -- C:\WINDOWS\Abbyvue.bmp
      [2010/10/05 17:46:40 | 000,736,854 | ---- | M] () -- C:\WINDOWS\Nikkivue2.bmp
      [2010/10/05 14:22:00 | 000,736,854 | ---- | M] () -- C:\WINDOWS\Nikkivue.bmp
      [2010/10/05 13:21:29 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\Wayne\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
      [2010/10/03 23:37:58 | 000,000,337 | RHS- | M] () -- C:\boot.ini
      [2010/10/01 23:35:41 | 000,960,054 | ---- | M] () -- C:\WINDOWS\Bugatti.bmp
      [2010/10/01 14:35:35 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Shortcut to PropelAC.exe.lnk
      [2010/09/30 17:48:29 | 000,979,254 | ---- | M] () -- C:\WINDOWS\ssc-ultimate-aero.bmp
      [2010/09/30 11:42:57 | 001,274,454 | ---- | M] () -- C:\WINDOWS\Roadster2.bmp
      [2010/09/30 10:31:47 | 001,200,054 | ---- | M] () -- C:\WINDOWS\Saleen_S7.bmp
      [2010/09/30 08:43:24 | 001,440,054 | ---- | M] () -- C:\WINDOWS\car0.bmp
      [2010/09/29 14:13:10 | 000,001,686 | ---- | M] () -- C:\Documents and Settings\Wayne\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
      [2010/09/24 11:26:37 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
      [2010/09/24 11:26:37 | 000,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
      [2010/09/24 11:26:37 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
      [2010/09/23 20:33:42 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
      [2010/09/23 17:00:03 | 001,440,998 | ---- | M] () -- C:\WINDOWS\car00.bmp
      [2010/09/20 18:08:16 | 000,546,256 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZComp5.dll
      [2010/09/20 18:08:16 | 000,132,560 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3HTUI5.dll
      [2010/09/20 18:08:16 | 000,022,992 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZIO5.dll
      [2010/09/20 18:08:14 | 000,452,048 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\SZBase5.dll
      [2010/09/20 18:08:14 | 000,398,800 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3DBA5.dll
      [2010/09/20 18:08:14 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Svc5.dll
      [2010/09/20 18:08:14 | 000,067,024 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Hks5.dll
      [2010/09/20 18:08:14 | 000,028,624 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3XDat5.dll
      [2010/09/20 18:08:12 | 000,738,768 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Base5.dll
      [2010/09/20 18:08:12 | 000,390,608 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3UI5.dll
      [2010/09/20 18:08:12 | 000,230,864 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Win325.dll
      [2010/09/20 18:08:12 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\WINDOWS\System32\IS3Inet5.dll
      [2010/09/20 17:17:05 | 001,296,998 | ---- | M] () -- C:\WINDOWS\car10.bmp
      [2010/09/20 14:56:40 | 001,440,998 | ---- | M] () -- C:\WINDOWS\Pagani-Zonda-Roadster.bmp
      [2010/09/19 14:45:35 | 000,016,826 | -H-- | M] () -- C:\WINDOWS\vuepro32.GID
      [2010/09/18 15:12:24 | 001,121,798 | ---- | M] () -- C:\WINDOWS\Bugatti Veyron2.bmp
      [2010/09/18 14:45:20 | 000,896,198 | ---- | M] () -- C:\WINDOWS\Bugatti Veyron.bmp
      [2010/09/18 02:11:51 | 001,356,054 | ---- | M] () -- C:\WINDOWS\McLaren2.bmp
      [2010/09/18 01:39:44 | 001,083,398 | ---- | M] () -- C:\WINDOWS\McLaren3.bmp
      [126 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
       
      ========== Files Created - No Company Name ==========
       
      [2010/10/14 18:09:48 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
      [2010/10/14 17:35:59 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
      [2010/10/14 17:35:58 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
      [2010/10/13 19:52:30 | 003,878,092 | R--- | C] () -- C:\Documents and Settings\Wayne\Desktop\ComboFix.exe
      [2010/10/13 16:13:31 | 001,066,274 | ---- | C] () -- C:\WINDOWS\aptera.bmp
      [2010/10/10 15:26:55 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\Wayne\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
      [2010/10/10 15:26:54 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\Wayne\Desktop\Google Chrome.lnk
      [2010/10/10 14:10:50 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3025990876-1698683601-3399203189-1006UA.job
      [2010/10/10 14:10:50 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3025990876-1698683601-3399203189-1006Core.job
      [2010/10/10 13:29:25 | 000,736,854 | ---- | C] () -- C:\WINDOWS\CNorris.bmp
      [2010/10/08 01:02:05 | 000,736,854 | ---- | C] () -- C:\WINDOWS\Preponvue2.bmp
      [2010/10/07 14:50:51 | 000,736,854 | ---- | C] () -- C:\WINDOWS\EmmaB.bmp
      [2010/10/07 14:18:08 | 000,736,854 | ---- | C] () -- C:\WINDOWS\Alicia2.bmp
      [2010/10/07 00:23:32 | 000,736,854 | ---- | C] () -- C:\WINDOWS\Abbyvue2.bmp
      [2010/10/05 22:03:47 | 000,736,854 | ---- | C] () -- C:\WINDOWS\Abbyvue.bmp
      [2010/10/05 18:59:39 | 000,736,854 | ---- | C] () -- C:\WINDOWS\Preponvue.bmp
      [2010/10/04 19:47:56 | 000,736,854 | ---- | C] () -- C:\WINDOWS\Nikkivue2.bmp
      [2010/10/03 23:37:52 | 000,260,272 | RHS- | C] () -- C:\cmldr
      [2010/10/03 23:13:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
      [2010/10/03 23:13:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
      [2010/10/03 23:13:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
      [2010/10/03 03:02:05 | 000,736,854 | ---- | C] () -- C:\WINDOWS\Nikkivue.bmp
      [2010/10/01 14:35:35 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\Wayne\Desktop\Shortcut to PropelAC.exe.lnk
      [2010/09/28 18:29:34 | 001,274,454 | ---- | C] () -- C:\WINDOWS\Roadster2.bmp
      [2010/09/26 15:46:02 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
      [2010/09/26 15:46:02 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
      [2010/09/26 15:45:54 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
      [2010/09/26 15:44:31 | 000,007,435 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.cat
      [2010/09/26 15:44:31 | 000,007,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-DNS.cat
      [2010/09/26 15:44:28 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplfw.cat
      [2010/09/24 10:57:40 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
      [2010/09/23 20:26:06 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
      [2010/09/23 17:00:03 | 001,440,998 | ---- | C] () -- C:\WINDOWS\car00.bmp
      [2010/09/22 12:54:42 | 001,440,054 | ---- | C] () -- C:\WINDOWS\car0.bmp
      [2010/09/20 17:17:05 | 001,296,998 | ---- | C] () -- C:\WINDOWS\car10.bmp
      [2010/09/20 14:56:40 | 001,440,998 | ---- | C] () -- C:\WINDOWS\Pagani-Zonda-Roadster.bmp
      [2010/09/18 15:12:25 | 001,121,798 | ---- | C] () -- C:\WINDOWS\Bugatti Veyron2.bmp
      [2010/09/18 14:45:20 | 000,896,198 | ---- | C] () -- C:\WINDOWS\Bugatti Veyron.bmp
      [2010/09/18 01:39:44 | 001,083,398 | ---- | C] () -- C:\WINDOWS\McLaren3.bmp
      [2010/09/18 01:06:40 | 001,356,054 | ---- | C] () -- C:\WINDOWS\McLaren2.bmp
      [2010/05/26 00:36:35 | 000,000,085 | ---- | C] () -- C:\WINDOWS\lagarith.ini
      [2010/05/10 22:47:00 | 000,000,090 | ---- | C] () -- C:\WINDOWS\huffyuv.ini
      [2010/04/21 22:46:50 | 000,000,568 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
      [2010/01/17 03:44:57 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
      [2010/01/17 03:44:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
      [2010/01/17 03:44:54 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
      [2010/01/17 03:44:54 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
      [2010/01/17 03:44:51 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
      [2009/12/15 00:38:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
      [2009/08/01 20:55:29 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
      [2009/08/01 20:55:29 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\KPSYS32.DLL
      [2008/05/30 13:31:47 | 007,151,616 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mda
      [2007/11/06 15:19:28 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
      [2007/02/11 16:39:25 | 000,004,535 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
      [2007/02/07 00:58:00 | 000,000,846 | ---- | C] () -- C:\WINDOWS\xxclone.ini
      [2005/05/20 13:25:42 | 000,000,303 | ---- | C] () -- C:\WINDOWS\vuepro32.ini
      [2005/05/16 19:40:23 | 000,000,433 | ---- | C] () -- C:\WINDOWS\System32\imgdatwin.dll
      [2005/05/16 19:40:22 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\imgstpath.dll
      [2005/05/16 19:39:28 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\LtDlgRes14n.dll
      [2005/05/08 19:17:22 | 000,024,575 | ---- | C] () -- C:\WINDOWS\System32\Winapppiobas50.dll
      [2005/05/08 19:16:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
      [2005/05/08 19:16:01 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
      [2004/09/30 18:23:07 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Pex.INI
      [2004/09/30 18:15:44 | 000,000,440 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
      [2004/09/17 17:37:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
      [2004/09/06 19:04:09 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
      [2004/09/01 10:49:17 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
      [2004/08/27 01:00:32 | 000,000,086 | ---- | C] () -- C:\WINDOWS\POSTER.INI
      [2004/08/19 16:33:08 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
      [2004/07/13 12:12:22 | 000,000,583 | ---- | C] () -- C:\WINDOWS\videoimp.ini
      [2004/04/06 14:28:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Wayne\Application Data\sversion.ini
      [2004/04/01 12:40:14 | 000,000,263 | ---- | C] () -- C:\WINDOWS\phedit.ini
      [2004/03/24 15:52:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\jppc.INI
      [2004/03/19 15:36:51 | 002,270,720 | ---- | C] () -- C:\WINDOWS\Mgxrdr32.dll
      [2004/03/19 15:36:51 | 000,046,080 | ---- | C] () -- C:\WINDOWS\LFTIF60N.DLL
      [2004/03/19 15:36:51 | 000,043,008 | ---- | C] () -- C:\WINDOWS\LTFIL60N.DLL
      [2004/03/19 15:36:51 | 000,019,968 | ---- | C] () -- C:\WINDOWS\LFTGA60N.DLL
      [2004/03/19 15:36:50 | 000,141,824 | ---- | C] () -- C:\WINDOWS\LFCMP60N.DLL
      [2004/03/19 15:36:50 | 000,110,080 | ---- | C] () -- C:\WINDOWS\LFPNG60N.DLL
      [2004/03/19 15:36:50 | 000,023,552 | ---- | C] () -- C:\WINDOWS\LFPCX60N.DLL
      [2004/03/19 15:36:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFGIF60N.DLL
      [2004/03/19 15:36:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LFPSD60N.DLL
      [2004/03/19 15:36:50 | 000,018,432 | ---- | C] () -- C:\WINDOWS\LFRAS60N.DLL
      [2004/03/19 15:36:18 | 000,399,350 | ---- | C] () -- C:\WINDOWS\ACCUGLD5.DLL
      [2004/03/19 15:36:18 | 000,026,233 | ---- | C] () -- C:\WINDOWS\ACCUIFGL.DLL
      [2004/02/09 04:25:28 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
      [2003/11/08 18:43:56 | 000,000,005 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DirectCDUserNameD.txt
      [2003/07/12 14:19:54 | 000,000,107 | ---- | C] () -- C:\WINDOWS\WEBLINK.INI
      [2003/05/14 21:48:41 | 000,000,300 | ---- | C] () -- C:\WINDOWS\vuesav32.ini
      [2003/05/14 11:03:50 | 000,004,673 | ---- | C] () -- C:\WINDOWS\WININIT.INI
      [2003/02/08 21:41:09 | 000,000,036 | ---- | C] () -- C:\WINDOWS\cosdtp.ini
      [2003/01/07 00:06:48 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Magic40.INI
      [2003/01/01 22:39:36 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
      [2002/12/23 17:11:27 | 000,001,056 | ---- | C] () -- C:\WINDOWS\maxlink.ini
      [2002/12/23 17:11:26 | 000,000,090 | ---- | C] () -- C:\WINDOWS\calera.ini
      [2002/12/22 20:46:27 | 000,006,592 | ---- | C] () -- C:\WINDOWS\gwpreset.ini
      [2002/12/22 20:46:27 | 000,001,257 | ---- | C] () -- C:\WINDOWS\goldwave.ini
      [2002/12/22 18:25:52 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
      [2002/12/21 20:37:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MTSTACK.INI
      [2002/12/21 15:19:17 | 000,007,411 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
      [2002/12/19 15:56:11 | 000,009,206 | ---- | C] () -- C:\WINDOWS\NTTuner.ini
      [2002/12/19 15:04:25 | 000,269,312 | ---- | C] () -- C:\WINDOWS\System32\FPXIG.DLL
      [2002/12/19 15:04:25 | 000,068,096 | ---- | C] () -- C:\WINDOWS\System32\IGFPX32P.DLL
      [2002/12/19 15:04:25 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\JPEGACC.DLL
      [2002/12/19 15:04:02 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\WELSOF32.DLL
      [2002/12/19 00:52:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MusicEditor.INI
      [2002/12/19 00:52:36 | 000,001,871 | ---- | C] () -- C:\WINDOWS\mp3maker.INI
      [2002/12/19 00:50:45 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
      [2002/12/18 15:13:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dpcnav.INI
      [2002/12/18 15:05:00 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\inavevnt.dll
      [2002/12/17 19:49:46 | 000,000,896 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
      [2002/12/17 19:49:46 | 000,000,027 | ---- | C] () -- C:\WINDOWS\ACROGRAF.INI
      [2002/12/17 00:20:57 | 000,001,952 | ---- | C] () -- C:\WINDOWS\SCANFX.INI
      [2002/12/15 20:17:09 | 000,173,056 | ---- | C] () -- C:\Documents and Settings\Wayne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2002/10/30 15:49:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
      [2002/10/08 11:02:24 | 000,001,112 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
      [2002/10/08 04:14:05 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
      [2002/09/10 10:10:05 | 000,495,616 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
      [2001/07/06 23:47:50 | 000,003,149 | ---- | C] () -- C:\Program Files\ReadMe.txt
      [1999/10/06 17:48:28 | 000,016,476 | ---- | C] () -- C:\WINDOWS\System32\Snapv16.drv
       
      ========== LOP Check ==========
       
      [2009/11/18 12:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
      [2008/08/08 16:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eBay
      [2010/09/23 20:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
      [2009/01/08 23:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey
      [2009/07/20 23:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
      [2008/05/31 14:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
      [2009/07/03 20:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
      [2010/10/14 22:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
      [2010/10/14 17:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
      [2010/05/03 14:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
      [2004/09/30 18:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
      [2008/08/08 16:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WholeSecurity
      [2006/11/27 21:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\101 Software
      [2010/06/06 19:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\DeepBurner
      [2008/08/08 16:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\eBay
      [2008/02/19 17:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Forte
      [2009/04/01 02:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Foxit
      [2010/10/05 13:22:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Foxit Software
      [2009/03/07 02:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\GrabPro
      [2010/09/09 13:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\gtk-2.0
      [2009/04/24 13:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\hott notes 4
      [2010/02/18 22:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\ImTOO Software Studio
      [2008/09/22 15:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\IrfanView
      [2009/05/01 13:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\K-Meleon
      [2010/07/31 10:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Leadertech
      [2010/01/18 23:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Leawo
      [2006/11/28 09:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\M8 Software
      [2008/01/25 12:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\MP3Rocket
      [2010/10/10 14:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Opera
      [2009/03/07 03:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Orbit
      [2010/09/26 15:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\PCToolsFirewallPlus
      [2010/01/13 22:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Pegasys Inc
      [2010/05/11 05:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\STOIK
      [2010/09/22 13:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Thunderbird
      [2010/05/03 17:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Trusteer
      [2002/12/18 03:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\Ulead Systems
      [2008/12/24 01:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wayne\Application Data\XnView
       
      ========== Purity Check ==========
       
       
       
      ========== Alternate Data Streams ==========
       
      @Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
      @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
      @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

      < End of report >
      Logged

      SuperDave

      • Malware Removal Specialist
      • Moderator


        • Genius
        • Thanked: 1020
      • Certifications: List
      • Experience: Expert
      • OS: Windows 10
      Re: Please help, being hijacked while web surfing...
      « Reply #47 on: October 15, 2010, 12:12:55 PM »
      I've sent a pm to my mentor to look at this problem but it may take a few days for him to respond.I hope this is not too much of an inconvience to you.
      Logged
      Windows 8 and Windows 10 dual boot with two SSD's

      jwfilion

        Topic Starter


        Intermediate

        Re: Please help, being hijacked while web surfing...
        « Reply #48 on: October 15, 2010, 02:19:12 PM »
        SuperDave, no inconvience at all. You have been more than patient. I can wait.

        Wayne
        Logged

        TonyS9



          Starter

          • Experience: Beginner
          • OS: Unknown
          Re: Please help, being hijacked while web surfing...
          « Reply #49 on: October 16, 2010, 03:37:20 AM »
          Your comment has been removed. Please do not post malware advice, or post here in the malware forum, unless you need help.
          « Last Edit: October 16, 2010, 01:05:07 PM by SuperDave »
          Logged

          jwfilion

            Topic Starter


            Intermediate

            Re: Please help, being hijacked while web surfing...
            « Reply #50 on: October 16, 2010, 01:34:38 PM »
            I would not insult the intelligence of the kind people on this site, who volunteer their precious time and knowledge, by not doing as much as possible, to remedy the problem myself, using the self help posted here.
            Logged

            SuperDave

            • Malware Removal Specialist
            • Moderator


              • Genius
              • Thanked: 1020
            • Certifications: List
            • Experience: Expert
            • OS: Windows 10
            Re: Please help, being hijacked while web surfing...
            « Reply #51 on: October 20, 2010, 05:44:50 PM »
            Please download GooredFix from one of the locations below and save it to your Desktop
            Download Mirror #1
            Download Mirror #2
            • Ensure all Firefox browser windows are closed.
            • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
            • When prompted to run the scan, click Yes.
            • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).
            .

            Logged
            Windows 8 and Windows 10 dual boot with two SSD's

            jwfilion

              Topic Starter


              Intermediate

              Re: Please help, being hijacked while web surfing...
              « Reply #52 on: October 21, 2010, 10:40:46 AM »
              Hi SuperDave, I'm think I may have accidentally cured this problem by experimenting with Firefox. I removed it from my computer completely to see if this bug would somehow migrate to another browser (Chrome). I used it for a few days, with no sign of any hijacking. I then loaded Firefox again, and have been using it for several hours without incident, again, knock on wood. Below is the log...

              GooredFix by jpshortstuff (03.07.10.1)
              Log created at 02:08 on 21/10/2010 (Wayne)
              Firefox version 2.0.0.11 (en-US)

              ========== GooredScan ==========

              (none)

              ========== GooredLog ==========

              C:\Program Files\Mozilla Firefox\extensions\
              [email protected] [06:31 21/10/2010]
              {972ce4c6-7e08-4474-a285-3208198ce6fd} [06:31 21/10/2010]

              C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\qddlnzpx.default\extensions\
              (none)

              [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
              (Key not found)

              -=E.O.F=-
              Logged

              SuperDave

              • Malware Removal Specialist
              • Moderator


                • Genius
                • Thanked: 1020
              • Certifications: List
              • Experience: Expert
              • OS: Windows 10
              Re: Please help, being hijacked while web surfing...
              « Reply #53 on: October 21, 2010, 01:38:01 PM »
              Well, that's good news. Let's give it a few days. If it's fixed post back again and we'll do whatever cleanup is necessary.
              Logged
              Windows 8 and Windows 10 dual boot with two SSD's

              jwfilion

                Topic Starter


                Intermediate

                Re: Please help, being hijacked while web surfing...
                « Reply #54 on: October 30, 2010, 08:51:11 PM »
                Hi SuperDave, well I've given it a week of constant surfing so far, and there is no evidence that the bug is still around. I have used three different browsers and found no problem. Thanks kindly for all your patience. You mentioned something about a cleanup?
                Logged

                SuperDave

                • Malware Removal Specialist
                • Moderator


                  • Genius
                  • Thanked: 1020
                • Certifications: List
                • Experience: Expert
                • OS: Windows 10
                Re: Please help, being hijacked while web surfing...
                « Reply #55 on: October 31, 2010, 10:35:06 AM »
                That's good news. We'll just do some cleanup.

                * Click START then RUN - Vista users press the Windows Key and the R keys together for the Run box.
                * Now type Combofix /uninstall in the runbox
                * Make sure there's a space between Combofix and /Uninstall
                * Then hit Enter

                * The above procedure will:
                * Delete the following:
                * ComboFix and its associated files and folders.
                * Reset the clock settings.
                * Hide file extensions, if required.
                * Hide System/Hidden files, if required.
                * Set a new, clean Restore Point.
                **********************************
                To remove all of the tools we used and the files and folders they created do the following:
                Double click OTL.exe.
                • Click the CleanUp button.
                • Select Yes when the "Begin cleanup Process?" prompt appears.
                • If you are prompted to Reboot during the cleanup, select Yes.
                • The tool will delete itself once it finishes.
                Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
                **************************************
                Clean out your temporary internet files and temp files.

                Download TFC by OldTimer to your desktop.

                Double-click TFC.exe to run it.

                Note: If you are running on Vista, right-click on the file and choose Run As Administrator

                TFC will close all programs when run, so make sure you have saved all your work before you begin.

                * Click the Start button to begin the cleaning process.
                * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
                * Please let TFC run uninterrupted until it is finished.

                Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
                *****************************************
                Use the Secunia Software Inspector to check for out of date software.

                •Click Start Now

                •Check the box next to Enable thorough system inspection.

                •Click Start

                •Allow the scan to finish and scroll down to see if any updates are needed.
                •Update anything listed.
                .
                ----------

                Go to Microsoft Windows Update and get all critical updates.

                ----------

                I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

                SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
                * Using SpywareBlaster to protect your computer from Spyware and Malware
                * If you don't know what ActiveX controls are, see here

                Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

                Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

                Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
                Safe Surfing!

                Logged
                Windows 8 and Windows 10 dual boot with two SSD's
                Pages: 1 2 3 [4]  All   Go Up
                « previous next »