Trojan RXJ Malware removed but browser still down

View previous topic View next topic Go down

Trojan RXJ Malware removed but browser still down

Post by matt1982 on Sat 29 Jan 2011, 7:56 pm

I used AVG to try to remove the viruses but it could only locate them and not remove them.

I used the Malwarebytes' Anti Malware software suggested for this virus. It located it and removed it. I ran another scan and it detected nothing, so it's gone.

I removed and reinstalled Google Chrome because it still wasn't working, and it's still not working. It stays on a blank screen and pops up with "Kill Page" or "Wait" (ie. not responding message).

IE started working again, but I hate IE. I want Chrome back.

Help! (And thanks so much for your article suggesting that software - it worked!)

matt1982

Unborn
Unborn

Posts : 4
Joined : 2011-01-29
Operating System : Vista

View user profile

Back to top Go down

Re: Trojan RXJ Malware removed but browser still down

Post by Belahzur on Sun 30 Jan 2011, 6:37 pm

Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-03
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trojan RXJ Malware removed but browser still down

Post by matt1982 on Sun 30 Jan 2011, 11:23 pm

OTL.txt:
OTL logfile created on: 30/01/2011 9:15:24 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Matt\Desktop
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 42.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51.14 Gb Total Space | 7.57 Gb Free Space | 14.80% Space Free | Partition Type: NTFS
Drive D: | 50.89 Gb Total Space | 24.62 Gb Free Space | 48.38% Space Free | Partition Type: NTFS

Computer Name: MATT-LAPTOP | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/30 21:14:19 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Desktop\OTL.exe
PRC - [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/16 18:24:30 | 023,343,848 | ---- | M] (Dropbox, Inc.) -- C:\Users\Matt\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/22 04:56:48 | 000,745,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/28 22:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/02 11:24:19 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Matt\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2007/07/05 19:06:00 | 004,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/06/21 17:25:46 | 000,118,464 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
PRC - [2007/06/21 17:25:44 | 000,257,736 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
PRC - [2007/06/21 17:24:12 | 001,076,832 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
PRC - [2007/06/05 09:13:28 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/05/22 14:00:02 | 000,135,168 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/05/16 21:15:22 | 000,163,840 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007/05/16 17:37:26 | 000,528,384 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007/04/25 15:34:30 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/04/25 10:35:56 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2007/03/14 09:52:30 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007/02/13 05:26:50 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/02/09 05:35:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/11/24 11:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2006/10/04 20:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2005/03/28 08:19:46 | 000,446,464 | ---- | M] (TRENDnet International, Inc.) -- C:\Program Files\TRENDware\TEW444UB\ACU.exe


========== Modules (SafeList) ==========

MOD - [2011/01/30 21:14:19 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Desktop\OTL.exe
MOD - [2007/05/22 14:00:04 | 000,090,112 | ---- | M] (acer) -- C:\Windows\System32\eNetHook.dll
MOD - [2006/11/02 01:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/07/31 05:15:55 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/21 17:25:46 | 000,118,464 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/06/21 17:25:44 | 000,257,736 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007/06/21 17:24:12 | 001,076,832 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2007/06/05 09:13:28 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/05/22 14:00:02 | 000,135,168 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/05/16 21:15:22 | 000,163,840 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007/04/25 15:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/03/14 09:52:30 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/02/13 05:26:50 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/11/24 11:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2006/10/04 20:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2005/02/24 06:45:20 | 000,036,864 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\acs.exe -- (ACS)


========== Driver Services (SafeList) ==========

DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/03 15:23:58 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/03 15:23:54 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/03 15:23:52 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2007/07/31 05:34:10 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2007/07/09 17:59:00 | 001,792,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/18 02:03:32 | 000,737,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/06/13 18:33:26 | 000,154,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/12 09:38:26 | 001,729,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/06/05 00:57:48 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2007/05/21 20:28:44 | 001,771,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/04/26 01:19:26 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/04/26 01:18:04 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/04/26 01:17:54 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/04/25 15:34:44 | 000,016,680 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2007/04/25 15:34:40 | 000,060,712 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk)
DRV - [2007/04/25 15:34:38 | 000,020,776 | ---- | M] (HiTRUST) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2007/03/08 22:56:04 | 001,163,616 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/01/29 21:23:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/12/07 17:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/11/02 05:29:38 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006/11/02 05:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/11/02 01:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 01:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 01:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 01:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 01:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 01:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 01:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 01:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 01:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 01:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 01:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 01:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 01:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 01:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 01:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 01:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 01:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 01:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 01:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 01:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 01:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 01:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 01:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 01:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 01:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 01:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 01:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 01:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 01:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 01:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 01:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 01:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 01:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 01:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 01:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 01:15:23 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2006/11/02 01:14:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2006/11/02 00:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 00:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 00:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 00:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 00:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 00:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/01 23:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/01 23:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/01 23:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2005/02/24 21:42:26 | 000,043,392 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Athfmwdl.sys -- (ATHFMWDL)
DRV - [2005/02/24 21:38:30 | 000,285,568 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ar5523.sys -- (AR5523)
DRV - [2003/06/10 16:51:27 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/01/29 13:10:06 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.dll ( )
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SetPanel] File not found
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Acer Tour Reminder] File not found
O4 - Startup: C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Matt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} [You must be registered and logged in to see this link.] (MySpace Uploader Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [You must be registered and logged in to see this link.] (MSN Photo Upload Tool)
O16 - DPF: {80F8E201-D1E2-4AC5-B3D6-FE22CCF01DF6} [You must be registered and logged in to see this link.] (VPlayer Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {B102CE69-5C2F-4363-9E6D-C61B61FD92DD} [You must be registered and logged in to see this link.] (OGGPlay.UserControl1)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_13)
O16 - DPF: Web-Based Email Tools [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.144.18 64.59.144.19 64.59.150.133
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Matt\Desktop\orca.jpg
O24 - Desktop BackupWallPaper: C:\Users\Matt\Desktop\orca.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/30 21:14:16 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Matt\Desktop\OTL.exe
[2011/01/29 17:04:11 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Malwarebytes
[2011/01/29 17:04:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/01/29 17:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/29 17:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/01/29 17:03:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/01/29 17:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/29 16:47:16 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/01/29 13:31:22 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/01/29 13:15:12 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\AVG10
[2011/01/29 13:11:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/01/29 13:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/01/29 13:09:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/01/29 13:09:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011/01/29 12:45:15 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Yahoo
[2011/01/29 12:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/01/27 21:26:34 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\{AD71E092-FCDC-477D-979B-0CB6753AB12F}
[2011/01/27 21:24:50 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\F4D51D7B7D8BE07055414B3931C3A531
[2011/01/21 14:19:21 | 000,000,000 | --SD | C] -- C:\Users\Matt\Documents\My Data Sources
[2011/01/16 23:55:08 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\HP
[2011/01/16 23:55:05 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\HP
[2011/01/10 21:43:56 | 000,000,000 | R--D | C] -- C:\Users\Matt\Dropbox
[2011/01/10 21:27:19 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011/01/10 21:26:18 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Dropbox
[2011/01/04 19:57:43 | 000,045,056 | ---- | C] (Adaptec) -- C:\Windows\System32\WNASPI32.DLL
[2011/01/04 19:57:43 | 000,016,512 | ---- | C] (Adaptec) -- C:\Windows\System32\drivers\ASPI32.SYS
[2011/01/04 19:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhatNoise Media Manager
[2011/01/04 19:57:27 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2011/01/04 19:57:04 | 000,000,000 | ---D | C] -- C:\Program Files\PhatNoise Media Manager
[2011/01/04 19:57:04 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\phatnoise
[2011/01/04 15:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/01/04 15:22:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/01/04 15:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/01/04 15:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/01/04 15:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/01/04 15:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/01/04 15:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2008/07/24 13:05:35 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2008/07/24 13:05:35 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2007/07/31 05:43:36 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[2007/07/31 04:07:07 | 000,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll

========== Files - Modified Within 30 Days ==========

[2011/01/30 21:14:19 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Desktop\OTL.exe
[2011/01/30 21:13:49 | 000,626,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/30 21:13:49 | 000,109,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/30 21:12:48 | 105,053,057 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/01/30 21:08:46 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/30 21:08:46 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/30 21:08:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/30 21:08:19 | 2137,071,616 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/29 16:47:21 | 000,002,003 | ---- | M] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/29 16:45:48 | 000,000,947 | ---- | M] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/01/29 16:44:54 | 000,000,120 | ---- | M] () -- C:\Users\Matt\AppData\Local\Rforagoxoyi.dat
[2011/01/29 15:00:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At40.job
[2011/01/29 15:00:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At16.job
[2011/01/29 14:04:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-158810058-976361180-696386951-1001UA.job
[2011/01/29 14:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At39.job
[2011/01/29 14:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At15.job
[2011/01/29 12:37:43 | 000,000,000 | ---- | M] () -- C:\Users\Matt\AppData\Local\Utiwecidu.bin
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At9.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At8.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At7.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At6.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At5.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At48.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At47.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At46.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At45.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At44.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At43.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At42.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At41.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At4.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At38.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At37.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At36.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At35.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At34.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At33.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At32.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At31.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At30.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At3.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At29.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At28.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At27.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At26.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At25.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At24.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At23.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At22.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At21.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At20.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At2.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At19.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At18.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At17.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At14.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At13.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At12.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At11.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At10.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/01/28 00:35:15 | 000,000,112 | ---- | M] () -- C:\ProgramData\23R53q24.dat
[2011/01/27 22:09:21 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-158810058-976361180-696386951-1001Core.job
[2011/01/27 20:18:53 | 000,067,579 | ---- | M] () -- C:\Users\Matt\Desktop\us1.jpg
[2011/01/27 20:07:03 | 000,078,958 | ---- | M] () -- C:\Users\Matt\Desktop\shane.jpg
[2011/01/27 08:11:00 | 000,081,369 | ---- | M] () -- C:\Users\Matt\Desktop\Promo Intro Sheet.xlsx
[2011/01/26 15:23:55 | 000,087,551 | ---- | M] () -- C:\Users\Matt\Desktop\Promo Intro sheet Jan 2011.xlsx
[2011/01/26 10:25:57 | 000,025,154 | ---- | M] () -- C:\Users\Matt\Desktop\Tax Numbers.xlsx
[2011/01/25 09:29:00 | 000,044,032 | ---- | M] () -- C:\Users\Matt\Desktop\master blog list jan 2011.xls
[2011/01/24 18:20:38 | 000,067,774 | ---- | M] () -- C:\Users\Matt\Desktop\Old City Organics Intro Deals Jan 2011.xlsx
[2011/01/23 23:10:11 | 000,065,623 | ---- | M] () -- C:\Users\Matt\Desktop\Island Natural Sheet Jan 2011.xlsx
[2011/01/22 10:01:24 | 000,011,917 | ---- | M] () -- C:\Users\Matt\Desktop\RESP Calc.xlsx
[2011/01/19 19:11:57 | 000,157,456 | ---- | M] () -- C:\Users\Matt\Desktop\orca2.jpg
[2011/01/19 19:10:54 | 000,143,156 | ---- | M] () -- C:\Users\Matt\Desktop\orca.jpg
[2011/01/19 00:09:19 | 000,011,576 | ---- | M] () -- C:\Users\Matt\Desktop\ya.jpg
[2011/01/18 15:07:12 | 000,012,291 | ---- | M] () -- C:\Users\Matt\Desktop\Notes with Jason.docx
[2011/01/18 10:38:37 | 004,723,654 | ---- | M] () -- C:\Users\Matt\Documents\Thrifty Foods Simply Bar Jan2011.docx
[2011/01/17 00:31:36 | 000,178,296 | ---- | M] () -- C:\Windows\hpwins20.dat
[2011/01/16 21:31:26 | 000,059,505 | ---- | M] () -- C:\Users\Matt\Desktop\canada.jpg
[2011/01/16 15:25:27 | 000,329,071 | ---- | M] () -- C:\Users\Matt\Desktop\Matthew Cooper Resume Jan 2011.pdf
[2011/01/16 15:25:08 | 000,016,239 | ---- | M] () -- C:\Users\Matt\Desktop\Matthew Cooper Resume Jan 2011.docx
[2011/01/15 10:16:46 | 000,133,459 | ---- | M] () -- C:\Users\Matt\Desktop\photo.JPG
[2011/01/14 23:52:15 | 000,053,716 | ---- | M] () -- C:\Users\Matt\Desktop\MDC Astro Chart.gif
[2011/01/13 09:35:08 | 000,252,301 | ---- | M] () -- C:\Users\Matt\Desktop\Matt KYC.pdf
[2011/01/13 09:30:26 | 000,000,444 | ---- | M] () -- C:\Users\Matt\Desktop\Dropbox.lnk
[2011/01/13 09:28:11 | 000,231,659 | ---- | M] () -- C:\Users\Matt\Desktop\Carla KYC.pdf
[2011/01/10 21:27:52 | 000,000,924 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/01/07 16:33:25 | 000,000,024 | ---- | M] () -- C:\Windows\pmm.INI
[2011/01/07 16:30:40 | 000,000,000 | ---- | M] () -- C:\Windows\PhatMan.ini
[2011/01/04 19:55:42 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe

========== Files Created - No Company Name ==========

[2011/01/30 21:12:48 | 105,053,057 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/01/30 21:08:19 | 2137,071,616 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/29 16:47:21 | 000,002,003 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/28 00:35:35 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At48.job
[2011/01/28 00:35:35 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At47.job
[2011/01/28 00:35:34 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At46.job
[2011/01/28 00:35:34 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At45.job
[2011/01/28 00:35:33 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At44.job
[2011/01/28 00:35:33 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At43.job
[2011/01/28 00:35:32 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At42.job
[2011/01/28 00:35:32 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At41.job
[2011/01/28 00:35:31 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At40.job
[2011/01/28 00:35:30 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At39.job
[2011/01/28 00:35:29 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At38.job
[2011/01/28 00:35:29 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At37.job
[2011/01/28 00:35:27 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At36.job
[2011/01/28 00:35:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At35.job
[2011/01/28 00:35:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At34.job
[2011/01/28 00:35:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At33.job
[2011/01/28 00:35:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At32.job
[2011/01/28 00:35:24 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At31.job
[2011/01/28 00:35:24 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At30.job
[2011/01/28 00:35:24 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At29.job
[2011/01/28 00:35:23 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At28.job
[2011/01/28 00:35:23 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At27.job
[2011/01/28 00:35:22 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At26.job
[2011/01/28 00:35:22 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At25.job
[2011/01/28 00:32:12 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At24.job
[2011/01/28 00:32:11 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At23.job
[2011/01/28 00:32:10 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At22.job
[2011/01/28 00:32:10 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At21.job
[2011/01/28 00:32:09 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At20.job
[2011/01/28 00:32:09 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At19.job
[2011/01/28 00:32:08 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At18.job
[2011/01/28 00:32:07 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At17.job
[2011/01/28 00:32:07 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At16.job
[2011/01/28 00:32:07 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At15.job
[2011/01/28 00:32:06 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At14.job
[2011/01/28 00:32:06 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At13.job
[2011/01/28 00:32:05 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At12.job
[2011/01/28 00:32:05 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At11.job
[2011/01/28 00:32:04 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At9.job
[2011/01/28 00:32:04 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At10.job
[2011/01/28 00:32:03 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At8.job
[2011/01/28 00:32:02 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At7.job
[2011/01/28 00:32:02 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At6.job
[2011/01/28 00:32:01 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At5.job
[2011/01/28 00:32:01 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At4.job
[2011/01/28 00:32:00 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At3.job
[2011/01/28 00:32:00 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At2.job
[2011/01/28 00:31:59 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011/01/28 00:31:48 | 000,000,112 | ---- | C] () -- C:\ProgramData\23R53q24.dat
[2011/01/27 21:26:41 | 000,000,000 | ---- | C] () -- C:\Users\Matt\AppData\Local\Utiwecidu.bin
[2011/01/27 21:26:37 | 000,000,120 | ---- | C] () -- C:\Users\Matt\AppData\Local\Rforagoxoyi.dat
[2011/01/27 20:18:58 | 000,067,579 | ---- | C] () -- C:\Users\Matt\Desktop\us1.jpg
[2011/01/27 20:07:12 | 000,078,958 | ---- | C] () -- C:\Users\Matt\Desktop\shane.jpg
[2011/01/27 08:11:00 | 000,081,369 | ---- | C] () -- C:\Users\Matt\Desktop\Promo Intro Sheet.xlsx
[2011/01/26 14:53:49 | 000,087,551 | ---- | C] () -- C:\Users\Matt\Desktop\Promo Intro sheet Jan 2011.xlsx
[2011/01/26 10:18:20 | 000,025,154 | ---- | C] () -- C:\Users\Matt\Desktop\Tax Numbers.xlsx
[2011/01/25 09:29:00 | 000,044,032 | ---- | C] () -- C:\Users\Matt\Desktop\master blog list jan 2011.xls
[2011/01/24 18:06:07 | 000,067,774 | ---- | C] () -- C:\Users\Matt\Desktop\Old City Organics Intro Deals Jan 2011.xlsx
[2011/01/23 23:00:03 | 000,065,623 | ---- | C] () -- C:\Users\Matt\Desktop\Island Natural Sheet Jan 2011.xlsx
[2011/01/22 09:54:29 | 000,011,917 | ---- | C] () -- C:\Users\Matt\Desktop\RESP Calc.xlsx
[2011/01/19 19:11:59 | 000,157,456 | ---- | C] () -- C:\Users\Matt\Desktop\orca2.jpg
[2011/01/19 19:10:59 | 000,143,156 | ---- | C] () -- C:\Users\Matt\Desktop\orca.jpg
[2011/01/19 00:09:27 | 000,011,576 | ---- | C] () -- C:\Users\Matt\Desktop\ya.jpg
[2011/01/18 14:40:08 | 000,012,291 | ---- | C] () -- C:\Users\Matt\Desktop\Notes with Jason.docx
[2011/01/18 09:49:45 | 004,723,654 | ---- | C] () -- C:\Users\Matt\Documents\Thrifty Foods Simply Bar Jan2011.docx
[2011/01/16 21:31:32 | 000,059,505 | ---- | C] () -- C:\Users\Matt\Desktop\canada.jpg
[2011/01/16 15:25:23 | 000,329,071 | ---- | C] () -- C:\Users\Matt\Desktop\Matthew Cooper Resume Jan 2011.pdf
[2011/01/16 15:15:33 | 000,016,239 | ---- | C] () -- C:\Users\Matt\Desktop\Matthew Cooper Resume Jan 2011.docx
[2011/01/15 10:16:45 | 000,133,459 | ---- | C] () -- C:\Users\Matt\Desktop\photo.JPG
[2011/01/14 23:52:26 | 000,053,716 | ---- | C] () -- C:\Users\Matt\Desktop\MDC Astro Chart.gif
[2011/01/13 09:35:08 | 000,252,301 | ---- | C] () -- C:\Users\Matt\Desktop\Matt KYC.pdf
[2011/01/13 09:30:26 | 000,000,444 | ---- | C] () -- C:\Users\Matt\Desktop\Dropbox.lnk
[2011/01/13 09:28:11 | 000,231,659 | ---- | C] () -- C:\Users\Matt\Desktop\Carla KYC.pdf
[2011/01/10 21:27:51 | 000,000,924 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/01/07 12:54:41 | 000,000,024 | ---- | C] () -- C:\Windows\pmm.INI
[2011/01/07 12:53:37 | 000,000,000 | ---- | C] () -- C:\Windows\PhatMan.ini
[2010/11/09 19:23:46 | 000,001,338 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/09/22 11:36:45 | 000,000,044 | ---- | C] () -- C:\Windows\EPNX210.ini
[2009/10/18 11:44:38 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/10/18 11:41:41 | 000,000,063 | ---- | C] () -- C:\Windows\EPWF610.ini
[2009/09/16 23:18:51 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/09/16 23:18:51 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/12/17 10:21:40 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2008/09/17 19:46:44 | 000,047,616 | ---- | C] () -- C:\Users\Matt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/02 14:03:53 | 000,006,324 | ---- | C] () -- C:\Users\Matt\AppData\Local\d3d9caps.dat
[2008/07/24 13:58:31 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2008/07/24 13:58:23 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007/07/31 07:01:29 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/07/31 05:50:23 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/07/31 05:44:29 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/07/31 05:44:29 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/07/31 05:43:32 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/07/31 04:07:59 | 000,000,115 | ---- | C] () -- C:\Windows\Alaunch.ini
[2007/07/31 04:07:10 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/07/31 04:07:10 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/07/31 04:07:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1280.dll
[2007/07/31 04:07:08 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/04/25 15:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/04/25 15:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/04/25 15:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/04/25 15:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/04/25 15:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/04/25 15:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 14:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/04/27 18:03:56 | 000,679,936 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005/04/27 18:03:56 | 000,155,648 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2008/09/02 11:24:17 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Acer
[2011/01/29 13:15:12 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\AVG10
[2011/01/30 21:10:44 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Dropbox
[2009/11/11 21:09:42 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Epson
[2010/05/20 10:42:24 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\EurekaLog
[2011/01/29 14:07:58 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\F4D51D7B7D8BE07055414B3931C3A531
[2010/02/06 16:32:19 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Facebook
[2008/09/02 11:24:16 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Leadertech
[2009/01/06 13:22:18 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\OpenOffice.org
[2009/02/15 15:04:09 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Research In Motion
[2010/12/13 09:58:18 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Tific
[2009/11/27 17:48:11 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\YouSendIt
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2011/01/29 14:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At15.job
[2011/01/29 15:00:05 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At16.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At17.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At18.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At19.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At20.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At21.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At22.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At23.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At24.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At25.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At26.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At27.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At28.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At29.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At30.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At31.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At32.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At33.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At34.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At35.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At36.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At37.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At38.job
[2011/01/29 14:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At39.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2011/01/29 15:00:05 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At40.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At41.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At42.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At43.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At44.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At45.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At46.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At47.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At48.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2011/01/28 00:37:46 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2011/01/29 17:25:21 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

matt1982

Unborn
Unborn

Posts : 4
Joined : 2011-01-29
Operating System : Vista

View user profile

Back to top Go down

Re: Trojan RXJ Malware removed but browser still down

Post by matt1982 on Sun 30 Jan 2011, 11:26 pm

It won't allow me to post Extras.txt. Internet fails everytime I submit. I'll try sending private message.

matt1982

Unborn
Unborn

Posts : 4
Joined : 2011-01-29
Operating System : Vista

View user profile

Back to top Go down

Re: Trojan RXJ Malware removed but browser still down

Post by matt1982 on Sun 30 Jan 2011, 11:29 pm

I also get "Windows Host Processed has stopped working" notifications now.

matt1982

Unborn
Unborn

Posts : 4
Joined : 2011-01-29
Operating System : Vista

View user profile

Back to top Go down

Re: Trojan RXJ Malware removed but browser still down

Post by Belahzur on Mon 31 Jan 2011, 7:37 pm

Hello.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
    [2011/01/29 16:44:54 | 000,000,120 | ---- | M] () -- C:\Users\Matt\AppData\Local\Rforagoxoyi.dat

    :files
    C:\Windows\tasks\At*.job


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-03
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trojan RXJ Malware removed but browser still down

Post by Sponsored content Today at 9:57 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum