• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Mightydave1976

PC Infected? Sending out random emails

19 posts in this topic

I received a random spam email from my father's account, so popped round to check out his PC.

 

His Yahoo mail is full of failure notices where spam emails have been sent out and bounced; they are typical spam types i.e. You can earn money today using your pc etc plus a link.

 

A full MSE scan revealed nothing. Malwarebytes also found nothing. Spybot found one instance of w3i.iq5.fraud and (apparently) removed it, but the problem is still there with a second bunch of emails sent out today.

 

Grateful for any advice. PC is XP SP3.

 

HJT Log below

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:50:17 AM, on 2/16/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\vVX3000.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Opera\opera.exe

C:\WINDOWS\System32\svchost.exe

C:\Documents and Settings\User\Desktop\HijackThis.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25554

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe

O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 6420 bytes

Share this post


Link to post
Share on other sites

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by User at 13:00:53 on 2012-02-16

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.955 [GMT 0:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

AV: Internet Security Essentials *Enabled/Updated* {85E2087A-9B64-4118-B38C-4C6F2DB53927}

FW: Internet Security Essentials *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\vVX3000.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Opera\opera.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Documents and Settings\User\Desktop\HijackThis.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://uk.yahoo.com/

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = http=127.0.0.1:25554

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c

mRun: [nwiz] nwiz.exe /installquiet

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [VX3000] c:\windows\vVX3000.exe

mRun: [EPSON Stylus Photo RX420 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

uPolicies-explorer: DisallowRun = 1 (0x1)

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{7DD6B9BD-CE66-46EF-B17C-AF5104431005} : DhcpNameServer = 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

IFEO: image file execution options - svchost.exe

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2010-9-4 57248]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-9-4 1691480]

S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2009-9-5 1069824]

.

=============== Created Last 30 ================

.

2012-02-15 08:46:02 6557240 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e060f003-990a-4ffe-8cb9-5d72d03ee562}\mpengine.dll

2012-02-15 08:38:10 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2012-02-15 08:38:10 3072 ------w- c:\windows\system32\iacenc.dll

.

==================== Find3M ====================

.

2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-01-12 16:53:24 1859968 ----a-w- c:\windows\system32\win32k.sys

2011-12-24 17:43:31 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-12-17 19:46:36 916992 ----a-w- c:\windows\system32\wininet.dll

2011-12-17 19:46:36 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-12-17 19:46:36 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-12-16 12:22:58 385024 ----a-w- c:\windows\system32\html.iec

2011-12-10 15:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll

.

============= FINISH: 13:02:12.25 ===============

Share this post


Link to post
Share on other sites

Also since first posting I have also run a Bitdefender online scan which found nothing.

 

Now running F-Secure online (EDIT: Completed. Found nothing major, just some tracking cookies)

Edited by Mightydave1976

Share this post


Link to post
Share on other sites

Hello Mightydave1976.

 

Please create a Restore Point.

 

Please download tdsskiller.exe and save it to your Desktop. Go here for information.

 


  • Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
  • If a suspicious file is detected, the default action will be Skip, click on Continue
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file in your next reply.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply, along with checkup.txt from Security Check (see Instructions)

Share this post


Link to post
Share on other sites

10:53:24.0640 3032 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14

10:53:24.0906 3032 ============================================================

10:53:24.0906 3032 Current date / time: 2012/02/17 10:53:24.0906

10:53:24.0906 3032 SystemInfo:

10:53:24.0906 3032

10:53:24.0906 3032 OS Version: 5.1.2600 ServicePack: 3.0

10:53:24.0906 3032 Product type: Workstation

10:53:24.0921 3032 ComputerName: REVO

10:53:24.0921 3032 UserName: User

10:53:24.0921 3032 Windows directory: C:\WINDOWS

10:53:24.0921 3032 System windows directory: C:\WINDOWS

10:53:24.0921 3032 Processor architecture: Intel x86

10:53:24.0921 3032 Number of processors: 4

10:53:24.0921 3032 Page size: 0x1000

10:53:24.0921 3032 Boot type: Normal boot

10:53:24.0921 3032 ============================================================

10:53:28.0046 3032 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

10:53:28.0062 3032 \Device\Harddisk0\DR0:

10:53:28.0062 3032 MBR used

10:53:28.0062 3032 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1

10:53:28.0093 3032 Initialize success

10:53:28.0093 3032 ============================================================

10:53:32.0187 3024 ============================================================

10:53:32.0187 3024 Scan started

10:53:32.0187 3024 Mode: Manual;

10:53:32.0187 3024 ============================================================

10:53:32.0750 3024 Abiosdsk - ok

10:53:32.0750 3024 abp480n5 - ok

10:53:32.0796 3024 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

10:53:32.0812 3024 ACPI - ok

10:53:32.0843 3024 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

10:53:32.0843 3024 ACPIEC - ok

10:53:32.0843 3024 adpu160m - ok

10:53:32.0890 3024 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

10:53:32.0890 3024 aec - ok

10:53:32.0937 3024 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

10:53:32.0937 3024 AFD - ok

10:53:33.0000 3024 Aha154x - ok

10:53:33.0015 3024 aic78u2 - ok

10:53:33.0031 3024 aic78xx - ok

10:53:33.0046 3024 AliIde - ok

10:53:33.0156 3024 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys

10:53:33.0171 3024 Ambfilt - ok

10:53:33.0234 3024 amsint - ok

10:53:33.0250 3024 asc - ok

10:53:33.0265 3024 asc3350p - ok

10:53:33.0281 3024 asc3550 - ok

10:53:33.0328 3024 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

10:53:33.0328 3024 AsyncMac - ok

10:53:33.0343 3024 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

10:53:33.0359 3024 atapi - ok

10:53:33.0359 3024 Atdisk - ok

10:53:33.0390 3024 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

10:53:33.0390 3024 Atmarpc - ok

10:53:33.0437 3024 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

10:53:33.0437 3024 audstub - ok

10:53:33.0468 3024 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

10:53:33.0468 3024 Beep - ok

10:53:33.0546 3024 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

10:53:33.0546 3024 cbidf2k - ok

10:53:33.0593 3024 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

10:53:33.0593 3024 CCDECODE - ok

10:53:33.0593 3024 cd20xrnt - ok

10:53:33.0609 3024 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

10:53:33.0609 3024 Cdaudio - ok

10:53:33.0656 3024 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

10:53:33.0656 3024 Cdfs - ok

10:53:33.0703 3024 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

10:53:33.0703 3024 Cdrom - ok

10:53:33.0765 3024 Changer - ok

10:53:33.0796 3024 CmdIde - ok

10:53:33.0812 3024 Cpqarray - ok

10:53:33.0843 3024 dac2w2k - ok

10:53:33.0843 3024 dac960nt - ok

10:53:33.0875 3024 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

10:53:33.0875 3024 Disk - ok

10:53:33.0921 3024 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

10:53:33.0937 3024 dmboot - ok

10:53:33.0984 3024 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

10:53:34.0000 3024 dmio - ok

10:53:34.0046 3024 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

10:53:34.0046 3024 dmload - ok

10:53:34.0093 3024 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

10:53:34.0093 3024 DMusic - ok

10:53:34.0109 3024 dpti2o - ok

10:53:34.0125 3024 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

10:53:34.0125 3024 drmkaud - ok

10:53:34.0312 3024 F-Secure Standalone Minifilter (1838a21b5abb3c76191573c06584f07e) C:\DOCUME~1\User\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys

10:53:34.0390 3024 F-Secure Standalone Minifilter - ok

10:53:34.0484 3024 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

10:53:34.0484 3024 Fastfat - ok

10:53:34.0515 3024 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

10:53:34.0515 3024 Fdc - ok

10:53:34.0531 3024 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

10:53:34.0531 3024 Fips - ok

10:53:34.0546 3024 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

10:53:34.0546 3024 Flpydisk - ok

10:53:34.0562 3024 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

10:53:34.0562 3024 FltMgr - ok

10:53:34.0578 3024 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

10:53:34.0578 3024 Fs_Rec - ok

10:53:34.0593 3024 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

10:53:34.0609 3024 Ftdisk - ok

10:53:34.0671 3024 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

10:53:34.0671 3024 GEARAspiWDM - ok

10:53:34.0734 3024 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

10:53:34.0734 3024 Gpc - ok

10:53:34.0781 3024 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

10:53:34.0781 3024 HDAudBus - ok

10:53:34.0812 3024 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

10:53:34.0812 3024 hidusb - ok

10:53:34.0859 3024 hpn - ok

10:53:34.0906 3024 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

10:53:34.0906 3024 HTTP - ok

10:53:34.0937 3024 i2omgmt - ok

10:53:34.0953 3024 i2omp - ok

10:53:35.0000 3024 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys

10:53:35.0015 3024 i8042prt - ok

10:53:35.0031 3024 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

10:53:35.0031 3024 Imapi - ok

10:53:35.0062 3024 ini910u - ok

10:53:35.0265 3024 IntcAzAudAddService (a109fe3ca1ee4e92292b349de1b32f7b) C:\WINDOWS\system32\drivers\RtkHDAud.sys

10:53:35.0343 3024 IntcAzAudAddService - ok

10:53:35.0406 3024 IntelIde - ok

10:53:35.0453 3024 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

10:53:35.0453 3024 intelppm - ok

10:53:35.0468 3024 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

10:53:35.0468 3024 Ip6Fw - ok

10:53:35.0500 3024 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

10:53:35.0500 3024 IpFilterDriver - ok

10:53:35.0515 3024 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

10:53:35.0515 3024 IpInIp - ok

10:53:35.0546 3024 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

10:53:35.0546 3024 IpNat - ok

10:53:35.0656 3024 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

10:53:35.0656 3024 IPSec - ok

10:53:35.0687 3024 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

10:53:35.0687 3024 IRENUM - ok

10:53:35.0718 3024 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

10:53:35.0718 3024 isapnp - ok

10:53:35.0750 3024 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

10:53:35.0750 3024 Kbdclass - ok

10:53:35.0765 3024 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

10:53:35.0765 3024 kbdhid - ok

10:53:35.0859 3024 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

10:53:35.0875 3024 kmixer - ok

10:53:35.0875 3024 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

10:53:35.0875 3024 KSecDD - ok

10:53:35.0906 3024 lbrtfdc - ok

10:53:35.0937 3024 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

10:53:35.0953 3024 mnmdd - ok

10:53:35.0984 3024 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

10:53:35.0984 3024 Modem - ok

10:53:36.0062 3024 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys

10:53:36.0093 3024 Monfilt - ok

10:53:36.0171 3024 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

10:53:36.0187 3024 Mouclass - ok

10:53:36.0218 3024 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

10:53:36.0218 3024 mouhid - ok

10:53:36.0234 3024 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

10:53:36.0234 3024 MountMgr - ok

10:53:36.0265 3024 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys

10:53:36.0265 3024 MpFilter - ok

10:53:36.0312 3024 mraid35x - ok

10:53:36.0343 3024 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

10:53:36.0343 3024 MRxDAV - ok

10:53:36.0390 3024 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

10:53:36.0406 3024 MRxSmb - ok

10:53:36.0484 3024 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

10:53:36.0484 3024 Msfs - ok

10:53:36.0531 3024 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

10:53:36.0531 3024 MSKSSRV - ok

10:53:36.0546 3024 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

10:53:36.0546 3024 MSPCLOCK - ok

10:53:36.0562 3024 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

10:53:36.0562 3024 MSPQM - ok

10:53:36.0593 3024 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

10:53:36.0593 3024 mssmbios - ok

10:53:36.0625 3024 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

10:53:36.0625 3024 MSTEE - ok

10:53:36.0718 3024 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

10:53:36.0718 3024 Mup - ok

10:53:36.0750 3024 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

10:53:36.0750 3024 NABTSFEC - ok

10:53:36.0796 3024 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

10:53:36.0796 3024 NDIS - ok

10:53:36.0843 3024 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

10:53:36.0843 3024 NdisIP - ok

10:53:36.0921 3024 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

10:53:36.0921 3024 NdisTapi - ok

10:53:36.0937 3024 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

10:53:36.0937 3024 Ndisuio - ok

10:53:36.0968 3024 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

10:53:36.0968 3024 NdisWan - ok

10:53:37.0000 3024 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

10:53:37.0000 3024 NDProxy - ok

10:53:37.0046 3024 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

10:53:37.0046 3024 NetBIOS - ok

10:53:37.0125 3024 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

10:53:37.0125 3024 NetBT - ok

10:53:37.0156 3024 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

10:53:37.0156 3024 Npfs - ok

10:53:37.0203 3024 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

10:53:37.0218 3024 Ntfs - ok

10:53:37.0296 3024 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

10:53:37.0296 3024 Null - ok

10:53:37.0640 3024 nv (cb0ce8de9f66a297cd86eb98921b8e58) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

10:53:37.0937 3024 nv - ok

10:53:38.0015 3024 NVENETFD (a12ec731bb00adad2d016d41c1f18fa4) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

10:53:38.0015 3024 NVENETFD - ok

10:53:38.0046 3024 NVHDA (cf68bcac297b4c98c1d25b81e4011de4) C:\WINDOWS\system32\drivers\nvhda32.sys

10:53:38.0046 3024 NVHDA - ok

10:53:38.0062 3024 nvnetbus (5dc6a149897820de315916b6ec984ec9) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

10:53:38.0062 3024 nvnetbus - ok

10:53:38.0078 3024 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\WINDOWS\system32\DRIVERS\nvsmu.sys

10:53:38.0078 3024 nvsmu - ok

10:53:38.0125 3024 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

10:53:38.0125 3024 NwlnkFlt - ok

10:53:38.0171 3024 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

10:53:38.0187 3024 NwlnkFwd - ok

10:53:38.0218 3024 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

10:53:38.0218 3024 Parport - ok

10:53:38.0234 3024 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

10:53:38.0234 3024 PartMgr - ok

10:53:38.0265 3024 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

10:53:38.0265 3024 ParVdm - ok

10:53:38.0265 3024 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

10:53:38.0281 3024 PCI - ok

10:53:38.0281 3024 PCIDump - ok

10:53:38.0312 3024 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

10:53:38.0312 3024 PCIIde - ok

10:53:38.0343 3024 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

10:53:38.0343 3024 Pcmcia - ok

10:53:38.0390 3024 PDCOMP - ok

10:53:38.0406 3024 PDFRAME - ok

10:53:38.0406 3024 PDRELI - ok

10:53:38.0421 3024 PDRFRAME - ok

10:53:38.0437 3024 perc2 - ok

10:53:38.0453 3024 perc2hib - ok

10:53:38.0515 3024 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

10:53:38.0515 3024 PptpMiniport - ok

10:53:38.0546 3024 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

10:53:38.0546 3024 PSched - ok

10:53:38.0562 3024 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

10:53:38.0562 3024 Ptilink - ok

10:53:38.0562 3024 ql1080 - ok

10:53:38.0578 3024 Ql10wnt - ok

10:53:38.0593 3024 ql12160 - ok

10:53:38.0609 3024 ql1240 - ok

10:53:38.0625 3024 ql1280 - ok

10:53:38.0640 3024 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

10:53:38.0640 3024 RasAcd - ok

10:53:38.0656 3024 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

10:53:38.0671 3024 Rasl2tp - ok

10:53:38.0687 3024 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

10:53:38.0687 3024 RasPppoe - ok

10:53:38.0703 3024 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

10:53:38.0703 3024 Raspti - ok

10:53:38.0718 3024 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

10:53:38.0734 3024 Rdbss - ok

10:53:38.0734 3024 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

10:53:38.0734 3024 RDPCDD - ok

10:53:38.0796 3024 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

10:53:38.0796 3024 RDPWD - ok

10:53:38.0890 3024 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

10:53:38.0890 3024 redbook - ok

10:53:38.0984 3024 RT80x86 (b84d2fb05142f17bd6ad3ad9dfc42750) C:\WINDOWS\system32\DRIVERS\RT2860.sys

10:53:39.0000 3024 RT80x86 - ok

10:53:39.0093 3024 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

10:53:39.0093 3024 Secdrv - ok

10:53:39.0140 3024 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

10:53:39.0140 3024 Serial - ok

10:53:39.0171 3024 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

10:53:39.0171 3024 Sfloppy - ok

10:53:39.0187 3024 Simbad - ok

10:53:39.0234 3024 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

10:53:39.0234 3024 SLIP - ok

10:53:39.0296 3024 Sparrow - ok

10:53:39.0328 3024 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

10:53:39.0343 3024 splitter - ok

10:53:39.0390 3024 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

10:53:39.0406 3024 sr - ok

10:53:39.0437 3024 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

10:53:39.0437 3024 Srv - ok

10:53:39.0484 3024 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

10:53:39.0484 3024 streamip - ok

10:53:39.0546 3024 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

10:53:39.0546 3024 swenum - ok

10:53:39.0609 3024 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

10:53:39.0625 3024 swmidi - ok

10:53:39.0640 3024 symc810 - ok

10:53:39.0656 3024 symc8xx - ok

10:53:39.0656 3024 sym_hi - ok

10:53:39.0671 3024 sym_u3 - ok

10:53:39.0703 3024 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

10:53:39.0703 3024 sysaudio - ok

10:53:39.0781 3024 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

10:53:39.0781 3024 Tcpip - ok

10:53:39.0859 3024 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

10:53:39.0859 3024 TDPIPE - ok

10:53:39.0890 3024 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

10:53:39.0890 3024 TDTCP - ok

10:53:39.0906 3024 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

10:53:39.0921 3024 TermDD - ok

10:53:39.0937 3024 TosIde - ok

10:53:39.0984 3024 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

10:53:39.0984 3024 Udfs - ok

10:53:39.0984 3024 ultra - ok

10:53:40.0046 3024 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

10:53:40.0078 3024 Update - ok

10:53:40.0171 3024 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys

10:53:40.0171 3024 USBAAPL - ok

10:53:40.0203 3024 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

10:53:40.0218 3024 usbaudio - ok

10:53:40.0250 3024 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

10:53:40.0250 3024 usbccgp - ok

10:53:40.0296 3024 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

10:53:40.0296 3024 usbehci - ok

10:53:40.0375 3024 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

10:53:40.0375 3024 usbhub - ok

10:53:40.0390 3024 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

10:53:40.0390 3024 usbohci - ok

10:53:40.0437 3024 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

10:53:40.0437 3024 usbprint - ok

10:53:40.0453 3024 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

10:53:40.0453 3024 usbscan - ok

10:53:40.0500 3024 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

10:53:40.0500 3024 usbstor - ok

10:53:40.0562 3024 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

10:53:40.0562 3024 VgaSave - ok

10:53:40.0578 3024 ViaIde - ok

10:53:40.0625 3024 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

10:53:40.0625 3024 VolSnap - ok

10:53:40.0750 3024 VX3000 (13acfed0e6adca97440169dfd127ebcf) C:\WINDOWS\system32\DRIVERS\VX3000.sys

10:53:40.0765 3024 VX3000 - ok

10:53:40.0875 3024 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

10:53:40.0875 3024 Wanarp - ok

10:53:40.0875 3024 WDICA - ok

10:53:40.0921 3024 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

10:53:40.0921 3024 wdmaud - ok

10:53:41.0000 3024 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

10:53:41.0000 3024 WmiAcpi - ok

10:53:41.0046 3024 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

10:53:41.0046 3024 WSTCODEC - ok

10:53:41.0093 3024 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

10:53:41.0281 3024 \Device\Harddisk0\DR0 - ok

10:53:41.0281 3024 Boot (0x1200) (a013ad31c8e714c6122c2d040947be48) \Device\Harddisk0\DR0\Partition0

10:53:41.0281 3024 \Device\Harddisk0\DR0\Partition0 - ok

10:53:41.0281 3024 ============================================================

10:53:41.0281 3024 Scan finished

10:53:41.0281 3024 ============================================================

10:53:41.0296 3292 Detected object count: 0

10:53:41.0296 3292 Actual detected object count: 0

 

And

 

Results of screen317's Security Check version 0.99.31

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

Microsoft Security Essentials

```````````````````````````````

Anti-malware/Other Utilities Check:

MVPS Hosts File

Spybot - Search & Destroy

CCleaner

Java 6 Update 20

Java 6 Update 29

Java version out of date!

Adobe Flash Player 11.1.102.55

Adobe Reader 9 Adobe Reader out of date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Windows Defender MSMpEng.exe

Microsoft Security Essentials msseces.exe

Microsoft Security Client Antimalware MsMpEng.exe

``````````End of Log````````````

 

Also, and I don't know if this helps or not, we used another PC to change the Yahoo Mail password, and (so far) no more spams from it??

Share this post


Link to post
Share on other sites
Also, and I don't know if this helps or not, we used another PC to change the Yahoo Mail password, and (so far) no more spams from it??

Yes, that makes it sound as though the Yahoo password was hacked and the PC is only involved if the password was stolen via malware access to it.

 

Out of date Java installations are a vulnerability even if not used. Please do these updates:

Update Adobe Reader. (Uncheck the McAfee option box)

Updating Java:

  • Go
    here
    and download the latest version of Java:
  • Go to Start -> Control Panel -> Add or Remove Programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    They should have this icon next to any that are there: javaicon.gif
    Select any found and choose Uninstall.
  • Then install the version you downloaded earlier.

 

 

There is no rootkit or other obvious malware but there are some suspicious entries.

Please download ComboFix.exe to your Desktop. Visit this webpage for download links, and instructions for running the tool:

how-to-use-combofix. Be sure to read the whole page and note the graphics so you know what to expect.

 

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

 

Please go here to see a list of programs that should be disabled.

 

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

 

Please include the C:\ComboFix.txt in your next reply for further review, and let me know what problems remain. If ComboFix caused any error message, reboot again should fix it.

Share this post


Link to post
Share on other sites

ComboFix 12-02-17.02 - User 02/18/2012 15:50:27.1.4 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.1268 [GMT 0:00]

Running from: c:\documents and settings\User\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\01c8dd

c:\documents and settings\All Users\Application Data\01c8dd\01c8ddef0fb76a5966689615346b0722.ocx

c:\documents and settings\All Users\Application Data\01c8dd\68.mof

c:\documents and settings\All Users\Application Data\01c8dd\8337.mof

c:\documents and settings\All Users\Application Data\01c8dd\ISE.ico

c:\documents and settings\All Users\Application Data\01c8dd\u8z6kfg6ofp45e7tm9q01u8wlrgv7tm9qjdk.dll

c:\documents and settings\User\Application Data\Internet Security Essentials

c:\documents and settings\User\Application Data\Internet Security Essentials\Instructions.ini

.

.

((((((((((((((((((((((((( Files Created from 2012-01-18 to 2012-02-18 )))))))))))))))))))))))))))))))

.

.

2012-02-18 15:36 . 2012-02-18 15:36 -------- d-----w- c:\program files\Common Files\Java

2012-02-18 15:36 . 2012-02-18 15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-02-18 15:30 . 2012-02-18 15:30 -------- d-----w- c:\program files\Common Files\Adobe AIR

2012-02-18 10:05 . 2012-01-06 04:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1E3474C8-AB57-4FF1-AA70-A544070FB045}\mpengine.dll

2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\User\Application Data\f-secure

2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure

2012-02-16 13:18 . 2012-02-16 13:18 -------- d-----w- c:\documents and settings\User\Application Data\QuickScan

2012-02-15 08:38 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2012-02-15 08:38 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-18 15:36 . 2010-09-05 20:24 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-01-31 12:44 . 2011-10-22 15:21 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-01-12 16:53 . 2007-03-08 13:47 1859968 ----a-w- c:\windows\system32\win32k.sys

2012-01-06 04:19 . 2011-10-22 15:23 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-12-24 17:43 . 2011-12-24 17:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-12-17 19:46 . 2004-08-03 23:56 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-12-17 19:46 . 2004-08-03 23:56 916992 ----a-w- c:\windows\system32\wininet.dll

2011-12-17 19:46 . 2004-08-03 23:56 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-12-16 12:22 . 2004-08-03 21:59 385024 ----a-w- c:\windows\system32\html.iec

2011-12-10 15:24 . 2011-03-10 19:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-25 21:57 . 2007-03-17 13:43 293376 ----a-w- c:\windows\system32\winsrv.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]

"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]

"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]

"EPSON Stylus Photo RX420 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" [2004-04-09 98304]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-03 13:10 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 17:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-01-18 14:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Opera\\opera.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [9/4/2010 12:41 PM 57248]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9/4/2010 5:24 PM 1691480]

S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\docume~1\User\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys --> c:\docume~1\User\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [?]

