Got html:script-inf - Virus, Spyware, Malware Removal (2022)

Hi,

As volunteer webmaster for the site of a choire I recently removed trojan JS:Decode from www.agok.nl. After that cleanup I ran Avast and http://www.f-secure..../online-scanner on my local laptop. Both without any alerts.

Less than a week after this action I was alerted on our hotmail mailox page that I had contracted html:script-inf.

(I'm on Win7 btw.)

From nl.msn.com click the link to outlook.com: https://login.live.c...bcxt=mai&snsc=1

I ran a full scan by avast and got to results:
- FLVPlayerSetup_MMM.exe
- FLVPlayer - Uninstall.exe

Both were xferd by Avast to the vault.

Ran CCleaner

Ran OTL:
OTL logfile created on: 19-5-2013 19:50:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Neusa\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

1,99 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 40,01% Memory free
3,98 Gb Paging File | 2,15 Gb Available in Paging File | 54,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

(Video) Learn To Scan cPanel & Website For Removing Malware / Adware / Viruses!

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 20,12 Gb Free Space | 20,12% Space Free | Partition Type: NTFS
Drive D: | 117,87 Gb Total Space | 105,74 Gb Free Space | 89,71% Space Free | Partition Type: NTFS
Drive E: | 7,45 Gb Total Space | 5,02 Gb Free Space | 67,44% Space Free | Partition Type: FAT32

Computer Name: NEUSA-PC | User Name: Neusa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-05-19 19:49:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Neusa\Downloads\OTL.exe
PRC - [2013-05-15 17:59:24 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013-05-11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-05-09 10:58:27 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013-04-19 01:45:32 | 001,090,912 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2013-04-18 11:06:42 | 000,737,616 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2013-04-18 11:06:32 | 000,179,024 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2013-04-18 11:06:24 | 000,158,032 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2013-04-14 08:47:15 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-03-07 17:14:36 | 000,122,984 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2013-03-07 17:10:50 | 000,016,000 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
PRC - [2013-03-07 17:10:38 | 001,517,640 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe
PRC - [2012-11-30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012-11-23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012-08-31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012-06-09 02:37:04 | 000,433,816 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
PRC - [2012-06-09 02:36:36 | 000,354,456 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
PRC - [2012-06-09 00:15:22 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe
PRC - [2011-10-01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011-08-29 23:11:00 | 000,665,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-09-23 19:59:44 | 004,543,232 | ---- | M] (World Community Grid) -- C:\Program Files\BOINC\boincmgr.exe
PRC - [2010-09-23 19:59:42 | 000,058,112 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boinctray.exe
PRC - [2010-09-23 19:59:40 | 000,537,344 | ---- | M] (World Community Grid) -- C:\Program Files\BOINC\boinc.exe
PRC - [2010-09-16 02:18:38 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010-08-10 00:04:58 | 001,244,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
PRC - [2010-06-12 06:56:42 | 000,976,872 | ---- | M] (AsusTek Computer Inc.) -- C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe
PRC - [2010-06-10 22:12:06 | 000,414,384 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
PRC - [2010-05-29 01:41:36 | 000,445,344 | ---- | M] (ASUS) -- C:\Program Files\EeePC\CapsHook\CapsHook.exe
PRC - [2010-05-21 22:42:48 | 002,839,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2010-05-21 22:42:48 | 000,828,704 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2010-05-21 22:42:48 | 000,652,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2010-04-03 02:45:20 | 000,407,552 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
PRC - [2009-11-19 15:44:14 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
PRC - [2009-09-11 20:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
PRC - [2009-08-19 02:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2009-08-12 13:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
PRC - [2009-06-05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009-06-05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

========== Modules (No Company Name) ==========

MOD - [2013-05-18 10:32:44 | 000,608,256 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\2a1b9f307d7baf92931fd7e4b3db94ad\DevicePodcast.ni.dll
MOD - [2013-05-18 10:32:40 | 000,290,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\9784f2a6c19a4a2a2652513b7971d001\DeviceVideo.ni.dll
MOD - [2013-05-18 10:32:37 | 000,367,104 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\75f850c5ac112bb3175647c9a1121e09\DevicePhoto.ni.dll
MOD - [2013-05-18 10:32:33 | 000,299,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\f86d6f83dd8a2a6c103a20ee76fa7eea\DeviceMusic.ni.dll
MOD - [2013-05-18 10:32:29 | 000,461,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\VideoManager\db41814633e544d73c7008c7bb86f1bd\VideoManager.ni.dll
MOD - [2013-05-18 10:32:24 | 002,778,112 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PodcastService\0bd30561a52f0a1bddbbded9f01cff16\PodcastService.ni.dll
MOD - [2013-05-18 10:32:16 | 001,143,296 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Podcaster\9518a3b5626c401f194d7e201148916e\Podcaster.ni.dll
MOD - [2013-05-18 10:32:06 | 000,607,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\8425d06d4db44ca988d98ff90259ca8a\PhotoManager.ni.dll
MOD - [2013-05-18 10:31:21 | 005,679,104 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\11814b8e913a2916fd17b4e708d21c77\DeviceHost.ni.dll
MOD - [2013-05-18 10:30:53 | 001,838,080 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\469c7209a5bbe9b57b898a1151b6ec55\Microsoft.VisualBasic.ni.dll
MOD - [2013-05-18 10:30:28 | 001,843,712 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Phonebook\b892939eb3f93dafa7bc44d374b9ecb0\Phonebook.ni.dll
MOD - [2013-05-18 10:29:56 | 001,007,104 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\d1d8f42decf2b01d09ddc4de7d7a5b75\CPKTMusicPlugin.ni.dll
MOD - [2013-05-18 10:29:47 | 000,964,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\MusicManager\aa59d7e42d8f6e9530f128a1b4079f1e\MusicManager.ni.dll
MOD - [2013-05-18 10:29:24 | 000,320,512 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\EBookManager\3d471d55807519096dc690ea4478e050\EBookManager.ni.dll
MOD - [2013-05-18 10:29:20 | 000,391,168 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\3b5b1b42049c06da62eab74a0d6ce799\BATPlugin.ni.dll
MOD - [2013-05-18 10:29:01 | 000,507,392 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\6eca0ce14daa6fd25f67f0bf412c5c93\Kies.Common.MediaDB.ni.dll
MOD - [2013-05-18 10:28:57 | 000,064,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\54e51764e7be55395af3562999eaa4ef\Kies.Common.AllShare.ni.dll
MOD - [2013-05-18 10:28:55 | 000,046,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\AdminCmdAgent\ecd7f5b5fce98d05f86188b4d669405b\AdminCmdAgent.ni.dll
MOD - [2013-05-18 10:28:54 | 000,278,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\80a4e67ff7b87853ad6b5c3bd63ddf6b\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013-05-18 10:28:50 | 000,565,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f00e2f0a45767e57c094996b9e1a2e84\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013-05-18 10:28:46 | 000,566,784 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\96135e56b73999f48e91164f9f72d88a\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013-05-18 10:28:41 | 000,902,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\12a03edbe08cae78af9a2729e001e619\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013-05-18 10:28:34 | 001,026,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\62b7942bbf9f71708c3cb3eb7c0cfcf8\Kies.Common.DeviceService.ni.dll
MOD - [2013-05-18 10:28:23 | 002,188,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\f89fd6dbc0ae12fa554a1906976bdd78\Kies.Common.Multimedia.ni.dll
MOD - [2013-05-18 10:28:00 | 000,183,296 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\385e9197ffe329c8347592e7883a6f03\Kies.Common.MainUI.ni.dll
MOD - [2013-05-18 10:27:55 | 000,067,072 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\83b541bbe9b8f4e58427792ac151cb26\Kies.Common.DBManager.ni.dll
MOD - [2013-05-18 10:27:51 | 000,201,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\27effbb9668afe700bd623be2683d98a\Kies.Common.Util.ni.dll
MOD - [2013-05-18 10:27:47 | 001,728,512 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\2de460e4acdca756aab01aaba65d41df\Kies.UI.ni.dll
MOD - [2013-05-18 10:27:38 | 000,119,296 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\2c0f02e66c6b749b122cefe6fc2535a2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013-05-18 10:27:31 | 001,185,792 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\e0d29dcfe9fc8f8d62270bc0573165c0\Kies.Interface.ni.dll
MOD - [2013-05-18 10:25:11 | 001,675,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies\76626c687c4c86249dca47bf1a28729c\Kies.ni.exe
MOD - [2013-05-18 09:27:01 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013-05-18 09:24:31 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013-05-17 20:00:18 | 018,022,400 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll
MOD - [2013-05-17 19:59:30 | 011,522,560 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll
MOD - [2013-05-17 19:58:58 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ded1c6dbf61d19f839da66c951d8fa9\System.Windows.Forms.ni.dll
MOD - [2013-05-17 19:58:53 | 007,070,208 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll
MOD - [2013-05-17 19:58:44 | 003,883,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll
MOD - [2013-05-17 19:58:29 | 000,982,528 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll
MOD - [2013-05-15 17:59:22 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013-05-10 20:56:08 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2013-04-19 01:46:32 | 000,276,832 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2013-04-19 01:46:32 | 000,093,024 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll
MOD - [2013-04-19 01:46:16 | 002,653,024 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2013-04-19 01:46:16 | 000,364,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2013-04-19 01:46:14 | 011,166,560 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2013-04-19 01:46:12 | 001,346,912 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2013-04-19 01:46:12 | 000,206,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2013-04-19 01:46:10 | 001,014,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2013-04-19 01:46:10 | 000,720,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2013-04-19 01:46:08 | 008,507,232 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2013-04-19 01:46:08 | 000,520,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2013-04-19 01:46:06 | 002,480,992 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2013-04-19 01:46:06 | 002,354,016 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2013-04-19 01:46:02 | 000,446,304 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2013-04-19 01:45:58 | 000,207,200 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2013-04-19 01:45:58 | 000,035,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2013-04-19 01:45:56 | 000,033,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2013-04-19 01:45:28 | 000,438,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2013-04-19 01:44:48 | 000,606,560 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2013-04-15 13:26:16 | 000,391,600 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2013-04-15 13:26:16 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2013-04-14 08:47:13 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-02-17 11:50:22 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013-02-16 13:57:36 | 000,221,696 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
MOD - [2013-01-13 18:33:24 | 000,762,880 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\b454f5723ec86048063fe19d4267d9e8\System.Runtime.Remoting.ni.dll
MOD - [2013-01-13 18:32:42 | 015,399,936 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\391ea916f3b1b284221296777121dc35\Kies.Theme.ni.dll
MOD - [2013-01-13 18:31:06 | 000,033,792 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\07966428683b0b27f0bb4f24a4f23edd\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013-01-13 18:29:33 | 000,031,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\AllShareController\e6997b13f92eb0cb72aaabb6738fdca5\AllShareController.ni.dll
MOD - [2013-01-13 18:29:18 | 000,029,184 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\84f86f95b5891e6918ac28918493fcad\Kies.Common.StoreManager.ni.dll
MOD - [2013-01-13 18:29:14 | 000,232,960 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll
MOD - [2013-01-13 18:29:08 | 000,043,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.FUSCryptLib\7296ee8d41eeb2bcc543df81eea19ebe\Interop.FUSCryptLib.ni.dll
MOD - [2013-01-13 18:29:03 | 000,189,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ce0c07379d684b13e16ff3f86859268a\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013-01-13 18:29:00 | 000,174,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\5e1c9b656623e96ba88a7c843e3c4743\Interop.DevFileServiceLib.ni.dll
MOD - [2013-01-13 18:28:50 | 000,018,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceServi#\755372b3115e029792125faaf3c1fdc1\Interop.DeviceServiceModelDBLib.ni.dll
MOD - [2013-01-13 18:28:48 | 000,184,320 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3f04fd8571bd8fce43b44e005ed76dcc\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013-01-13 18:28:22 | 000,032,256 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013-01-13 18:28:21 | 000,052,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013-01-13 18:28:20 | 000,171,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013-01-13 18:28:20 | 000,030,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\e7e551790fd25ab8ad002f1ea6643c3a\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013-01-13 18:27:53 | 000,395,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll
MOD - [2013-01-13 18:27:52 | 000,530,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\b8d3852e5a6e3b88855b66c70584da3f\ICSharpCode.SharpZipLib.ni.dll
MOD - [2013-01-13 18:27:47 | 001,437,696 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\eb65253ccb5b544e4ca73bd76af5c080\Kies.Locale.ni.dll
MOD - [2013-01-13 18:27:47 | 000,052,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\f64400a817d3942ff03470493d079229\Interop.DeviceSearchLib.ni.dll
MOD - [2013-01-13 18:27:44 | 000,078,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\4423d13d5488ed057c1b5124e875e7c8\Kies.MVVM.ni.dll
MOD - [2013-01-13 18:26:07 | 000,770,560 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dbe82a95ee3feebc5999138fdf36d3c9\System.Runtime.Remoting.ni.dll
MOD - [2013-01-13 18:25:36 | 001,812,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013-01-13 12:08:55 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013-01-13 12:07:48 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013-01-13 12:07:31 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013-01-13 12:06:26 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013-01-13 11:42:03 | 005,617,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013-01-13 11:41:45 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll
MOD - [2013-01-13 11:41:38 | 009,095,168 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013-01-13 11:41:17 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2010-09-02 13:08:00 | 000,118,784 | ---- | M] () -- C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll
MOD - [2010-08-04 04:54:20 | 000,010,856 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010-06-10 22:12:06 | 000,414,384 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
MOD - [2010-05-21 22:42:58 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2009-08-18 13:02:42 | 000,061,952 | ---- | M] () -- C:\Program Files\BOINC\zlib1.dll

========== Services (SafeList) ==========

SRV - [2013-05-15 17:59:25 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-05-11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013-05-09 10:58:27 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2013-04-18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013-04-14 08:47:14 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-03-07 17:10:50 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2013-01-08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012-06-09 02:37:04 | 000,433,816 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2012-06-09 02:36:36 | 000,354,456 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2012-06-09 00:15:22 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2011-10-01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011-08-29 23:11:00 | 000,665,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010-11-26 23:47:15 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-05-21 22:42:48 | 000,652,576 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009-08-19 02:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-06-05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)

========== Driver Services (SafeList) ==========

DRV - [2013-05-09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013-05-09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013-05-09 10:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013-05-09 10:59:10 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013-05-09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013-05-09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013-05-09 10:59:09 | 000,204,784 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2013-05-09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013-05-09 10:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013-05-09 10:59:08 | 000,104,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2013-05-09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013-03-13 19:01:58 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2012-10-17 14:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012-08-23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012-08-23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012-07-31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012-07-31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012-06-09 02:37:14 | 000,055,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2012-06-09 02:36:16 | 000,025,624 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2012-06-09 02:35:30 | 000,025,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2012-06-08 23:52:20 | 000,036,464 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2012-06-08 23:52:20 | 000,016,624 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2011-10-01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011-10-01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011-10-01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011-10-01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011-08-29 23:11:00 | 000,032,496 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2011-08-08 14:58:56 | 000,098,928 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-08-04 04:54:36 | 000,105,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010-08-04 04:54:27 | 000,019,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt)
DRV - [2010-08-04 04:54:25 | 010,913,864 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010-07-29 07:25:03 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010-03-31 03:40:20 | 000,011,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009-07-20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)

(Video) How to Remove ANY Virus from Windows 10 in ONE STEP in 2021

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://nl.msn.com/?o...=UP72&dt=040113
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{1DCDEE53-5068-4EE6-B9BF-9219C1844093}: "URL" = http://search.babylo...000485d60546af8
IE - HKCU\..\SearchScopes\{E617496F-B221-4565-8D07-D939EDEC33A9}: "URL" = http://www.google.co...rchTerms}&meta=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: [emailprotected]:1.6.2

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[emailprotected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-19 08:57:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-04-14 08:47:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-05-17 20:02:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-04-14 08:47:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-05-17 20:02:53 | 000,000,000 | ---D | M]

[2010-11-26 23:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neusa\AppData\Roaming\mozilla\Extensions
[2013-05-19 09:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neusa\AppData\Roaming\mozilla\Firefox\Profiles\kmd9u3z4.default\extensions
[2012-02-27 20:06:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neusa\AppData\Roaming\mozilla\Firefox\Profiles\kmd9u3z4.default\extensions\{bf591015-b599-4125-9428-3cb746ddca31}
[2013-05-11 08:27:05 | 002,167,422 | ---- | M] () (No name found) -- C:\Users\Neusa\AppData\Roaming\mozilla\firefox\profiles\kmd9u3z4.default\extensions\[emailprotected]
[2013-02-23 11:21:01 | 000,021,487 | ---- | M] () (No name found) -- C:\Users\Neusa\AppData\Roaming\mozilla\firefox\profiles\kmd9u3z4.default\extensions\[emailprotected]
[2013-05-19 09:56:27 | 000,534,261 | ---- | M] () (No name found) -- C:\Users\Neusa\AppData\Roaming\mozilla\firefox\profiles\kmd9u3z4.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013-05-09 09:40:10 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Neusa\AppData\Roaming\mozilla\firefox\profiles\kmd9u3z4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-04-30 09:09:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-04-14 08:46:52 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013-04-14 08:47:15 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013-04-11 14:27:20 | 000,032,440 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2012-05-12 10:00:46 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-09-01 08:01:48 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-12-08 12:24:40 | 000,002,616 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bolcom-nl.xml
[2012-12-08 12:24:40 | 000,004,771 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012-12-08 12:24:40 | 000,001,262 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-nl.xml
[2011-04-03 00:05:50 | 000,001,106 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-nl.xml

========== Chrome ==========

(Video) How to detect Malicious code in Script Code And Plugin File (Virus) || officialroms || In Hindi

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://search.babylo...000485d60546af8
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: avast! Online Security = C:\Users\Neusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.6_0\
CHR - Extension: Skype Click to Call = C:\Users\Neusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Yontoo = C:\Users\Neusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\

O1 HOSTS File: ([2012-09-12 19:37:11 | 000,000,859 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\aprp.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (World Community Grid)
O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk ()
O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Communicator] C:\Program Files\Microsoft Lync\communicator.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DBAgent] C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - HKLM..\Run: [EeeSplendidAgent] C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe File not found
O4 - HKLM..\Run: [GraphicsSwitch] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [Uploader] C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Invoegtoepassing voor Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Invoegtoepassing voor Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1318F91A-0525-490A-9BF9-3B22CEA2CA2C}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\windows\system32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2030-01-01 19:37:07 | 000,000,000 | -HSD | C] -- C:\Boot
[2013-05-19 10:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-05-19 10:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-05-19 09:30:23 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2013-05-19 08:57:50 | 000,204,784 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswNdis2.sys
[2013-05-19 08:57:49 | 000,104,752 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFW.sys
[2013-05-19 08:57:48 | 000,021,576 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswKbd.sys
[2013-05-19 08:57:32 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\windows\System32\drivers\aswNdis.sys
[2013-05-19 08:55:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2013-05-11 14:31:48 | 000,000,000 | ---D | C] -- C:\Users\Neusa\AppData\Roaming\Nero
[2013-05-11 14:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0
[2013-05-11 14:29:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2013-05-11 14:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013-05-11 14:28:31 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2013-05-11 14:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Seagate
[2013-05-11 14:22:28 | 000,000,000 | ---D | C] -- C:\Users\Neusa\AppData\Roaming\Seagate
[2013-05-11 14:08:10 | 000,000,000 | ---D | C] -- C:\Users\Neusa\AppData\Roaming\Leadertech
[2013-05-10 08:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2013-05-10 08:22:13 | 000,019,072 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2013-05-10 08:21:53 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2013-05-04 11:45:10 | 000,000,000 | ---D | C] -- C:\Users\Neusa\AppData\Local\{9B4F0B81-75B7-4C09-BE66-76E69865341E}
[2013-05-04 10:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013-04-24 17:37:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-05-19 19:59:00 | 000,000,940 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013-05-19 19:56:00 | 000,001,042 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-05-19 19:44:08 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013-05-19 10:08:24 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-05-19 09:27:10 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-05-19 09:27:09 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-05-19 09:19:11 | 000,001,038 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-05-19 09:17:04 | 1602,740,224 | -HS- | M] () -- C:\hiberfil.sys
[2013-05-19 09:07:14 | 000,704,964 | ---- | M] () -- C:\windows\System32\perfh013.dat
[2013-05-19 09:07:14 | 000,619,408 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013-05-19 09:07:14 | 000,135,232 | ---- | M] () -- C:\windows\System32\perfc013.dat
[2013-05-19 09:07:14 | 000,108,056 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013-05-19 08:57:45 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2013-05-19 08:55:15 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013-05-18 09:22:47 | 000,269,184 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013-05-11 14:29:29 | 000,002,747 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Dashboard 2.0.lnk
[2013-05-10 08:31:13 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2013-05-09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2013-05-09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2013-05-09 10:59:10 | 000,174,664 | ---- | M] () -- C:\windows\System32\drivers\aswVmm.sys
[2013-05-09 10:59:10 | 000,061,680 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys
[2013-05-09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2013-05-09 10:59:10 | 000,049,376 | ---- | M] () -- C:\windows\System32\drivers\aswRvrt.sys
[2013-05-09 10:59:09 | 000,204,784 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswNdis2.sys
[2013-05-09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2013-05-09 10:59:09 | 000,021,576 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswKbd.sys
[2013-05-09 10:59:08 | 000,104,752 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFW.sys
[2013-05-09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2013-05-09 10:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2013-05-09 10:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2013-05-07 21:19:23 | 000,001,578 | ---- | M] () -- C:\Users\Neusa\Desktop\kompozer.exe - Snelkoppeling.lnk
[2013-05-01 06:58:42 | 000,636,171 | ---- | M] () -- C:\Users\Neusa\Documents\image_name10.pdf
[2013-05-01 06:58:40 | 001,342,315 | ---- | M] () -- C:\Users\Neusa\Documents\image_name9.pdf
[2013-05-01 06:58:38 | 000,800,406 | ---- | M] () -- C:\Users\Neusa\Documents\image_name8.pdf
[2013-05-01 06:53:50 | 000,634,884 | ---- | M] () -- C:\Users\Neusa\Documents\image_name7.pdf
[2013-05-01 06:53:47 | 001,341,865 | ---- | M] () -- C:\Users\Neusa\Documents\image_name6.pdf
[2013-05-01 06:53:45 | 000,800,038 | ---- | M] () -- C:\Users\Neusa\Documents\image_name5.pdf
[2013-04-30 13:11:32 | 000,635,391 | ---- | M] () -- C:\Users\Neusa\Documents\image_name4.pdf
[2013-04-30 13:11:29 | 001,341,378 | ---- | M] () -- C:\Users\Neusa\Documents\image_name3.pdf
[2013-04-30 13:11:25 | 000,801,187 | ---- | M] () -- C:\Users\Neusa\Documents\image_name2.pdf
[2013-04-27 17:17:00 | 000,540,162 | ---- | M] () -- C:\Users\Neusa\Documents\image_name1.pdf
[2013-04-25 06:56:01 | 000,001,994 | ---- | M] () -- C:\Users\Neusa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2030-01-01 19:37:08 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2013-05-19 10:08:24 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-05-19 08:55:15 | 000,001,963 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013-05-11 14:29:29 | 000,002,747 | ---- | C] () -- C:\Users\Public\Desktop\Seagate Dashboard 2.0.lnk
[2013-05-10 08:31:13 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2013-05-07 21:19:23 | 000,001,578 | ---- | C] () -- C:\Users\Neusa\Desktop\kompozer.exe - Snelkoppeling.lnk
[2013-05-01 06:58:42 | 000,636,171 | ---- | C] () -- C:\Users\Neusa\Documents\image_name10.pdf
[2013-05-01 06:58:40 | 001,342,315 | ---- | C] () -- C:\Users\Neusa\Documents\image_name9.pdf
[2013-05-01 06:58:38 | 000,800,406 | ---- | C] () -- C:\Users\Neusa\Documents\image_name8.pdf
[2013-05-01 06:53:50 | 000,634,884 | ---- | C] () -- C:\Users\Neusa\Documents\image_name7.pdf
[2013-05-01 06:53:47 | 001,341,865 | ---- | C] () -- C:\Users\Neusa\Documents\image_name6.pdf
[2013-05-01 06:53:45 | 000,800,038 | ---- | C] () -- C:\Users\Neusa\Documents\image_name5.pdf
[2013-04-30 13:11:32 | 000,635,391 | ---- | C] () -- C:\Users\Neusa\Documents\image_name4.pdf
[2013-04-30 13:11:29 | 001,341,378 | ---- | C] () -- C:\Users\Neusa\Documents\image_name3.pdf
[2013-04-30 13:11:25 | 000,801,187 | ---- | C] () -- C:\Users\Neusa\Documents\image_name2.pdf
[2013-04-27 17:17:00 | 000,540,162 | ---- | C] () -- C:\Users\Neusa\Documents\image_name1.pdf
[2013-04-03 07:53:25 | 000,174,664 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys
[2013-04-03 07:53:22 | 000,049,376 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys
[2011-10-23 10:34:38 | 000,563,828 | ---- | C] () -- C:\Users\Neusa\Picturesimage5.tif
[2011-10-23 10:28:46 | 000,566,874 | ---- | C] () -- C:\Users\Neusa\Picturesimage4.tif
[2011-10-23 10:08:12 | 000,769,056 | ---- | C] () -- C:\Users\Neusa\Picturesimage3.tif
[2011-10-23 10:06:50 | 000,746,058 | ---- | C] () -- C:\Users\Neusa\Picturesimage2.tif
[2011-10-23 10:05:45 | 000,929,970 | ---- | C] () -- C:\Users\Neusa\Picturesimage1.tif
[2011-09-25 23:31:56 | 000,014,336 | ---- | C] () -- C:\Users\Neusa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-09-16 11:54:48 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2011-09-16 11:54:44 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll
[2011-09-16 11:54:44 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll
[2011-09-16 11:54:44 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll
[2011-09-16 11:54:44 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll
[2011-02-13 18:36:33 | 000,056,310 | ---- | C] () -- C:\Users\Neusa\theoriegrammaticaenspelling.pdf
[2010-11-27 01:53:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-09-16 02:18:52 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

(Video) What is HTML Iframe-inf malware and how to remove it

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010-09-16 02:34:54 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\ASUS WebStorage
[2012-05-12 10:00:36 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\Babylon
[2013-02-24 18:45:57 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\Belastingdienst
[2013-05-19 10:13:32 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\FileZilla
[2012-09-05 14:13:59 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\gnupg
[2012-09-05 13:43:50 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\HandBrake
[2012-02-04 18:49:46 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\KompoZer
[2013-05-11 14:08:10 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\Leadertech
[2012-01-28 12:52:09 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\Nokia
[2011-09-25 23:01:41 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\Nokia Ovi Suite
[2012-01-13 16:59:23 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\Nokia Suite
[2012-08-14 19:35:04 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\PC Suite
[2011-10-19 22:08:33 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\Samsung
[2013-05-11 14:22:28 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\Seagate
[2013-05-18 09:19:08 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\SoftGrid Client
[2012-06-17 20:18:33 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\Temp
[2010-12-14 00:52:59 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\TP
[2010-11-26 22:54:05 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\VoiceCommand
[2013-02-23 11:24:13 | 000,000,000 | ---D | M] -- C:\Users\Neusa\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

< End of report >

How can I be sure I'm rid of this one and any others?

(Video) How to manually clean a website from malware

Thx in advance for your assistance.

FAQs

What is HTML script INF? ›

HTML:Script-inf is a virus that is known as a generic detection for a malicious HTML script which is injected into malicious websites. HTML:Script-inf signifies that a website being accessed is corrupted by a script that may distribute other malware infections on the targeted machine.

How do I completely remove malware? ›

How to remove a virus from a PC
  1. Download antivirus software. There are two main types of antivirus software that can detect and remove computer viruses and malware: real-time and on-demand. ...
  2. Run a virus scan. ...
  3. Delete or quarantine infected files. ...
  4. Restart your computer.
Mar 14, 2022

How do I get rid of browser malvertising? ›

Here are the steps you need to take to remove the Google Chrome virus and adware from your browser:
  1. Reset browser settings. Open Chrome and click on the three dots in the upper right corner.
  2. Change default ads permissions. Go to Chrome settings.
  3. Remove unwanted browser extensions.
Apr 11, 2022

How do I find hidden malware? ›

How to check for malware on Android
  1. Go to the Google Play Store app.
  2. Open the menu button. You can do this by tapping on the three-line icon found in the top-left corner of your screen.
  3. Select Play Protect.
  4. Tap Scan. ...
  5. If your device uncovers harmful apps, it will provide an option for removal.

Does factory reset remove malware? ›

You will lose all your data. This means your photos, text messages, files and saved settings will all be removed and your device restored to the state it was in when it first left the factory. A factory reset is definitely a cool trick. It does remove viruses and malware, but not in 100% of cases.

Can malware be removed? ›

Fortunately, malware scanners can remove most standard infections. It's important to keep in mind that if you already have an antivirus program active on your computer, you should use a different scanner for this malware check since your current antivirus software may not detect the malware initially.

What do browser hijackers do? ›

A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit. It is often called a browser redirect virus because it redirects the browser to other, usually malicious, websites.

Is my browser hijacked? ›

Signs of browser hijacking

The most obvious sign that your browser has been exploited is that your home page is different from what it used to be or toolbars that you don't recognize have appeared. You might also see new favorites or bookmarks just below the address bar or if you manually look through the bookmarks.

How can you tell a fake virus warning? ›

The Federal Trade Commission (FTC) warns that the scareware scam has many variations, but there are some telltale signs: You may get ads that promise to “delete viruses or spyware,” “protect privacy,” “improve computer function,” “remove harmful files,” or “clean your registry.”

How do I disable spyware? ›

How to Delete Spyware in Easy Ways
  1. Check Programs and Features. Look for any suspicious files on the list but don't uninstall yet. ...
  2. Go to MSCONFIG. Type MSCONFIG in the search bar Click on Start Up Disable the same program found in Programs and Features Click Apply and Ok. ...
  3. Task Manager. ...
  4. Uninstall Spyware. ...
  5. Delete Temps.

How do you detect and remove spyware? ›

Here's how to scan for spyware on your Android:
  1. Download and install Avast One. INSTALL FREE AVAST ONE. ...
  2. Run an antivirus scan (Smart Scan) to detect spyware or any other forms of malware and viruses.
  3. Follow the instructions from the app to remove the spyware and any other threats that may be lurking.
Aug 5, 2020

How can you tell if there is spyware on your computer? ›

How to Check for Spyware on the Computer?
  1. MSCONFIG. Check for spyware in StartUp by typing Msconfig in the Windows search bar. ...
  2. TEMP Folder. You can also check for spyware in the TEMP Folder. ...
  3. Install an Anti Malware Software. The best way to check for spyware is by scanning the computer with anti malware software.

Can hard reset remove virus? ›

Disadvantages of Factory Resetting

Not all malware and viruses can be removed by resetting a device to factory mode; that is, it cannot remove a few viruses or malware stored in the rooted partition of the device through this method.

Does resetting PC remove hackers? ›

Does reset PC remove hackers? No, in general resetting your PC does not remove hackers. Resetting your PC is all about what's on the computer. If the hackers have left malware on your machine, this will be removed.

Will a factory reset remove hackers? ›

The majority of malware can be removed with a factory reset of your phone. This will, however, wipe any data stored on your device, such as photos, notes, and contacts, so it is important to back-up this data before resetting your device. Follow the instructions below to reset your iPhone or Android.

How do I remove malware for free? ›

Avast One removes hidden malware, blocks future malware, and protects against nasty viruses, spyware, ransomware, and more. 100% free.

Is there a free virus removal? ›

Don't worry about viruses. Avast One scans and cleans the viruses currently on your device, and stops future viruses and threats from infecting your system. Get free protection, or upgrade now for premium coverage.

How do I manually remove a virus? ›

If your PC has a virus, following these ten simple steps will help you to get rid of it:
  1. Step 1: Download and install a virus scanner. ...
  2. Step 2: Disconnect from internet. ...
  3. Step 3: Reboot your computer into safe mode. ...
  4. Step 4: Delete any temporary files. ...
  5. Step 5: Run a virus scan. ...
  6. Step 6: Delete or quarantine the virus.

How do I remove a hijacked browser? ›

Here's how to get rid of a browser hijacker manually on Windows:
  1. On your desktop, click on the Windows logo in the lower left corner. ...
  2. Search for Control Panel and open it.
  3. Under Programs, click on Uninstall a program.
  4. Choose any suspicious software and click Uninstall.
Sep 10, 2021

What is potential device hijacking? ›

Signs your mobile browser is infected

Here's a list of things that can indicate mobile browser hijacking: Your homepage is different to what you had set up. You're automatically redirected to other websites. You see too many irrelevant and shady pop-up ads.

What are the 4 examples of browser hijacker? ›

Examples of browser hijackers include:
  • Ask Toolbar.
  • GoSave.
  • Coupon Server.
  • CoolWebSearch.
  • RocketTab.

What browsers do hackers use? ›

Most Ethical Hackers and Security Researchers prefer to use browser while executing web application penetration testing.
...
Best Browsers For Hackers
  • Tor Browser.
  • Mozilla Firefox.
  • Brave Browser.
  • LibreWolf.
  • Epic.
  • DuckDuckGo.
  • Pale Moon.
  • Chromium.
Apr 10, 2022

Did Google Chrome get hacked? ›

G oogle has announced that Google Chrome has been successfully hacked as it discovers 30 security flaws–seven of which pose a “high” threat to users. In a blog post, Google revealed that a new update will make improvements for Windows, Mac, and Linux, to fix the security issues after the hack.

Can someone hack my Chrome? ›

Beware if you use Google Chrome as an internet browser: Your information may be compromised. An alert from Google warns billions of Chrome users that the browser has been successfully targeted by hackers and lists 30 security flaws, including seven classified as a "High" threat level.

What is a wiper virus? ›

Definition. The wiper term in wiper malware comes from its most basic function, when the objective of the malware is to wipe (erase) the hard disk of the victim machine. More generically, wiper malware can be defined as malicious software that tries to destroy data.

Are malware notifications real? ›

No. When Google says you have a virus on your phone, you are being scammed. Specifically, cybercriminals are trying to trick you into installing malware, submitting personal data, or paying for virus removal. Unfortunately, fake virus warnings on Android phones are very common these days.

What scareware means? ›

Scareware and ransomware are both forms of malicious software or malware. Scareware is malware that attempts to scare users into thinking their device has been infected with a virus and then encourages them to quickly download a program to fix it.

How do I manually remove malware from my computer? ›

If your PC has a virus, following these ten simple steps will help you to get rid of it:
  1. Step 1: Download and install a virus scanner. ...
  2. Step 2: Disconnect from internet. ...
  3. Step 3: Reboot your computer into safe mode. ...
  4. Step 4: Delete any temporary files. ...
  5. Step 5: Run a virus scan. ...
  6. Step 6: Delete or quarantine the virus.

What are the 7 steps of malware removal? ›

Malware Removal (scenario)
  1. Identify and research malware symptoms. ...
  2. Quarantine the infected systems. ...
  3. Disable System Restore (in Windows). ...
  4. Remediate the infected systems. ...
  5. Schedule scans and run updates. ...
  6. Enable System Restore and create a restore point (in Windows). ...
  7. Educate the end user.

How can you tell if there is spyware on your computer? ›

How to Check for Spyware on the Computer?
  1. MSCONFIG. Check for spyware in StartUp by typing Msconfig in the Windows search bar. ...
  2. TEMP Folder. You can also check for spyware in the TEMP Folder. ...
  3. Install an Anti Malware Software. The best way to check for spyware is by scanning the computer with anti malware software.

How do I remove spyware? ›

How to remove spyware from Android
  1. Download and install Avast One. INSTALL FREE AVAST ONE. Get it for PC, iOS, Mac. ...
  2. Run an antivirus scan (Smart Scan) to detect spyware or any other forms of malware and viruses.
  3. Follow the instructions from the app to remove the spyware and any other threats that may be lurking.
Aug 5, 2020

Why does my computer keep saying that I have a virus? ›

How a Computer Gets a Virus. There are several ways a computer can get infected by a virus and most of them involve downloading – either intentionally or unintentionally – infected files. Pirated music or movies, photos, free games and toolbars are common culprits, as are phishing/spammy emails with attachments.

How do I remove malware and viruses from my computer? ›

If your PC has a virus, following these ten simple steps will help you to get rid of it:
  1. Step 1: Download and install a virus scanner. ...
  2. Step 2: Disconnect from internet. ...
  3. Step 3: Reboot your computer into safe mode. ...
  4. Step 4: Delete any temporary files. ...
  5. Step 5: Run a virus scan. ...
  6. Step 6: Delete or quarantine the virus.

How do you remove and prevent malware? ›

How to prevent malware
  1. Keep your computer and software updated. ...
  2. Use a non-administrator account whenever possible. ...
  3. Think twice before clicking links or downloading anything. ...
  4. Be careful about opening email attachments or images. ...
  5. Don't trust pop-up windows that ask you to download software. ...
  6. Limit your file-sharing.

What is the best program to remove viruses? ›

Best malware removal software
  • Malwarebytes. The most effective free malware remover. ...
  • Avast Antivirus. Anti-malware protection and removal. ...
  • Kaspersky Anti-Virus. ...
  • Trend Micro Antivirus+ Security. ...
  • F-Secure SAFE. ...
  • Bitdefender Antivirus Free Edition. ...
  • Avira Free Security Suite. ...
  • AVG AntiVirus Free.
Jul 1, 2022

Videos

1. How to Remove Trojan Virus from Windows?
(MalwareFox)
2. Finding and Decoding Malicious Scripts- Digital Forensics Series
(BlackPerl)
3. How to Remove Chrome Redirect Virus? Clean Google Chrome
(MalwareFox)
4. The Easiest Way to Uninstall Malware on an Android Device [How-To]
(Gadget Hacks)
5. Tronscript: 1 Tool to remove Computer Virus, Spyware and Malware best for beginners!
(Chris Wiz)
6. MALWARE ANALYSIS - VBScript Decoding & Deobfuscating
(John Hammond)

Top Articles

You might also like

Latest Posts

Article information

Author: Laurine Ryan

Last Updated: 09/29/2022

Views: 5619

Rating: 4.7 / 5 (77 voted)

Reviews: 84% of readers found this page helpful

Author information

Name: Laurine Ryan

Birthday: 1994-12-23

Address: Suite 751 871 Lissette Throughway, West Kittie, NH 41603

Phone: +2366831109631

Job: Sales Producer

Hobby: Creative writing, Motor sports, Do it yourself, Skateboarding, Coffee roasting, Calligraphy, Stand-up comedy

Introduction: My name is Laurine Ryan, I am a adorable, fair, graceful, spotless, gorgeous, homely, cooperative person who loves writing and wants to share my knowledge and understanding with you.