hello! i have the logs, now what?

Discussion in 'Malware Help (A Specialist Will Reply)' started by mikeensmx, Jul 3, 2012.

  1. mikeensmx

    mikeensmx Private E-2

    Hello, i have follow the instructions on how to remove the malware, can you please review the logs and let me know what is next?

    Also, what do i do to DEFORGGER?

    Thanks,

    Mikeensmx
     

    Attached Files:

    mikeensmx, Jul 3, 2012
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Delete these files if they exist:

    • C:\Documents and Settings\Mike\iqprtezopb.tmp
    • C:\Documents and Settings\Mike\Local Settings\Temp\is1972027439\zgInstaller.exe

    Please download and save the below to your Desktop or anywhere else you can find it ( if the Desktop is not showing )

    http://download.bleepingcomputer.com/grinler/unhide.exe

    Now run it.


    Run CCleaner - (not the registry scanner, just the cleaner itself)


    I want you to run TDSSKiller so refer to the below for how to do so.

    TDSSkiller - How to run

    Run RogueKiller again and attach the log please.
     
    Kestrel13!, Jul 3, 2012
    #2
  3. mikeensmx

    mikeensmx Private E-2

    Kestrel13!

    Ok, done that!...let me know what's next?

    Thanks again.

    mikeensmx
     

    Attached Files:

    mikeensmx, Jul 3, 2012
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.
     
    Kestrel13!, Jul 3, 2012
    #4
  5. mikeensmx

    mikeensmx Private E-2

    Very good.... waiting for your reply....:cool
     

    Attached Files:

    mikeensmx, Jul 4, 2012
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    • Please open RogueKiller again.
    • click on the ShortcutsFix button and allow the program to run.
    • Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.
     
    Kestrel13!, Jul 5, 2012
    #6
  7. mikeensmx

    mikeensmx Private E-2

    There it is..........
     

    Attached Files:

    mikeensmx, Jul 6, 2012
    #7
  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Some of your shortcuts etc are hidden.

    The smtmp folder will contain 4 folders and you’ll need to copy the content of this folders back to their original locations.

    Copy the content from %Temp%\smtmp\1\ to:
    Windows XP: C:\Documents and Settings\All Users\Start Menu
    Windows Vista and Windows 7: C:\ProgramData\Microsoft\Windows\Start Menu

    Copy the content from %Temp%\smtmp\2\ to:
    Windows XP: C:\Documents and Settings\[your username]\Application Data\Microsoft\Internet Explorer\Quick Launch\
    Windows Vista and Windows 7: C:\Users\[your username]\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

    Copy the content from %Temp%\smtmp\3\ to:
    Windows XP: It does not exist on Windows XP.
    Windows Vista and Windows 7 C:\Users\[your username]\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar

    Copy the content from %Temp%\smtmp\4\ to:
    Windows XP : C:\Documents and Settings\All Users\Desktop
    Windows Vista and Windows 7: C:\Users\Public\Desktop

    Do this and then: Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.
     
    Kestrel13!, Jul 6, 2012
    #8
  9. mikeensmx

    mikeensmx Private E-2

    all right, next step?
     

    Attached Files:

    mikeensmx, Jul 7, 2012
    #9
  10. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Here is what you have to restore (I should have explained)