S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [9/5/2009 8:54 AM 1069824]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - APPMGMT

*NewlyCreated* - JAVAQUICKSTARTERSERVICE

.

Contents of the 'Scheduled Tasks' folder

.

2012-02-13 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 17:57]

.

2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-776561741-682003330-1004Core.job

- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 21:20]

.

2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-776561741-682003330-1004UA.job

- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 21:20]

.

2012-02-18 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 14:39]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://uk.yahoo.com/

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = http=127.0.0.1:25554

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

HKLM-Run-nwiz - nwiz.exe

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-02-18 15:56

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

Completion time: 2012-02-18 15:59:48

ComboFix-quarantined-files.txt 2012-02-18 15:59

.

Pre-Run: 141,342,072,832 bytes free

Post-Run: 141,728,436,224 bytes free

.

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

.

- - End Of File - - 5459504733C70C2324D0D55359E3417B

Share this post


Link to post
Share on other sites

ComboFix removed remnants of the rogue Internet Security Essentials. This is a fake security program but not known to send spam.

 

Please do the following:

 

1. Close any open browsers.

 

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

 

3. Open notepad and copy/paste the text in the quotebox below into it:

 

KILLALL::

DDS::

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = http=127.0.0.1:25554

 

Save this as CFScript.txt, in the same location as ComboFix.exe

 

CFScriptB-4.gif

 

Refering to the picture above, drag CFScript into ComboFix.exe

 

When finished, it shall produce a log for you at C:\ComboFix.txt which I shall require in your next reply.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

 

Please include the newly-created C:\ComboFix.txt in your next reply, and let me know how things are running now ;)

Share this post


Link to post
Share on other sites

Hi cnm,

 

Yes I spotted the reference to Internet Security Essentials when Combofix first ran. I think it was just last remnants of an infection by ISE that we cleaned off the computer several months ago.

 

Here is the Combofix run using the script:

 

 

ComboFix 12-02-17.02 - User 02/18/2012 19:13:45.2.4 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.1185 [GMT 0:00]

Running from: c:\documents and settings\User\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((( Files Created from 2012-01-18 to 2012-02-18 )))))))))))))))))))))))))))))))

.

.

2012-02-18 16:13 . 2012-01-06 04:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2BC54D99-7952-4110-972B-A626A231A303}\mpengine.dll

2012-02-18 15:36 . 2012-02-18 15:36 -------- d-----w- c:\program files\Common Files\Java

2012-02-18 15:36 . 2012-02-18 15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-02-18 15:30 . 2012-02-18 15:30 -------- d-----w- c:\program files\Common Files\Adobe AIR

2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\User\Application Data\f-secure

2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure

2012-02-16 13:18 . 2012-02-16 13:18 -------- d-----w- c:\documents and settings\User\Application Data\QuickScan

2012-02-15 08:38 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2012-02-15 08:38 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-18 15:36 . 2010-09-05 20:24 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-01-31 12:44 . 2011-10-22 15:21 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-01-12 16:53 . 2007-03-08 13:47 1859968 ----a-w- c:\windows\system32\win32k.sys

2012-01-06 04:19 . 2011-10-22 15:23 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-12-24 17:43 . 2011-12-24 17:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-12-17 19:46 . 2004-08-03 23:56 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-12-17 19:46 . 2004-08-03 23:56 916992 ----a-w- c:\windows\system32\wininet.dll

2011-12-17 19:46 . 2004-08-03 23:56 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-12-16 12:22 . 2004-08-03 21:59 385024 ----a-w- c:\windows\system32\html.iec

2011-12-10 15:24 . 2011-03-10 19:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-25 21:57 . 2007-03-17 13:43 293376 ----a-w- c:\windows\system32\winsrv.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-02-18_15.56.46 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-02-18 19:19 . 2012-02-18 19:19 16384 c:\windows\temp\Perflib_Perfdata_1e4.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]

"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]

"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]

"EPSON Stylus Photo RX420 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" [2004-04-09 98304]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-03 13:10 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 17:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-01-18 14:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Opera\\opera.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [9/4/2010 12:41 PM 57248]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9/4/2010 5:24 PM 1691480]

S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\docume~1\User\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys --> c:\docume~1\User\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [?]

S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [9/5/2009 8:54 AM 1069824]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-02-13 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 17:57]

.

2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-776561741-682003330-1004Core.job

- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 21:20]

.

2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-776561741-682003330-1004UA.job

- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 21:20]

.

2012-02-18 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 14:39]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://uk.yahoo.com/

TCP: DhcpNameServer = 192.168.1.1

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-02-18 19:19

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(3216)

c:\windows\system32\WININET.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\IEFRAME.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\nvsvc32.exe

c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Microsoft LifeCam\MSCamS32.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\RUNDLL32.EXE

c:\windows\RTHDCPL.EXE

c:\program files\iPod\bin\iPodService.exe

.

**************************************************************************

.

Completion time: 2012-02-18 19:24:35 - machine was rebooted

ComboFix-quarantined-files.txt 2012-02-18 19:24

ComboFix2.txt 2012-02-18 15:59

.

Pre-Run: 141,728,641,024 bytes free

Post-Run: 141,742,739,456 bytes free

.

- - End Of File - - DAE77FD51AE981DEFA66279A2A648CCA

Share this post


Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetsmartinstaller_enu.png
      icon on your desktop.

    [*]Check "YES, I accept the Terms of Use."

    [*]Click the Start button.

    [*]Accept any security warnings from your browser.

    [*]Under scan settings, check "Scan Archives" and "Remove found threats"

    [*]Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

    [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

    [*]When the scan completes, click List Threats

    [*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report (if any) in your next reply.

    [*]Click the Back button.

    [*]Click the Finish button.

Share this post


Link to post
Share on other sites

Hi,

 

ESET scan result:

 

 

C:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\6.0\3\6a88c983-6170ee5e Java/TrojanDownloader.Agent.NCA trojan deleted - quarantined

C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\01c8dd\68.mof.vir Win32/RogueAV.A trojan cleaned by deleting - quarantined

C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\01c8dd\8337.mof.vir Win32/RogueAV.A trojan cleaned by deleting - quarantined

C:\System Volume Information\_restore{BECDF337-F4A9-4AB6-9882-5AAED48A2270}\RP543\A0046486.mof Win32/RogueAV.A trojan cleaned by deleting - quarantined

C:\System Volume Information\_restore{BECDF337-F4A9-4AB6-9882-5AAED48A2270}\RP543\A0046487.mof Win32/RogueAV.A trojan cleaned by deleting - quarantined

Share this post


Link to post
Share on other sites

TrojanDownloader.Agent.NCA was most likely the source of the spam and probably stole passwords.

 

I advise you to immediately change all sensitive passwords, particularly ones for online banking or anything else financial. Ideally do this from another PC; however I believe Dad's PC is now clean so it should be OK to do it from there..

 

Please do the following:

 

1. Close any open browsers.

 

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

 

3. Open notepad and copy/paste the text in the quotebox below into it:

 

KILLALL::

DirLook::

C:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache

 

Save this as CFScript.txt, in the same location as ComboFix.exe

 

CFScriptB-4.gif

 

Refering to the picture above, drag CFScript into ComboFix.exe

 

When finished, it shall produce a log for you at C:\ComboFix.txt which I shall require in your next reply.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

 

Please include the newly-created C:\ComboFix.txt in your next reply, and let me know how things are running now ;)

Share this post


Link to post
Share on other sites

Everything seems to be fine now. Have been trying to explain to my folks what makes a good secure password :thumbup:

 

Combofix log :

 

 

ComboFix 12-02-17.02 - User 02/19/2012 11:40:39.3.4 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.1302 [GMT 0:00]

Running from: c:\documents and settings\User\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((( Files Created from 2012-01-19 to 2012-02-19 )))))))))))))))))))))))))))))))

.

.

2012-02-19 10:23 . 2012-01-06 04:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7BD6CF2A-0740-4349-AFF6-727A66342CD5}\mpengine.dll

2012-02-18 20:56 . 2012-02-18 20:56 -------- d-----w- c:\program files\ESET

2012-02-18 15:36 . 2012-02-18 15:36 -------- d-----w- c:\program files\Common Files\Java

2012-02-18 15:36 . 2012-02-18 15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-02-18 15:30 . 2012-02-18 15:30 -------- d-----w- c:\program files\Common Files\Adobe AIR

2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\User\Application Data\f-secure

2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure

2012-02-16 13:18 . 2012-02-16 13:18 -------- d-----w- c:\documents and settings\User\Application Data\QuickScan

2012-02-15 08:38 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2012-02-15 08:38 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-18 15:36 . 2010-09-05 20:24 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-01-31 12:44 . 2011-10-22 15:21 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-01-12 16:53 . 2007-03-08 13:47 1859968 ----a-w- c:\windows\system32\win32k.sys

2012-01-06 04:19 . 2011-10-22 15:23 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-12-24 17:43 . 2011-12-24 17:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-12-17 19:46 . 2004-08-03 23:56 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-12-17 19:46 . 2004-08-03 23:56 916992 ----a-w- c:\windows\system32\wininet.dll

2011-12-17 19:46 . 2004-08-03 23:56 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-12-16 12:22 . 2004-08-03 21:59 385024 ----a-w- c:\windows\system32\html.iec

2011-12-10 15:24 . 2011-03-10 19:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-25 21:57 . 2007-03-17 13:43 293376 ----a-w- c:\windows\system32\winsrv.dll

.

.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

---- Directory of c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache ----

.

2012-02-19 00:04 . 2012-02-19 00:04 3626 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\4e1dacc1-70c002cd

2012-02-19 00:04 . 2012-02-19 00:04 372 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\4e1dacc1-70c002cd.idx

2012-02-19 00:04 . 2012-02-19 00:04 1235 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\456b0973-750ae75d

2012-02-19 00:04 . 2012-02-19 00:04 410 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\456b0973-750ae75d.idx

2012-02-19 00:04 . 2012-02-19 00:04 676 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\4aa431a8-3faf9db6

2012-02-19 00:04 . 2012-02-19 00:04 391 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\4aa431a8-3faf9db6.idx

2012-02-19 00:04 . 2012-02-19 00:04 2164 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\6aae2b56-22a46d75

2012-02-19 00:04 . 2012-02-19 00:04 372 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\6aae2b56-22a46d75.idx

2012-02-19 00:04 . 2012-02-19 00:04 5683 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\4b3cd27-6d310fe6

2012-02-19 00:04 . 2012-02-19 00:04 403 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\4b3cd27-6d310fe6.idx

2012-02-19 00:04 . 2012-02-19 00:04 1303 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\24f63404-10e88a84

2012-02-19 00:04 . 2012-02-19 00:04 403 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\24f63404-10e88a84.idx

2012-02-19 00:04 . 2012-02-19 00:04 7509 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\3c488094-2534a794

2012-02-19 00:04 . 2012-02-19 00:04 408 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\3c488094-2534a794.idx

2012-02-19 00:04 . 2012-02-19 00:04 1793 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\4dadc938-1b062cc3

2012-02-19 00:04 . 2012-02-19 00:04 406 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\4dadc938-1b062cc3.idx

2012-02-19 00:04 . 2012-02-19 00:04 11707 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\64fdc34b-6eddccac

2012-02-19 00:04 . 2012-02-19 00:04 409 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\64fdc34b-6eddccac.idx

2012-02-18 16:37 . 2012-02-18 16:37 736 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\4a5b9cc6-2c3b034e

2012-02-18 16:37 . 2012-02-18 16:37 406 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\4a5b9cc6-2c3b034e.idx

2012-02-18 16:37 . 2012-02-18 16:37 1417 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\33\d9641e1-64d01cd8

2012-02-18 16:37 . 2012-02-18 16:37 408 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\33\d9641e1-64d01cd8.idx

2012-02-18 16:37 . 2012-02-18 16:37 15313 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\4d428ab0-638aeffb

2012-02-18 16:37 . 2012-02-18 16:37 384 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\4d428ab0-638aeffb.idx

2012-02-18 16:37 . 2012-02-18 16:37 3626 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\4e1dacc1-67311fa7

2012-02-18 16:37 . 2012-02-19 00:04 372 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\4e1dacc1-67311fa7.idx

2012-02-18 16:37 . 2012-02-18 16:37 1147 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\43\40da6f6b-19bbacca

2012-02-18 16:37 . 2012-02-18 16:37 373 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\43\40da6f6b-19bbacca.idx

2012-02-18 16:37 . 2012-02-18 16:37 3769 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\32\733eb220-658de59b

2012-02-18 16:37 . 2012-02-18 16:37 399 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\32\733eb220-658de59b.idx

2012-02-18 16:37 . 2012-02-18 16:37 379 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\39fe90a2-5ca2c351

2012-02-18 16:37 . 2012-02-18 16:37 389 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\39fe90a2-5ca2c351.idx

2012-02-18 16:37 . 2012-02-18 16:37 1235 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\456b0973-10c8c870

2012-02-18 16:37 . 2012-02-19 00:04 410 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\456b0973-10c8c870.idx

2012-02-18 16:37 . 2012-02-18 16:37 676 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\4aa431a8-287eb6ef

2012-02-18 16:37 . 2012-02-19 00:04 391 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\4aa431a8-287eb6ef.idx

2012-02-18 16:37 . 2012-02-18 16:37 2521 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\46ddd682-4bfde571

2012-02-18 16:37 . 2012-02-18 16:37 369 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\46ddd682-4bfde571.idx

2012-02-18 16:37 . 2012-02-18 16:37 2164 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\6aae2b56-77156c37

2012-02-18 16:37 . 2012-02-19 00:04 372 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\6aae2b56-77156c37.idx

2012-02-18 16:37 . 2012-02-18 16:37 640 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\2e4c06b1-5e24e71a

2012-02-18 16:37 . 2012-02-18 16:37 387 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\2e4c06b1-5e24e71a.idx

2012-02-18 16:37 . 2012-02-18 16:37 1303 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\24f63404-3fdb60c7

2012-02-18 16:37 . 2012-02-19 00:04 403 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\24f63404-3fdb60c7.idx

2012-02-18 16:37 . 2012-02-18 16:37 4190 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\44d660db-1fc71e04

2012-02-18 16:37 . 2012-02-18 16:37 387 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\44d660db-1fc71e04.idx

2012-02-18 13:43 . 2012-02-18 13:43 19346 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\125a5e8e-406a0625

2012-02-18 13:43 . 2012-02-18 13:43 364 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\125a5e8e-406a0625.idx

2012-02-18 13:43 . 2012-02-18 13:43 21487 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\403277e8-11b370db

2012-02-18 13:43 . 2012-02-18 15:36 572 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\403277e8-11b370db.idx

2012-02-18 10:11 . 2012-02-18 10:11 361 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\231d62d4-47ee3582

2012-02-18 10:11 . 2012-02-18 10:11 350 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\231d62d4-47ee3582.idx

2012-02-18 10:11 . 2012-02-18 10:11 1156 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\15\3a8eb78f-528e64fe

2012-02-18 10:11 . 2012-02-18 10:11 458 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\15\3a8eb78f-528e64fe.idx

2012-02-17 00:08 . 2012-02-17 00:08 80511 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\62\179643e-2bc2710a

2012-02-17 00:08 . 2012-02-18 15:36 3287 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\62\179643e-2bc2710a.idx

2012-02-16 20:43 . 2012-02-16 20:43 1476 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\4617792d-426c5c13

2012-02-16 20:43 . 2012-02-16 20:43 395 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\4617792d-426c5c13.idx

2012-02-16 20:43 . 2012-02-16 20:43 9328 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\b7c825a-4ab6d5c6

2012-02-16 20:43 . 2012-02-16 20:43 394 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\b7c825a-4ab6d5c6.idx

2012-02-07 00:16 . 2012-02-07 00:16 512 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\4c66b48-60f836d0

2012-02-07 00:16 . 2012-02-07 00:16 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\4c66b48-60f836d0.idx

2012-02-07 00:16 . 2012-02-07 00:16 1095 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\54\15767576-105378e1

2012-02-07 00:16 . 2012-02-07 00:16 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\54\15767576-105378e1.idx

2012-01-11 01:20 . 2012-01-11 01:20 264 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\7\636575c7-66f28339

2012-01-11 01:20 . 2012-01-11 01:20 407 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\7\636575c7-66f28339.idx

2011-12-23 00:17 . 2011-12-23 00:17 6675 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\12\7c5f2acc-2637b4bc

2011-12-23 00:17 . 2011-12-23 00:17 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\12\7c5f2acc-2637b4bc.idx

2011-12-23 00:17 . 2011-12-23 00:17 4612 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\28\21512dc-5a813cd1

2011-12-23 00:17 . 2011-12-23 00:17 461 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\28\21512dc-5a813cd1.idx

2011-12-23 00:17 . 2011-12-23 00:17 2463 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\77242195-6638d198

2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\77242195-6638d198.idx

2011-12-23 00:17 . 2011-12-23 00:17 13927 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\9\776dacc9-540bd70f

2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\9\776dacc9-540bd70f.idx

2011-12-23 00:17 . 2011-12-23 00:17 401 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\51d2b29b-545a1b5d

2011-12-23 00:17 . 2011-12-23 00:17 459 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\51d2b29b-545a1b5d.idx

2011-12-23 00:17 . 2011-12-23 00:17 1086 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\50\6d5960b2-5f718698

2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\50\6d5960b2-5f718698.idx

2011-12-23 00:17 . 2011-12-23 00:17 247 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\38\180c6d26-15237ba4

2011-12-23 00:17 . 2011-12-23 00:17 457 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\38\180c6d26-15237ba4.idx

2011-12-23 00:17 . 2011-12-23 00:17 221 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\57da5931-71a12dca

2011-12-23 00:17 . 2011-12-23 00:17 456 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\57da5931-71a12dca.idx

2011-12-23 00:17 . 2011-12-23 00:17 565 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\3b0b4cf8-5b992098

2011-12-23 00:17 . 2011-12-23 00:17 444 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\3b0b4cf8-5b992098.idx

2011-12-23 00:17 . 2011-12-23 00:17 21353 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\63\3394783f-17174218

2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\63\3394783f-17174218.idx

2011-12-23 00:17 . 2011-12-23 00:17 91 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\33\4b3658a1-21c7cdf4

2011-12-23 00:17 . 2011-12-23 00:17 442 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\33\4b3658a1-21c7cdf4.idx

2011-12-23 00:17 . 2011-12-23 00:17 2630 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\61\3be20b3d-7b9c25e4

2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\61\3be20b3d-7b9c25e4.idx

2011-12-23 00:17 . 2011-12-23 00:17 1638 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\16\39d3a390-66a21181

2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\16\39d3a390-66a21181.idx

2011-12-23 00:17 . 2011-12-23 00:17 3251 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\58ca92b1-46c7eae6

2011-12-23 00:17 . 2011-12-23 00:17 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\58ca92b1-46c7eae6.idx

2011-12-23 00:17 . 2011-12-23 00:17 201 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\2e3d1c30-343f9ea2

2011-12-23 00:17 . 2011-12-23 00:17 456 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\2e3d1c30-343f9ea2.idx

2011-12-23 00:17 . 2011-12-23 00:17 188 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\1356eebc-206fd1d1

2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\1356eebc-206fd1d1.idx

2011-12-23 00:17 . 2011-12-23 00:17 1296 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\23636e0b-484f4c93

2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\23636e0b-484f4c93.idx

2011-12-23 00:17 . 2011-12-23 00:17 10386 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\205405db-451637f1

2011-12-23 00:17 . 2011-12-23 00:17 452 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\205405db-451637f1.idx

2011-12-23 00:17 . 2011-12-23 00:17 1818 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\427fb042-62b465eb

2011-12-23 00:17 . 2011-12-23 00:17 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\427fb042-62b465eb.idx

2011-12-23 00:17 . 2011-12-23 00:17 1723 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\0\46a03b00-3e93f90b

2011-12-23 00:17 . 2011-12-23 00:17 452 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\0\46a03b00-3e93f90b.idx

2011-12-23 00:17 . 2011-12-23 00:17 10916 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\1c6fc0f9-54d402bb

2011-12-23 00:17 . 2012-01-16 14:57 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\1c6fc0f9-54d402bb.idx

2011-12-23 00:17 . 2011-12-23 00:17 3102 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\23\2f0d8ad7-561c43ee

2011-12-23 00:17 . 2011-12-23 00:17 451 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\23\2f0d8ad7-561c43ee.idx

2011-12-23 00:17 . 2011-12-23 00:17 10367 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\55be12c6-352bb354

2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\55be12c6-352bb354.idx

2011-12-23 00:17 . 2011-12-23 00:17 4098 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\7f49885a-74aa8ce8

2011-12-23 00:17 . 2011-12-23 00:17 450 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\7f49885a-74aa8ce8.idx

2011-12-23 00:17 . 2011-12-23 00:17 279 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\233aa404-735881a5

2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\233aa404-735881a5.idx

2011-12-23 00:17 . 2011-12-23 00:17 254 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\509efd6-761f5536

2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\509efd6-761f5536.idx

2011-12-23 00:17 . 2011-12-23 00:17 15448 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\52eac9c6-321d8597

2011-12-23 00:17 . 2012-01-16 14:57 451 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\52eac9c6-321d8597.idx

2011-12-23 00:17 . 2011-12-23 00:17 2792 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\2ce1d633-7f17f21b

2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\2ce1d633-7f17f21b.idx

2011-12-23 00:17 . 2011-12-23 00:17 2484 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\53\6a3a5835-77232241

2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\53\6a3a5835-77232241.idx

2011-12-23 00:17 . 2011-12-23 00:17 2953 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\16\1551e090-54a63643

2011-12-23 00:17 . 2011-12-23 00:17 451 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\16\1551e090-54a63643.idx

2011-12-23 00:17 . 2011-12-23 00:17 2457 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\521ee8b-420a9fe7

2011-12-23 00:17 . 2011-12-23 00:17 306 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\179311ce-100eeceb

2011-12-23 00:17 . 2011-12-23 00:17 446 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\521ee8b-420a9fe7.idx

2011-12-23 00:17 . 2011-12-23 00:17 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\179311ce-100eeceb.idx

2011-12-23 00:17 . 2011-12-23 00:17 6704 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\77ce3b9-2544e78a

2011-12-23 00:17 . 2012-01-16 14:57 447 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\77ce3b9-2544e78a.idx

2011-12-23 00:17 . 2011-12-23 00:17 2514 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\24\7df1b118-315fb11b

2011-12-23 00:17 . 2011-12-23 00:17 445 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\24\7df1b118-315fb11b.idx

2011-12-23 00:17 . 2011-12-23 00:17 377 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\4d393295-2b09e664

2011-12-23 00:17 . 2011-12-23 00:17 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\4d393295-2b09e664.idx

2011-12-23 00:17 . 2011-12-23 00:17 91 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\b61402c-6add7cba

2011-12-23 00:17 . 2011-12-23 00:17 441 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\b61402c-6add7cba.idx

2011-12-23 00:17 . 2011-12-23 00:17 1597 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\43\130981ab-1b0adbf9

2011-12-23 00:17 . 2011-12-23 00:17 1509 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\194f1708-39119422

2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\194f1708-39119422.idx

2011-12-23 00:17 . 2012-01-16 14:57 444 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\43\130981ab-1b0adbf9.idx

2011-12-23 00:17 . 2011-12-23 00:17 2165 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\386f9e48-2737edf0

2011-12-23 00:17 . 2011-12-23 00:17 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\386f9e48-2737edf0.idx

2011-12-23 00:17 . 2011-12-23 00:17 719 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\5f55fa01-29d9edd4

2011-12-23 00:17 . 2011-12-23 00:17 460 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\5f55fa01-29d9edd4.idx

2011-12-23 00:17 . 2011-12-23 00:17 5355 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\4362a973-5c413a1b

2011-12-23 00:17 . 2011-12-23 00:17 3327 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\53f13f7c-144489d7

2011-12-23 00:17 . 2011-12-23 00:17 450 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\4362a973-5c413a1b.idx

2011-12-23 00:17 . 2012-01-16 14:57 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\53f13f7c-144489d7.idx

2011-12-23 00:17 . 2011-12-23 00:17 1081 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\7e0dd765-68d93775

2011-12-23 00:17 . 2011-12-23 00:17 459 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\7e0dd765-68d93775.idx

2011-12-23 00:17 . 2011-12-23 00:17 2462 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\346a9bda-62d901b5

2011-12-23 00:17 . 2011-12-23 00:17 458 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\346a9bda-62d901b5.idx

2011-12-23 00:17 . 2011-12-23 00:17 4894 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\58\1a4ac4ba-682a8aa1

2011-12-23 00:17 . 2012-01-16 14:57 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\58\1a4ac4ba-682a8aa1.idx

2011-12-23 00:17 . 2011-12-23 00:17 3325 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\58333cb1-123907e3

2011-12-23 00:17 . 2012-01-16 14:57 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\58333cb1-123907e3.idx

2011-12-23 00:17 . 2011-12-23 00:17 5029 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\1094d7df-351a6b6a

2011-12-23 00:17 . 2012-01-16 14:57 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\1094d7df-351a6b6a.idx

2011-12-23 00:17 . 2011-12-23 00:17 1195 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\1c260aed-18457fb5

2011-12-23 00:17 . 2012-01-16 14:57 451 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\1c260aed-18457fb5.idx

2011-12-23 00:17 . 2011-12-23 00:17 4894 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\11d743ed-745f0c87

2011-12-23 00:17 . 2012-01-16 14:57 448 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\11d743ed-745f0c87.idx

2011-12-23 00:17 . 2011-12-23 00:17 4089 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\63\d4df77f-293c3229

2011-12-23 00:17 . 2012-01-16 14:57 447 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\63\d4df77f-293c3229.idx

2011-12-23 00:17 . 2011-12-23 00:17 3926 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\7aea50a5-186c3a27

2011-12-23 00:17 . 2012-01-16 14:57 448 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\7aea50a5-186c3a27.idx

2011-12-23 00:17 . 2011-12-23 00:17 4259 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\52\118715f4-3d3c4d88

2011-12-23 00:17 . 2012-01-16 14:57 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\52\118715f4-3d3c4d88.idx

2011-12-23 00:17 . 2011-12-23 00:17 2117 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\25\5745cdd9-7bd17edc

2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\25\5745cdd9-7bd17edc.idx

2011-12-23 00:17 . 2011-12-23 00:17 2229 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\53\66ac9cf5-5020bc4e

2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\53\66ac9cf5-5020bc4e.idx

2011-12-23 00:17 . 2011-12-23 00:17 2369 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\763a71e5-575b853b

2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\763a71e5-575b853b.idx

2011-12-23 00:17 . 2011-12-23 00:17 2699 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\5aa4973-3fda75f5

2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\5aa4973-3fda75f5.idx

2011-12-23 00:17 . 2011-12-23 00:17 2656 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\18\15668792-12403e21

2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\18\15668792-12403e21.idx

2011-12-23 00:17 . 2011-12-23 00:17 2818 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\249f655b-70ca094b

2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\249f655b-70ca094b.idx

2011-12-23 00:17 . 2011-12-23 00:17 2984 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\343cd55f-77a83a38

2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\343cd55f-77a83a38.idx

2011-12-23 00:17 . 2011-12-23 00:17 3159 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\62\43a0673e-119a3e6c

2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\62\43a0673e-119a3e6c.idx

2011-12-23 00:17 . 2011-12-23 00:17 4979 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\61\6ee386fd-1bce0ba4

2011-12-23 00:17 . 2012-01-16 14:57 447 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\61\6ee386fd-1bce0ba4.idx

2011-12-23 00:17 . 2011-12-23 00:17 4792 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\32a4b768-3daa8411

2011-12-23 00:17 . 2012-01-16 14:57 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\32a4b768-3daa8411.idx

2011-12-23 00:17 . 2011-12-23 00:17 2491 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\14749ab9-1a55bd16

2011-12-23 00:17 . 2012-01-16 14:57 445 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\14749ab9-1a55bd16.idx

2011-12-23 00:17 . 2011-12-23 00:17 479 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\18e3605a-3104af9a

2011-12-23 00:17 . 2012-01-16 14:57 448 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\18e3605a-3104af9a.idx

2011-12-23 00:17 . 2011-12-23 00:17 3672 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\283c6b67-292c343d

2011-12-23 00:17 . 2012-01-16 14:57 446 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\283c6b67-292c343d.idx

2011-12-23 00:17 . 2011-12-23 00:17 55 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\10ca0362-7e05e04d

2011-12-23 00:17 . 2012-01-16 14:57 460 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\10ca0362-7e05e04d.idx

2011-12-23 00:17 . 2011-12-23 00:17 3113 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\35\2aba2ea3-12773523

2011-12-23 00:17 . 2012-01-16 14:57 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\35\2aba2ea3-12773523.idx

2011-12-23 00:17 . 2011-12-23 00:17 3958 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\25\42c40299-526a3a42

2011-12-23 00:17 . 2011-12-23 00:17 55 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\36\266b8be4-7a9e5bdb

2011-12-23 00:17 . 2012-01-16 14:57 460 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\36\266b8be4-7a9e5bdb.idx

2011-12-23 00:17 . 2012-01-16 14:57 452 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\25\42c40299-526a3a42.idx

2011-12-23 00:17 . 2011-12-23 00:17 488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\3dd60b1a-147c91c6

2011-12-23 00:17 . 2012-01-16 14:57 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\3dd60b1a-147c91c6.idx

2011-12-23 00:17 . 2011-12-23 00:17 804 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\35\1eea73a3-1f5bf3c6

2011-12-23 00:17 . 2011-12-23 00:17 452 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\35\1eea73a3-1f5bf3c6.idx

2011-12-23 00:17 . 2011-12-23 00:17 14028 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\68880acb-44004c6b

2011-12-23 00:17 . 2011-12-23 00:17 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\68880acb-44004c6b.idx

2011-12-23 00:17 . 2011-12-23 00:17 9221 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\55\239e4b37-69ae76e5

2011-12-23 00:17 . 2011-12-23 00:17 458 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\55\239e4b37-69ae76e5.idx

2011-12-23 00:17 . 2011-12-23 00:17 793 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\31679ac-3c997373

2011-12-23 00:17 . 2011-12-23 00:17 807 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\1c150b31-457e1030

2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\31679ac-3c997373.idx

2011-12-23 00:17 . 2011-12-23 00:17 456 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\1c150b31-457e1030.idx

2011-12-23 00:17 . 2011-12-23 00:17 1636 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\6f27f5ad-2f1f7bd0

2011-12-23 00:17 . 2012-01-16 14:57 445 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\6f27f5ad-2f1f7bd0.idx

2011-12-23 00:17 . 2011-12-23 00:17 3532 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\7de71da8-73f419f9

2011-12-23 00:17 . 2011-12-23 00:17 446 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\7de71da8-73f419f9.idx

2011-12-23 00:17 . 2011-12-23 00:17 299 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\50\73c599f2-49819b33

2011-12-23 00:17 . 2011-12-23 00:17 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\50\73c599f2-49819b33.idx

2011-12-23 00:17 . 2011-12-23 00:17 73 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\150c4684-37fd70a1

2011-12-23 00:17 . 2011-12-23 00:17 446 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\150c4684-37fd70a1.idx

2011-12-23 00:17 . 2011-12-23 00:17 678 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\72d40033-5c0e8a70

2011-12-23 00:17 . 2011-12-23 00:17 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\72d40033-5c0e8a70.idx

2011-12-23 00:17 . 2011-12-23 00:17 1986 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\5205b242-3e1b2d7c

2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\5205b242-3e1b2d7c.idx

2011-12-23 00:17 . 2011-12-23 00:17 836 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\55eef027-1b587f7d

2011-12-23 00:17 . 2011-12-23 00:17 447 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\55eef027-1b587f7d.idx

2011-12-23 00:17 . 2011-12-23 00:17 886 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\58\539122ba-4689977d

2011-12-23 00:17 . 2011-12-23 00:17 447 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\58\539122ba-4689977d.idx

2011-12-23 00:17 . 2011-12-23 00:17 2123 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\fa1da28-3c7c949b

2011-12-23 00:17 . 2011-12-23 00:17 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\fa1da28-3c7c949b.idx

2011-12-23 00:17 . 2011-12-23 00:17 10637 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\12\7c11bc8c-4e1e21db

2011-12-23 00:17 . 2012-01-16 14:57 457 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\12\7c11bc8c-4e1e21db.idx

2011-12-23 00:17 . 2011-12-23 00:17 429 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\430b970-40b38e17

2011-12-23 00:17 . 2012-01-16 14:57 475 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\430b970-40b38e17.idx

2011-12-23 00:17 . 2011-12-23 00:17 125507 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\46\4df91b2e-7b833336

2011-12-23 00:17 . 2012-02-18 15:36 567 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\46\4df91b2e-7b833336.idx

2011-12-19 21:53 . 2011-12-19 21:53 10386 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\30\215a1b5e-6edd0fc7

2011-12-19 21:53 . 2011-12-19 21:53 489 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\30\215a1b5e-6edd0fc7.idx

2011-12-19 21:53 . 2011-12-19 21:53 10471 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\409bbaf9-5ae09495

2011-12-19 21:53 . 2011-12-19 21:53 491 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\409bbaf9-5ae09495.idx

2011-12-19 21:53 . 2011-12-19 21:53 2463 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\15d2a533-2953f35d

2011-12-19 21:53 . 2011-12-19 21:53 492 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\15d2a533-2953f35d.idx

2011-12-19 21:53 . 2011-12-19 21:53 2457 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\59\3954e47b-25ae9778

2011-12-19 21:53 . 2011-12-19 21:53 483 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\59\3954e47b-25ae9778.idx

2011-12-19 21:53 . 2011-12-19 21:53 2514 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\24e96d9f-7887eb2a

2011-12-19 21:53 . 2011-12-19 21:53 482 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\24e96d9f-7887eb2a.idx

2011-12-19 21:53 . 2011-12-19 21:53 401 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\66e73062-2bf60aaf

2011-12-19 21:53 . 2011-12-19 21:53 496 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\66e73062-2bf60aaf.idx

2011-12-19 21:53 . 2011-12-19 21:53 1131 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\15\6808b6cf-44c95e36

2011-12-19 21:53 . 2011-12-19 21:53 489 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\15\6808b6cf-44c95e36.idx

2011-12-19 21:53 . 2011-12-19 21:53 2788 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\41\302760e9-22dae9f4

2011-12-19 21:53 . 2011-12-19 21:53 488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\41\302760e9-22dae9f4.idx

2011-12-19 21:53 . 2011-12-19 21:53 190 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\14f36a1b-587a6d62

2011-12-19 21:53 . 2011-12-19 21:53 315 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\670b5dec-6447654e

2011-12-19 21:53 . 2011-12-19 21:53 480 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\670b5dec-6447654e.idx

2011-12-19 21:53 . 2011-12-19 21:53 479 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\14f36a1b-587a6d62.idx

2011-12-19 21:53 . 2011-12-19 21:53 4612 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\177ea141-7ad07dcf

2011-12-19 21:53 . 2011-12-19 21:53 498 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\177ea141-7ad07dcf.idx

2011-12-19 21:53 . 2011-12-19 21:53 4113 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\101b4fce-61e87a3a

2011-12-19 21:53 . 2011-12-19 21:53 487 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\101b4fce-61e87a3a.idx

2011-12-19 21:53 . 2011-12-19 21:53 5355 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\53fdfdfc-769ecbbe

2011-12-19 21:53 . 2011-12-19 21:53 487 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\53fdfdfc-769ecbbe.idx

2011-12-19 21:53 . 2011-12-19 21:53 6675 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\7cad9644-20d83a0b

2011-12-19 21:53 . 2011-12-19 21:53 486 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\7cad9644-20d83a0b.idx

2011-12-19 21:53 . 2011-12-19 21:53 1056 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\4766f52d-3a3c36f6

2011-12-19 21:53 . 2011-12-19 21:53 491 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\4766f52d-3a3c36f6.idx

2011-12-19 21:53 . 2011-12-19 21:53 2686 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\6589f427-7d313821

2011-12-19 21:53 . 2011-12-19 21:53 490 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\6589f427-7d313821.idx

2011-12-19 21:53 . 2011-12-19 21:53 724 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\26813741-5cbcbeca

2011-12-19 21:53 . 2011-12-19 21:53 490 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\26813741-5cbcbeca.idx

2011-12-19 21:53 . 2011-12-19 21:53 1456 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\59\44edcb3b-31039d0c

2011-12-19 21:53 . 2011-12-19 21:53 490 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\59\44edcb3b-31039d0c.idx

2011-12-19 21:53 . 2011-12-19 21:53 523 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\61e3c038-2c546a1c

2011-12-19 21:53 . 2011-12-19 21:53 481 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\61e3c038-2c546a1c.idx

2011-12-19 21:53 . 2011-12-19 21:53 266 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\653c2094-53b05dfc

2011-12-19 21:53 . 2011-12-19 21:53 480 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\653c2094-53b05dfc.idx

2011-12-19 21:53 . 2011-12-19 21:53 2630 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\4978ae4b-58a36c97

2011-12-19 21:53 . 2011-12-19 21:53 491 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\4978ae4b-58a36c97.idx

2011-12-19 21:53 . 2011-12-19 21:53 871 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\3103af4e-1fa87d78

2011-12-19 21:53 . 2011-12-19 21:53 490 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\3103af4e-1fa87d78.idx

2011-12-19 21:53 . 2011-12-19 21:53 1142 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\4f0b5795-4c364e8a

2011-12-19 21:53 . 2011-12-19 21:53 490 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\4f0b5795-4c364e8a.idx

2011-12-19 21:53 . 2011-12-19 21:53 1644 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\28\4b8abe5c-56ca4aff

2011-12-19 21:53 . 2011-12-19 21:53 492 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\28\4b8abe5c-56ca4aff.idx

2011-12-19 21:53 . 2011-12-19 21:53 10916 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\7b67707c-1e25c72e

2011-12-19 21:53 . 2011-12-19 21:53 488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\7b67707c-1e25c72e.idx

2011-12-19 21:53 . 2011-12-19 21:53 1774 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\42\77649d6a-1ec999ad

2011-12-19 21:53 . 2011-12-19 21:53 491 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\42\77649d6a-1ec999ad.idx

2011-12-19 21:53 . 2011-12-19 21:53 1081 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\6e6cc90b-2234a9ed

2011-12-19 21:53 . 2011-12-19 21:53 496 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\6e6cc90b-2234a9ed.idx

2011-12-19 21:53 . 2011-12-19 21:53 2328 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\489802a8-3209874f

2011-12-19 21:53 . 2011-12-19 21:53 495 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\489802a8-3209874f.idx

2011-12-19 21:53 . 2011-12-19 21:53 247 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\7\2c7e2487-7e87ba25

2011-12-19 21:53 . 2011-12-19 21:53 494 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\7\2c7e2487-7e87ba25.idx

2011-12-19 21:53 . 2011-12-19 21:53 15448 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\

Share this post


Link to post
Share on other sites

Good. :)

 

This article about passwords has sensible ideas: http://lifehacker.com/5830355/xkcd-password-generator-creates-high+security-easy+to+remember-passwords

Length is the main thing to strive for. Less than 10 characters is just too easy to crack.

 

Please do this cleanup:

 

Start > Run and enter 'combofix /uninstall'. Note the space after 'combofix'. Among other things your Restore Points will be purged and a new clean one created.

 

Delete the DDS files, TDSSKiller, and Security Check folder from your Desktop.

Share this post


Link to post
Share on other sites

You're welcome, Mightydave1976.

 

The XP firewall doesn't protect against unauthorized outgoing activity so I suggest disabling it and installing free Commodo Firewall instead.

 

I'll keep this thread open for a few days.

Share this post


Link to post
Share on other sites

Thanks. I'll take a look at Commodo. We used to use ZoneAlarm, but removed it after we started getting conflicts.

Edited by Mightydave1976

Share this post


Link to post
Share on other sites

Advice for malware prevention:

 

Configure Windows to do automatic updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

 

Keep MalwareBytes Anti-Malware updated and run it whenever you suspect a problem.

 

The free FileHippo Update Checker makes it easy to keep all your programs up to date - run it every few weeks.

 

Please consider using an alternate browser. Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScripts, can make it even more secure. Chrome is another good option.

If you are interested, Firefox may be downloaded from here

Chrome is available here: http://www.google.com/chrome/intl/en/make/features.html

 

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here:

 

http://www.systemlookup.com/search.php?type=filename

 

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different from the rogues mentioned above.

 

For much more old but still useful information, read Tony Klein's excellent article: How did I get infected in the first place

Share this post


Link to post
Share on other sites

Glad we could help. :)

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0