Jump to content

Kate Townsend

Members
  • Content Count

    10
  • Joined

  • Last visited

Posts posted by Kate Townsend

  1. Overall things seems to run better. The error message that was the initial problem has not reappeared so your magic has worked wonders!

     

    Earlier, before I ran the scan my computer shut down all of a sudden and I received a stop error screen. I restarted manually and it loaded normally. For a few months now, every once and a while this happens... and I usually just manually restart the computer and everything seems fine, but I can't figure out why it occurs or how to stop it from happening again.

     

    Housekeeping sounds like a great idea. I will follow your every direction. Thank you so much!

  2. ComboFix 13-03-28.01 - Student 04/01/2013 18:31:28.2.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.574 [GMT -4:00]
    Running from: c:documents and settingsStudentDesktopComboFix.exe
    Command switches used :: c:documents and settingsStudentDesktopCFScript.txt
    AV: Trend Micro Titanium *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:program filesGoforFiles
    c:program filesGoforFilesuninstall.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2013-03-01 to 2013-04-01 )))))))))))))))))))))))))))))))
    .
    .
    2013-04-01 15:31 . 2013-04-01 15:31 -------- d-----w- c:documents and settingsStudentLocal SettingsApplication DataTrend Micro
    2013-03-28 02:25 . 2013-03-28 04:42 181808 ----a-w- c:windowsRegBootClean.exe
    2013-03-28 02:18 . 2013-03-28 02:18 -------- d-----w- c:documents and settingsStudentApplication DataMalwarebytes
    2013-03-28 02:17 . 2013-03-28 02:17 -------- d-----w- c:documents and settingsAll UsersApplication DataMalwarebytes
    2013-03-28 02:17 . 2012-12-14 20:49 21104 ----a-w- c:windowssystem32driversmbam.sys
    2013-03-28 02:08 . 2013-03-28 02:08 -------- d-----w- C:TMRescueDisk
    2013-03-28 02:04 . 2012-07-11 08:35 90808 ----a-w- c:windowssystem32driverstmeext.sys
    2013-03-28 02:04 . 2012-07-06 03:33 171064 ----a-w- c:windowssystem32driverstmnciesc.sys
    2013-03-28 02:04 . 2012-05-02 19:27 92304 ----a-w- c:windowssystem32driverstmtdi.sys
    2013-03-28 02:03 . 2012-07-12 10:30 94200 ----a-w- c:windowssystem32driverstmactmon.sys
    2013-03-28 02:03 . 2012-07-12 10:29 75624 ----a-w- c:windowssystem32driverstmevtmgr.sys
    2013-03-28 02:03 . 2012-07-12 10:29 257928 ----a-w- c:windowssystem32driverstmcomm.sys
    2013-03-28 02:03 . 2012-08-24 13:06 38328 ----a-w- c:windowssystem32driversTMEBC32.sys
    2013-03-28 02:02 . 2013-03-28 02:02 59 ----a-w- c:windowssystem32SupportTool.exe.bat
    2013-03-28 02:01 . 2013-03-28 02:25 -------- d-----w- c:documents and settingsAll UsersApplication DataTrend Micro
    2013-03-28 01:27 . 2013-03-28 02:07 -------- d-----w- c:program filesTrend Micro
    2013-03-26 23:02 . 2013-03-26 23:02 -------- d-----w- c:windowssystem32wbemRepository
    2013-03-26 23:02 . 2013-03-26 23:02 -------- d-----w- c:program filesCommon FilesSkype
    2013-03-25 03:01 . 2013-03-25 03:01 -------- d-----w- c:documents and settingsStudentApplication DataDriverCure
    2013-03-23 22:59 . 2013-03-28 02:18 -------- d-----w- c:program filesMalwarebytes' Anti-Malware
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-03-26 23:48 . 2013-02-25 03:55 693976 ----a-w- c:windowssystem32FlashPlayerApp.exe
    2013-03-26 23:48 . 2013-02-25 03:55 73432 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl
    2013-02-12 00:32 . 2009-08-02 15:48 12928 ----a-w- c:windowssystem32driversusb8023x.sys
    2013-02-12 00:32 . 2004-08-11 16:00 12928 ----a-w- c:windowssystem32driversusb8023.sys
    2013-02-05 20:05 . 2004-08-11 16:00 916480 ----a-w- c:windowssystem32wininet.dll
    2013-02-05 20:05 . 2004-08-11 16:00 43520 ----a-w- c:windowssystem32licmgr10.dll
    2013-02-05 20:05 . 2004-08-11 16:00 1469440 ----a-w- c:windowssystem32inetcpl.cpl
    2013-02-05 05:53 . 2004-08-11 16:00 385024 ----a-w- c:windowssystem32html.iec
    2013-01-26 03:55 . 2004-08-11 16:00 552448 ----a-w- c:windowssystem32oleaut32.dll
    2013-01-07 01:19 . 2004-08-11 16:00 2148864 ----a-w- c:windowssystem32ntoskrnl.exe
    2013-01-07 00:37 . 2004-08-03 21:59 2027520 ----a-w- c:windowssystem32ntkrnlpa.exe
    2013-01-04 01:20 . 2004-08-11 16:00 1867264 ----a-w- c:windowssystem32win32k.sys
    2013-01-02 06:49 . 2004-08-11 16:00 1292288 ----a-w- c:windowssystem32quartz.dll
    2013-01-02 06:49 . 2004-08-11 16:00 148992 ----a-w- c:windowssystem32mpg2splt.ax
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOTCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:documents and settingsStudentApplication DataDropboxbinDropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOTCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:documents and settingsStudentApplication DataDropboxbinDropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOTCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:documents and settingsStudentApplication DataDropboxbinDropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOTCLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:documents and settingsStudentApplication DataDropboxbinDropboxExt.17.dll
    .
    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
    "ModemOnHold"="c:program filesNetWaitingnetWaiting.exe" [2003-09-10 20480]
    "swg"="c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe" [2007-08-28 68856]
    "Spotify Web Helper"="c:documents and settingsStudentApplication DataSpotifyDataSpotifyWebHelper.exe" [2013-03-27 1104280]
    "Spotify"="c:documents and settingsStudentApplication DataSpotifySpotify.exe" [2013-03-27 4480920]
    .
    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
    "Apoint"="c:program filesApointApoint.exe" [2005-10-06 176128]
    "igfxtray"="c:windowssystem32igfxtray.exe" [2005-12-13 98304]
    "igfxhkcmd"="c:windowssystem32hkcmd.exe" [2005-12-13 77824]
    "igfxpers"="c:windowssystem32igfxpers.exe" [2005-12-13 118784]
    "SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
    "IntelZeroConfig"="c:program filesIntelWirelessbinZCfgSvc.exe" [2006-10-18 802816]
    "IntelWireless"="c:program filesIntelWirelessBinifrmewrk.exe" [2006-10-18 696320]
    "Dell QuickSet"="c:program filesDellQuickSetquickset.exe" [2007-02-20 1191936]
    "ISUSPM Startup"="c:progra~1COMMON~1INSTAL~1UPDATE~1ISUSPM.exe" [2004-07-27 221184]
    "ISUSScheduler"="c:program filesCommon FilesInstallShieldUpdateServiceissch.exe" [2004-07-27 81920]
    "PDVDDXSrv"="c:program filesCyberLinkPowerDVD DXPDVDDXSrv.exe" [2006-10-20 118784]
    "SunJavaUpdateSched"="c:program filesJavajre6binjusched.exe" [2010-01-10 149280]
    "Nikon Message Center 2"="c:program filesNikonNikon Message Center 2NkMC2.exe" [2010-05-25 619008]
    "APSDaemon"="c:program filesCommon FilesAppleApple Application SupportAPSDaemon.exe" [2012-11-28 59280]
    "Adobe ARM"="c:program filesCommon FilesAdobeARM1.0AdobeARM.exe" [2012-12-03 946352]
    "QuickTime Task"="c:program filesQuickTimeQTTask.exe" [2012-10-25 421888]
    "iTunesHelper"="c:program filesiTunesiTunesHelper.exe" [2012-12-12 152544]
    "Trend Micro Client Framework"="c:program filesTrend MicroUniClientUiFrmWrkUIWatchDog.exe" [2012-07-25 133456]
    "Trend Micro Titanium"="c:program filesTrend MicroTitaniumUIFrameworkuiWinMgr.exe" [2012-07-25 1374864]
    .
    [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
    "CTFMON.EXE"="c:windowssystem32CTFMON.EXE" [2008-04-14 15360]
    .
    c:documents and settingsStudentStart MenuProgramsStartup
    Dropbox.lnk - c:documents and settingsStudentApplication DataDropboxbinDropbox.exe [2013-3-12 29106336]
    Logitech Touch Mouse Server.lnk - c:program filesLogitech Touch Mouse ServeriTouch-Server-Win.exe [2009-10-23 228352]
    .
    c:documents and settingsAll UsersStart MenuProgramsStartup
    Bluetooth Manager.lnk - c:program filesToshibaBluetooth Toshiba StackTosBtMng.exe [2005-11-18 1724416]
    .
    [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringTrendAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
    "%windir%system32sessmgr.exe"=
    "%windir%Network Diagnosticxpnetdiag.exe"=
    "c:Documents and SettingsStudentLocal SettingsApplication DataGoogleChromeApplicationchrome.exe"=
    "c:Program FilesFrostWire 5FrostWire.exe"=
    "c:Program FilesBonjourmDNSResponder.exe"=
    "c:Documents and SettingsStudentApplication DataDropboxbinDropbox.exe"=
    "c:Program FilesLogitech Touch Mouse ServeriTouch-Server-Win.exe"=
    "c:Program FilesCommon FilesAppleApple Application SupportWebKit2WebProcess.exe"=
    "c:Program FilesiTunesiTunes.exe"=
    "c:Documents and SettingsStudentApplication DataSpotifyspotify.exe"=
    "c:Program FilesSkypePhoneSkype.exe"=
    .
    R0 TMEBC;TMEBC;c:windowssystem32driversTMEBC32.sys [3/27/2013 10:03 PM 38328]
    R1 tmeext;tmeext;c:windowssystem32driverstmeext.sys [3/27/2013 10:04 PM 90808]
    R1 tmevtmgr;tmevtmgr;c:windowssystem32driverstmevtmgr.sys [3/27/2013 10:03 PM 75624]
    R3 tmnciesc;tmnciesc;c:windowssystem32driverstmnciesc.sys [3/27/2013 10:04 PM 171064]
    S2 Amsp;Trend Micro Solution Platform;c:program filesTrend MicroAMSPcoreServiceShell.exe [3/27/2013 10:01 PM 221264]
    S2 FreemakeVideoCapture;FreemakeVideoCapture;"c:program filesFreemakeCaptureLibCaptureLibService.exe" --> c:program filesFreemakeCaptureLibCaptureLibService.exe [?]
    S2 MBAMScheduler;MBAMScheduler;c:program filesMalwarebytes' Anti-Malwarembamscheduler.exe [3/27/2013 10:17 PM 398184]
    S2 MBAMService;MBAMService;c:program filesMalwarebytes' Anti-Malwarembamservice.exe [3/27/2013 10:17 PM 682344]
    S2 Skype C2C Service;Skype C2C Service;c:documents and settingsAll UsersApplication DataSkypeToolbarsSkype C2C Servicec2c_service.exe [1/31/2013 11:38 AM 3289208]
    S2 SkypeUpdate;Skype Updater;c:program filesSkypeUpdaterUpdater.exe [11/9/2012 6:21 AM 160944]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:program filesAVGAVG10ToolbarToolbarBroker.exe --> c:program filesAVGAVG10ToolbarToolbarBroker.exe [?]
    S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [3/27/2013 10:17 PM 21104]
    S3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX7000 Filter Driver;c:windowssystem32driversnx6000.sys [5/31/2008 9:42 PM 33808]
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-04-01 c:windowsTasksAdobe Flash Player Updater.job
    - c:windowssystem32MacromedFlashFlashPlayerUpdateService.exe [2013-02-25 23:48]
    .
    2013-03-28 c:windowsTasksAppleSoftwareUpdate.job
    - c:program filesApple Software UpdateSoftwareUpdate.exe [2011-06-01 22:57]
    .
    2013-03-31 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-577909240-3888902602-3002504040-1005Core.job
    - c:documents and settingsStudentLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2010-06-09 00:53]
    .
    2013-04-01 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-577909240-3888902602-3002504040-1005UA.job
    - c:documents and settingsStudentLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2010-06-09 00:53]
    .
    2013-04-01 c:windowsTasksUser_Feed_Synchronization-{972C6162-CAF9-4AE8-9E30-4E803D8C5149}.job
    - c:windowssystem32msfeedssync.exe [2006-10-17 02:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = about:blank
    mStart Page = about:blank
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    Trusted Zone: intuit.comttlc
    TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
    DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2013-04-01 18:39
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    Completion time: 2013-04-01 18:41:56
    ComboFix-quarantined-files.txt 2013-04-01 22:41
    ComboFix2.txt 2013-03-30 01:50
    .
    Pre-Run: 47,075,835,904 bytes free
    Post-Run: 47,057,612,800 bytes free
    .
    - - End Of File - - 2608323480C59D50422CA2505D4629CB
  3. I guess I have a faulty wifi connection... I connected via ethernet and was able to run the full scan. Here's the log:
    ESET
    C:Program FilesGoforFilesuninstall.exe a variant of Win32/YourFileDownloader.B application
    C:System Volume Information_restore{46DE8921-1D39-44D2-A9E9-64119261F211}RP1188A0219292.exe a variant of Win32/Adware.MediaFinder.F application
    I waiting on your wisdom for the next step. Thanks
  4. I uninstalled utorrent (hopefully completely) by deleting the data application from the C:/ drive. Do you think I should also run a CCleaner in order to delete associated files? I found that reccommendation on another site and it seemed like a good idea to do that perhaps at a later point in time.

     

    I'm not able to get past step 2 of the ESET scan. During the initialization stage, it reaches 98% and then a red message appears telling me it cannot get an update and asks me if the proxy is configured. I went back and tried to see if I could configure it but I don't understand what information I need to fill in for the proxy address, port, username, and password... should I have this information somewhere? It would seem I need to configure the proxy in order to get through the scan. How can I complete this?

  5. I actually did try to uninstall utorrent because I understand it makes the computer very vulnerable. I guess I wasn't able to successfully uninstall it or maybe the system restore brought it back. I will uninstall it and run this other scan this evening.

     

    The computer seems to be running better already - I've stopped receiving the error message I got before. Thanks so much for all your help! :)

  6. C:ComboFix.txt
    ComboFix 13-03-28.01 - Student 03/29/2013 21:17:58.1.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.595 [GMT -4:00]
    Running from: c:documents and settingsStudentDesktopComboFix.exe
    AV: Trend Micro Titanium *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:documents and settingsStudentApplication DataOfferBox
    c:documents and settingsStudentApplication DataOfferBoxconfig.xml
    c:windowssystem32Cache
    c:windowssystem32Cache12a062a32be8b9e5.fb
    c:windowssystem32Cache217a0231d125fc4c.fb
    c:windowssystem32Cache26c630d098e22dd5.fb
    c:windowssystem32Cache272512937d9e61a4.fb
    c:windowssystem32Cache287204568329e189.fb
    c:windowssystem32Cache28bc8f716fd76a47.fb
    c:windowssystem32Cache2c53092c95605355.fb
    c:windowssystem32Cache31a0997e9a5b5eb3.fb
    c:windowssystem32Cache32c84fe32bb74d60.fb
    c:windowssystem32Cache3917078cb68ec657.fb
    c:windowssystem32Cache590ba23ce359fd0c.fb
    c:windowssystem32Cache610289e025a3ee9a.fb
    c:windowssystem32Cache64cf7eb1483e5388.fb
    c:windowssystem32Cache651c5d3cdbfb8bd1.fb
    c:windowssystem32Cache6c59ac5e7e7a3ad0.fb
    c:windowssystem32Cache6d03dad1035885d3.fb
    c:windowssystem32Cache71a35ad13a073272.fb
    c:windowssystem32Cache72cc590af6c4e25b.fb
    c:windowssystem32Cache95f567698be8a182.fb
    c:windowssystem32Cachea8556537add6dfc5.fb
    c:windowssystem32Cachead10a52aff5e038d.fb
    c:windowssystem32Cachebf73f9477f409734.fb
    c:windowssystem32Cachec1fa887b03019701.fb
    c:windowssystem32Cachec4d28dca2e7648be.fb
    c:windowssystem32Cachec87c3cef715fe591.fb
    c:windowssystem32Cached201ef9910cd39de.fb
    c:windowssystem32Cached2e94710a5708128.fb
    c:windowssystem32Cached79b9dfe81484ec4.fb
    c:windowssystem32Cachee0de16f883bea794.fb
    c:windowssystem32Cachef637ef6ed8bf1e21.fb
    c:windowssystem32Cachef998975c9cc711ee.fb
    c:windowssystem32driversetchosts.ics
    c:windowssystem32URTTemp
    c:windowssystem32URTTempfusion.dll
    c:windowssystem32URTTempmscoree.dll
    c:windowssystem32URTTempmscoree.dll.local
    c:windowssystem32URTTempmscorsn.dll
    c:windowssystem32URTTempmscorwks.dll
    c:windowssystem32URTTempmsvcr71.dll
    c:windowssystem32URTTempregtlib.exe
    c:windowswininit.ini
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------Legacy_NPF
    .
    .
    ((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-30 )))))))))))))))))))))))))))))))
    .
    .
    2013-03-28 02:25 . 2013-03-28 04:42 181808 ----a-w- c:windowsRegBootClean.exe
    2013-03-28 02:18 . 2013-03-28 02:18 -------- d-----w- c:documents and settingsStudentApplication DataMalwarebytes
    2013-03-28 02:17 . 2013-03-28 02:17 -------- d-----w- c:documents and settingsAll UsersApplication DataMalwarebytes
    2013-03-28 02:17 . 2012-12-14 20:49 21104 ----a-w- c:windowssystem32driversmbam.sys
    2013-03-28 02:08 . 2013-03-28 02:08 -------- d-----w- C:TMRescueDisk
    2013-03-28 02:04 . 2012-07-11 08:35 90808 ----a-w- c:windowssystem32driverstmeext.sys
    2013-03-28 02:04 . 2012-07-06 03:33 171064 ----a-w- c:windowssystem32driverstmnciesc.sys
    2013-03-28 02:04 . 2012-05-02 19:27 92304 ----a-w- c:windowssystem32driverstmtdi.sys
    2013-03-28 02:03 . 2012-07-12 10:30 94200 ----a-w- c:windowssystem32driverstmactmon.sys
    2013-03-28 02:03 . 2012-07-12 10:29 75624 ----a-w- c:windowssystem32driverstmevtmgr.sys
    2013-03-28 02:03 . 2012-07-12 10:29 257928 ----a-w- c:windowssystem32driverstmcomm.sys
    2013-03-28 02:03 . 2012-08-24 13:06 38328 ----a-w- c:windowssystem32driversTMEBC32.sys
    2013-03-28 02:02 . 2013-03-28 02:02 59 ----a-w- c:windowssystem32SupportTool.exe.bat
    2013-03-28 02:01 . 2013-03-28 02:25 -------- d-----w- c:documents and settingsAll UsersApplication DataTrend Micro
    2013-03-28 01:27 . 2013-03-28 02:07 -------- d-----w- c:program filesTrend Micro
    2013-03-26 23:02 . 2013-03-26 23:02 -------- d-----w- c:windowssystem32wbemRepository
    2013-03-26 23:02 . 2013-03-26 23:02 -------- d-----w- c:program filesCommon FilesSkype
    2013-03-26 22:58 . 2013-03-26 23:32 -------- d-----w- c:documents and settingsStudentApplication DatauTorrent
    2013-03-25 03:01 . 2013-03-25 03:01 -------- d-----w- c:documents and settingsStudentApplication DataDriverCure
    2013-03-23 22:59 . 2013-03-28 02:18 -------- d-----w- c:program filesMalwarebytes' Anti-Malware
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-03-26 23:48 . 2013-02-25 03:55 693976 ----a-w- c:windowssystem32FlashPlayerApp.exe
    2013-03-26 23:48 . 2013-02-25 03:55 73432 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl
    2013-02-12 00:32 . 2009-08-02 15:48 12928 ----a-w- c:windowssystem32driversusb8023x.sys
    2013-02-12 00:32 . 2004-08-11 16:00 12928 ----a-w- c:windowssystem32driversusb8023.sys
    2013-02-05 20:05 . 2004-08-11 16:00 916480 ----a-w- c:windowssystem32wininet.dll
    2013-02-05 20:05 . 2004-08-11 16:00 43520 ----a-w- c:windowssystem32licmgr10.dll
    2013-02-05 20:05 . 2004-08-11 16:00 1469440 ----a-w- c:windowssystem32inetcpl.cpl
    2013-02-05 05:53 . 2004-08-11 16:00 385024 ----a-w- c:windowssystem32html.iec
    2013-01-26 03:55 . 2004-08-11 16:00 552448 ----a-w- c:windowssystem32oleaut32.dll
    2013-01-07 01:19 . 2004-08-11 16:00 2148864 ----a-w- c:windowssystem32ntoskrnl.exe
    2013-01-07 00:37 . 2004-08-03 21:59 2027520 ----a-w- c:windowssystem32ntkrnlpa.exe
    2013-01-04 01:20 . 2004-08-11 16:00 1867264 ----a-w- c:windowssystem32win32k.sys
    2013-01-02 06:49 . 2004-08-11 16:00 1292288 ----a-w- c:windowssystem32quartz.dll
    2013-01-02 06:49 . 2004-08-11 16:00 148992 ----a-w- c:windowssystem32mpg2splt.ax
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOTCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:documents and settingsStudentApplication DataDropboxbinDropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOTCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:documents and settingsStudentApplication DataDropboxbinDropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOTCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:documents and settingsStudentApplication DataDropboxbinDropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOTCLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:documents and settingsStudentApplication DataDropboxbinDropboxExt.17.dll
    .
    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
    "ModemOnHold"="c:program filesNetWaitingnetWaiting.exe" [2003-09-10 20480]
    "swg"="c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe" [2007-08-28 68856]
    "Spotify Web Helper"="c:documents and settingsStudentApplication DataSpotifyDataSpotifyWebHelper.exe" [2013-03-27 1104280]
    "Spotify"="c:documents and settingsStudentApplication DataSpotifySpotify.exe" [2013-03-27 4480920]
    .
    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
    "Apoint"="c:program filesApointApoint.exe" [2005-10-06 176128]
    "igfxtray"="c:windowssystem32igfxtray.exe" [2005-12-13 98304]
    "igfxhkcmd"="c:windowssystem32hkcmd.exe" [2005-12-13 77824]
    "igfxpers"="c:windowssystem32igfxpers.exe" [2005-12-13 118784]
    "SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
    "IntelZeroConfig"="c:program filesIntelWirelessbinZCfgSvc.exe" [2006-10-18 802816]
    "IntelWireless"="c:program filesIntelWirelessBinifrmewrk.exe" [2006-10-18 696320]
    "Dell QuickSet"="c:program filesDellQuickSetquickset.exe" [2007-02-20 1191936]
    "ISUSPM Startup"="c:progra~1COMMON~1INSTAL~1UPDATE~1ISUSPM.exe" [2004-07-27 221184]
    "ISUSScheduler"="c:program filesCommon FilesInstallShieldUpdateServiceissch.exe" [2004-07-27 81920]
    "PDVDDXSrv"="c:program filesCyberLinkPowerDVD DXPDVDDXSrv.exe" [2006-10-20 118784]
    "SunJavaUpdateSched"="c:program filesJavajre6binjusched.exe" [2010-01-10 149280]
    "Nikon Message Center 2"="c:program filesNikonNikon Message Center 2NkMC2.exe" [2010-05-25 619008]
    "APSDaemon"="c:program filesCommon FilesAppleApple Application SupportAPSDaemon.exe" [2012-11-28 59280]
    "Adobe ARM"="c:program filesCommon FilesAdobeARM1.0AdobeARM.exe" [2012-12-03 946352]
    "QuickTime Task"="c:program filesQuickTimeQTTask.exe" [2012-10-25 421888]
    "iTunesHelper"="c:program filesiTunesiTunesHelper.exe" [2012-12-12 152544]
    "Trend Micro Client Framework"="c:program filesTrend MicroUniClientUiFrmWrkUIWatchDog.exe" [2012-07-25 133456]
    "Trend Micro Titanium"="c:program filesTrend MicroTitaniumUIFrameworkuiWinMgr.exe" [2012-07-25 1374864]
    .
    [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
    "CTFMON.EXE"="c:windowssystem32CTFMON.EXE" [2008-04-14 15360]
    .
    c:documents and settingsStudentStart MenuProgramsStartup
    Dropbox.lnk - c:documents and settingsStudentApplication DataDropboxbinDropbox.exe [2013-3-12 29106336]
    Logitech Touch Mouse Server.lnk - c:program filesLogitech Touch Mouse ServeriTouch-Server-Win.exe [2009-10-23 228352]
    .
    c:documents and settingsAll UsersStart MenuProgramsStartup
    Bluetooth Manager.lnk - c:program filesToshibaBluetooth Toshiba StackTosBtMng.exe [2005-11-18 1724416]
    .
    [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringTrendAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
    "%windir%system32sessmgr.exe"=
    "%windir%Network Diagnosticxpnetdiag.exe"=
    "c:Documents and SettingsStudentLocal SettingsApplication DataGoogleChromeApplicationchrome.exe"=
    "c:Program FilesFrostWire 5FrostWire.exe"=
    "c:Program FilesBonjourmDNSResponder.exe"=
    "c:Documents and SettingsStudentApplication DataDropboxbinDropbox.exe"=
    "c:Program FilesLogitech Touch Mouse ServeriTouch-Server-Win.exe"=
    "c:Program FilesCommon FilesAppleApple Application SupportWebKit2WebProcess.exe"=
    "c:Program FilesiTunesiTunes.exe"=
    "c:Documents and SettingsStudentApplication DataSpotifyspotify.exe"=
    "c:Program FilesSkypePhoneSkype.exe"=
    .
    R0 TMEBC;TMEBC;c:windowssystem32driversTMEBC32.sys [3/27/2013 10:03 PM 38328]
    R1 tmeext;tmeext;c:windowssystem32driverstmeext.sys [3/27/2013 10:04 PM 90808]
    R1 tmevtmgr;tmevtmgr;c:windowssystem32driverstmevtmgr.sys [3/27/2013 10:03 PM 75624]
    R2 MBAMScheduler;MBAMScheduler;c:program filesMalwarebytes' Anti-Malwarembamscheduler.exe [3/27/2013 10:17 PM 398184]
    R2 MBAMService;MBAMService;c:program filesMalwarebytes' Anti-Malwarembamservice.exe [3/27/2013 10:17 PM 682344]
    R2 Skype C2C Service;Skype C2C Service;c:documents and settingsAll UsersApplication DataSkypeToolbarsSkype C2C Servicec2c_service.exe [1/31/2013 11:38 AM 3289208]
    R3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [3/27/2013 10:17 PM 21104]
    R3 tmnciesc;tmnciesc;c:windowssystem32driverstmnciesc.sys [3/27/2013 10:04 PM 171064]
    S2 Amsp;Trend Micro Solution Platform;c:program filesTrend MicroAMSPcoreServiceShell.exe [3/27/2013 10:01 PM 221264]
    S2 FreemakeVideoCapture;FreemakeVideoCapture;"c:program filesFreemakeCaptureLibCaptureLibService.exe" --> c:program filesFreemakeCaptureLibCaptureLibService.exe [?]
    S2 SkypeUpdate;Skype Updater;c:program filesSkypeUpdaterUpdater.exe [11/9/2012 6:21 AM 160944]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:program filesAVGAVG10ToolbarToolbarBroker.exe --> c:program filesAVGAVG10ToolbarToolbarBroker.exe [?]
    S3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX7000 Filter Driver;c:windowssystem32driversnx6000.sys [5/31/2008 9:42 PM 33808]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - WS2IFSL
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-03-30 c:windowsTasksAdobe Flash Player Updater.job
    - c:windowssystem32MacromedFlashFlashPlayerUpdateService.exe [2013-02-25 23:48]
    .
    2013-03-28 c:windowsTasksAppleSoftwareUpdate.job
    - c:program filesApple Software UpdateSoftwareUpdate.exe [2011-06-01 22:57]
    .
    2013-03-29 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-577909240-3888902602-3002504040-1005Core.job
    - c:documents and settingsStudentLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2010-06-09 00:53]
    .
    2013-03-30 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-577909240-3888902602-3002504040-1005UA.job
    - c:documents and settingsStudentLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2010-06-09 00:53]
    .
    2013-03-30 c:windowsTasksUser_Feed_Synchronization-{972C6162-CAF9-4AE8-9E30-4E803D8C5149}.job
    - c:windowssystem32msfeedssync.exe [2006-10-17 02:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = about:blank
    mStart Page = about:blank
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    Trusted Zone: intuit.comttlc
    TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
    DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
    Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    HKCU-Run-Search Protection - c:program filesYahoo!Search ProtectionSearchProtection.exe
    HKCU-Run-Logitech Vid HD - c:program filesLogitechVidvid.exe
    HKLM-Run-DivXMediaServer - c:program filesDivXDivX Media ServerDivXMediaServer.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2013-03-29 21:40
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'explorer.exe'(4060)
    c:windowssystem32WININET.dll
    c:documents and settingsStudentApplication DataDropboxbinDropboxExt.17.dll
    c:windowssystem32ieframe.dll
    c:windowssystem32webcheck.dll
    c:windowssystem32WPDShServiceObj.dll
    c:windowssystem32PortableDeviceTypes.dll
    c:windowssystem32PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:program filesIntelWirelessBinEvtEng.exe
    c:program filesIntelWirelessBinS24EvMon.exe
    c:program filesIntelWirelessBinWLKeeper.exe
    c:program filesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    c:program filesBonjourmDNSResponder.exe
    c:program filesJavajre6binjqs.exe
    c:program filesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
    c:program filesIntelWirelessBinRegSrvc.exe
    c:program filesMalwarebytes' Anti-Malwarembamgui.exe
    c:windowsstsystra.exe
    c:program filesApointHidFind.exe
    c:program filesApointApntex.exe
    c:windowssystem32igfxsrvc.exe
    c:program filesiPodbiniPodService.exe
    c:program filesToshibaBluetooth Toshiba StackTosA2dp.exe
    c:program filesToshibaBluetooth Toshiba StackTosBtHid.exe
    c:program filesToshibaBluetooth Toshiba StackTosBtHsp.exe
    c:program filesIntelWirelessBinDot1XCfg.exe
    c:program filesToshibaBluetooth Toshiba StacktosOBEX.exe
    c:program filesToshibaBluetooth Toshiba StacktosBtProc.exe
    c:program filesJavajre6binjucheck.exe
    c:windowssystem32wscntfy.exe
    .
    **************************************************************************
    .
    Completion time: 2013-03-29 21:50:35 - machine was rebooted
    ComboFix-quarantined-files.txt 2013-03-30 01:50
    .
    Pre-Run: 46,099,451,904 bytes free
    Post-Run: 46,671,237,120 bytes free
    .
    WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)WINDOWS
    [operating systems]
    c:cmdconsBOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(2)WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
    .
    - - End Of File - - 341FEF0BB95D3CD4292653163FCAAB48
  7. Hi, thanks for your response. Here is the Malwarebytes log from the full scan:

     

     

     

    Malwarebytes Anti-Malware (Trial) 1.70.0.1100
    www.malwarebytes.org
    Database version: v2013.03.28.01
    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Student :: MS-F07-05 [administrator]
    Protection: Enabled
    3/27/2013 10:23:17 PM
    mbam-log-2013-03-27 (22-23-17).txt
    Scan type: Full scan (C:|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 319852
    Time elapsed: 3 hour(s), 34 minute(s), 14 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 29
    HKCRAppID{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKCRAppID{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKCRAppID{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKCRAppID{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKCRAppID{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Quarantined and deleted successfully.
    HKCRTypelib{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKCRInterface{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKCUSOFTWAREMicrosoftInternet ExplorerSearchScopes{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKCUSOFTWAREMicrosoftWindowsCurrentVersionExtSettings{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKCUSOFTWAREMicrosoftWindowsCurrentVersionExtStats{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKCUSOFTWAREMicrosoftWindowsCurrentVersionExtStats{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKCUSOFTWAREMicrosoftWindowsCurrentVersionExtStats{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKCRMenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKCRMenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKCRShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKCRShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKCRAppIDMenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKCUSOFTWAREMediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
    HKCUSoftwareclickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKLMSOFTWAREClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKLMSOFTWAREResultBar (Adware.ResultBar) -> Quarantined and deleted successfully.
    HKLMSYSTEMCurrentControlSetEnumRootLEGACY_RESULTBAR_SERVICE (Adware.ResultBar) -> Quarantined and deleted successfully.
    HKLMSYSTEMCurrentControlSetServicesResultBar Service (Adware.ResultBar) -> Quarantined and deleted successfully.
    Registry Values Detected: 5
    HKCUSOFTWAREMicrosoftInternet ExplorerToolbarWebBrowser{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Data: -> Quarantined and deleted successfully.
    HKCUSOFTWAREMicrosoftInternet ExplorerToolbarWebBrowser|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Data: a·¸+߬H»à¼À:›; -> Quarantined and deleted successfully.
    HKCUSOFTWAREMicrosoftInternet ExplorerMenuExt&Search| (Adware.Hotbar) -> Data: http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000336&p=ZRman000&si=&a=3y1hhhtNOsq.8uqSY2ou2A&n=2010092416 -> Quarantined and deleted successfully.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionInternet Settings5.0User AgentPost Platform|SRS_IT_E8790477B6765C503EA091 (Malware.Trace) -> Data: -> Quarantined and deleted successfully.
    HKLMSOFTWAREMozillaFirefoxextensions|[email protected] (Adware.ClickPotato) -> Data: C:Program FilesClickPotatoLitebin11.0.16.0firefoxextensions -> Quarantined and deleted successfully.
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 12
    C:Documents and SettingsAll UsersApplication Data2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersApplication DataClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Documents and SettingsStudentApplication DataClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersApplication DataResultBar (Adware.ResultBar) -> Quarantined and deleted successfully.
    C:Program FilesClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Program FilesClickPotatoLitebin (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Program FilesClickPotatoLitebin11.0.16.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Program FilesClickPotatoLitebin11.0.16.0firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Program FilesClickPotatoLitebin11.0.16.0firefoxextensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Program FilesClickPotatoLitebin11.0.16.0firefoxextensionsplugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Program FilesResultBar (Adware.ResultBar) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersStart MenuProgramsClickPotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
    Files Detected: 14
    C:Documents and SettingsStudentLocal SettingsTempclickpotatolitesa.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:program filesclickpotatolitebin11.0.16.0firefoxextensionspluginsnpclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:System Volume Information_restore{46DE8921-1D39-44D2-A9E9-64119261F211}RP1187A0217910.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:System Volume Information_restore{46DE8921-1D39-44D2-A9E9-64119261F211}RP1187A0217936.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersApplication DataClickPotatoLiteSAClickPotatoLiteSA.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersApplication DataClickPotatoLiteSAClickPotatoLiteSAAbout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersApplication DataClickPotatoLiteSAClickPotatoLiteSAau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersApplication DataClickPotatoLiteSAClickPotatoLiteSAEULA.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersApplication DataClickPotatoLiteSAClickPotatoLiteSA_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Program FilesClickPotatoLitebin11.0.16.0copyright.txt (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Program FilesClickPotatoLitebin11.0.16.0firefoxextensionsinstall.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersStart MenuProgramsClickPotatoAbout Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersStart MenuProgramsClickPotatoClickPotato Customer Support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
    C:Documents and SettingsAll UsersStart MenuProgramsClickPotatoClickPotato Uninstall Instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
    (end)
  8. Hi! Help! I have a Dell Windows XP computer and recently I keep receiving a DLL bad image error message for just about every program on my computer which says something like "The application or DLL name.DLL is not a valid windows Image. Please check this against your installation diskette."

     

    I've run AVG and no threats appear. I did a full Malwarebytes scan and although it did remove some malware, it didn't fix the problem. I also tried to do a system restore but that didn't fix it either.

     

    I'm thinking about trying to do a clean install reinstallation of Windows but I know this is a long process and I'm wondering if there's a faster, better way to get rid of the infection.

     

    Any help will be so very greatly appreciated!! I never know what to do with computers when these things happen. Thanks! :) Kate

×
×
  • Create New...