Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
FBI ransomeware help
Message
<blockquote data-quote="kuttus" data-source="post: 124177" data-attributes="member: 2676"><p><span style="font-size: 15px">STEP 1: Run the below OTL fix</span></p><p><ol><li>Start <<strong>>OTL.exe</<strong>></li></strong></strong></p><p><strong><strong> <li>Copy/paste the following text written <<strong>>inside of the code box</<strong>> into the <<strong>>Custom Scans/Fixes</<strong>> box located at the bottom of OTL</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[code]</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>:OTL</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>O4 - HKCU..\Run: [Adobe CSS5.1 Manager] C:\Users\WALL_E_Machine\AppData\Local\26f3a422-fb45-4176-b216-398128ebb437ad\fafbbebbad.exe ()</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>O4 - HKCU..\RunOnce: [Adobe CSS5.1 Manager] C:\Users\WALL_E_Machine\AppData\Local\26f3a422-fb45-4176-b216-398128ebb437ad\fafbbebbad.exe ()</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>O33 - MountPoints2\{797262f6-6ad2-11df-b9df-002511104264}\Shell\AutoRun\command - "" = RECYCLE\D-0-060-0000000000-1111111-2222222\rYan.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>O33 - MountPoints2\{797262f6-6ad2-11df-b9df-002511104264}\Shell\open\command - "" = RECYCLE\D-0-060-0000000000-1111111-2222222\rYan.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:41:21 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\skype74991.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:23 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\jqs389835.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:22 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\iexplore547765.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:03 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\csrss465821.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:01 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\ctfmon430808.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:54:18 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\teamviewer680284.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:39:31 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\csrss390766.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:45 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\iexplore.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:45 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\ctfmon.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 22:03:03 | 000,000,000 | ---D | C] -- C:\ProgramData\uulcb</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:11:34 | 000,000,000 | ---D | C] -- C:\Users\WALL_E_Machine\AppData\Local\26f3a422-fb45-4176-b216-398128ebb437ad</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2008/01/20 19:25:01 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\AppData\Roaming\skype.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 11:48:34 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 11:48:34 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 11:36:03 | 000,000,004 | ---- | M] () -- C:\Users\WALL_E_Machine\AppData\Roaming\skype.ini</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 10:59:12 | 000,001,356 | ---- | M] () -- C:\Users\WALL_E_Machine\AppData\Local\d3d9caps.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:41:50 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\notepad195278.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:41:45 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\firefox460819.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:41:44 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jucheck909716.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:41:44 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jqs146643.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:41:43 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\skype74991.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:59 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\flashplayer847836.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:50 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\msconfig741009.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:49 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\iexplore547765.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:49 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jucheck349047.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:49 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\iexplore206868.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:39 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\acrobatreader104475.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:31 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\flashplayer616566.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:30 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\jqs389835.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:30 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\windowsupdate78939.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:30 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jucheck124054.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:21 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\alg823879.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:16 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\spoolsv308296.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:16 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\opera203257.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:16 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\mstsc480472.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:15 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\windowsupdate429439.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:15 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\ctfmon430808.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:10 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\winlogon272365.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:10 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\mstsc41734.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:09 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\csrss465821.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:09 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\icq258255.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:54:29 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\alg922821.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:54:23 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\java14167.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:54:23 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\alg454437.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:54:22 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\teamviewer680284.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:54:22 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\googleupdate151685.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:39:54 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\alg532148.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:39:49 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\icq847123.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:39:48 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\csrss390766.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:39:48 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\opera558248.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:39:48 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\flashplayer283708.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:35:03 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\csrss426490.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:35:00 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\conhost.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:54 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\winlogon.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:53 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\ctfmon.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:53 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\spoolsv.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:53 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\googleupdate.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:53 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\firefox.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:53 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\csrss.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:52 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\iexplore.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:52 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\rundll32.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 21:43:25 | 000,001,940 | ---- | M] () -- C:\Users\WALL_E_Machine\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:45:26 | 000,229,376 | ---- | M] () -- C:\Users\WALL_E_Machine\acrobat460929.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:45:20 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\windowsupdate698494.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:45:19 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\csrss482630.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:45:16 | 000,156,160 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\acrobat544243.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:44:18 | 000,229,376 | ---- | M] () -- C:\Users\WALL_E_Machine\mstsc.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:44:14 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\skype.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:16:34 | 000,229,376 | ---- | M] () -- C:\Users\WALL_E_Machine\msconfig.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:16:07 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jucheck.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:16:02 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\opera.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:15:57 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\alg.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:55:45 | 000,229,376 | ---- | M] () -- C:\Users\WALL_E_Machine\notepad.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:55:38 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\flashplayer.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:55:37 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\acrobatreader.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:30:53 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\icq.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:16:46 | 000,229,376 | ---- | M] () -- C:\Users\WALL_E_Machine\java.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:16:21 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\vlcplayer.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:16:21 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jqs.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:16:16 | 000,156,160 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\teamviewer.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:11:25 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\acrobat.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:11:10 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\windowsupdate.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:11:10 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\chrome.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 09:27:32 | 000,005,105 | ---- | M] () -- C:\ProgramData\iqrjmdeq.fak</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:41:46 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\notepad195278.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:41:45 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\firefox460819.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:41:44 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jucheck909716.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:41:44 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jqs146643.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:50 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\flashplayer847836.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:50 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\msconfig741009.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:49 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jucheck349047.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:49 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\iexplore206868.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:32 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\acrobatreader104475.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:31 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\flashplayer616566.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:30 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\windowsupdate78939.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:30:30 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jucheck124054.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:16 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\alg823879.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:16 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\spoolsv308296.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:16 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\opera203257.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:16 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\mstsc480472.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:11 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\windowsupdate429439.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:10 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\winlogon272365.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:10 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\mstsc41734.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 07:00:09 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\icq258255.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:54:24 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\alg922821.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:54:23 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\java14167.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:54:23 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\alg454437.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:54:22 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\googleupdate151685.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:39:49 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\alg532148.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:39:49 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\icq847123.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:39:48 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\opera558248.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:39:48 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\flashplayer283708.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:37:58 | 000,000,004 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Roaming\skype.ini</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:54 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\csrss426490.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:54 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\conhost.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:54 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\winlogon.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:53 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\spoolsv.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:53 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\googleupdate.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:53 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\firefox.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:53 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\csrss.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/07 06:34:52 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\rundll32.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:45:21 | 000,229,376 | ---- | C] () -- C:\Users\WALL_E_Machine\acrobat460929.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:45:20 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\windowsupdate698494.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:45:19 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\csrss482630.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:44:15 | 000,229,376 | ---- | C] () -- C:\Users\WALL_E_Machine\mstsc.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:44:14 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\skype.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:16:07 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jucheck.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:16:06 | 000,229,376 | ---- | C] () -- C:\Users\WALL_E_Machine\msconfig.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:16:02 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\opera.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 13:15:57 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\alg.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:55:38 | 000,229,376 | ---- | C] () -- C:\Users\WALL_E_Machine\notepad.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:55:38 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\flashplayer.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:55:37 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\acrobatreader.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:30:53 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\icq.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:16:22 | 000,229,376 | ---- | C] () -- C:\Users\WALL_E_Machine\java.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:16:21 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\vlcplayer.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:16:21 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jqs.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:11:25 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\acrobat.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:11:10 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\windowsupdate.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 11:11:10 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\chrome.exe</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/06/06 09:27:32 | 000,005,105 | ---- | C] () -- C:\ProgramData\iqrjmdeq.fak</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2013/03/30 20:32:05 | 000,192,000 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Roaming\dbu32.ocx</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2012/06/26 09:39:13 | 000,000,024 | ---- | C] () -- C:\Users\WALL_E_Machine\random.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2011/11/06 18:40:51 | 000,000,040 | ---- | C] () -- C:\Users\WALL_E_Machine\jagex_cl_runescape_LIVE.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2011/08/25 18:19:33 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Local\{FADB0738-F621-45C3-A7EE-C33A9127BE25}</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2011/01/04 18:43:31 | 000,001,940 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2010/11/12 23:44:53 | 000,001,356 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Local\d3d9caps.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2010/04/05 21:38:46 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jagex__preferences3.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2010/02/20 14:48:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2009/10/04 17:32:42 | 000,038,400 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2009/09/03 16:17:17 | 000,000,129 | ---- | C] () -- C:\Users\WALL_E_Machine\jagex_runescape_preferences2.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2009/08/15 09:49:38 | 000,000,452 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Roaming\wklnhst.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[2009/06/27 11:00:27 | 000,000,046 | ---- | C] () -- C:\Users\WALL_E_Machine\jagex_runescape_preferences.dat</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>:commands</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[emptytemp]</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[reboot]</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong>[/code]</strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><<strong>><span style="color: #FF0000">NOTICE:</span> This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system</<strong>></li></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong> <li>Then click the <<strong>>Run Fix</<strong>> button at the top</li></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong> <li>Let the program run unhindered, reboot when it is done</li></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong> <li>Attach the new log produced by OTL (C:\_OTL)</li></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong></ol></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><hr /></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p></blockquote><p></p>
[QUOTE="kuttus, post: 124177, member: 2676"] [SIZE=4]STEP 1: Run the below OTL fix[/SIZE] <ol><li>Start <[b]>OTL.exe</[b]></li> <li>Copy/paste the following text written <[b]>inside of the code box</[b]> into the <[b]>Custom Scans/Fixes</[b]> box located at the bottom of OTL [code] :OTL O4 - HKCU..\Run: [Adobe CSS5.1 Manager] C:\Users\WALL_E_Machine\AppData\Local\26f3a422-fb45-4176-b216-398128ebb437ad\fafbbebbad.exe () O4 - HKCU..\RunOnce: [Adobe CSS5.1 Manager] C:\Users\WALL_E_Machine\AppData\Local\26f3a422-fb45-4176-b216-398128ebb437ad\fafbbebbad.exe () O33 - MountPoints2\{797262f6-6ad2-11df-b9df-002511104264}\Shell\AutoRun\command - "" = RECYCLE\D-0-060-0000000000-1111111-2222222\rYan.exe O33 - MountPoints2\{797262f6-6ad2-11df-b9df-002511104264}\Shell\open\command - "" = RECYCLE\D-0-060-0000000000-1111111-2222222\rYan.exe [2013/06/07 07:41:21 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\skype74991.exe [2013/06/07 07:30:23 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\jqs389835.exe [2013/06/07 07:30:22 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\iexplore547765.exe [2013/06/07 07:00:03 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\csrss465821.exe [2013/06/07 07:00:01 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\ctfmon430808.exe [2013/06/07 06:54:18 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\teamviewer680284.exe [2013/06/07 06:39:31 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\csrss390766.exe [2013/06/07 06:34:45 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\iexplore.exe [2013/06/07 06:34:45 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\ctfmon.exe [2013/06/06 22:03:03 | 000,000,000 | ---D | C] -- C:\ProgramData\uulcb [2013/06/06 11:11:34 | 000,000,000 | ---D | C] -- C:\Users\WALL_E_Machine\AppData\Local\26f3a422-fb45-4176-b216-398128ebb437ad [2008/01/20 19:25:01 | 000,148,992 | ---- | C] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\AppData\Roaming\skype.dat [2013/06/07 11:48:34 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/06/07 11:48:34 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/06/07 11:36:03 | 000,000,004 | ---- | M] () -- C:\Users\WALL_E_Machine\AppData\Roaming\skype.ini [2013/06/07 10:59:12 | 000,001,356 | ---- | M] () -- C:\Users\WALL_E_Machine\AppData\Local\d3d9caps.dat [2013/06/07 07:41:50 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\notepad195278.exe [2013/06/07 07:41:45 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\firefox460819.exe [2013/06/07 07:41:44 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jucheck909716.exe [2013/06/07 07:41:44 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jqs146643.exe [2013/06/07 07:41:43 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\skype74991.exe [2013/06/07 07:30:59 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\flashplayer847836.exe [2013/06/07 07:30:50 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\msconfig741009.exe [2013/06/07 07:30:49 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\iexplore547765.exe [2013/06/07 07:30:49 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jucheck349047.exe [2013/06/07 07:30:49 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\iexplore206868.exe [2013/06/07 07:30:39 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\acrobatreader104475.exe [2013/06/07 07:30:31 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\flashplayer616566.exe [2013/06/07 07:30:30 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\jqs389835.exe [2013/06/07 07:30:30 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\windowsupdate78939.exe [2013/06/07 07:30:30 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jucheck124054.exe [2013/06/07 07:00:21 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\alg823879.exe [2013/06/07 07:00:16 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\spoolsv308296.exe [2013/06/07 07:00:16 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\opera203257.exe [2013/06/07 07:00:16 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\mstsc480472.exe [2013/06/07 07:00:15 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\windowsupdate429439.exe [2013/06/07 07:00:15 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\ctfmon430808.exe [2013/06/07 07:00:10 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\winlogon272365.exe [2013/06/07 07:00:10 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\mstsc41734.exe [2013/06/07 07:00:09 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\csrss465821.exe [2013/06/07 07:00:09 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\icq258255.exe [2013/06/07 06:54:29 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\alg922821.exe [2013/06/07 06:54:23 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\java14167.exe [2013/06/07 06:54:23 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\alg454437.exe [2013/06/07 06:54:22 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\teamviewer680284.exe [2013/06/07 06:54:22 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\googleupdate151685.exe [2013/06/07 06:39:54 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\alg532148.exe [2013/06/07 06:39:49 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\icq847123.exe [2013/06/07 06:39:48 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\csrss390766.exe [2013/06/07 06:39:48 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\opera558248.exe [2013/06/07 06:39:48 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\flashplayer283708.exe [2013/06/07 06:35:03 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\csrss426490.exe [2013/06/07 06:35:00 | 000,155,648 | ---- | M] () -- C:\Users\WALL_E_Machine\conhost.exe [2013/06/07 06:34:54 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\winlogon.exe [2013/06/07 06:34:53 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\ctfmon.exe [2013/06/07 06:34:53 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\spoolsv.exe [2013/06/07 06:34:53 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\googleupdate.exe [2013/06/07 06:34:53 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\firefox.exe [2013/06/07 06:34:53 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\csrss.exe [2013/06/07 06:34:52 | 000,148,992 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\iexplore.exe [2013/06/07 06:34:52 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\rundll32.exe [2013/06/06 21:43:25 | 000,001,940 | ---- | M] () -- C:\Users\WALL_E_Machine\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2013/06/06 13:45:26 | 000,229,376 | ---- | M] () -- C:\Users\WALL_E_Machine\acrobat460929.exe [2013/06/06 13:45:20 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\windowsupdate698494.exe [2013/06/06 13:45:19 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\csrss482630.exe [2013/06/06 13:45:16 | 000,156,160 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\acrobat544243.exe [2013/06/06 13:44:18 | 000,229,376 | ---- | M] () -- C:\Users\WALL_E_Machine\mstsc.exe [2013/06/06 13:44:14 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\skype.exe [2013/06/06 13:16:34 | 000,229,376 | ---- | M] () -- C:\Users\WALL_E_Machine\msconfig.exe [2013/06/06 13:16:07 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jucheck.exe [2013/06/06 13:16:02 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\opera.exe [2013/06/06 13:15:57 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\alg.exe [2013/06/06 11:55:45 | 000,229,376 | ---- | M] () -- C:\Users\WALL_E_Machine\notepad.exe [2013/06/06 11:55:38 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\flashplayer.exe [2013/06/06 11:55:37 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\acrobatreader.exe [2013/06/06 11:30:53 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\icq.exe [2013/06/06 11:16:46 | 000,229,376 | ---- | M] () -- C:\Users\WALL_E_Machine\java.exe [2013/06/06 11:16:21 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\vlcplayer.exe [2013/06/06 11:16:21 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\jqs.exe [2013/06/06 11:16:16 | 000,156,160 | ---- | M] (TPM-Software Systems LLC) -- C:\Users\WALL_E_Machine\teamviewer.exe [2013/06/06 11:11:25 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\acrobat.exe [2013/06/06 11:11:10 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\windowsupdate.exe [2013/06/06 11:11:10 | 000,000,000 | ---- | M] () -- C:\Users\WALL_E_Machine\chrome.exe [2013/06/06 09:27:32 | 000,005,105 | ---- | M] () -- C:\ProgramData\iqrjmdeq.fak [2013/06/07 07:41:46 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\notepad195278.exe [2013/06/07 07:41:45 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\firefox460819.exe [2013/06/07 07:41:44 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jucheck909716.exe [2013/06/07 07:41:44 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jqs146643.exe [2013/06/07 07:30:50 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\flashplayer847836.exe [2013/06/07 07:30:50 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\msconfig741009.exe [2013/06/07 07:30:49 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jucheck349047.exe [2013/06/07 07:30:49 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\iexplore206868.exe [2013/06/07 07:30:32 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\acrobatreader104475.exe [2013/06/07 07:30:31 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\flashplayer616566.exe [2013/06/07 07:30:30 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\windowsupdate78939.exe [2013/06/07 07:30:30 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jucheck124054.exe [2013/06/07 07:00:16 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\alg823879.exe [2013/06/07 07:00:16 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\spoolsv308296.exe [2013/06/07 07:00:16 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\opera203257.exe [2013/06/07 07:00:16 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\mstsc480472.exe [2013/06/07 07:00:11 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\windowsupdate429439.exe [2013/06/07 07:00:10 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\winlogon272365.exe [2013/06/07 07:00:10 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\mstsc41734.exe [2013/06/07 07:00:09 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\icq258255.exe [2013/06/07 06:54:24 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\alg922821.exe [2013/06/07 06:54:23 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\java14167.exe [2013/06/07 06:54:23 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\alg454437.exe [2013/06/07 06:54:22 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\googleupdate151685.exe [2013/06/07 06:39:49 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\alg532148.exe [2013/06/07 06:39:49 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\icq847123.exe [2013/06/07 06:39:48 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\opera558248.exe [2013/06/07 06:39:48 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\flashplayer283708.exe [2013/06/07 06:37:58 | 000,000,004 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Roaming\skype.ini [2013/06/07 06:34:54 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\csrss426490.exe [2013/06/07 06:34:54 | 000,155,648 | ---- | C] () -- C:\Users\WALL_E_Machine\conhost.exe [2013/06/07 06:34:54 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\winlogon.exe [2013/06/07 06:34:53 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\spoolsv.exe [2013/06/07 06:34:53 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\googleupdate.exe [2013/06/07 06:34:53 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\firefox.exe [2013/06/07 06:34:53 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\csrss.exe [2013/06/07 06:34:52 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\rundll32.exe [2013/06/06 13:45:21 | 000,229,376 | ---- | C] () -- C:\Users\WALL_E_Machine\acrobat460929.exe [2013/06/06 13:45:20 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\windowsupdate698494.exe [2013/06/06 13:45:19 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\csrss482630.exe [2013/06/06 13:44:15 | 000,229,376 | ---- | C] () -- C:\Users\WALL_E_Machine\mstsc.exe [2013/06/06 13:44:14 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\skype.exe [2013/06/06 13:16:07 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jucheck.exe [2013/06/06 13:16:06 | 000,229,376 | ---- | C] () -- C:\Users\WALL_E_Machine\msconfig.exe [2013/06/06 13:16:02 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\opera.exe [2013/06/06 13:15:57 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\alg.exe [2013/06/06 11:55:38 | 000,229,376 | ---- | C] () -- C:\Users\WALL_E_Machine\notepad.exe [2013/06/06 11:55:38 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\flashplayer.exe [2013/06/06 11:55:37 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\acrobatreader.exe [2013/06/06 11:30:53 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\icq.exe [2013/06/06 11:16:22 | 000,229,376 | ---- | C] () -- C:\Users\WALL_E_Machine\java.exe [2013/06/06 11:16:21 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\vlcplayer.exe [2013/06/06 11:16:21 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jqs.exe [2013/06/06 11:11:25 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\acrobat.exe [2013/06/06 11:11:10 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\windowsupdate.exe [2013/06/06 11:11:10 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\chrome.exe [2013/06/06 09:27:32 | 000,005,105 | ---- | C] () -- C:\ProgramData\iqrjmdeq.fak [2013/03/30 20:32:05 | 000,192,000 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Roaming\dbu32.ocx [2012/06/26 09:39:13 | 000,000,024 | ---- | C] () -- C:\Users\WALL_E_Machine\random.dat [2011/11/06 18:40:51 | 000,000,040 | ---- | C] () -- C:\Users\WALL_E_Machine\jagex_cl_runescape_LIVE.dat [2011/08/25 18:19:33 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Local\{FADB0738-F621-45C3-A7EE-C33A9127BE25} [2011/01/04 18:43:31 | 000,001,940 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2010/11/12 23:44:53 | 000,001,356 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Local\d3d9caps.dat [2010/04/05 21:38:46 | 000,000,000 | ---- | C] () -- C:\Users\WALL_E_Machine\jagex__preferences3.dat [2010/02/20 14:48:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009/10/04 17:32:42 | 000,038,400 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/03 16:17:17 | 000,000,129 | ---- | C] () -- C:\Users\WALL_E_Machine\jagex_runescape_preferences2.dat [2009/08/15 09:49:38 | 000,000,452 | ---- | C] () -- C:\Users\WALL_E_Machine\AppData\Roaming\wklnhst.dat [2009/06/27 11:00:27 | 000,000,046 | ---- | C] () -- C:\Users\WALL_E_Machine\jagex_runescape_preferences.dat :commands [emptytemp] [reboot] [/code] <[b]>[color=#FF0000]NOTICE:[/color] This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system</[b]></li> <li>Then click the <[b]>Run Fix</[b]> button at the top</li> <li>Let the program run unhindered, reboot when it is done</li> <li>Attach the new log produced by OTL (C:\_OTL)</li> </ol> <hr />[/b][/b][/b][/b][/b][/b][/b][/b][/b][/b] [/QUOTE]
Insert quotes…
Verification
Post reply
Top