We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Painfully Slow Computer
Comments
-
That doesnt explain anything?
Vundofix is a far more efficient tool than CF
OK smart a**e you asked for it.
This is an OTL Log, spot the malware in it?
Your Combofix wont help you here:
OTL logfile created on: 30/12/2009 12:21:07 PM - Run 4
OTL by OldTimer - Version 3.1.4.0 Folder = J:\Technician Stuff\Tools
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.94 Gb Total Physical Memory | 1.09 Gb Available Physical Memory | 56.07% Memory free
4.00 Gb Paging File | 3.68 Gb Available in Paging File | 91.90% Paging File free
Paging file location(s): f:\pagefile.sys 3000 3000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228.72 Gb Total Space | 169.44 Gb Free Space | 74.08% Space Free | Partition Type: NTFS
Drive not present or media not loaded
Drive E: | 29.96 Gb Total Space | 11.92 Gb Free Space | 39.77% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 67.16 Gb Free Space | 14.42% Space Free | Partition Type: NTFS
Drive G: | 39.41 Gb Total Space | 23.00 Gb Free Space | 58.36% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 232.88 Gb Total Space | 48.24 Gb Free Space | 20.72% Space Free | Partition Type: NTFS
Computer Name: Malware Test PC
Current User Name: User
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Minimal
Quick Scan
========== Processes (SafeList) ==========
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - J:\Technician Stuff\Tools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\CrossLoop\CrossLoopConnect.exe (CrossLoop)
PRC - C:\Program Files\No-IP\DUC20.exe (Vitalwerks LLC)
PRC - C:\Program Files\No-IP\DUC20.exe (Vitalwerks LLC)
PRC - C:\Program Files\Trillian\trillian.exe (Cerulean Studios)
PRC - C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\System32\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Windows\System32\nlssrv32.exe (Nalpeiron Ltd.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\ASTSRV.EXE (Nalpeiron Ltd.)
PRC - J:\Technician Stuff\Tools\speech100\cannery.exe (SteelWerX)
========== Modules (SafeList) ==========
MOD - C:\Program Files\TeamViewer\Version5\TV.dll (TeamViewer GmbH)
MOD - J:\Technician Stuff\Tools\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\CrossLoop\XLIdlTrk.dll (SidneyChong Inc)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MobaSSH1) -- C:\Windows\System32\MobaSSH.exe (Mobatek - http://mobassh.mobatek.net)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (NoIPDUCService) -- C:\Program Files\No-IP\DUC20.exe (Vitalwerks LLC)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (nlsX86cc) -- C:\Windows\System32\nlssrv32.exe (Nalpeiron Ltd.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (ufad-ws60) -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (ReflectService) -- C:\Program Files\Macrium\Reflect\ReflectService.exe ()
SRV - (SgtSch2Svc) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Seagate)
SRV - (Ati External Event Utility) -- C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (astcc) -- C:\Windows\System32\ASTSRV.EXE (Nalpeiron Ltd.)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Bleeping Computer Startup List"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.lanarkshireitservices.co.uk"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716
FF - prefs.js..extensions.enabledItems: toolbar@alexa.com:1.4.7
FF - prefs.js..extensions.enabledItems: {bbfec13c-8cb2-53f2-b852-999eb2a852c9}:0.1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {27c60876-b5c9-4335-b4f3-52b26782220c}:0.9.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.5.9
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.6
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/25 17:31:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/13 09:37:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/21 09:35:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/21 09:35:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/12/09 19:33:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2009/05/28 20:15:27 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Mozilla\Extensions
[2009/05/28 20:15:27 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/12/30 09:47:17 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\t98n9z3w.default\extensions
[2009/06/25 17:57:18 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\t98n9z3w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/07 09:52:48 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\t98n9z3w.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2009/11/04 07:25:28 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\t98n9z3w.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2009/12/20 13:58:57 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\t98n9z3w.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/08/07 09:35:57 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\t98n9z3w.default\extensions\{bbfec13c-8cb2-53f2-b852-999eb2a852c9}
[2009/11/25 17:37:16 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\t98n9z3w.default\extensions\toolbar@alexa.com
[2009/06/17 13:51:33 | 00,001,975 | ---- | M] () -- C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\t98n9z3w.default\searchplugins\bleeping-computer-startup-list.xml
[2009/12/30 09:47:17 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/21 09:35:31 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/06/10 09:43:11 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/09/15 15:08:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/10/21 14:29:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/11/22 16:31:31 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2009/12/21 09:35:30 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/12/21 09:35:30 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007/04/10 16:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2009/10/11 04:17:27 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/12/21 09:35:30 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/11/09 18:00:00 | 00,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/11/09 18:00:00 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009/09/23 16:36:40 | 00,032,448 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
[2009/07/30 22:24:36 | 00,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/07/30 23:39:40 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/07/30 22:24:36 | 00,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/07/30 23:39:40 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/07/30 22:24:36 | 00,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/07/30 23:39:40 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/07/30 23:39:40 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/07/30 22:24:36 | 00,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml0 -
2 nd part
O1 HOSTS File: (767 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CrossLoop] C:\Program Files\CrossLoop\CrossLoopConnect.exe (CrossLoop)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (Vitalwerks LLC)
O4 - Startup: C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop_VNC = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin_VNC = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/03/20 15:42:25 | 00,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/11/07 15:08:41 | 00,000,706 | ---- | M] () - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/15 16:40:25 | 00,001,767 | ---- | M] () - J:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{179b7779-e4b7-11de-a14b-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{179b7779-e4b7-11de-a14b-005056c00008}\Shell\AutoRun\command - "" = J:\AutoRun.exe -- File not found
O33 - MountPoints2\{3071f87e-47d6-11de-9e86-001731cd8b43}\Shell\AutoRun\command - "" = C:\Windows\System32\setupSNK.exe -- [2008/01/19 07:33:29 | 00,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{5d9e78dc-4b85-11de-99e1-001731cd8b43}\Shell\AutoRun\command - "" = K:\Programs\nu2menu\nu2menu.exe -- File not found
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (pgdfgsvc) - C:\Windows\System32\pgdfgsvc.exe (Sysinternals - https://www.sysinternals.com)
O34 - HKLM BootExecute: (C) - File not found
O34 - HKLM BootExecute: (1) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 14 Days ==========
[2009/12/30 10:30:46 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/12/22 10:28:32 | 00,000,000 | ---D | C] -- C:\ProgramData\AMMYY
[2009/12/22 10:28:32 | 00,000,000 | ---D | C] -- C:\ProgramData\AMMYY
[2009/12/01 17:37:17 | 00,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe3317.dll
[2009/05/24 11:14:13 | 00,047,360 | ---- | C] (VSO Software) -- C:\Users\Stuart\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 14 Days ==========
[2009/12/30 12:21:14 | 04,194,304 | ---- | M] () -- C:\Users\Stuart\ntuser.dat
[2009/12/30 10:28:48 | 00,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/30 10:28:48 | 00,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/30 10:08:06 | 00,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8971208B-93CB-436D-A07D-477D828D93DE}.job
[2009/12/30 09:27:34 | 47,219,801 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/12/30 08:33:47 | 00,699,112 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/30 08:33:47 | 00,606,720 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/30 08:33:47 | 00,108,102 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/30 08:29:04 | 00,001,356 | ---- | M] () -- C:\Users\Stuart\AppData\Local\d3d9caps.dat
[2009/12/30 08:28:50 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/30 08:28:45 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/30 07:34:32 | 00,524,288 | -HS- | M] () -- C:\Users\Stuart\NTUSER.DAT{d874d34d-d4af-11de-a3dd-005056c00008}.TMContainer00000000000000000001.regtrans-ms
[2009/12/30 07:34:32 | 00,065,536 | -HS- | M] () -- C:\Users\Stuart\NTUSER.DAT{d874d34d-d4af-11de-a3dd-005056c00008}.TM.blf
[2009/12/30 07:33:41 | 03,473,506 | -H-- | M] () -- C:\Users\Stuart\AppData\Local\IconCache.db
[2009/12/29 15:24:17 | 00,128,231 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/12/28 20:06:21 | 00,000,671 | ---- | M] () -- C:\Users\Stuart\AppData\Roaming\vso_ts_preview.xml
[2009/12/24 16:13:11 | 00,040,893 | ---- | M] () -- C:\Users\Stuart\Documents\emailsender.xml
[2009/12/22 20:39:21 | 00,003,622 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2009/12/22 20:39:21 | 00,003,622 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2009/12/22 10:28:20 | 00,655,000 | ---- | M] () -- C:\Users\Stuart\Desktop\Remote_Support.exe
[2009/12/21 12:42:56 | 00,015,360 | ---- | M] () -- C:\Users\Stuart\Documents\email contacts.xls
========== Files Created - No Company Name ==========
[2009/12/22 20:39:20 | 00,003,622 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/12/22 20:39:20 | 00,003,622 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/12/22 10:42:20 | 00,655,000 | ---- | C] () -- C:\Users\Stuart\Desktop\Remote_Support.exe
[2009/12/09 18:30:38 | 00,000,552 | ---- | C] () -- C:\Users\Stuart\AppData\Local\d3d8caps.dat
[2009/12/09 04:38:16 | 00,000,174 | ---- | C] () -- C:\Windows\wininit.ini
[2009/12/05 20:06:24 | 00,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2009/12/05 20:06:23 | 00,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2009/12/05 20:06:23 | 00,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2009/12/01 16:54:05 | 00,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/12/01 16:54:05 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/12/01 16:54:04 | 02,378,752 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2009/12/01 16:54:03 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/12/01 16:54:03 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/12/01 16:54:02 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009/12/01 16:54:01 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/12/01 16:54:00 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/11/30 16:10:45 | 00,011,264 | ---- | C] () -- C:\Windows\System32\drivers\uzc2nda3.sys
[2009/11/30 15:03:07 | 03,473,506 | -H-- | C] () -- C:\Users\Stuart\AppData\Local\IconCache.db
[2009/10/07 12:51:11 | 00,055,856 | ---- | C] () -- C:\Windows\System32\vnetinst.dll
[2009/09/26 15:52:53 | 00,008,079 | ---- | C] () -- C:\Users\Stuart\AppData\Local\Temp18.html
[2009/09/21 10:02:17 | 00,000,277 | ---- | C] () -- C:\Windows\maketorrent.ini
[2009/09/06 16:20:09 | 00,001,356 | ---- | C] () -- C:\Users\Stuart\AppData\Local\d3d9caps.dat
[2009/09/02 19:12:39 | 08,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/08/10 18:51:01 | 00,000,000 | ---- | C] () -- C:\Users\Stuart\AppData\Roaming\downloads.m3u
[2009/07/03 08:11:48 | 00,000,778 | ---- | C] () -- C:\Users\Stuart\AppData\Local\Temp1.html
[2009/06/21 09:28:14 | 00,104,360 | ---- | C] () -- C:\Users\Stuart\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/06/20 15:56:37 | 00,049,152 | ---- | C] () -- C:\Users\Stuart\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/11 08:23:38 | 00,000,029 | ---- | C] () -- C:\Users\Stuart\AppData\Roaming\default.rss
[2009/06/11 08:23:07 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/05/28 12:30:38 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/26 21:26:54 | 00,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/05/25 10:18:50 | 00,247,560 | ---- | C] () -- C:\Windows\System32\prgiso.dll
[2009/05/25 10:18:45 | 04,244,744 | ---- | C] () -- C:\Windows\System32\qtp-mt334.dll
[2009/05/25 10:18:45 | 00,013,576 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll
[2009/05/24 11:15:51 | 00,000,671 | ---- | C] () -- C:\Users\Stuart\AppData\Roaming\vso_ts_preview.xml
[2009/05/24 11:14:56 | 00,000,033 | ---- | C] () -- C:\Users\Stuart\AppData\Roaming\pcouffin.log
[2009/05/24 11:14:13 | 00,087,608 | ---- | C] () -- C:\Users\Stuart\AppData\Roaming\inst.exe
[2009/05/24 11:14:13 | 00,007,887 | ---- | C] () -- C:\Users\Stuart\AppData\Roaming\pcouffin.cat
[2009/05/24 11:14:13 | 00,001,144 | ---- | C] () -- C:\Users\Stuart\AppData\Roaming\pcouffin.inf
[2009/05/23 22:20:01 | 00,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2009/05/23 22:20:01 | 00,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2008/10/14 10:59:48 | 00,000,518 | ---- | C] () -- C:\Windows\ses80.ini
[2006/11/02 12:50:56 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 12:37:40 | 00,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 12:37:40 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 12:37:40 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 12:37:40 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 10:25:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 10:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 10:23:31 | 00,000,128 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 07:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/18 12:44:48 | 00,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2002/12/10 00:00:00 | 01,708,032 | ---- | C] () -- C:\Windows\System32\MSO97V.DLL
[2002/12/10 00:00:00 | 00,036,864 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[2002/12/10 00:00:00 | 00,032,768 | ---- | C] () -- C:\Windows\System32\MSORFS.DLL
[2002/12/10 00:00:00 | 00,032,768 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
[2002/03/02 04:10:02 | 00,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
========== LOP Check ==========
[2009/05/24 00:03:25 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Auslogics
[2009/07/23 10:52:03 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\CrossLoopFeed.49250313C3573747E8A7437582782B876D7F3BE0.1
[2009/09/19 10:36:48 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\DemoMate
[2009/12/26 11:24:27 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\FileZilla
[2009/09/24 12:05:01 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\IBP
[2009/12/13 14:07:10 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\ImgBurn
[2009/05/28 02:21:38 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\IrfanView
[2009/09/17 22:23:14 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2009/05/25 17:28:46 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Open Source
[2009/09/03 17:36:02 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\OpenOffice.org
[2009/10/12 21:09:24 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\TeamViewer
[2009/08/31 07:21:57 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Thunderbird
[2009/09/03 13:18:32 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\URSoft
[2009/12/30 12:22:57 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\uTorrent
[2009/12/28 20:06:21 | 00,000,000 | ---D | M] -- C:\Users\Stuart\AppData\Roaming\Vso
[2009/12/30 08:28:50 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/12/30 07:34:23 | 00,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/12/30 10:08:06 | 00,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{8971208B-93CB-436D-A07D-477D828D93DE}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >0 -
You sad SAD f**kThat doesnt explain anything?
Vundofix is a far more efficient tool than CF
OK smart a**e you asked for it.
This is an OTL Log, spot the malware in it?
Your on another planet if you think im going to waste my time playing games with you
Your an unbelievable c*ck arnt you!
I'll answer the reason why though, its OUT OF DATE. Vundo is updated weekly (Hell, maybe daily). The 'fix' you posted is WAY out of date
Now for the love of god .................GET A LIFE:idea:0 -
Answer the question brainbox
And that tool is NOT out of date
If you knew better you would realise that the SAME guy wrote both CF and Vundofix which is updated weekly if not more
Regards0 -
Answer the question brainbox
And that tool is NOT out of date
Regards
"Last Updated May 29 2008, 10:26 AM"
Dear god. haha
I cant quite get over you
I cant be bothered. But if you CAN be bothered, go searching for combofix logs through this forum. Ive searched and found trojans etc in loads of them and used combofix to 'manually' remove them. Im 99% sure I could find the ones in your log.....but heres the crux............. I HAVE A LIFE
:idea:0 -
Go Ahead and prove me wrong then!
For a start CF wont work as its Vista
That Malware Research tool that I suggested which you rubbished will come in very handy here
Regards0 -
guys guys guys
If you wanna make it personal please do so by PM:D:heartpulsOnce a Flylady, always a Flylady:heartpuls0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.2K Reduce Debt & Boost Income
- 455K Spending & Discounts
- 246.6K Work, Benefits & Business
- 602.9K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards