1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

"Windows - Virtual Memory Minium Too Low" Virus. Need help.

Discussion in 'Virus & Other Malware Removal' started by Kronos2401, Apr 1, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. Kronos2401

    Kronos2401 Thread Starter

    Joined:
    Mar 31, 2012
    Messages:
    74
    SystemLook 30.07.11 by jpshortstuff
    Log created at 22:53 on 15/06/2012 by Derek
    Administrator - Elevation successful
    ========== dir ==========
    c:\documents and settings\derek\Ÿ9Ÿ9 - Unable to find folder.
    -= EOF =-
     
  2. Kronos2401

    Kronos2401 Thread Starter

    Joined:
    Mar 31, 2012
    Messages:
    74
    OTL logfile created on: 15/06/2012 23:04:03 - Run 6
    OTL by OldTimer - Version 3.2.49.0 Folder = C:\Documents and Settings\Derek\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    1.99 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 78.28% Memory free
    3.83 Gb Paging File | 3.54 Gb Available in Paging File | 92.38% Paging File free
    Paging file location(s): C:\pagefile.sys 0 0 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 55.74 Gb Total Space | 36.67 Gb Free Space | 65.78% Space Free | Partition Type: NTFS
    Drive D: | 54.58 Gb Total Space | 15.23 Gb Free Space | 27.89% Space Free | Partition Type: NTFS

    Computer Name: EQUIUM | User Name: Derek | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/06/15 22:54:49 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Derek\Desktop\OTL.exe
    PRC - [2012/05/29 18:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
    PRC - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
    PRC - [2011/03/29 07:17:18 | 003,571,520 | ---- | M] (MyBusinessWorks) -- C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksstat.exe
    PRC - [2011/03/29 07:17:16 | 000,046,912 | ---- | M] (MyBusinessWorks) -- C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksbackup.exe
    PRC - [2009/03/06 03:26:38 | 000,479,320 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
    PRC - [2009/03/06 03:26:06 | 000,495,700 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
    PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2008/03/04 12:12:04 | 000,360,448 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe
    PRC - [2007/04/10 08:45:20 | 000,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe


    ========== Modules (No Company Name) ==========


    ========== Win32 Services (SafeList) ==========

    SRV - [2012/05/05 15:44:40 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
    SRV - [2011/03/29 07:17:16 | 000,046,912 | ---- | M] (MyBusinessWorks) [Auto | Running] -- C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksbackup.exe -- (MyBusinessWorksbackup)
    SRV - [2009/03/06 03:26:06 | 000,495,700 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
    SRV - [2007/04/10 08:45:20 | 000,035,840 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Derek\LOCALS~1\Temp\catchme.sys -- (catchme)
    DRV - [2012/05/23 18:49:30 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
    DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/06/02 06:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
    DRV - [2011/06/02 06:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
    DRV - [2011/06/02 06:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
    DRV - [2011/03/29 07:17:10 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MyBusinessWorks.sys -- (MyBusinessWorksFilter)
    DRV - [2010/07/06 03:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2009/09/30 15:17:02 | 001,585,728 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
    DRV - [2009/03/16 23:19:44 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
    DRV - [2008/01/30 12:28:36 | 004,725,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2007/04/04 08:56:48 | 000,005,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FwLnk.sys -- (FwLnk)
    DRV - [2006/11/28 15:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2004/08/22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347prt.sys -- (d347prt)
    DRV - [2004/08/22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347bus.sys -- (d347bus)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/logi...ap2e6CwWSb86QVdqk-&.done=http://uk.yahoo.com/
    IE - HKCU\..\SearchScopes,DefaultScope = {90ECF758-E3C9-4D90-BC65-35A90D480B03}
    IE - HKCU\..\SearchScopes\{4ADF8512-94DF-4582-A60D-6D2D0D0A6574}: "URL" = http://www.google.com/search?q={sea...ource}&ie={inputEncoding?}&oe={outputEncoding?}
    IE - HKCU\..\SearchScopes\{90ECF758-E3C9-4D90-BC65-35A90D480B03}: "URL" = http://www.google.com/search?q={sea...ource}&ie={inputEncoding?}&oe={outputEncoding?}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011/05/04 23:10:01 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011/05/04 23:10:01 | 000,000,000 | ---D | M]


    O1 HOSTS File: ([2012/06/08 20:26:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
    O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
    O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)
    O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
    O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
    O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyPro Status.lnk = C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksstat.exe (MyBusinessWorks)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C27D94A-9E3D-4F0F-9232-EB531D577190}: DhcpNameServer = 192.168.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECA2E087-C26F-4614-89F4-A5E9B371EE46}: DhcpNameServer = 192.168.0.1
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2011/05/03 19:35:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/06/15 22:54:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2012/06/14 19:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derek\Local Settings\Application Data\PCHealth
    [2012/06/10 23:01:26 | 000,136,808 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdm.sys
    [2012/06/10 23:01:26 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdfl.sys
    [2012/06/10 23:01:26 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcmnt.sys
    [2012/06/10 23:01:25 | 000,121,064 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadbus.sys
    [2012/06/10 23:01:25 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwhnt.sys
    [2012/06/10 22:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Derek\Local Settings\Application Data\Samsung
    [2012/06/10 22:39:54 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcm.sys
    [2012/06/10 22:39:53 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwh.sys
    [2012/06/10 22:38:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung
    [2012/06/10 22:38:54 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
    [2012/06/10 22:38:40 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
    [2012/06/10 22:38:40 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
    [2012/06/10 22:38:40 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
    [2012/06/10 22:34:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2012/06/10 22:29:08 | 092,939,360 | ---- | C] (Samsung Electronics Co., Ltd. ) -- C:\Documents and Settings\Derek\Desktop\Kies_2.3.2.12054_19_1.exe
    [2012/06/04 13:25:35 | 004,536,354 | R--- | C] (Swearware) -- C:\Documents and Settings\Derek\Desktop\ComboFix.exe
    [2012/06/02 14:56:44 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Derek\Desktop\OTL.exe
    [2012/05/29 00:38:50 | 000,330,240 | ---- | C] ((주)마크애니) -- C:\WINDOWS\MASetupCaller.dll
    [2012/05/23 18:49:34 | 000,090,112 | ---- | C] ((주)마크애니) -- C:\WINDOWS\MAMCityDownload.ocx
    [2012/05/23 18:49:32 | 000,569,344 | ---- | C] ((c) MusicCity) -- C:\WINDOWS\System32\muzdecode.ax
    [2012/05/23 18:49:32 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.dll
    [2012/05/23 18:49:32 | 000,352,256 | ---- | C] (Sample Corporation) -- C:\WINDOWS\System32\MSLUR71.dll
    [2012/05/23 18:49:32 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- C:\WINDOWS\System32\muzoggsp.ax
    [2012/05/23 18:49:32 | 000,245,760 | ---- | C] (Teruten Inc.) -- C:\WINDOWS\System32\MSCLib.dll
    [2012/05/23 18:49:32 | 000,200,704 | ---- | C] ( (c) MusicCity) -- C:\WINDOWS\System32\muzwmts.dll
    [2012/05/23 18:49:32 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.exe
    [2012/05/23 18:49:32 | 000,155,648 | ---- | C] (Teruten Inc.) -- C:\WINDOWS\System32\MSFLib.dll
    [2012/05/23 18:49:32 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzaf1.dll
    [2012/05/23 18:49:32 | 000,131,072 | ---- | C] ((c) MusicCity) -- C:\WINDOWS\System32\muzmpgsp.ax
    [2012/05/23 18:49:32 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- C:\WINDOWS\System32\muzeffect.ax
    [2012/05/23 18:49:32 | 000,118,784 | ---- | C] ((주)마크애니) -- C:\WINDOWS\System32\MaDRM.dll
    [2012/05/23 18:49:32 | 000,110,592 | ---- | C] ((c) MusicCity) -- C:\WINDOWS\System32\muzmp4sp.ax
    [2012/05/23 18:49:32 | 000,057,344 | ---- | C] (Marktek) -- C:\WINDOWS\System32\MK_Lyric.dll
    [2012/05/23 18:49:32 | 000,057,344 | ---- | C] (Marktek Inc.) -- C:\WINDOWS\System32\MTXSYNCICON.dll
    [2012/05/23 18:49:32 | 000,049,152 | ---- | C] ((주) 마크애니) -- C:\WINDOWS\System32\MaJGUILib.dll
    [2012/05/23 18:49:32 | 000,045,320 | ---- | C] (MARKANY) -- C:\WINDOWS\System32\MAMACExtract.dll
    [2012/05/23 18:49:32 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\WINDOWS\System32\MaXMLProto.dll
    [2012/05/23 18:49:32 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\WINDOWS\System32\MACXMLProto.dll
    [2012/05/23 18:49:32 | 000,040,960 | ---- | C] (Telechips Inc.,) -- C:\WINDOWS\System32\MTTELECHIP.dll
    [2012/05/23 18:49:32 | 000,024,576 | ---- | C] ((주)마크애니) -- C:\WINDOWS\System32\MASetupCleaner.exe

    ========== Files - Modified Within 30 Days ==========

    [2012/06/15 22:54:49 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Derek\Desktop\OTL.exe
    [2012/06/15 22:49:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/06/15 22:49:11 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2012/06/15 22:48:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/06/14 23:44:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2012/06/14 23:31:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2012/06/14 19:45:12 | 000,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2012/06/14 00:00:19 | 000,502,826 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/06/14 00:00:19 | 000,087,126 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2012/06/13 23:48:57 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2012/06/10 23:19:13 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2012/06/10 22:41:20 | 000,001,594 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies.lnk
    [2012/06/10 22:38:58 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\Derek\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
    [2012/06/10 22:29:11 | 092,939,360 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Documents and Settings\Derek\Desktop\Kies_2.3.2.12054_19_1.exe
    [2012/06/08 20:38:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/06/08 20:26:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2012/06/04 13:25:35 | 004,536,354 | R--- | M] (Swearware) -- C:\Documents and Settings\Derek\Desktop\ComboFix.exe
    [2012/05/29 00:38:50 | 000,330,240 | ---- | M] ((주)마크애니) -- C:\WINDOWS\MASetupCaller.dll
    [2012/05/23 18:50:06 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
    [2012/05/23 18:49:34 | 000,090,112 | ---- | M] ((주)마크애니) -- C:\WINDOWS\MAMCityDownload.ocx
    [2012/05/23 18:49:34 | 000,030,568 | ---- | M] () -- C:\WINDOWS\MusiccityDownload.exe
    [2012/05/23 18:49:32 | 000,974,848 | ---- | M] () -- C:\WINDOWS\System32\cis-2.4.dll
    [2012/05/23 18:49:32 | 000,569,344 | ---- | M] ((c) MusicCity) -- C:\WINDOWS\System32\muzdecode.ax
    [2012/05/23 18:49:32 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.dll
    [2012/05/23 18:49:32 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\WINDOWS\System32\MSLUR71.dll
    [2012/05/23 18:49:32 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- C:\WINDOWS\System32\muzoggsp.ax
    [2012/05/23 18:49:32 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\WINDOWS\System32\MSCLib.dll
    [2012/05/23 18:49:32 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\WINDOWS\System32\muzwmts.dll
    [2012/05/23 18:49:32 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.exe
    [2012/05/23 18:49:32 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\WINDOWS\System32\MSFLib.dll
    [2012/05/23 18:49:32 | 000,143,360 | ---- | M] () -- C:\WINDOWS\System32\3DAudio.ax
    [2012/05/23 18:49:32 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzaf1.dll
    [2012/05/23 18:49:32 | 000,131,072 | ---- | M] ((c) MusicCity) -- C:\WINDOWS\System32\muzmpgsp.ax
    [2012/05/23 18:49:32 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- C:\WINDOWS\System32\muzeffect.ax
    [2012/05/23 18:49:32 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\WINDOWS\System32\MaDRM.dll
    [2012/05/23 18:49:32 | 000,110,592 | ---- | M] ((c) MusicCity) -- C:\WINDOWS\System32\muzmp4sp.ax
    [2012/05/23 18:49:32 | 000,081,920 | ---- | M] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
    [2012/05/23 18:49:32 | 000,065,536 | ---- | M] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
    [2012/05/23 18:49:32 | 000,057,344 | ---- | M] (Marktek) -- C:\WINDOWS\System32\MK_Lyric.dll
    [2012/05/23 18:49:32 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\WINDOWS\System32\MTXSYNCICON.dll
    [2012/05/23 18:49:32 | 000,057,344 | ---- | M] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
    [2012/05/23 18:49:32 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\WINDOWS\System32\MaJGUILib.dll
    [2012/05/23 18:49:32 | 000,045,320 | ---- | M] (MARKANY) -- C:\WINDOWS\System32\MAMACExtract.dll
    [2012/05/23 18:49:32 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\WINDOWS\System32\MaXMLProto.dll
    [2012/05/23 18:49:32 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\WINDOWS\System32\MACXMLProto.dll
    [2012/05/23 18:49:32 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\WINDOWS\System32\MTTELECHIP.dll
    [2012/05/23 18:49:32 | 000,024,576 | ---- | M] ((주)마크애니) -- C:\WINDOWS\System32\MASetupCleaner.exe
    [2012/05/23 18:49:30 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
    [2012/05/23 18:49:30 | 000,020,032 | ---- | M] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
    [2012/05/18 22:17:00 | 136,025,416 | ---- | M] () -- C:\Documents and Settings\Derek\Desktop\setup_11.0.0.1245.x01_2012_05_18_23_08.exe

    ========== Files Created - No Company Name ==========

    [2012/06/10 23:18:55 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2012/06/10 22:41:20 | 000,001,594 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies.lnk
    [2012/06/10 22:38:58 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\Derek\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
    [2012/05/23 18:49:34 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
    [2012/05/23 18:49:32 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
    [2012/05/23 18:49:32 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\3DAudio.ax
    [2012/05/23 18:49:32 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
    [2012/05/23 18:49:32 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
    [2012/05/23 18:49:32 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
    [2012/05/18 22:16:56 | 136,025,416 | ---- | C] () -- C:\Documents and Settings\Derek\Desktop\setup_11.0.0.1245.x01_2012_05_18_23_08.exe
    [2012/04/24 19:58:29 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2012/04/24 19:58:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2012/04/24 19:58:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2012/04/24 19:58:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2012/04/24 19:58:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2012/04/19 22:01:44 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
    [2012/02/23 23:30:43 | 000,476,090 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-117609710-682003330-1801674531-1003-0.dat
    [2012/02/23 23:30:43 | 000,123,526 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
    [2012/02/15 22:57:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2011/07/25 23:01:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
    [2011/07/25 23:01:35 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2011/07/25 23:01:35 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2011/07/25 23:01:35 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll
    [2011/07/25 23:01:34 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2011/05/08 16:10:34 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
    [2011/05/07 15:24:05 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
    [2011/05/07 13:38:31 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
    [2011/05/07 13:38:31 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
    [2011/05/07 12:21:55 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
    [2011/05/07 12:21:55 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
    [2011/05/07 12:21:55 | 000,010,150 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
    [2011/05/07 12:21:55 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
    [2011/05/07 12:18:00 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Derek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/05/07 12:08:02 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2011/05/07 12:08:02 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
    [2011/05/04 23:02:37 | 000,165,571 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
    [2011/05/04 23:02:37 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
    [2011/05/03 22:49:00 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
    [2011/05/03 22:42:55 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
    [2011/05/03 22:42:55 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
    [2011/05/03 22:35:53 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
    [2011/05/03 20:25:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2011/05/03 20:24:21 | 000,115,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/05/03 20:11:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
    [2011/05/03 20:06:03 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4833.dll
    [2011/05/03 20:06:02 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
    [2011/05/03 19:38:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2011/05/03 19:32:42 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

    ========== LOP Check ==========

    [2011/05/05 22:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
    [2011/09/01 11:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PurePlay
    [2012/06/10 22:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
    [2011/05/07 15:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
    [2011/05/07 12:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2012/06/10 22:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Derek\Application Data\Samsung
    [2011/05/05 23:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Derek\Application Data\WinBatch
    [2011/05/03 20:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Derek\Application Data\Windows Desktop Search
    [2011/05/05 22:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Derek\Application Data\Windows Search

    ========== Purity Check ==========


    < End of report >
     
  3. Kronos2401

    Kronos2401 Thread Starter

    Joined:
    Mar 31, 2012
    Messages:
    74
    Eddie, yes I only got the OTL and no EXTRA.txt.
     
  4. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Okay, its looking a lot better now :)

    This is a different tool to OTL. Very similar name, but called OTS ;)

    Download OTS to your Desktop and double-click on it to run it
    • Make sure you close all other programs and don't use the PC while the scan runs.
    • Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
    • When the scan is complete Notepad will open with the report file loaded in it.
    • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
    Use the Add Reply button and post the information back here in an attachment. I will review it when it comes in. The last line is < End of Report >, so make sure that is the last line in the attached report.


    Make sure you attach the report in your reply. If it is too big to upload, then zip the text file and upload it that way
     
  5. Kronos2401

    Kronos2401 Thread Starter

    Joined:
    Mar 31, 2012
    Messages:
    74
    Code:
    OTS logfile created on: 22/06/2012 21:31:28 - Run 1
    OTS by OldTimer - Version 3.1.47.2     Folder = C:\Documents and Settings\Derek\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
     
    2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
    4.00 Gb Paging File | 3.00 Gb Available in Paging File | 91.00% Paging File free
    Paging file location(s): C:\pagefile.sys 0 0 [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 55.74 Gb Total Space | 36.29 Gb Free Space | 65.10% Space Free | Partition Type: NTFS
    Drive D: | 54.58 Gb Total Space | 15.23 Gb Free Space | 27.89% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
     
    Computer Name: EQUIUM
    Current User Name: Derek
    Logged in as Administrator.
     
    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
     
    [Processes - Safe List]
    ots.exe -> C:\Documents and Settings\Derek\Desktop\OTS.exe -> [2012/06/22 21:30:07 | 000,646,656 | ---- | M] (OldTimer Tools)
    kiespdlr.exe -> C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -> [2012/05/29 18:18:06 | 000,021,432 | ---- | M] ()
    kiestrayagent.exe -> C:\Program Files\Samsung\Kies\KiesTrayAgent.exe -> [2012/05/29 18:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.)
    sascore.exe -> C:\Program Files\SUPERAntiSpyware\SASCore.exe -> [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com)
    mybusinessworksstat.exe -> C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksstat.exe -> [2011/03/29 07:17:18 | 003,571,520 | ---- | M] (MyBusinessWorks)
    mybusinessworksbackup.exe -> C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksbackup.exe -> [2011/03/29 07:17:16 | 000,046,912 | ---- | M] (MyBusinessWorks)
    acu.exe -> C:\Program Files\Atheros\ACU.exe -> [2009/03/06 03:26:38 | 000,479,320 | ---- | M] (Atheros Communications, Inc.)
    acs.exe -> C:\WINDOWS\system32\acs.exe -> [2009/03/06 03:26:06 | 000,495,700 | ---- | M] (Atheros)
    explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation)
    thotkey.exe -> C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe -> [2008/03/04 12:12:04 | 000,360,448 | ---- | M] (TOSHIBA)
    tappsrv.exe -> C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe -> [2007/04/10 08:45:20 | 000,035,840 | ---- | M] (TOSHIBA Corp.)
     
    [Modules - No Company Name]
    system.windows.forms.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d55bed00e3d36b0db5bd3994c77fe850\System.Windows.Forms.ni.dll -> [2012/06/13 23:58:11 | 013,198,336 | ---- | M] ()
    presentationframework.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\063174e87d258ef1db040cbfbdd4cd31\PresentationFramework.ni.dll -> [2012/06/13 23:53:05 | 018,019,840 | ---- | M] ()
    presentationcore.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\984f8802a334d2ae862b66bf71332c10\PresentationCore.ni.dll -> [2012/06/13 23:52:40 | 011,522,048 | ---- | M] ()
    windowsbase.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\697786bb51408d41d980263d90a56d03\WindowsBase.ni.dll -> [2012/06/13 23:52:23 | 003,881,984 | ---- | M] ()
    system.drawing.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\9abdaeea6a61127606bbc324d9177579\System.Drawing.ni.dll -> [2012/06/13 23:52:20 | 001,666,048 | ---- | M] ()
    system.runtime.remoting.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\367837cb7f83c9e52f09278f4e6c3ccd\System.Runtime.Remoting.ni.dll -> [2012/06/10 23:14:08 | 000,762,880 | ---- | M] ()
    clisecurert.dll -> C:\Documents and Settings\Derek\Local Settings\temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll -> [2012/06/10 22:41:44 | 000,115,137 | ---- | M] ()
    system.management.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\0189f9fb0ff0476b570aeadfc036ddd6\System.Management.ni.dll -> [2012/06/10 22:40:55 | 001,218,560 | ---- | M] ()
    system.xaml.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\f91c92735c4a913143a0914c8cb531f2\System.Xaml.ni.dll -> [2012/06/10 22:40:25 | 001,782,272 | ---- | M] ()
    presentationframework.luna.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\235bea2e40e40adb87a69b061d5b9cbf\PresentationFramework.Luna.ni.dll -> [2012/06/10 22:37:00 | 000,755,712 | ---- | M] ()
    system.core.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\500ffaf6258746eaf0bfc333ab534a51\System.Core.ni.dll -> [2012/06/10 22:36:31 | 007,069,184 | ---- | M] ()
    system.xml.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\b54a85f8f8f5ac297357c80b95834a90\System.Xml.ni.dll -> [2012/06/10 22:36:27 | 005,617,664 | ---- | M] ()
    system.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\360d70391adff56f1d029b1a538d2431\System.ni.dll -> [2012/06/10 22:36:18 | 009,092,096 | ---- | M] ()
    mscorlib.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\97d737762adec957a2d7c80fafb4703a\mscorlib.ni.dll -> [2012/06/10 22:36:07 | 014,415,360 | ---- | M] ()
    kiespdlr.exe -> C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -> [2012/05/29 18:18:06 | 000,021,432 | ---- | M] ()
     
    [Win32 Services - Safe List]
    (AdobeFlashPlayerUpdateSvc) Adobe Flash Player Update Service [On_Demand | Stopped] -> C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -> [2012/05/05 15:44:40 | 000,257,696 | ---- | M] (Adobe Systems Incorporated)
    (!SASCORE) SAS Core Service [Auto | Running] -> C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -> [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com)
    (MyBusinessWorksbackup) MozyPro Backup Service [Auto | Running] -> C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksbackup.exe -> [2011/03/29 07:17:16 | 000,046,912 | ---- | M] (MyBusinessWorks)
    (ACS) Atheros Configuration Service [Auto | Running] -> C:\WINDOWS\system32\acs.exe -> [2009/03/06 03:26:06 | 000,495,700 | ---- | M] (Atheros)
    (TAPPSRV) TOSHIBA Application Service [Auto | Running] -> C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe -> [2007/04/10 08:45:20 | 000,035,840 | ---- | M] (TOSHIBA Corp.)
     
    [Driver Services - Safe List]
    (dgderdrv) dgderdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\dgderdrv.sys -> [2012/05/23 18:49:30 | 000,020,032 | ---- | M] (Devguru Co., Ltd)
    (SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -> [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    (SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    (ssadmdm) SAMSUNG Android USB Modem Drivers [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ssadmdm.sys -> [2011/06/02 06:47:22 | 000,136,808 | ---- | M] (MCCI Corporation)
    (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ssadbus.sys -> [2011/06/02 06:47:22 | 000,121,064 | ---- | M] (MCCI Corporation)
    (ssadmdfl) SAMSUNG Android USB Modem (Filter) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ssadmdfl.sys -> [2011/06/02 06:47:22 | 000,012,776 | ---- | M] (MCCI Corporation)
    (MyBusinessWorksFilter) MyBusinessWorksFilter [File_System | System | Running] -> C:\WINDOWS\system32\drivers\MyBusinessWorks.sys -> [2011/03/29 07:17:10 | 000,054,776 | ---- | M] (Mozy, Inc.)
    (RTLE8023xp) Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtenicxp.sys -> [2010/07/06 03:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation                           )
    (AR5416) Atheros AR5008 Wireless Network Adapter Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\athw.sys -> [2009/09/30 15:17:02 | 001,585,728 | ---- | M] (Atheros Communications, Inc.)
    (WSIMD) wsimd Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\wsimd.sys -> [2009/03/16 23:19:44 | 000,058,208 | ---- | M] (Atheros Communications, Inc.)
    (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.sys -> [2008/01/30 12:28:36 | 004,725,760 | ---- | M] (Realtek Semiconductor Corp.)
    (FwLnk) FwLnk Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\FwLnk.sys -> [2007/04/04 08:56:48 | 000,005,888 | ---- | M] (TOSHIBA Corporation)
    (AgereSoftModem) TOSHIBA V92 Software Modem [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\AGRSM.sys -> [2006/11/28 15:11:00 | 001,161,888 | ---- | M] (Agere Systems)
    (d347prt) d347prt [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\d347prt.sys -> [2004/08/22 16:31:48 | 000,005,248 | ---- | M] ( )
    (d347bus) d347bus [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\d347bus.sys -> [2004/08/22 16:31:10 | 000,155,136 | ---- | M] ( )
     
    [Registry - Safe List]
    < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
    < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
    HKEY_CURRENT_USER\: Main\\"Start Page" -> [URL]https://login.yahoo.com/config/login?.src=fpctx&.intl=uk&.pd=c%3D6T7evjap2e6CwWSb86QVdqk-&.done=http%3A%2F%2Fuk.yahoo.com%2F[/URL] -> 
    HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
    < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
    HKLM\software\mozilla\Firefox\Extensions ->  -> 
    HKLM\software\mozilla\Firefox\Extensions\\[email protected] -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON2] -> [2011/05/04 23:10:01 | 000,000,000 | ---D | M]
    < FireFox Extensions [User Folders] > -> 
    < HOSTS File > ([2012/06/08 20:26:53 | 000,000,027 | ---- | M] - 1 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> 
    Reset Hosts
    127.0.0.1       localhost
    < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> [2006/01/12 20:38:22 | 000,063,128 | ---- | M] (Adobe Systems Incorporated)
    < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
    "ACU" -> C:\Program Files\Atheros\ACU.exe ["C:\Program Files\Atheros\ACU.exe" -nogui] -> [2009/03/06 03:26:38 | 000,479,320 | ---- | M] (Atheros Communications, Inc.)
    "KiesTrayAgent" -> C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [C:\Program Files\Samsung\Kies\KiesTrayAgent.exe] -> [2012/05/29 18:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.)
    "THotkey" -> C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe [C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe] -> [2008/03/04 12:12:04 | 000,360,448 | ---- | M] (TOSHIBA)
    < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
    "KiesAirMessage" ->  [C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup] -> File not found
    "KiesHelper" -> C:\Program Files\Samsung\Kies\KiesHelper.exe [C:\Program Files\Samsung\Kies\KiesHelper.exe /s] -> [2012/05/29 18:17:52 | 000,958,392 | ---- | M] (Samsung)
    "KiesPDLR" -> C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe] -> [2012/05/29 18:18:06 | 000,021,432 | ---- | M] ()
    < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyPro Status.lnk -> C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksstat.exe -> [2011/03/29 07:17:18 | 003,571,520 | ---- | M] (MyBusinessWorks)
    < Derek Startup Folder > -> C:\Documents and Settings\Derek\Start Menu\Programs\Startup -> 
    < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
    < Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
    < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    [URL="file://\\"HonorAutoRunSetting"]\\"HonorAutoRunSetting[/URL]" ->  [1] -> File not found
    [URL="file://\\"NoDriveAutoRun"]\\"NoDriveAutoRun[/URL]" ->  [67108863] -> File not found
    [URL="file://\\"NoDriveTypeAutoRun"]\\"NoDriveTypeAutoRun[/URL]" ->  [323] -> File not found
    [URL="file://\\"NoDrives"]\\"NoDrives[/URL]" ->  [0] -> File not found
    < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
    < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    [URL="file://\\"NoDriveTypeAutoRun"]\\"NoDriveTypeAutoRun[/URL]" ->  [323] -> File not found
    [URL="file://\\"NoDriveAutoRun"]\\"NoDriveAutoRun[/URL]" ->  [67108863] -> File not found
    [URL="file://\\"NoDrives"]\\"NoDrives[/URL]" ->  [0] -> File not found
    < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
    < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
    CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] ->  [Reg Error: Key error.] -> File not found
    < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
    < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    "" -> http://
    < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
    < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
    < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
    < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
    < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
    {7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> [URL]http://download.eset.com/special/eos/OnlineScanner.cab[/URL] [OnlineScanner Control] -> 
    < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
    DhcpNameServer -> 192.168.0.1 -> 
    < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
    {4C27D94A-9E3D-4F0F-9232-EB531D577190}\\DhcpNameServer -> 192.168.0.1   (Realtek PCIe FE Family Controller) -> 
    {ECA2E087-C26F-4614-89F4-A5E9B371EE46}\\DhcpNameServer -> 192.168.0.1   (Atheros AR5006EX Wireless Network Adapter) -> 
    < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
    *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
    Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation)
    *MultiFile Done* -> -> 
    *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
    C:\WINDOWS\system32\userinit.exe -> C:\WINDOWS\system32\userinit.exe -> [2008/04/14 06:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation)
    *MultiFile Done* -> -> 
    < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
    !SASWinLogon -> C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL -> [2011/05/04 18:54:14 | 000,551,296 | ---- | M] (SUPERAntiSpyware.com)
    < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [] -> [2011/07/19 01:02:18 | 000,113,024 | ---- | M] (SuperAdBlocker.com)
    < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hposid01.exe [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe] -> [2008/07/01 00:06:02 | 000,107,864 | ---- | M] (Hewlett-Packard Co.)
    < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hposid01.exe [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe] -> [2008/07/01 00:06:02 | 000,107,864 | ---- | M] (Hewlett-Packard Co.)
    "C:\WINDOWS\system32\muzapp.exe" -> C:\WINDOWS\System32\muzapp.exe [C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player] -> [2012/05/23 18:49:32 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.)
    < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
    < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
    "AutoRun" -> 1 -> 
    "DisplayName" -> CD-ROM Driver -> 
    "ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
    < Drives with AutoRun files > ->  -> 
    C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2011/05/03 19:35:50 | 000,000,000 | ---- | M] ()
    < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
    < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
    comfile [open] -> "%1" %* -> 
    exefile [open] -> "%1" %* -> 
    < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
    .com [@ = ComFile] -> "%1" %* -> 
    .exe [@ = exefile] -> "%1" %* -> 
     
     
    [Files/Folders - Created Within 30 Days]
     OTS.exe -> C:\Documents and Settings\Derek\Desktop\OTS.exe -> [2012/06/22 21:30:02 | 000,646,656 | ---- | C] (OldTimer Tools)
     RECYCLER -> C:\RECYCLER -> [2012/06/15 22:54:32 | 000,000,000 | -HSD | C]
     PCHealth -> C:\Documents and Settings\Derek\Local Settings\Application Data\PCHealth -> [2012/06/14 19:51:42 | 000,000,000 | ---D | C]
     jsdbgui.dll -> C:\WINDOWS\System32\dllcache\jsdbgui.dll -> [2012/06/13 23:13:04 | 000,521,728 | ---- | C] (Microsoft Corporation)
     ssadmdm.sys -> C:\WINDOWS\System32\drivers\ssadmdm.sys -> [2012/06/10 23:01:26 | 000,136,808 | ---- | C] (MCCI Corporation)
     ssadmdfl.sys -> C:\WINDOWS\System32\drivers\ssadmdfl.sys -> [2012/06/10 23:01:26 | 000,012,776 | ---- | C] (MCCI Corporation)
     ssadcmnt.sys -> C:\WINDOWS\System32\drivers\ssadcmnt.sys -> [2012/06/10 23:01:26 | 000,010,472 | ---- | C] (MCCI Corporation)
     ssadbus.sys -> C:\WINDOWS\System32\drivers\ssadbus.sys -> [2012/06/10 23:01:25 | 000,121,064 | ---- | C] (MCCI Corporation)
     ssadwhnt.sys -> C:\WINDOWS\System32\drivers\ssadwhnt.sys -> [2012/06/10 23:01:25 | 000,010,344 | ---- | C] (MCCI Corporation)
     Samsung -> C:\Documents and Settings\Derek\Local Settings\Application Data\Samsung -> [2012/06/10 22:41:40 | 000,000,000 | ---D | C]
     ssadcm.sys -> C:\WINDOWS\System32\drivers\ssadcm.sys -> [2012/06/10 22:39:54 | 000,010,472 | ---- | C] (MCCI Corporation)
     ssadwh.sys -> C:\WINDOWS\System32\drivers\ssadwh.sys -> [2012/06/10 22:39:53 | 000,010,344 | ---- | C] (MCCI Corporation)
     Samsung -> C:\Documents and Settings\All Users\Start Menu\Programs\Samsung -> [2012/06/10 22:38:58 | 000,000,000 | ---D | C]
     Redemption.dll -> C:\WINDOWS\System32\Redemption.dll -> [2012/06/10 22:38:54 | 004,659,712 | ---- | C] (Dmitry Streblechenko)
     dgderapi.dll -> C:\WINDOWS\System32\dgderapi.dll -> [2012/06/10 22:38:40 | 000,821,824 | ---- | C] (Devguru Co., Ltd.)
     dgderdrv.sys -> C:\WINDOWS\System32\drivers\dgderdrv.sys -> [2012/06/10 22:38:40 | 000,020,032 | ---- | C] (Devguru Co., Ltd)
     MarkAny -> C:\Program Files\MarkAny -> [2012/06/10 22:38:40 | 000,000,000 | ---D | C]
     Config.Msi -> C:\Config.Msi -> [2012/06/10 22:34:05 | 000,000,000 | -HSD | C]
     Kies_2.3.2.12054_19_1.exe -> C:\Documents and Settings\Derek\Desktop\Kies_2.3.2.12054_19_1.exe -> [2012/06/10 22:29:08 | 092,939,360 | ---- | C] (Samsung Electronics Co., Ltd.                                )
     ComboFix.exe -> C:\Documents and Settings\Derek\Desktop\ComboFix.exe -> [2012/06/04 13:25:35 | 004,536,354 | R--- | C] (Swearware)
     OTL.exe -> C:\Documents and Settings\Derek\Desktop\OTL.exe -> [2012/06/02 14:56:44 | 000,595,968 | ---- | C] (OldTimer Tools)
     MASetupCaller.dll -> C:\WINDOWS\MASetupCaller.dll -> [2012/05/29 00:38:50 | 000,330,240 | ---- | C] ((&#51452;)&#47560;&#53356;&#50528;&#45768;)
     
    [Files/Folders - Modified Within 30 Days]
     GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2012/06/22 21:31:00 | 000,000,884 | ---- | M] ()
     OTS.exe -> C:\Documents and Settings\Derek\Desktop\OTS.exe -> [2012/06/22 21:30:07 | 000,646,656 | ---- | M] (OldTimer Tools)
     wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2012/06/22 21:04:38 | 000,002,206 | ---- | M] ()
     GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2012/06/22 21:03:01 | 000,000,880 | ---- | M] ()
     bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2012/06/22 21:02:41 | 000,002,048 | --S- | M] ()
     Adobe Flash Player Updater.job -> C:\WINDOWS\tasks\Adobe Flash Player Updater.job -> [2012/06/18 22:44:00 | 000,000,830 | ---- | M] ()
     d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2012/06/17 00:02:17 | 000,000,664 | ---- | M] ()
     OTL.exe -> C:\Documents and Settings\Derek\Desktop\OTL.exe -> [2012/06/15 22:54:49 | 000,595,968 | ---- | M] (OldTimer Tools)
     FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2012/06/14 19:45:12 | 000,115,768 | ---- | M] ()
     perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2012/06/14 00:00:19 | 000,502,826 | ---- | M] ()
     perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2012/06/14 00:00:19 | 000,087,126 | ---- | M] ()
     imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2012/06/13 23:48:57 | 000,001,374 | ---- | M] ()
     Samsung Kies.lnk -> C:\Documents and Settings\All Users\Desktop\Samsung Kies.lnk -> [2012/06/10 22:41:20 | 000,001,594 | ---- | M] ()
     Samsung Kies.lnk -> C:\Documents and Settings\Derek\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk -> [2012/06/10 22:38:58 | 000,001,612 | ---- | M] ()
     Kies_2.3.2.12054_19_1.exe -> C:\Documents and Settings\Derek\Desktop\Kies_2.3.2.12054_19_1.exe -> [2012/06/10 22:29:11 | 092,939,360 | ---- | M] (Samsung Electronics Co., Ltd.                                )
     Malwarebytes Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk -> [2012/06/08 20:38:44 | 000,000,784 | ---- | M] ()
     hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2012/06/08 20:26:53 | 000,000,027 | ---- | M] ()
     ComboFix.exe -> C:\Documents and Settings\Derek\Desktop\ComboFix.exe -> [2012/06/04 13:25:35 | 004,536,354 | R--- | M] (Swearware)
     crypt32.dll -> C:\WINDOWS\System32\dllcache\crypt32.dll -> [2012/05/31 14:22:09 | 000,599,040 | ---- | M] (Microsoft Corporation)
     MASetupCaller.dll -> C:\WINDOWS\MASetupCaller.dll -> [2012/05/29 00:38:50 | 000,330,240 | ---- | M] ((&#51452;)&#47560;&#53356;&#50528;&#45768;)
     
    [Files - No Company Name]
     d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2012/06/10 23:18:55 | 000,000,664 | ---- | C] ()
     Samsung Kies.lnk -> C:\Documents and Settings\All Users\Desktop\Samsung Kies.lnk -> [2012/06/10 22:41:20 | 000,001,594 | ---- | C] ()
     Samsung Kies.lnk -> C:\Documents and Settings\Derek\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk -> [2012/06/10 22:38:58 | 000,001,612 | ---- | C] ()
     MusiccityDownload.exe -> C:\WINDOWS\MusiccityDownload.exe -> [2012/05/23 18:49:34 | 000,030,568 | ---- | C] ()
     cis-2.4.dll -> C:\WINDOWS\System32\cis-2.4.dll -> [2012/05/23 18:49:32 | 000,974,848 | ---- | C] ()
     issacapi_bs-2.3.dll -> C:\WINDOWS\System32\issacapi_bs-2.3.dll -> [2012/05/23 18:49:32 | 000,081,920 | ---- | C] ()
     issacapi_pe-2.3.dll -> C:\WINDOWS\System32\issacapi_pe-2.3.dll -> [2012/05/23 18:49:32 | 000,065,536 | ---- | C] ()
     issacapi_se-2.3.dll -> C:\WINDOWS\System32\issacapi_se-2.3.dll -> [2012/05/23 18:49:32 | 000,057,344 | ---- | C] ()
     PEV.exe -> C:\WINDOWS\PEV.exe -> [2012/04/24 19:58:29 | 000,256,000 | ---- | C] ()
     MBR.exe -> C:\WINDOWS\MBR.exe -> [2012/04/24 19:58:29 | 000,208,896 | ---- | C] ()
     sed.exe -> C:\WINDOWS\sed.exe -> [2012/04/24 19:58:29 | 000,098,816 | ---- | C] ()
     grep.exe -> C:\WINDOWS\grep.exe -> [2012/04/24 19:58:29 | 000,080,412 | ---- | C] ()
     zip.exe -> C:\WINDOWS\zip.exe -> [2012/04/24 19:58:29 | 000,068,096 | ---- | C] ()
     MRT.INI -> C:\WINDOWS\System32\MRT.INI -> [2012/04/19 22:01:44 | 000,000,127 | ---- | C] ()
     WPFFontCache_v0400-S-1-5-21-117609710-682003330-1801674531-1003-0.dat -> C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-117609710-682003330-1801674531-1003-0.dat -> [2012/02/23 23:30:43 | 000,477,344 | ---- | C] ()
     WPFFontCache_v0400-System.dat -> C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat -> [2012/02/23 23:30:43 | 000,123,526 | ---- | C] ()
     iacenc.dll -> C:\WINDOWS\System32\iacenc.dll -> [2012/02/15 22:57:56 | 000,003,072 | ---- | C] ()
     avisplitter.ini -> C:\WINDOWS\avisplitter.ini -> [2011/07/25 23:01:36 | 000,000,038 | ---- | C] ()
     xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2011/07/25 23:01:35 | 000,650,752 | ---- | C] ()
     xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2011/07/25 23:01:35 | 000,243,200 | ---- | C] ()
     lagarith.dll -> C:\WINDOWS\System32\lagarith.dll -> [2011/07/25 23:01:35 | 000,216,064 | ---- | C] ( )
     ff_vfw.dll -> C:\WINDOWS\System32\ff_vfw.dll -> [2011/07/25 23:01:34 | 000,074,752 | ---- | C] ()
     NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2011/05/08 16:10:34 | 000,000,116 | ---- | C] ()
     unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2011/05/07 15:24:05 | 000,175,616 | ---- | C] ()
     d347bus.sys -> C:\WINDOWS\System32\drivers\d347bus.sys -> [2011/05/07 13:38:31 | 000,155,136 | ---- | C] ( )
     d347prt.sys -> C:\WINDOWS\System32\drivers\d347prt.sys -> [2011/05/07 13:38:31 | 000,005,248 | ---- | C] ( )
     csellang.ini -> C:\WINDOWS\System32\csellang.ini -> [2011/05/07 12:21:55 | 000,128,113 | ---- | C] ()
     csellang.dll -> C:\WINDOWS\System32\csellang.dll -> [2011/05/07 12:21:55 | 000,045,056 | ---- | C] ()
     tosmreg.ini -> C:\WINDOWS\System32\tosmreg.ini -> [2011/05/07 12:21:55 | 000,010,150 | ---- | C] ()
     cseltbl.ini -> C:\WINDOWS\System32\cseltbl.ini -> [2011/05/07 12:21:55 | 000,007,671 | ---- | C] ()
     DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Derek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/05/07 12:18:00 | 000,015,872 | ---- | C] ()
     ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2011/05/07 12:08:02 | 000,000,376 | ---- | C] ()
     mdm.ini -> C:\WINDOWS\mdm.ini -> [2011/05/07 12:08:02 | 000,000,063 | ---- | C] ()
     hpoins28.dat -> C:\WINDOWS\hpoins28.dat -> [2011/05/04 23:02:37 | 000,165,571 | ---- | C] ()
     hpomdl28.dat -> C:\WINDOWS\hpomdl28.dat -> [2011/05/04 23:02:37 | 000,000,796 | ---- | C] ()
     ISSRemoveSP.exe -> C:\WINDOWS\System32\ISSRemoveSP.exe -> [2011/05/03 22:49:00 | 000,451,072 | ---- | C] ()
     TCtrlIO.dll -> C:\WINDOWS\System32\TCtrlIO.dll -> [2011/05/03 22:42:55 | 000,118,784 | ---- | C] ()
     DLLVGA.dll -> C:\WINDOWS\System32\DLLVGA.dll -> [2011/05/03 22:42:55 | 000,053,248 | ---- | C] ( )
     IPTests.dll -> C:\WINDOWS\System32\IPTests.dll -> [2011/05/03 22:35:53 | 000,262,216 | ---- | C] ()
     ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2011/05/03 20:25:31 | 000,004,161 | ---- | C] ()
     FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011/05/03 20:24:21 | 000,115,768 | ---- | C] ()
     ChCfg.exe -> C:\WINDOWS\System32\ChCfg.exe -> [2011/05/03 20:11:50 | 000,049,152 | ---- | C] ()
     igfxCoIn_v4833.dll -> C:\WINDOWS\System32\igfxCoIn_v4833.dll -> [2011/05/03 20:06:03 | 000,204,800 | ---- | C] ()
     igmedkrn.dll -> C:\WINDOWS\System32\igmedkrn.dll -> [2011/05/03 20:06:02 | 000,910,464 | ---- | C] ()
     bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011/05/03 19:38:27 | 000,002,048 | --S- | C] ()
     emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2011/05/03 19:32:42 | 000,021,640 | ---- | C] ()
    < End of report >
    
     
  6. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.

    Code:
    [Unregister Dlls]
    [Modules - No Company Name]
    YY -> clisecurert.dll -> C:\Documents and Settings\Derek\Local Settings\temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
    [Registry - Safe List]
    < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    YN -> "KiesAirMessage" -> [C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup]
    < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\
    YN -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.]
    
    The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
     
  7. Kronos2401

    Kronos2401 Thread Starter

    Joined:
    Mar 31, 2012
    Messages:
    74
    [Modules - No Company Name]
    [Registry - Safe List]
    Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
    < End of fix log >
    OTS by OldTimer - Version 3.1.47.2 fix logfile created on 06272012_221537
     
  8. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Excellent :)

    How's the computer running now? Is the initial problem gone?

    If it is all okay, we'll remove the tools we've used, but I'll wait for your reply first ;)

    eddie
     
  9. Kronos2401

    Kronos2401 Thread Starter

    Joined:
    Mar 31, 2012
    Messages:
    74
    Eddie,

    The virtual memory error message has gone now, but I have notice other issues;

    1) From a standard window/file explorer - I can no longer display "Folders" on the left hand panel. If I try to press the "Folders" button at anytime, the entire explorer/window closes on its own.

    2) From visiting some web sites a request pops up asking to insert my windows 2000 installation disk, I have been pressing the cancel button, but a seperate error message pops up "1706". One of the site is the UK MSN homepage - http://uk.msn.com/?ocid=iehp

    What do you make of these then? is it still the ramnit virus?
     

    Attached Files:

  10. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Okay, lets look at the Windows Explorer folder part first :)

    When you're in Windows Explorer, at the top select Tools | Folder Options. Under the General tab, in the Tasks section, can you see the option Use Windows classic folders?

    If you can, select it, and then click on the View tab, and click Apply to All Folders

    Does that help?

    -----

    For the second problem, do you have Office installed? Why its popping up on websites is a bit strange, it could be related to Frontpage, as the site you posted is Microsoft. Is it only happening on Microsoft pages?
     
  11. Kronos2401

    Kronos2401 Thread Starter

    Joined:
    Mar 31, 2012
    Messages:
    74
    Eddie,

    Using the folder options didn't help, it just turns the panel off. I normally use the folder list panel to change directories from the list directly. When I select the folders the window closes just as before.

    Yes I have Office installed, but the pop up is not just from the Microsoft. There are others websites that will trigger the pop up.
     
  12. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Hmm, it may have messed with your Windows files. Can you see if you can do this:

    Go to start | Run and type this in:

    cmd

    And press Enter

    Now, in the box that pops up, type the following. Note the space before the /:


    sfc /scannow

    And press Enter.

    This will scan your system for any corrupted files, and may replace them. If Windows was preinstalled, it should be able to locate the originals in the cab files.

    If not, you're looking for the Windows XP disk, that should have the product ID number on it. Don't type the number here, its just so you know which one to look for ;)

    It may take a while, so grab a cuppa :)

    Let me know if there are any problems/questions.

    eddie
     
  13. Kronos2401

    Kronos2401 Thread Starter

    Joined:
    Mar 31, 2012
    Messages:
    74
    Eddie,

    It did ask for the installation disk, but didn't help, not the folder problem or the error message from simply going to websites such as MSN.
     
  14. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Okay, lets have a look at your Installed Programs:

    Start HiJackThis.

    Click on the "Open The Misc Tools Section" button.

    Click on the "Open Uninstall Manager" button.

    Click on the "Save List" button.

    Save the "uninstall_list.txt" file somewhere.

    It'll then open in Notepad.

    Return here to your thread, then copy-and-paste the entire file here.

    ---------

    Can you also see if there are any updates here:

    http://windowsupdate.microsoft.com/
     
  15. Kronos2401

    Kronos2401 Thread Starter

    Joined:
    Mar 31, 2012
    Messages:
    74
    32 Bit HP CIO Components Installer
    Adobe Flash Player 11 ActiveX
    Adobe Reader 7.0.7
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Atheros Client Utility
    Atheros Driver Installation Program
    Bluetooth Monitor 4
    DAEMON Tools
    ESET Online Scanner v3
    Google Earth
    Google Update Helper
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB915800-v4)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB961118)
    HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
    HP Imaging Device Functions 11.0
    HP Smart Web Printing
    HP Solution Center 11.0
    Intel(R) Graphics Media Accelerator Driver
    iTunes
    K-Lite Codec Pack 7.5.0 (Full)
    Malwarebytes Anti-Malware version 1.61.0.1400
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Client Profile
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Office 2000 Premium
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    MozyPro
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6.0 Parser
    Nero 7 Premium
    OCR Software by I.R.I.S. 11.0
    PurePlay Poker
    QuickTime
    REALTEK GbE & FE Ethernet PCI-E NIC Driver
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Card Reader
    Samsung Kies
    Samsung Kies
    SAMSUNG USB Driver for Mobile Phones
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB2675157)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Search 4 - KB963093
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    SUPERAntiSpyware
    TOSHIBA Hotkey Utility
    TOSHIBA Software Modem
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Windows (KB971513)
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows Internet Explorer 8 (KB2598845)
    Update for Windows Internet Explorer 8 (KB2632503)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2492386)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Windows Internet Explorer 8
    Windows Management Framework Core
    Windows Search 4.0
    WinZip 15.0
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1047464