    Code:
    d-----w                 0 2011-08-03 23:04:07  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1
d-----w                 0 2012-07-02 06:05:17  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\2
d-----w                 0 2011-08-07 20:00:00  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\4
--sha-w               272 2010-12-29 05:07:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\desktop.ini
d-----w                 0 2011-08-07 19:59:59  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs
----a-w             1,563 2010-12-29 05:07:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Set Program Access and Defaults.lnk
----a-w               398 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Windows Catalog.lnk
----a-w             1,507 2010-12-29 02:49:01  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Windows Update.lnk
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools
----a-w             1,804 2010-12-29 03:27:41  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Adobe Reader 9.lnk
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\AGEIA
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk
d-----w                 0 2011-08-07 19:59:59  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\avast! Free Antivirus
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Dell Printers
--sha-w               150 2010-12-29 01:18:41  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\desktop.ini
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\ESET
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\InterActual
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office Live Add-in
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Silverlight
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Mozilla Firefox
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Real
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Startup
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Windows Live
----a-w               609 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Windows Messenger.lnk
----a-w               786 2010-12-29 01:18:41  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Windows Movie Maker.lnk
d-----w                 0 2011-08-03 23:04:07  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\WinRAR
d-----w                 0 2011-08-03 23:04:07  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Yahoo! Messenger
d-----w                 0 2011-08-03 23:04:04  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Accessibility
----a-w             1,498 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Calculator.lnk
d-----w                 0 2011-08-03 23:04:04  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications
--sha-w               255 2011-01-22 02:59:41  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\desktop.ini
d-----w                 0 2011-08-03 23:04:04  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Entertainment
----a-w             1,515 2011-01-05 22:55:57  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Paint.lnk
----a-w             1,585 2010-12-29 05:07:16  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Remote Desktop Connection.lnk
----a-w               710 2011-01-22 02:59:41  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Scanner and Camera Wizard.lnk
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools
----a-w               879 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\WordPad.lnk
----a-w             1,520 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Accessibility\Accessibility Wizard.lnk
--sha-w                90 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Accessibility\desktop.ini
--sha-w               516 2010-12-29 05:08:47  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\desktop.ini
----a-w               786 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\HyperTerminal.lnk
----a-w             1,757 2010-12-29 01:15:48  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\Network Connections.lnk
----a-w             1,640 2010-12-29 01:18:35  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\Network Setup Wizard.lnk
----a-w             1,646 2010-12-29 01:15:48  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\New Connection Wizard.lnk
----a-w             1,656 2010-12-29 05:08:47  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\Wireless Network Setup Wizard.lnk
--sha-w               146 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Entertainment\desktop.ini
----a-w             1,528 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Entertainment\Sound Recorder.lnk
----a-w             1,528 2011-01-08 04:24:58  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\Entertainment\Volume Control.lnk
----a-w             1,532 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Backup.lnk
----a-w             1,521 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Character Map.lnk
--sha-w               757 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\desktop.ini
----a-w             1,532 2010-12-29 01:18:39  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Disk Cleanup.lnk
----a-w             1,572 2010-12-29 01:18:37  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Disk Defragmenter.lnk
----a-w             1,591 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Files and Settings Transfer Wizard.lnk
----a-w             1,753 2010-12-29 01:18:39  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Scheduled Tasks.lnk
----a-w             1,070 2010-12-29 01:18:37  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\System Information.lnk
----a-w             1,616 2010-12-29 01:18:39  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\System Restore.lnk
----a-w             1,582 2010-12-29 01:16:59  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Component Services.lnk
----a-w             1,602 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Computer Management.lnk
----a-w             1,596 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Data Sources (ODBC).lnk
--sha-w               545 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\desktop.ini
----a-w             1,592 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Event Viewer.lnk
----a-w             1,590 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Local Security Policy.lnk
----a-w             1,591 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Performance.lnk
----a-w             1,602 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Services.lnk
----a-w             1,607 2010-12-29 01:48:20  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\AGEIA\AGEIA PhysX Properties.lnk
----a-w               752 2010-12-29 01:48:21  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\AGEIA\AGEIA PhysX System Tray Icon.lnk
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk\AutoCAD 2009
----a-w               825 2010-12-29 03:50:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk\AutoCAD 2009\Attach Digital Signatures.lnk
----a-w             1,932 2010-12-29 03:50:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk\AutoCAD 2009\AutoCAD 2009.lnk
----a-w               833 2010-12-29 03:50:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk\AutoCAD 2009\Batch Standards Checker.lnk
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk\AutoCAD 2009\Migrate Custom Settings
----a-w               863 2010-12-29 03:50:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk\AutoCAD 2009\Portable License Utility.lnk
----a-w               794 2010-12-29 03:50:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk\AutoCAD 2009\Reference Manager.lnk
----a-w               796 2010-12-29 03:50:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk\AutoCAD 2009\Migrate Custom Settings\Export AutoCAD 2009 Settings.lnk
----a-w               810 2010-12-29 03:50:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk\AutoCAD 2009\Migrate Custom Settings\Import AutoCAD 2009 Settings.lnk
----a-w               810 2010-12-29 03:50:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Autodesk\AutoCAD 2009\Migrate Custom Settings\Migrate From a Previous Release.lnk
----a-w             1,701 2011-08-07 19:58:34  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\avast! Free Antivirus\avast! Free Antivirus.lnk
----a-w             1,984 2010-12-29 20:16:07  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\Bitstream Font Navigator.lnk
----a-w             1,982 2010-12-29 20:15:01  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\Corel CAPTURE X4.lnk
----a-w             2,573 2011-04-09 00:57:40  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\Corel PHOTO-PAINT X4.lnk
----a-w             2,563 2011-05-19 09:00:21  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\CorelDRAW X4.lnk
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\Documentación
----a-w             1,982 2010-12-29 20:14:43  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\Duplexing Wizard.lnk
----a-w             1,996 2010-12-29 20:14:43  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\SB Profiler.lnk
----a-w             1,021 2010-12-29 20:15:54  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\Documentación\Guía de programación VBA de CorelDRAW Graphics Suite X4 (PDF).lnk
----a-w             1,268 2010-12-29 20:15:54  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\Documentación\Guía del usuario de CorelDRAW Graphics Suite X4 (PDF).lnk
----a-w             1,091 2010-12-29 20:15:54  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\Documentación\Léame de CorelDRAW Graphics Suite X4.lnk
----a-w             1,083 2010-12-29 20:15:54  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\Documentación\Modelo de objetos VBA de Corel PHOTO-PAINT X4 (PDF).lnk
----a-w             1,118 2010-12-29 20:15:54  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\CorelDRAW Graphics Suite X4\Documentación\Modelo de objetos VBA de CorelDRAW X4 (PDF).lnk
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Dell Printers\Dell Photo AIO Printer 924
----a-w               826 2011-01-22 03:12:01  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Dell Printers\Dell Photo AIO Printer 924\Dell All-In-One Center.LNK
----a-w             1,883 2011-01-22 03:11:36  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Dell Printers\Dell Photo AIO Printer 924\Dell Order Ink Cartridges.lnk
----a-w               921 2011-01-22 03:11:36  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Dell Printers\Dell Photo AIO Printer 924\Uninstall Dell Photo AIO Printer 924.lnk
----a-w               441 2011-01-22 03:11:36  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Dell Printers\Dell Photo AIO Printer 924\View Dell User's Guide.lnk
d-----w                 0 2011-08-03 23:04:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\ESET\ESET NOD32 Antivirus
----a-w               839 2010-12-29 02:54:24  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\ESET\ESET NOD32 Antivirus\Acuerdo de licencia.lnk
----a-w               839 2010-12-29 02:54:24  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\ESET\ESET NOD32 Antivirus\Ayuda.lnk
----a-w             1,792 2010-12-29 02:54:24  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\ESET\ESET NOD32 Antivirus\Desinstalar.lnk
----a-w             1,765 2010-12-29 02:54:24  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\ESET\ESET NOD32 Antivirus\ESET NOD32 Antivirus.lnk
----a-w               883 2010-12-29 02:54:24  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\ESET\ESET NOD32 Antivirus\ESET SysInspector.lnk
----a-w               868 2010-12-29 02:54:24  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\ESET\ESET NOD32 Antivirus\ESET SysRescue.lnk
--sha-w               798 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\desktop.ini
----a-w             1,522 2011-01-05 22:50:23  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Freecell.lnk
----a-w             1,520 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Hearts.lnk
----a-w               913 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Internet Backgammon.lnk
----a-w               913 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Internet Checkers.lnk
----a-w               913 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Internet Hearts.lnk
----a-w               913 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Internet Reversi.lnk
----a-w               913 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Internet Spades.lnk
----a-w             1,515 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Minesweeper.lnk
----a-w               885 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Pinball.lnk
----a-w             1,491 2011-01-05 22:51:44  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Solitaire.lnk
----a-w             1,502 2010-12-29 01:17:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Games\Spider Solitaire.lnk
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\InterActual\InterActual Player
----a-w               864 2011-04-03 06:01:04  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\InterActual\InterActual Player\InterActual Player Help.lnk
----a-w               617 2011-04-03 06:01:04  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\InterActual\InterActual Player\InterActual Player Uninstall.lnk
----a-w               797 2011-04-03 06:01:04  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\InterActual\InterActual Player\InterActual Player.lnk
d-----w                 0 2011-08-03 23:04:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Herramientas de Microsoft Office
----a-w             2,567 2011-01-15 11:01:57  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Access 2007.lnk
----a-w             2,495 2011-06-16 13:17:09  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk
----a-w             2,633 2011-01-15 11:03:05  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk
----a-w             2,529 2011-07-28 21:38:34  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk
----a-w             2,459 2011-05-19 08:55:41  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk
----a-w             2,491 2011-07-28 06:39:57  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Word 2007.lnk
----a-w             2,567 2010-12-29 03:33:31  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Herramientas de Microsoft Office\Certificado digital para proyectos de VBA.lnk
----a-w             2,559 2010-12-29 03:33:31  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Herramientas de Microsoft Office\Diagnósticos de Microsoft Office.lnk
----a-w             2,615 2010-12-29 03:33:31  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Herramientas de Microsoft Office\Galería multimedia de Microsoft.lnk
----a-w             2,459 2010-12-29 03:33:31  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Herramientas de Microsoft Office\Microsoft Office 2007 Configuración de idioma.lnk
----a-w             2,527 2010-12-29 03:33:31  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Herramientas de Microsoft Office\Microsoft Office Picture Manager.lnk
----a-w             1,154 2011-01-21 05:46:24  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office Live Add-in\Office Live Add-in Help.lnk
----a-w             1,114 2011-01-21 05:46:24  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office Live Add-in\Office Live Workspace.lnk
----a-w             1,986 2011-06-15 10:06:59  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk
----a-w             1,636 2011-03-03 13:11:50  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk
----a-w             1,614 2011-03-03 13:11:50  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Mozilla Firefox\Mozilla Firefox.lnk
----a-w               850 2011-06-03 06:52:02  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Real\RealPlayer Converter.lnk
----a-w               792 2011-06-03 06:51:53  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Real\RealPlayer Trimmer.lnk
----a-w               765 2011-06-03 06:51:42  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Real\RealPlayer.lnk
----a-w               819 2010-12-29 03:02:33  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Startup\Actualizar la licencia de ESET.lnk
--sha-w                84 2010-12-29 01:19:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Startup\desktop.ini
----a-w             1,949 2011-03-09 06:02:06  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Windows Live\Galería fotográfica de Windows Live.lnk
----a-w             1,690 2011-03-09 06:00:11  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Windows Live\Windows Live Call.lnk
----a-w             2,019 2011-03-09 06:01:29  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Windows Live\Windows Live Mail.lnk
----a-w             1,855 2011-03-09 06:00:46  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Windows Live\Windows Live Messenger .lnk
----a-w             2,000 2011-03-09 06:02:56  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Windows Live\Windows Live Protección Infantil.lnk
----a-w             1,932 2011-03-09 06:02:43  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Windows Live\Windows Live Writer.lnk
----a-w               685 2010-12-29 02:53:34  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\WinRAR\Console RAR manual.lnk
----a-w               704 2010-12-29 02:53:34  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\WinRAR\WinRAR help.lnk
----a-w               704 2010-12-29 02:53:34  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\WinRAR\WinRAR.lnk
----a-w               814 2011-02-23 02:57:55  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\1\Programs\Yahoo! Messenger\Yahoo! Messenger.lnk
--sha-w               119 2010-12-29 01:25:50  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\2\desktop.ini
----a-w             2,255 2011-07-14 23:31:31  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\2\Google Chrome.lnk
----a-w               815 2010-12-29 04:29:04  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\2\Launch Internet Explorer Browser.lnk
----a-w             1,620 2011-03-03 13:11:50  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\2\Mozilla Firefox.lnk
----a-w                79 2010-12-29 01:25:49  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\2\Show Desktop.scf
----a-w               800 2011-03-24 05:33:10  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\2\Windows Media Player.lnk
----a-w               820 2011-02-23 02:57:55  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\2\Yahoo! Messenger.lnk
----a-w               789 2010-12-29 03:02:33  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\4\Actualizar la licencia de ESET.lnk
----a-w             1,729 2010-12-29 03:27:41  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\4\Adobe Reader 9.lnk
----a-w             1,690 2010-12-29 03:50:25  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\4\AutoCAD 2009.lnk
----a-w             1,689 2011-08-07 19:58:34  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\4\avast! Free Antivirus.lnk
----a-w               779 2011-04-03 06:01:04  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\4\InterActual Player.lnk
----a-w             1,602 2011-03-03 13:11:50  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\4\Mozilla Firefox.lnk
----a-w             1,857 2011-03-18 04:51:34  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\4\MSN Installer.lnk
----a-w               929 2011-06-03 06:52:02  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\4\RealPlayer.lnk
----a-w               802 2011-02-23 02:57:55  C:\Documents and Settings\Mike\Local Settings\TEMP\smtmp\4\Yahoo! Messenger.lnk
    Notice the folder numbers smtmp\1, 2, 3, 4.

    Once you have done that, then do this so that I can see you did it correctly.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.
     
    Kestrel13!, Jul 8, 2012
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds