Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

how do I get rid of this trojan/malware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

how do I get rid of this trojan/malware

Unread postby boynsini_13 » January 3rd, 2015, 6:33 am

I am having memory issues and constant registry problems with my windows xp laptop. recently ran IObit malware fighter and IObit Advanced system care on my computer and came up with this: trojan found: trojan.generic (c:windows\creator\WNASPINT.DLL). every time i search for a solution, i get routed to a pay site for removal. I know there are free options, though need help or direction.

DDS LOG:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 5/25/2013 3:29:52 AM
System Uptime: 1/2/2015 7:13:32 PM (7 hours ago)
.
Motherboard: Hewlett-Packard | | 30A8
Processor: Intel(R) Celeron(R) M CPU 410 @ 1.46GHz | U1 | 1463/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 101 GiB total, 51.869 GiB free.
D: is FIXED (FAT32) - 9 GiB total, 1.316 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP41: 10/1/2014 12:09:19 AM - Removed IObit Apps Toolbar v9.3.
RP42: 10/7/2014 6:50:25 PM - System Checkpoint
RP43: 10/16/2014 1:33:24 AM - Software Distribution Service 3.0
RP44: 10/17/2014 11:53:52 PM - Software Distribution Service 3.0
RP45: 10/18/2014 12:05:42 AM - Software Distribution Service 3.0
RP46: 10/31/2014 9:09:29 PM - System Checkpoint
RP47: 11/1/2014 9:00:32 PM - System Checkpoint
RP48: 11/9/2014 6:16:18 PM - Removed iTunes
RP49: 11/9/2014 6:22:12 PM - Removed Apple Mobile Device Support
RP50: 11/9/2014 6:22:58 PM - Removed Apple Software Update
RP51: 11/9/2014 6:24:20 PM - avast! antivirus system restore point
RP52: 11/9/2014 8:05:17 PM - Installed Windows XP KB942288-v3.
RP53: 11/9/2014 8:05:33 PM - AA11
RP54: 12/29/2014 8:04:31 PM - System Checkpoint
RP55: 12/30/2014 12:53:09 AM - Software Distribution Service 3.0
RP56: 12/30/2014 1:30:14 AM - Driver Booster : Adobe Flash Player ActiveX
RP57: 12/31/2014 6:38:10 PM - Installed iTunes
RP58: 12/31/2014 7:16:38 PM - Installed AVG 2015
RP59: 12/31/2014 7:17:14 PM - Installed AVG 2015
RP60: 1/1/2015 1:32:44 AM - Removed AVG 2015
RP61: 1/1/2015 1:35:22 AM - Removed AVG 2015
RP62: 1/2/2015 7:54:40 PM - System Checkpoint
RP63: 1/3/2015 1:38:02 AM - Uniblue PC Mechanic installation
.
==== Installed Programs ======================
.
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Reader 6.0.1
Advanced SystemCare 8
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG Web TuneUp
Bonjour
Conexant HD Audio
Customer Experience Enhancement
Destinations
DeviceManagementQFolder
DivX Browser Bar Toolbar
DivX Setup
Driver Booster 2.1
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
HP Help and Support
HP Imaging Device Functions 6.0
HP Quick Launch Buttons 6.00 E2
HP QuickPlay 2.1
HP Rhapsody
HP Update
HP User Guides--System Recovery
HP User Guides 0019
HP Wireless Assistant 2.00 E1
HpSdpAppCoreApp
InstantShareAlert
Intel(R) PRO Network Connections Drivers
IObit Apps Toolbar v9.3
IObit Malware Fighter
IObit Uninstaller
iTunes
Java 7 Update 72
Java Auto Updater
LightScribe 1.4.74.1
Macromedia Flash Player 8
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Download Manager
Microsoft Office Standard Edition 2003
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 34.0.5 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
Office 2003 Trial Assistant
PC Mechanic
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
Reimage Repair
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows Internet Explorer 8 (KB2964358)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834903-v2)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB2922229)
Security Update for Windows XP (KB2929961)
Security Update for Windows XP (KB2930275)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Smart Defrag 2
Smart Defrag 3
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
Surfing Protection
Synaptics Pointing Device Driver
Unload
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2808679)
Update for Windows XP (KB2904266)
Update for Windows XP (KB2934207)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.6195
Visual Studio 2012 x86 Redistributables
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
Wireless Home Network Setup
.
==== Event Viewer Messages From Past Week ========
.
12/31/2014 7:08:11 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/28/2014 11:10:01 PM, error: Service Control Manager [7000] - The hpqwmiex service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/28/2014 11:10:00 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the hpqwmiex service to connect.
12/28/2014 11:09:47 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service hpqwmiex with arguments "-Service" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E}
.
==== End Of File ===========================


Logfile of random's system information tool 1.10 (written by random/random)
Run by Arborist at 2015-01-03 02:06:24
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 53 GB (51%) free of 104 GB
Total RAM: 502 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:07:02 AM, on 1/3/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
C:\Program Files\IObit\Advanced SystemCare 8\RealTimeProtector.exe
C:\Program Files\AVG Web TuneUp\avgcefrend.exe
C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
C:\Documents and Settings\Arborist\Desktop\RSIT.exe
C:\Program Files\trend micro\Arborist.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AVG Web TuneUp\avgcefrend.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe
C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\18.2.0\ScriptHelper.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O3 - Toolbar: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0130239609
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: vToolbarUpdater18.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe

--
End of file - 10619 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\ASC8_PerformanceMonitor.job - C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe /Task
C:\WINDOWS\tasks\Driver Booster Scan.job - C:\Program Files\IObit\Driver Booster\Scheduler.exe /scan
C:\WINDOWS\tasks\Driver Booster Update.job - C:\Program Files\IObit\Driver Booster\AutoUpdate.exe /auto
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\PC-Mechanic Maintenance.job - C:\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe -m
C:\WINDOWS\tasks\PC-Mechanic Startup.job - C:\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe
C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-434949665-1521644534-2606750997-1006.job - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /logoncheck
C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-434949665-1521644534-2606750997-1006.job - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-434949665-1521644534-2606750997-1006.job - C:\Program Files\Real\RealUpgrade\realupgrade.exe /logoncheck
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-434949665-1521644534-2606750997-1006.job - C:\Program Files\Real\RealUpgrade\realupgrade.exe /scheduledcheck
C:\WINDOWS\tasks\Reimage Reminder.job - C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe
C:\WINDOWS\tasks\ReimageUpdater.job - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe run_task
C:\WINDOWS\tasks\SmartDefrag3_Startup.job - C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe /STARTUP
C:\WINDOWS\tasks\SmartDefrag3_Update.job - C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe /autorun

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Arborist\Application Data\Mozilla\Firefox\Profiles\tumkm942.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT3288691&octid=CT3288691&SearchSource=61&CUI=UN25264330122004117&UM=2&UP=SP1BAF44E2-6949-4204-82A8-FB8E10DC7978"
prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT3288691&octid=CT3288691&SearchSource=61&CUI=UN25264330122004117&UM=2&UP=SP1BAF44E2-6949-4204-82A8-FB8E10DC7978"
prefs.js - "keyword.url" - "http://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN25264330122004117&UM=2&q="

"{FCE04E1F-9378-4f39-96F6-5689A9159E45}"=C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.72.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.72.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1]
"Description"=Microsoft Download Manager
"Path"=C:\WINDOWS\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll


C:\Documents and Settings\Arborist\Application Data\Mozilla\Firefox\Profiles\tumkm942.default\extensions\
adremoveext@adremoveext.net
avg@toolbar
iobitascsurfingprotection@iobit.com

C:\Documents and Settings\Arborist\Application Data\Mozilla\Firefox\Profiles\tumkm942.default\searchplugins\
avg-secure-search.xml
bing-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-12-30 752960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-04-16 540328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-30 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll [2015-01-01 2395160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
Ads Removal - C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11 464720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-10-17 669984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-30 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
{10921475-03CE-4E04-90CE-E2E7EF20C814} - ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-12-30 752960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-02-15 454656]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-04-18 61952]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-04 761948]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2006-04-11 102400]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-03-07 131072]
"Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2006-02-22 40960]
"RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-06-01 295512]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2013-05-01 421888]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2014-04-03 450560]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2014-01-09 1861968]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-06-07 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-06-07 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-06-07 137752]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"IObit Malware Fighter"=C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-10-15 157480]
"vProt"=C:\Program Files\AVG Web TuneUp\vprot.exe [2015-01-01 3081752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Advanced SystemCare 8"=C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2014-12-10 2427680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-06-07 208896]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2015-01-03 01:53:23 ----D---- C:\Documents and Settings\All Users\Application Data\Reimage Protector
2015-01-03 01:53:04 ----D---- C:\Program Files\Reimage
2015-01-03 01:52:53 ----D---- C:\rei
2015-01-03 01:52:20 ----A---- C:\WINDOWS\Reimage.ini
2015-01-03 01:49:39 ----D---- C:\WINDOWS\LastGood
2015-01-03 01:48:39 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2015-01-03 01:46:46 ----D---- C:\Program Files\trend micro
2015-01-03 01:46:40 ----D---- C:\rsit
2015-01-03 01:38:14 ----D---- C:\Program Files\Uniblue
2015-01-03 01:38:14 ----D---- C:\Documents and Settings\Arborist\Application Data\Uniblue
2015-01-01 01:33:05 ----SHD---- C:\Config.Msi
2015-01-01 00:37:53 ----D---- C:\Documents and Settings\Arborist\Application Data\AVG Web TuneUp
2015-01-01 00:37:45 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2015-01-01 00:36:59 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2015-01-01 00:36:41 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
2015-01-01 00:36:31 ----D---- C:\Program Files\Common Files\AVG Secure Search
2015-01-01 00:35:44 ----D---- C:\Program Files\AVG Web TuneUp
2015-01-01 00:35:41 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Web TuneUp
2014-12-31 22:45:21 ----D---- C:\Documents and Settings\Arborist\Application Data\Avg_Update_1014av
2014-12-31 22:45:10 ----D---- C:\Documents and Settings\All Users\Application Data\Avg_Update_1014av
2014-12-31 19:19:56 ----D---- C:\Documents and Settings\Arborist\Application Data\AVG2015
2014-12-31 19:18:32 ----D---- C:\Documents and Settings\Arborist\Application Data\TuneUp Software
2014-12-31 19:17:41 ----HD---- C:\$AVG
2014-12-31 19:17:41 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2015
2014-12-31 19:11:54 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files
2014-12-31 19:11:53 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData
2014-12-31 18:39:35 ----A---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2014-12-31 18:38:37 ----D---- C:\Program Files\iPod
2014-12-31 18:38:20 ----D---- C:\Program Files\iTunes
2014-12-31 18:38:20 ----D---- C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-12-31 18:37:35 ----D---- C:\Program Files\Apple Software Update
2014-12-30 01:47:15 ----A---- C:\WINDOWS\system32\javaws.exe
2014-12-30 01:46:28 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-12-30 01:46:27 ----A---- C:\WINDOWS\system32\javaw.exe
2014-12-30 01:46:25 ----A---- C:\WINDOWS\system32\java.exe
2014-12-30 01:26:53 ----A---- C:\WINDOWS\system32\drivers\HWiNFO32.SYS
2014-12-30 01:07:49 ----D---- C:\Program Files\Common Files\IObit

======List of files/folders modified in the last 1 month======

2015-01-03 01:54:44 ----D---- C:\WINDOWS\temp
2015-01-03 01:54:15 ----SD---- C:\WINDOWS\Tasks
2015-01-03 01:53:47 ----D---- C:\WINDOWS\system32
2015-01-03 01:53:04 ----D---- C:\Program Files
2015-01-03 01:52:20 ----D---- C:\WINDOWS
2015-01-03 01:49:40 ----HD---- C:\WINDOWS\inf
2015-01-03 01:48:45 ----RSHD---- C:\WINDOWS\system32\dllcache
2015-01-03 01:48:40 ----D---- C:\WINDOWS\system32\drivers
2015-01-03 01:48:39 ----D---- C:\WINDOWS\Prefetch
2015-01-03 01:11:40 ----D---- C:\WINDOWS\CREATOR
2015-01-02 20:22:50 ----D---- C:\WINDOWS\system32\CatRoot2
2015-01-02 19:58:56 ----D---- C:\WINDOWS\system32\config
2015-01-02 19:19:55 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-02 19:18:05 ----A---- C:\hpqp.ini
2015-01-02 19:17:58 ----A---- C:\XP_TV.ini
2015-01-01 04:30:17 ----N---- C:\WINDOWS\SchedLgU.Txt
2015-01-01 02:44:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-01-01 01:35:24 ----SHD---- C:\WINDOWS\Installer
2015-01-01 00:37:27 ----D---- C:\Program Files\Mozilla Firefox
2015-01-01 00:36:31 ----D---- C:\Program Files\Common Files
2014-12-31 18:39:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-12-31 18:38:36 ----D---- C:\Program Files\Common Files\Apple
2014-12-31 18:36:23 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2014-12-30 01:56:17 ----D---- C:\WINDOWS\SoftwareDistribution
2014-12-30 01:54:59 ----D---- C:\WINDOWS\Debug
2014-12-30 01:54:51 ----D---- C:\Program Files\IObit
2014-12-30 01:49:47 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-12-30 01:47:47 ----D---- C:\Program Files\Common Files\Java
2014-12-30 01:44:42 ----D---- C:\Program Files\Java
2014-12-30 01:37:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-12-30 01:27:30 ----D---- C:\Documents and Settings\All Users\Application Data\ProductData
2014-12-30 01:27:01 ----D---- C:\Documents and Settings\Arborist\Application Data\IObit
2014-12-30 01:18:16 ----D---- C:\WINDOWS\system32\MRT
2014-12-30 01:14:55 ----D---- C:\Documents and Settings\All Users\Application Data\IObit

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2014-12-30 354840]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-04-25 20640]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2014-06-04 15808]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-15 12672]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-01-19 424320]
R3 cpuz134;cpuz134; \??\C:\DOCUME~1\Arborist\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys []
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-11-03 157696]
R3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 26840]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-04-18 569856]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-08-22 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-08-22 201600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2014-06-07 5854752]
R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-04 192736]
R3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-22 718464]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [2014-11-04 815392]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-12-30 182696]
R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2014-12-02 5886824]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 vToolbarUpdater18.2.0;vToolbarUpdater18.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [2015-01-01 1850392]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-03-15 135168]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 540968]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2014-12-10 2631456]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-30 267440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-04-16 39056]

-----------------EOF-----------------
boynsini_13
Regular Member
 
Posts: 79
Joined: January 3rd, 2015, 6:15 am
Advertisement
Register to Remove

Re: how do I get rid of this trojan/malware

Unread postby boynsini_13 » January 3rd, 2015, 6:36 am

please help, have another pc (desktop with windows 7 that has win\flojacks) that I can't boot up now, so this being my backup I don't wanna mess this computer up too.
boynsini_13
Regular Member
 
Posts: 79
Joined: January 3rd, 2015, 6:15 am

Re: how do I get rid of this trojan/malware

Unread postby Cypher » January 3rd, 2015, 8:17 am

Operating Systems no longer supported by Microsoft
It appears you are using a computer with an unsupported Operating System.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers. Thank you for your understanding.

This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 102 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware