Maybe trouble?

View previous topic View next topic Go down

Maybe trouble?

Post by jairando12 on 29th November 2012, 5:33 am

hey community im pretty new in the real informatic issues, recently I have started caring a lot for the security of my computer since i need to use it for purchase transactions via online.

I've installed advanced systemcare and when it start analysing the content of the computer there are some register that look suspicious to me.

1- when analising malware the are some archives that he recognize as trojan.win32/agent and worm, backdoor and troyan.win32/Vundo, I know this should be pretty heavy stuff but at the end the program skip and says everything is fine (the same has happened with avast, troyan remover and almoust any other antivirus that i have tried)

2- when I defrag the disc it sends me some suspicious registers, Im gonna copy what it gives to me

C:\Windows\Logs\SystemRestore\PropertyPage.0.etl
C:\Users\Giselle Fiorillo\AppData\Local\Temp\etilqs_eeEPCHVoZsIU1ie
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\header\guts.sp.f-secure.com_80_295259240
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\hydrawin\1354160158\info.iad
C:\Windows\Logs\SystemRestore\PropertyPage.2.etl
C:\Users\Giselle Fiorillo\AppData\Roaming\Microsoft\Office\fbcB9D2.tmp
C:\Program Files\IObit\Advanced SystemCare 6\ASCService_Log.txt
C:\Program Files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2012-11-27 22-25-40
C:\Users\Giselle Fiorillo\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
C:\Windows\System32\config\systemprofile\AppData\Roaming\Apple Computer\Logs\asl.224209_28Nov12.log
C:\Windows\System32\LogFiles\Scm\SCM.EVM.4
C:\Windows\System32\wbem\Logs\WMITracing.log
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Last Session
C:\Users\Giselle Fiorillo\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
C:\ProgramData\F-Secure\Logs\AUA\AUADBG.1.log
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Current Session
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\F-Secure\Orsp\cache.orsp
C:\ProgramData\F-Secure\Logs\MySA\mysas.log
C:\Program Files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2012-11-24 23-24-00
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
C:\Windows\System32\LogFiles\Scm\SCM.EVM.2
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.034
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\sdx.ivd
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy83.gthr
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.343
C:\Program Files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2012-11-25 18-00-55
C:\Windows\System32\config\systemprofile\AppData\Roaming\Apple Computer\Logs\asl.175952_27Nov12.log
C:\Program Files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2012-11-27 18-02-33
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\info.iad
C:\Users\Giselle Fiorillo\AppData\Local\Temp\jusched.log
C:\Users\Giselle Fiorillo\AppData\Local\Temp\AdobeARM.log
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\klfc.bin
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.032
C:\Windows\System32\WDI\{ecfb03d1-58ee-4cc7-a1b5-9bc6febcb915}\{81b82fa3-caf1-42f4-813e-4158cf5cbebc}\krundown.etl
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\hipsn\1353927601\info.iad
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i14
C:\Windows\System32\LogFiles\Scm\SCM.EVM.1
C:\Windows\WindowsUpdate.log
C:\Windows\System32\WDI\{a7a5847a-7511-4e4e-90b1-45ad2a002f51}\{b194acd8-c993-4dd3-8cb3-019761dc9dd9}\ksnapshot.etl
C:\Windows\Logs\CBS\CBS.log
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\variant.c01
C:\Windows\System32\config\systemprofile\AppData\Roaming\Apple Computer\Logs\asl.222303_27Nov12.log
C:\Windows\System32\config\RegBack\SYSTEM.LOG1
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cran.ivd
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\variant.c02
C:\Program Files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2012-11-28 22-45-07
C:\Windows\System32\config\systemprofile\AppData\Roaming\Apple Computer\Logs\asl.170104_26Nov12.log
C:\Program Files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2012-11-24 03-28-17
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i12
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i11
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.000
C:\Program Files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2012-11-26 17-03-53
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.345
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\cevakrnl.rv5
C:\ProgramData\F-Secure\Logs\CUIF\ControlLayer.dll.1.log
C:\ProgramData\F-Secure\Logs\AUA\AUADBG.2.log
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.000
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.001
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.002
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.003
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.004
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.007
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.008
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.009
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.010
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.011
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.012
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.013
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.014
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.015
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.016
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.017
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.018
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.019
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.020
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.022
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.023
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.024
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.025
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.026
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.027
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.028
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.029
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.030
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.031
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.032
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.033
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.034
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage-journal
C:\Users\Giselle Fiorillo\AppData\Roaming\IObit\Advanced SystemCare V6\Boottime\AscTray_Delay.Log
C:\ProgramData\F-Secure\Logs\MySA\trigger.log
C:\Windows\System32\wbem\Performance\WmiApRpl.ini
C:\ProgramData\F-Secure\Logs\CUIF\ControlLayer.dll.log
C:\Windows\System32\config\SOFTWARE.LOG1
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029
C:\Windows\System32\spool\spooler.xml
C:\Windows\System32\WDI\LogFiles\BootCKCL.etl
C:\Windows\System32\WDI\LogFiles\ShutdownCKCL.etl
C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.001
C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.002
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.346
C:\Users\Giselle Fiorillo\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Galería de Web Slice~.feed-ms
C:\ProgramData\F-Secure\Logs\CUIF\LaunchPadPlugin.dll.log
C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.003
C:\ProgramData\F-Secure\Logs\CUIF\serviceinstallerui.dll.log
C:\ProgramData\F-Secure\Logs\MySA\installer.log
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i10
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.031
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.029
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\variant.c01
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i00
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i09
C:\ProgramData\F-Secure\Logs\CCF\ActionCenterSentMessages.log
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i13
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i02
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018f
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000192
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.028
C:\ProgramData\F-Secure\Logs\SECL\SECL.log
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030
C:\ProgramData\F-Secure\Logs\CCF\CuifApi.log
C:\ProgramData\F-Secure\Logs\CCF\UpstreamPlugin.log
C:\ProgramData\F-Secure\Logs\AUA\AUA.log
C:\ProgramData\F-Secure\Logs\AUA\AUADBG.log
C:\Windows\Prefetch\Layout.ini
C:\ProgramData\F-Secure\Logs\AUA\AuaMigration.log
C:\ProgramData\F-Secure\Logs\CCF\ActionCenter.log
C:\ProgramData\F-Secure\Logs\MySA\ServiceInstallerUI.log
C:\ProgramData\F-Secure\Logs\CUIF\HelpPlugin.dll.log
C:\ProgramData\F-Secure\Logs\CUIF\ActionCenterPlugin.dll.log
C:\ProgramData\F-Secure\Logs\CUIF\NotificationsHistoryPlugin.dll.log
C:\ProgramData\F-Secure\Logs\CUIF\addproductplugin.dll.log
C:\ProgramData\F-Secure\Logs\MySA\AddProductPlugin.log
C:\ProgramData\F-Secure\Logs\CUIF\CommonSettingsPlugin.dll.log
C:\ProgramData\F-Secure\Logs\CUIF\checkforupdatesui.dll.log
C:\ProgramData\F-Secure\Logs\CUIF\AboutPlugin.dll.log
C:\ProgramData\F-Secure\Logs\CUIF\Localization.dll.log
C:\ProgramData\F-Secure\Logs\CUIF\CuifSimpleAction.dll.log
C:\ProgramData\F-Secure\Logs\CUIF\agent.dll.log
C:\ProgramData\F-Secure\Logs\MySA\AgentUI.log
C:\ProgramData\F-Secure\Logs\FSNID\CcfPluginState.log
C:\ProgramData\F-Secure\Logs\CUIF\RemoteDataPeerServer.log
C:\ProgramData\F-Secure\Logs\CCF\fs_ccf_id_converter.log
C:\ProgramData\F-Secure\Logs\CCF\fs_customization_reader.log
C:\Users\Giselle Fiorillo\AppData\Roaming\BitTorrent\dht.dat
C:\Users\Giselle Fiorillo\AppData\Roaming\BitTorrent\resume.dat
C:\ProgramData\F-Secure\Logs\MySA\fs_se_hotfix_plugin.log
C:\Windows\Logs\SystemRestore\PropertyPage.4.etl
C:\Users\Giselle Fiorillo\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012112720121128\index.dat
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i15
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cevakrnl.rv5
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.033
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.030
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.027
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.035
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i08
C:\Windows\System32\LogFiles\Scm\SCM.EVM.3
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\dbupdate.log
C:\Windows\inf\setupapi.app.log
C:\Users\Giselle Fiorillo\AppData\Roaming\IObit\Advanced SystemCare V6\ignore.ini
C:\Users\Giselle Fiorillo\AppData\Local\Temp\etilqs_hee9vA9cqInBtbe
C:\Users\Giselle Fiorillo\AppData\Local\Temp\etilqs_XRXXczzSU2IWHjK
C:\ProgramData\F-Secure\Logs\AUA\AUAAPI.2.log
C:\Program Files\Google\Chrome\Application\23.0.1271.91
C:\Windows\System32\LogFiles\Scm\SCM.EVM
C:\Program Files\Google\Chrome\Application\23.0.1271.91\Locales
C:\Users\Giselle Fiorillo\AppData\Local\Temp\etilqs_3SQtG7HPScJ67YV
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000191.sst
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000192.log
C:\Users\Giselle Fiorillo\AppData\Local\Temp\etilqs_HDL8BqQVbhjR9qv
C:\Users\Giselle Fiorillo\AppData\Local\Temp\etilqs_2WecefTUOLCYEnJ
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015f
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000143
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000140
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000141
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000116
C:\ProgramData\F-Secure\Logs\AUA\AUAAPI.1.log
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011b
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e4
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000dc
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000df
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e1
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e2
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e3
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ea
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e5
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e6
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e7
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000e8
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000eb
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ec
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f4
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f5
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f6
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f9
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f8
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fa
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000103
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fd
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010b
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000104
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010a
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010c
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010d
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000115
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010e
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000110
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000122
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000114
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011d
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000118
C:\ProgramData\F-Secure\Logs\AUA\AUAAPI.log
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000121
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011c
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011f
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011e
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013e
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000124
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000125
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000137
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000136
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000138
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013b
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000139
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013a
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013c
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013d
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000142
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000144
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00013f
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000145
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000146
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000148
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000147
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000160
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00014a
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000153
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000151
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000152
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000154
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000156
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000159
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000158
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015a
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015b
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015d
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015c
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00015e
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00016b
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000162
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000161
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000165
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000163
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000164
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000167
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000166
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000168
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00016a
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000169
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000175
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00016d
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000176
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00018e
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.ci
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001b4
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Safe Browsing Download
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.347
C:\ProgramData\F-Secure\Logs\ComputerSecurity\FSGUI\flyer.dll.log
C:\ProgramData\F-Secure\Logs\CUIF\Status.dll.log
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\gemdb\1354111008\info.iad
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-11
C:\ProgramData\F-Secure\Logs\FSNID\BlockPage.log
C:\ProgramData\F-Secure\Logs\FSNID\HttpUtils.log
C:\ProgramData\F-Secure\Logs\FSNID\NIF-CCF-ORSP.log
C:\ProgramData\F-Secure\Logs\MySA\fs_se_hotfix.log
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i21
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.017
C:\ProgramData\F-Secure\Logs\MySA\mysas.1.log
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\aquarius.log
C:\Program Files\F-Secure\apps\ComputerSecurity\Common\policy.ipf.bak
C:\ProgramData\F-Secure\Logs\ComputerSecurity\FSGadget\fsgadget.exe.log
C:\ProgramData\F-Secure\Logs\ComputerSecurity\ULFW\fs_ulfw_plugin.log
C:\Windows\System32\config\systemprofile\AppData\Roaming\f-secure\HiveRoot\hive.db
C:\ProgramData\F-Secure\Logs\daas\hydra.log
C:\ProgramData\F-Secure\Logs\FSMA\fsma.log
C:\ProgramData\F-Secure\Logs\FSMA\fch.log
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\gemdb\1354111008\fsgemu.dll
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i24
C:\Program Files\F-Secure\apps\ComputerSecurity\Common\LogFile.log
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fa.log
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\hydrawin\1354160158\fsedb.dat
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\hipsn\1353927601\fshipsn.db
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.306
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.307
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.309
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.313
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.316
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.320
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.321
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.335
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.341
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.348
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.351
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.352
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.354
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.356
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.357
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.358
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.359
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.360
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.361
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.362
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.363
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.364
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.365
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.367
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.366
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.368
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\emalware.369
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i23
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i00
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i01
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i02
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i03
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i04
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i05
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i06
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i07
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i08
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i09
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i10
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i11
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i12
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i13
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i14
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i15
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i16
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i17
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i18
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i19
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i20
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i21
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i22
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i23
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i24
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i25
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i27
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\e_spyw.i28
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\sdx.ivd
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\content\aquawin32\1354153258\variant.c02
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.008
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Top Sites
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.009
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i22
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.011
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i25
C:\Windows\System32\WDI\{a7a5847a-7511-4e4e-90b1-45ad2a002f51}\{990c4deb-9b98-497e-8c28-83f109f10c6d}\ksnapshot.etl
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i20
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.014
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.010
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i27
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\2496.tmp
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000a1
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.015
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.016
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.013
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i18
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.012
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i26
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i19
C:\ProgramData\F-Secure\Logs\CCF\Hoster.log
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000096
C:\Users\Giselle Fiorillo\AppData\Roaming\BitTorrent\resume.dat.old
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i03
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00009d
C:\ProgramData\F-Secure\Logs\CCFSettings\fs_settings_tool.log
C:\Users\Giselle Fiorillo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4ZNRM36F\podcast[1].xml
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\header\guts.sp.f-secure.com_80_295259218
C:\ProgramData\F-Secure\SECL\certs_1780\SECL_All_Windows_Certs.pem
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\jay.cvd
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\header\guts.sp.f-secure.com_80_295259239
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\header\guts.sp.f-secure.com_80_295259236
C:\ProgramData\F-Secure\FSAUA\guts.sp.f-secure.com\header\guts.sp.f-secure.com_80_295259238
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.000
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.001
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.002
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.003
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.004
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.005
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.006
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.007
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.008
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.009
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.010
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.012
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.013
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.014
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cache.015
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.025
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i04
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.021
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cevakrnl.rv1
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.703.gthr
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\pdf.xmd
C:\Windows\Prefetch\ReadyBoot\Trace8.fx
C:\Users\Giselle Fiorillo\AppData\Local\Temp\etilqs_XjUhyJcCkCAV0i8
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i06
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i05
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.026
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.022
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i07
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mediacdn.disqus.com_0.localstorage
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.024
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.023
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mediacdn.disqus.com_0.localstorage-journal
C:\ProgramData\F-Secure\SECL\certs_2408\SECL_All_Windows_Certs.pem
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.019
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.018
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i28
C:\Windows\Prefetch\ReadyBoot\Trace10.fx
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\e_spyw.i01
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000188.sst
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\cevakrnl.rvd
C:\ProgramData\F-Secure\Logs\CCF\downloaded_files.log
C:\Users\Giselle Fiorillo\AppData\Local\Temp\etilqs_oirmcTxc8q0sIA7
C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\aquarius\core\emalware.020
C:\Windows\Prefetch\ReadyBoot\Trace1.fx
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_grooveshark.com_0.localstorage
C:\Windows\Prefetch\ReadyBoot\Trace9.fx
C:\ProgramData\F-Secure\SECL\certs_1432\SECL_All_Windows_Certs.pem
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\index
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
C:\Users\Giselle Fiorillo\Downloads\[rutracker.org].t928574.torrent
C:\Users\Giselle Fiorillo\AppData\Local\Temp\etilqs_pOR7rpn23WE3hDS
C:\Users\Giselle Fiorillo\AppData\Local\Temp\etilqs_9ehCJJLTmIRPO4Z
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Favicons
C:\Users\Giselle Fiorillo\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012111920121126\index.dat
C:\Users\Giselle Fiorillo\Downloads\[isoHunt] 7d40e5156b2e2eeea8afbe4d769d84bca08e2f58.torrent
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000182.sst
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000183.sst
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000184.sst
C:\Users\Giselle Fiorillo\Downloads\[rutracker.org].t928574 (1).torrent
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000186.sst
C:\Users\Giselle Fiorillo\AppData\Local\Google\Chrome\User Data\Default\History
C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~x86~~7.6.7600.256.mum
C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.6.7600.256.mum
C:\Users\Giselle Fiorillo\AppData\Local\Microsoft\Feeds\Javeriana Estéreo 91~d9 FM~.feed-ms


Hopefully someone can help me with this since Im am pretty unexpirience in the theme,

Thanks in advance,

Jairo

jairando12
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-11-29
Gender Gender : Male
OS OS : windows vista home premium, intel pentium dual core inside
Protection Protection : microsoft security essentials/malwarebyte anti-malware
Points Points : 14884
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Maybe trouble?

Post by Dr Jay on 29th November 2012, 6:58 am

Let's check for threats. Welcome! Smile

Scan for malware

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].


Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Copy and paste the entire report in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Maybe trouble?

Post by jairando12 on 30th November 2012, 10:07 pm

thanks it was trouble indeed, the program detected four trojan: two hijackers and to automatic pop-up. here is the log as you requested, and again thank for the fast response Smile

PD: it didnt ask me to reboot so i didnt (dont know if that was the right decision)

Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
[You must be registered and logged in to see this link.]

Versión de la Base de Datos: v2012.11.30.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Giselle Fiorillo :: PERSONAL [administrador]

Protección: Habilitado

30/11/2012 16:49:15
mbam-log-2012-11-30 (16-49-15).txt

Tipos de Análisis: Análisis Rápido
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 218084
Tiempo transcurrido: 10 minuto(s), 22 segundo(s)

Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Valores del Registro Detectados: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\AboutURLs|Tabs (Trojan.StartPage) -> datos: [You must be registered and logged in to see this link.] -> En cuarentena y eliminado con éxito.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs|Tabs (Trojan.StartPage) -> datos: [You must be registered and logged in to see this link.] -> En cuarentena y eliminado con éxito.

Elementos de Datos del Registro Detectados: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Malo: (http://u-search.net/?a=1&e=1) Bueno: (http://www.google.com) -> En cuarentena y reparado con éxito.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Malo: (http://u-search.net/?a=1&e=1) Bueno: (http://www.google.com) -> En cuarentena y reparado con éxito.

Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)

Archivos Detectados: 0
(No se han detectado elementos maliciosos)

fin)

jairando12
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-11-29
Gender Gender : Male
OS OS : windows vista home premium, intel pentium dual core inside
Protection Protection : microsoft security essentials/malwarebyte anti-malware
Points Points : 14884
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Maybe trouble?

Post by Dr Jay on 1st December 2012, 4:24 pm

ComboFix scan

Please download ComboFix by sUBs
[You must be registered and logged in to see this link.]

Please save the file to your Desktop.

Important information about ComboFix


After the download:

  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". [You must be registered and logged in to see this link.] if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

  • Double click on ComboFix.exe & follow the prompts.
  • When ComboFix finishes, it will produce a report for you.
  • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Maybe trouble?

Post by jairando12 on 2nd December 2012, 4:56 am

Well im not pretty sure what to think about this process (it didnt get disconnected from the internet and im not sure to understand all that the report says)

In any case here it is

ComboFix 12-12-01.02 - Giselle Fiorillo 01/12/2012 23:39:26.1.2 - x86
Running from: c:\users\Giselle Fiorillo\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Giselle Fiorillo\AppData\Roaming\DefaultTab\DefaultTab
.
.
((((((((((((((((((((((((( Files Created from 2012-11-02 to 2012-12-02 )))))))))))))))))))))))))))))))
.
.
2012-12-02 04:47 . 2012-12-02 04:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-30 21:47 . 2012-11-30 21:47 -------- d-----w- c:\users\Giselle Fiorillo\AppData\Roaming\Malwarebytes
2012-11-30 21:46 . 2012-11-30 21:46 -------- d-----w- c:\programdata\Malwarebytes
2012-11-30 21:46 . 2012-11-30 21:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-30 21:46 . 2012-09-30 00:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-19 21:16 . 2012-12-02 04:33 -------- d-----w- c:\program files\F-Secure
2012-11-19 21:12 . 2012-12-02 04:33 -------- d-----w- c:\programdata\F-Secure
2012-11-18 06:02 . 2012-12-02 04:35 -------- d-----w- c:\program files\Trojan Remover
2012-11-18 04:02 . 2012-10-08 07:40 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-18 04:00 . 2012-10-08 07:49 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-11-18 04:00 . 2012-10-08 07:50 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-11-18 04:00 . 2012-10-08 07:47 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-17 18:10 . 2012-10-13 00:09 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-11-17 05:49 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-17 05:48 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-15 01:47 . 2012-12-02 04:46 -------- d-----w- c:\users\Giselle Fiorillo\AppData\Roaming\DefaultTab
2012-11-15 01:36 . 2012-11-15 01:47 -------- d-----w- c:\programdata\IObit
2012-11-15 01:36 . 2012-11-20 06:22 -------- d-----w- c:\users\Giselle Fiorillo\AppData\Roaming\IObit
2012-11-15 01:35 . 2012-11-15 01:35 -------- d-----w- c:\program files\IObit
2012-11-02 06:57 . 2012-11-02 06:59 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-13 13:28 . 2012-10-10 06:46 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Giselle Fiorillo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Giselle Fiorillo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Giselle Fiorillo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-25 490880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-12-21 217088]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-29 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-29 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-29 137752]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Giselle Fiorillo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla e Inicio rápido de OneNote 2007.lnk]
path=c:\users\Giselle Fiorillo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk
backup=c:\windows\pss\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-11-15 01:14 323392 ----a-w- c:\users\Giselle Fiorillo\Program Files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-10-18 20:27 455968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2012-03-08 23:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 21:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 18:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-05-24 04:05 296056 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2007-08-17 04:13 218408 ----a-w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - F-Secure Gatekeeper
*Deregistered* - fsbts
*Deregistered* - fsni
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 20:25 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-17 22:24]
.
2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-17 22:24]
.
2012-11-22 c:\windows\Tasks\Norton Security Scan for Giselle Fiorillo.job
- c:\progra~1\NORTON~2\Engine\353~1.1\Nss.exe [2012-05-24 07:45]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyServer = proxy.acueducto.com.co:8080
uInternet Settings,ProxyOverride = ;*.local
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: vizzed.com\www
TCP: DhcpNameServer = 190.157.2.140 200.118.2.91
TCP: Interfaces\{81ED88E7-6C42-4E25-BE34-42448239436A}: NameServer = 172.18.2.11,172.18.2.2
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-McAfeeUpdaterUI - c:\program files\McAfee\Common Framework\UdaterUI.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2012-12-01 23:47
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4192403315-1937591299-151386682-1000\Software\SecuROM\License information*]
"datasecu"=hex:89,10,aa,c9,98,32,41,35,3f,4f,c2,1a,9c,26,8e,92,69,bf,45,2f,3a,
51,14,d4,f4,24,b3,d3,54,80,43,ab,e1,4b,d7,33,78,07,ed,bd,da,f7,17,3b,a7,37,\
"rkeysecu"=hex:ec,5b,d9,2e,2e,e3,99,25,e9,12,27,6e,78,6d,3f,e6
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(4736)
c:\users\Giselle Fiorillo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
Completion time: 2012-12-01 23:49:52
ComboFix-quarantined-files.txt 2012-12-02 04:49
.
Pre-Run: 10.319.638.528 bytes libres
Post-Run: 10.039.570.432 bytes libres
.
- - End Of File - - 46EE3AA1ED05E44DD4DAC343C236CED1

hope you can explain me the purpose of this, and again thank you very much.

jairando12
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-11-29
Gender Gender : Male
OS OS : windows vista home premium, intel pentium dual core inside
Protection Protection : microsoft security essentials/malwarebyte anti-malware
Points Points : 14884
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Maybe trouble?

Post by Dr Jay on 2nd December 2012, 6:58 pm

It checks for viruses and malware.

TDSSKiller Scan

Please download and run [You must be registered and logged in to see this link.] to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.



-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.



------------------------

Click the Start Scan button.



-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue




----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.





--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Maybe trouble?

Post by jairando12 on 2nd December 2012, 7:49 pm

Thanks a lot, i think my computer is now clean of any viruses Big Grin
(the program only detected unsigned.multi.generic threads)

really helpfull service men, keep up the good work, this page is awesome!

jairando12
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-11-29
Gender Gender : Male
OS OS : windows vista home premium, intel pentium dual core inside
Protection Protection : microsoft security essentials/malwarebyte anti-malware
Points Points : 14884
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum