Jump to content

JIF

Members
 View Profile  See their activity

  • Posts

    26

  • Joined

  • Last visited

About JIF

  • Birthday 02/14/1968

Personal Information

  • Occupation
    Team leader
  • Real Name
    Martin

Tech Info

  • Experience
    some_experience
  • System: windows_vista_home_2

JIF's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. JIF
    everything is ok i have also deleted combo fix
  2. JIF
    No i meant 40gb i just wonderd what was taking up the rest i know vista takes some but surley not 100gb
  3. JIF
    Everything seems fine thanks very much
  4. JIF
    Hi all how can i get my hard dive memory back i have a 150gb drive and there is only 40gb left although i have moved all my music pictures and films to an external drive and deleted them from my internal drive. Regards JIF
  5. JIF
    Hi Chiaz as requested Jotti's malware scan Filename: EXCEL.EXE Status: Scan finished. 0 out of 21 scanners reported malware. Scan taken on: Thu 1 Oct 2009 17:24:26 (CET) Permalink Additional info File size: 179303 bytes Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit MD5: ecc69ede98115d0ace0342cf0423404d SHA1: 1d25e539afc8e341d0ac7aab1b92a6204ebed4a4 Packer (Drweb): BINARYRES, THINSTALL Scanners http://virusscan.jotti.org/images/logos/arcavir.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/gdata.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/asquared.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/ikarus.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/avast.gif 2009-09-30 Found nothing http://virusscan.jotti.org/images/logos/kaspersky.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/avg.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/nod32.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/avira.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/norman.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/bitdefender.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/panda.gif 2009-09-30 Found nothing http://virusscan.jotti.org/images/logos/clamav.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/quickheal.gif 2009-09-30 Found nothing http://virusscan.jotti.org/images/logos/cpsecure.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/sophos.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/drweb.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/vba32.gif 2009-09-30 Found nothing http://virusscan.jotti.org/images/logos/fprot.gif 2009-10-01 Found nothing http://virusscan.jotti.org/images/logos/virusbuster.gif 2009-10-01 Found nothing
  6. JIF
    C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@mediaplex[1].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@mediaplex[2].txt 00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@ccbill[1].txt 00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@yadro[1].txt 00167653 Cookie/Outster TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@outster[2].txt 00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@toplist[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@ad.yieldmanager[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@ad.yieldmanager[2].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@ad.yieldmanager[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@ad.yieldmanager[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@ad.yieldmanager[2].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\Low\sam@apmebf[1].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@apmebf[1].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\Low\pam@apmebf[1].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@apmebf[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@serving-sys[4].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@serving-sys[3].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@serving-sys[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\Low\sam@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@serving-sys[8].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@serving-sys[7].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\Low\pam@serving-sys[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@serving-sys[3].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\jayson@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@serving-sys[5].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@serving-sys[4].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@serving-sys[3].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\adam@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@serving-sys[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@serving-sys[3].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@bs.serving-sys[1].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@bs.serving-sys[1].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@bs.serving-sys[3].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@bs.serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@bs.serving-sys[1].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\jayson@bs.serving-sys[1].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@adtech[1].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@adtech[1].txt 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\Low\sam@server.iad.liveperson[1].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@advertising[1].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@advertising[2].txt 00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@sextracker[1].txt 00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@media.adrevolver[3].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@ads.pointroll[2].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@ads.pointroll[3].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@ads.pointroll[1].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\Low\sam@overture[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@questionmarket[2].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@questionmarket[2].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@questionmarket[2].txt 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@zedo[2].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@bluestreak[1].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\Low\sam@bluestreak[1].txt 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@adrevolver[2].txt 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@adrevolver[2].txt 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@adrevolver[2].txt 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@adultfriendfinder[2].txt 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@searchportal.information[2].txt 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@searchportal.information[1].txt 00206953 Cookie/Sextracker TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@counter14.sextracker[1].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@adviva[2].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@adviva[2].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@adviva[1].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@adviva[2].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@adviva[2].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@atwola[1].txt 02734330 Generic Trojan Virus/Trojan No 0 No No C:\Users\Martin\Desktop\Microsoft Word and Excel 2003 – Portable USB Edition\Microsoft Word and Excel 2003 – Portable USB Edition\WINWORD.EXE[C:\Users\Martin\Desktop\Microsoft Word and Excel 2003 ΓÇô Portable USB Edition\Microsoft Word and Excel 2003 ΓÇô Portable USB Edition\WINWORD.EXE][codec.exe] 03690676 Adware/BHO.FP Adware No 0 Yes No C:\Qoobox\Quarantine\C\Program Files\SGPSA\mtwb3sh.dll.vir 03690676 Adware/BHO.FP Adware No 0 Yes No C:\Qoobox\Quarantine\C\Program Files\Fast Browser Search\IE\MTWB3SH.dll.vir ;=================================================================================================================================================================================== SUSPECTS Sent Location ;=================================================================================================================================================================================== No C:\Program Files\CheatCodesToolbar\CheatCodes.com Toolbar\cctoolbar.dll ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description ;=================================================================================================================================================================================== ;===================================================================================================================================================================================
  7. JIF
    Hi the error message has gone and there doesnt seem to be any other problems here is the report from the Active scan ********************************************************************************************* ANALYSIS: 2009-09-30 20:55:30 PROTECTIONS: 1 MALWARE: 31 SUSPECTS: 1 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== avast! antivirus Yes Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@doubleclick[3].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@doubleclick[4].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@doubleclick[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Cookies\Low\martin@doubleclick[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\Low\pam@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\jayson@doubleclick[3].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\jayson@doubleclick[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@doubleclick[3].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@doubleclick[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\jayson@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@doubleclick[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@doubleclick[4].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@doubleclick[6].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\Low\sam@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@doubleclick[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@atdmt[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@atdmt[3].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\Low\sam@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@atdmt[4].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@atdmt[3].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@atdmt[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@atdmt[4].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@atdmt[5].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\jayson@atdmt[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\jayson@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@atdmt[6].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@atdmt[6].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\adam@atdmt[6].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\adam@atdmt[5].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@atdmt[5].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@atdmt[4].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@atdmt[3].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@atdmt[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\adam@atdmt[3].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@atdmt[5].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\adam@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\adam@atdmt[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@atdmt[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@atdmt[3].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@atdmt[4].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\Low\pam@atdmt[1].txt 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@tradedoubler[1].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\pam@247realmedia[1].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Jayson\AppData\Roaming\Microsoft\Windows\Cookies\Low\jayson@247realmedia[1].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\Low\sam@247realmedia[2].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Pam\AppData\Roaming\Microsoft\Windows\Cookies\Low\pam@247realmedia[1].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Cookies\Low\adam@247realmedia[1].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\Low\sam@mediaplex[1].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Cookies\sam@mediaplex[1].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No
  8. JIF
    *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{565FE2E0-7B46-46EB-9D83-3B2DC5934BCC}"= "c:\program files\CheatCodesToolbar\CheatCodes.com Toolbar\cctoolbar.dll" [2008-11-28 2593280] [HKEY_CLASSES_ROOT\clsid\{565fe2e0-7b46-46eb-9d83-3b2dc5934bcc}] [HKEY_CLASSES_ROOT\TBSB06474.TBSB06474.3] [HKEY_CLASSES_ROOT\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}] [HKEY_CLASSES_ROOT\TBSB06474.TBSB06474] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{565FE2E0-7B46-46EB-9D83-3B2DC5934BCC}"= "c:\program files\CheatCodesToolbar\CheatCodes.com Toolbar\cctoolbar.dll" [2008-11-28 2593280] [HKEY_CLASSES_ROOT\clsid\{565fe2e0-7b46-46eb-9d83-3b2dc5934bcc}] [HKEY_CLASSES_ROOT\TBSB06474.TBSB06474.3] [HKEY_CLASSES_ROOT\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}] [HKEY_CLASSES_ROOT\TBSB06474.TBSB06474] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-16 39408] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-12-12 1840424] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-02-26 2289664] "BitComet"="c:\program files\BitComet\BitComet.exe" [2009-03-09 2564408] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-24 251240] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-26 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-26 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-26 150552] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-01 148888] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-17 6111232] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816] c:\users\Jayson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-3-29 385024] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):ed,cb,53,96,a7,17,ca,01 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{C7A7744A-B07F-4014-989F-EF4AE97D4B93}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{CF0A620D-69B8-43CA-A942-BC8E2FECB39B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{200C1EF7-B55D-43F4-9832-53FD98FE470D}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{17EA323A-588C-4C72-ACBD-270CD215CAC3}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{1B6864F6-749E-40C0-9C82-7EAC457E8B6D}"= UDP:13277:bitcomet "TCP Query User{20367FEE-C761-4EB8-A930-3A1931782461}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client "UDP Query User{92FCFF12-A1C0-4AF5-816F-A6BD95AAA2C9}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client "{5AE7E5FA-268E-4DAA-88F2-9980316DD6E7}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "{93F41A58-72D0-4A04-ABD3-086C37DFADDA}"= TCP:13277:BitComet 13277 UDP "{A8688308-F9A7-43AB-846B-F43472DEF06D}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{E483047C-82A1-404C-8676-B33E58C071EF}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "TCP Query User{CFE958AD-42CE-48F0-80E2-0E2633D47804}c:\\program files\\adobe\\adobe after effects cs3\\support files\\afterfx.exe"= UDP:c:\program files\adobe\adobe after effects cs3\support files\afterfx.exe:Adobe After Effects CS3 "UDP Query User{EBB450EE-1541-4DEE-B172-830C4D3503B3}c:\\program files\\adobe\\adobe after effects cs3\\support files\\afterfx.exe"= TCP:c:\program files\adobe\adobe after effects cs3\support files\afterfx.exe:Adobe After Effects CS3 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "d:\\ADAM'S\\Orbitdownloader\\orbitdm.exe"= d:\adam's\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit "d:\\ADAM'S\\Orbitdownloader\\orbitnet.exe"= d:\adam's\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [27/09/2009 11:11 114768] R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [27/09/2009 11:11 20560] R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [27/09/2009 11:11 53328] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24/04/2009 12:57 92008] R3 scrcap;scrcap;c:\windows\System32\drivers\scrcap.sys [27/12/2006 15:47 9006] S2 gupdate1c9aa6516bf9cfa;Google Update Service (gupdate1c9aa6516bf9cfa);c:\program files\Google\Update\GoogleUpdate.exe [21/03/2009 21:39 133104] S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [14/04/2009 21:35 55280] S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360] S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\System32\drivers\wg111v3.sys [28/12/2007 07:58 289280] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Contents of the 'Scheduled Tasks' folder 2009-09-29 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-16 19:58] 2009-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-21 20:39] 2009-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-21 20:39] 2009-09-29 c:\windows\Tasks\User_Feed_Synchronization-{45083DD5-FDD3-4B23-9FE8-42FAB935F171}.job - c:\windows\system32\msfeedssync.exe [2009-07-29 20:13] 2009-09-29 c:\windows\Tasks\User_Feed_Synchronization-{AC299333-0A1F-4DA9-92B9-C4832AB6A537}.job - c:\windows\system32\msfeedssync.exe [2009-07-29 20:13] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.atcomet.com/b/ uInternet Settings,ProxyOverride = *.local IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-09-29 17:54 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver] "ImagePath"="\??\c:\program files\Lavalys\EVEREST Corporate Edition\kerneld.wnt" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2009-09-29 17:56 ComboFix-quarantined-files.txt 2009-09-29 16:56 ComboFix2.txt 2009-09-28 16:02 Pre-Run: 43,969,150,976 bytes free Post-Run: 43,946,561,536 bytes free 279 --- E O F --- 2009-09-29 14:47
  9. JIF
    Seems to be working fine now ??? i will have to send the combo fix report in 2 halves its to long for 1 post ComboFix 09-09-27.05 - Martin 29/09/2009 17:39.2.2 - NTFSx86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.1012.194 [GMT 1:00] Running from: c:\downloads\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-29 ))))))))))))))))))))))))))))))) . 2009-09-29 16:54 . 2009-09-29 16:54 -------- d-----w- c:\users\Sam\AppData\Local\temp 2009-09-29 16:54 . 2009-09-29 16:54 -------- d-----w- c:\users\Public\AppData\Local\temp 2009-09-29 16:54 . 2009-09-29 16:54 -------- d-----w- c:\users\Pam\AppData\Local\temp 2009-09-29 16:54 . 2009-09-29 16:54 -------- d-----w- c:\users\Jayson\AppData\Local\temp 2009-09-29 16:54 . 2009-09-29 16:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-09-29 16:54 . 2009-09-29 16:54 -------- d-----w- c:\users\Adam\AppData\Local\temp 2009-09-28 15:50 . 2009-09-29 16:54 -------- d-----w- c:\users\Martin\AppData\Local\temp 2009-09-28 15:08 . 2009-09-28 15:08 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes 2009-09-28 15:08 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-28 15:08 . 2009-09-28 15:08 -------- d-----w- c:\programdata\Malwarebytes 2009-09-28 15:08 . 2009-09-28 15:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-28 15:08 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-27 10:11 . 2009-09-15 10:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-27 10:11 . 2009-09-15 10:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-27 10:11 . 2009-09-15 10:53 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-09-27 10:11 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-27 10:11 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-27 10:11 . 2009-09-15 10:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-27 10:11 . 2009-09-15 10:55 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2009-09-27 10:11 . 2009-09-27 10:11 -------- d-----w- c:\program files\Alwil Software 2009-09-24 16:15 . 2008-05-02 05:59 122368 ----a-w- c:\windows\system32\drivers\Rtlh86.sys 2009-09-24 16:15 . 2009-09-24 16:15 -------- d-----w- c:\program files\Realtek 2009-09-21 21:54 . 2009-09-21 21:54 -------- d-----w- c:\users\Jayson\Office Genuine Advantage 2009-09-19 14:53 . 2009-09-19 14:53 -------- d-----w- c:\users\Sam\AppData\Local\Adobe 2009-09-18 21:01 . 2009-09-18 21:01 -------- d-----w- c:\program files\DivX 2009-09-18 21:01 . 2009-09-18 21:01 -------- d-----w- c:\program files\Common Files\DivX Shared 2009-09-18 19:11 . 2009-09-27 09:51 9438496 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-09-16 16:09 . 2009-09-16 16:09 -------- d-----w- c:\users\Pam\Office Genuine Advantage 2009-09-15 19:30 . 2009-09-15 19:30 -------- d-----w- c:\users\Adam\Office Genuine Advantage 2009-09-15 17:08 . 2009-09-15 17:08 -------- d-----w- c:\users\Martin\Office Genuine Advantage 2009-09-09 20:26 . 2009-09-09 20:26 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-09-09 15:29 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-09-09 15:29 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll 2009-09-09 15:29 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-09-09 15:29 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-09-09 15:29 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-09-09 15:29 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-09-09 15:29 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-09-09 15:29 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-09-09 15:29 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe 2009-09-09 15:29 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-09-09 15:29 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll 2009-09-09 15:28 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-09-09 15:28 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-09-09 15:28 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll 2009-09-09 15:28 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll 2009-09-09 15:28 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll 2009-09-09 15:27 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll 2009-09-03 17:08 . 2009-09-03 17:08 680 ----a-w- c:\users\Pam\AppData\Local\d3d9caps.dat 2009-09-03 15:11 . 2009-09-23 16:32 -------- d-----w- c:\program files\Classic Menu for Office 2009-09-02 21:49 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-09-02 21:49 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-09-01 17:55 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll 2009-09-01 17:55 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll 2009-09-01 17:55 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-01 17:55 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll 2009-09-01 17:55 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-09-01 17:55 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll 2009-09-01 17:55 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2009-09-01 17:55 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-29 14:43 . 2009-03-21 19:58 -------- d-----w- c:\programdata\Google Updater 2009-09-27 10:00 . 2009-04-04 18:13 -------- d-----w- c:\programdata\Virgin Broadband 2009-09-27 10:00 . 2009-04-05 14:10 -------- d-----w- c:\users\Adam\AppData\Roaming\Virgin Broadband 2009-09-27 10:00 . 2009-04-05 11:08 -------- d-----w- c:\users\Pam\AppData\Roaming\Virgin Broadband 2009-09-27 10:00 . 2009-04-05 09:05 -------- d-----w- c:\users\Jayson\AppData\Roaming\Virgin Broadband 2009-09-27 10:00 . 2009-04-04 20:56 -------- d-----w- c:\users\Sam\AppData\Roaming\Virgin Broadband 2009-09-27 10:00 . 2009-04-04 18:13 -------- d-----w- c:\users\Martin\AppData\Roaming\Virgin Broadband 2009-09-27 09:53 . 2009-08-14 19:32 -------- d-----w- c:\program files\CheatCodesToolbar 2009-09-27 09:51 . 2009-09-18 19:11 57044 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-09-24 16:15 . 2009-03-29 13:27 -------- d-----w- c:\program files\InstallShield Installation Information 2009-09-23 18:41 . 2009-04-11 14:14 -------- d-----w- c:\program files\City of Heroes 2009-09-23 16:37 . 2009-03-24 20:48 -------- d-----w- c:\users\Sam\AppData\Roaming\vlc 2009-09-23 16:35 . 2009-03-23 07:55 -------- d-----w- c:\users\Martin\AppData\Roaming\vlc 2009-09-23 16:35 . 2009-05-16 19:11 -------- d-----w- c:\users\Martin\AppData\Roaming\GetRightToGo 2009-09-23 16:35 . 2009-03-22 18:04 -------- d-----w- c:\users\Martin\AppData\Roaming\dvdcss 2009-09-23 16:35 . 2009-04-10 20:33 -------- d-----w- c:\users\Jayson\AppData\Roaming\vlc 2009-09-23 16:34 . 2009-05-17 17:41 -------- d-----w- c:\users\Jayson\AppData\Roaming\uTorrent 2009-09-23 16:34 . 2009-05-17 17:06 -------- d-----w- c:\users\Jayson\AppData\Roaming\dvdcss 2009-09-23 16:34 . 2009-03-28 18:32 -------- d-----w- c:\users\Adam\AppData\Roaming\vlc 2009-09-23 16:32 . 2008-09-09 13:43 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller 2009-09-23 16:32 . 2009-03-16 22:36 -------- d-----w- c:\program files\Common Files\LightScribe 2009-09-23 16:32 . 2009-06-01 21:36 -------- d-----w- c:\program files\Cheat Engine 2009-09-23 16:32 . 2009-04-14 17:18 -------- d-----w- c:\program files\Audacity 2009-09-23 16:32 . 2009-03-17 18:25 -------- d-----w- c:\program files\BitComet 2009-09-23 16:32 . 2009-03-17 15:24 -------- d-----w- c:\program files\Bonjour 2009-09-23 16:32 . 2009-03-17 15:22 -------- d-----w- c:\program files\Apple Software Update 2009-09-23 16:09 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery 2009-09-23 16:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-09-23 16:08 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender 2009-09-23 16:08 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration 2009-09-23 16:08 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar 2009-08-27 20:27 . 2009-05-01 15:57 -------- d-----w- c:\program files\Java 2009-08-26 18:31 . 2009-08-26 18:30 -------- d-----w- c:\programdata\NOS 2009-08-17 12:25 . 2009-08-17 12:25 -------- d-----w- c:\program files\Pure Motion 2009-08-17 12:25 . 2009-08-17 12:25 -------- d-----w- c:\program files\Sonic Foundry 2009-08-17 12:25 . 2009-08-17 12:25 -------- d-----w- c:\program files\DebugMode 2009-08-09 12:53 . 2009-08-09 12:53 -------- d-----w- c:\program files\The Foundry 2009-08-08 22:12 . 2009-08-08 22:12 -------- d-----w- c:\program files\Free Audio Pack 2009-08-07 21:43 . 2009-08-07 21:43 680 ----a-w- c:\users\Martin\AppData\Local\d3d9caps.dat 2009-08-06 14:58 . 2009-08-06 14:58 -------- d-----w- c:\program files\FLV Hosting 2009-08-05 20:07 . 2009-08-05 20:07 -------- d-----w- c:\program files\ZD Soft 2009-08-05 17:29 . 2009-03-16 21:25 100264 ----a-w- c:\users\Pam\AppData\Local\GDIPFONTCACHEV1.DAT 2009-08-05 10:25 . 2009-03-16 20:37 100264 ----a-w- c:\users\Jayson\AppData\Local\GDIPFONTCACHEV1.DAT 2009-08-05 10:13 . 2009-03-16 20:07 100264 ----a-w- c:\users\Sam\AppData\Local\GDIPFONTCACHEV1.DAT 2009-08-04 22:54 . 2009-03-16 22:33 100264 ----a-w- c:\users\Adam\AppData\Local\GDIPFONTCACHEV1.DAT 2009-08-04 22:23 . 2009-03-16 19:08 100264 ----a-w- c:\users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT 2009-08-04 22:17 . 2009-03-16 19:34 -------- d-----w- c:\program files\Common Files\Adobe 2009-08-04 22:16 . 2009-08-04 22:16 -------- d-----w- c:\program files\Adobe Media Player 2009-08-04 22:11 . 2009-08-04 22:11 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2009-08-03 14:07 . 2009-08-03 14:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll 2009-08-03 14:07 . 2009-08-03 14:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll 2009-08-03 14:07 . 2009-08-03 14:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe 2009-08-02 16:33 . 2009-08-01 18:36 680 ----a-w- c:\users\Jayson\AppData\Local\d3d9caps.dat 2009-08-01 15:52 . 2009-05-16 12:43 680 ----a-w- c:\users\Sam\AppData\Local\d3d9caps.dat 2009-07-21 21:52 . 2009-07-29 08:33 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-07-29 08:32 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-07-29 08:32 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:13 . 2009-07-29 08:32 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-17 13:54 . 2009-08-13 09:35 71680 ----a-w- c:\windows\system32\atl.dll 2009-07-16 09:01 . 2009-07-16 09:01 734080 ----a-w- c:\users\Public\MyWebTattoo.exe 2009-07-15 12:40 . 2009-08-13 09:35 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-07-15 12:39 . 2009-08-13 09:35 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-15 12:39 . 2009-08-13 09:35 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-07-15 12:39 . 2009-08-13 09:35 7680 ----a-w- c:\windows\system32\spwmp.dll 2008-09-16 19:17 . 2009-07-09 19:31 968704 ----a-w- c:\program files\WinRAR.exe . ((((((((((((((((((((((((((((( SnapShot@2009-09-28_15.57.01 ))))))))))))))))))))))))))))))))))))))))) . + 2008-01-21 01:58 . 2009-09-29 14:44 42650 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:02 . 2009-09-29 14:44 70152 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-09-09 12:20 . 2009-09-28 15:56 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-09-09 12:20 . 2009-09-29 16:37 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-09-09 12:20 . 2009-09-29 16:37 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-09-09 12:20 . 2009-09-28 15:56 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-03-25 17:42 . 2009-09-29 14:44 9280 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1158120159-1088900261-3412254371-1002_UserData.bin + 2009-03-18 10:04 . 2009-09-28 16:26 8278 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1158120159-1088900261-3412254371-1001_UserData.bin + 2009-09-29 14:40 . 2009-09-29 14:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-09-29 14:40 . 2009-09-29 14:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2008-09-09 12:20 . 2009-09-28 15:56 147456 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-09-09 12:20 . 2009-09-29 16:37 147456 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . .
  10. JIF
    i though t i had given you the log for combo fix,i ran it again and now i am having to use a different computer because everytime i try to click on a short cut or anything else i get an error message as follows.. Illegal operation attempted on a registry key that has been marked for deletion Please advise JIF
  11. JIF
    [ATTACH][ATTACH][ATTACH]353.vB5-legacyid=686[/ATTACH][/ATTACH][/ATTACH] Hi chiaz i have done what you have suggested and here are the reports,I will be away from my computer until this time tomorrow,thanks for the help JIFerror 2.txt mbam-log-2009-09-28 (16-21-07).txt ERROR.txt
  12. JIF
    Plastic Nev has suggested i ask the malware section as his section cant help,i keep getting this error message when starting up,my computer seems to be running fine but it is really bugging me yours hopefully JIF [ATTACH]351.vB5-legacyid=683[/ATTACH]
  13. JIF
    Sorry i havent got a clue
  14. JIF
    Hi all, anyone help with this error message i get when switching on the computer,the computer seems to be running fine it's just bugging me,thanks in advance [ATTACH]350.vB5-legacyid=681[/ATTACH] Martin
  15. JIF
    email attachments Hi opening with word didnt work,so i opened word first then went to file, found the saved attachment and then opened it, this worked. regards JIF.
×
×
  • Create New...