Wireshark virus - Page 5
Page 5 of 6 FirstFirst ... 3456 LastLast
Results 61 to 75 of 90

Thread: Wireshark virus

  1. August 17th, 2010, 08:15 PM #61
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272

    Here it is...
    Attached Files Attached Files
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  2. August 17th, 2010, 08:35 PM #62
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Please, always paste all logs into your reply. If it doesn't fit, split it between couple of posts.

    How is computer doing?

    Uninstall Combofix:
    Go Start > Run [Vista users, go Start>"Start search"]
    Type in:
    Combofix /Uninstall
    Note the space between the "Combofix" and the "/Uninstall"
    Click OK (Vista users - press Enter).
    Restart computer.

    ===============================================================

    Download OTL to your Desktop.

    * Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    * Under the Custom Scan box paste this in:



    netsvcs
    drivers32 /all
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\system32\spool\prtprocs\w32x86\*.tmp
    %systemroot%\*. /mp /s
    /md5start
    /md5stop
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs



    * Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
    My Home Page
    Reply With Quote Reply With Quote
  3. August 17th, 2010, 09:23 PM #63
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272

    The computer seems to be operating normally as far as I can tell.

    OTL.txt I found. Extras.txt I have not seen.


    OTL. txt too long. I will split and resend.

    OTL logfile created on: 8/17/2010 10:56:38 PM - Run 2
    OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Tim\Desktop
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18372)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
    5.00 Gb Paging File | 4.00 Gb Available in Paging File | 86.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 298.08 Gb Total Space | 45.72 Gb Free Space | 15.34% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: BEVINS-NEW
    Current User Name: Tim
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010/08/17 22:54:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
    PRC - [2010/07/29 22:13:42 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2010/07/15 09:59:49 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
    PRC - [2010/07/15 09:59:47 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
    PRC - [2010/07/15 09:59:46 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
    PRC - [2010/07/15 09:59:44 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
    PRC - [2010/07/15 09:59:16 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
    PRC - [2010/07/15 09:59:15 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
    PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/06/02 20:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    PRC - [2010/03/18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    PRC - [2009/08/18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    PRC - [2009/07/10 14:49:24 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    PRC - [2009/03/26 16:04:26 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe
    PRC - [2007/12/14 00:27:34 | 000,212,992 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\ECSXPV_5762_010208\WDM\stacsv.exe
    PRC - [2007/12/14 00:26:40 | 000,413,696 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
    PRC - [2007/07/11 18:25:20 | 000,025,640 | R--- | M] (Amazon.com) -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
    PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2002/10/07 01:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/08/17 22:54:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
    MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
    MOD - [2004/08/03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
    SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
    SRV - [2010/07/15 09:59:44 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
    SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
    SRV - [2009/03/26 16:04:26 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
    SRV - [2009/02/16 20:39:00 | 002,736,890 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
    SRV - [2007/12/14 00:27:34 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\ECSXPV_5762_010208\WDM\stacsv.exe -- (STacSV)
    SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
    SRV - [2007/07/11 18:25:20 | 000,025,640 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
    SRV - [2004/03/18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\zumbus.sys -- (zumbus)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Pam\LOCALS~1\Temp\catchme.sys -- (catchme)
    DRV - [2010/07/15 09:59:48 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
    DRV - [2010/07/15 09:59:16 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
    DRV - [2010/06/16 05:48:18 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2010/06/02 09:31:50 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
    DRV - [2010/05/15 00:08:14 | 000,039,480 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stdriver32.sys -- (stdriver)
    DRV - [2010/02/27 15:36:47 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
    DRV - [2010/02/27 15:36:46 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
    DRV - [2009/07/24 23:15:31 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nocashio.sys -- (nocashio)
    DRV - [2008/02/26 01:51:43 | 002,863,616 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2008/01/03 10:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2007/12/14 00:28:20 | 001,270,872 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
    DRV - [2007/10/11 08:40:12 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)
    DRV - [2007/07/20 13:40:10 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
    DRV - [2005/01/07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
    DRV - [2005/01/04 14:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
    DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
    DRV - [2004/08/03 22:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
    DRV - [2002/07/17 08:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com
    IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
    FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
    FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
    FF - prefs.js..browser.search.order.1: "Fast Browser Search"
    FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
    FF - prefs.js..browser.search.suggest.enabled: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://yahoo.com"
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
    FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
    FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.1
    FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
    FF - prefs.js..extensions.enabledItems: [email protected]:1.3.5
    FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.64
    FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
    FF - prefs.js..extensions.enabledItems: [email protected]d:1.5.3
    FF - prefs.js..extensions.enabledItems: [email protected]:7.3
    FF - prefs.js..extensions.enabledItems: {dc961bb0-dfb2-11dc-95ff-0800200c9a66}:2.20100123
    FF - prefs.js..extensions.enabledItems: [email protected]:1.3.5
    FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="
    FF - prefs.js..network.proxy.type: 0


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/14 15:07:07 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/29 22:13:47 | 000,000,000 | ---D | M]

    [2008/09/05 15:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Extensions
    [2010/08/10 20:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions
    [2009/10/15 19:50:22 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
    [2010/03/17 15:08:00 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
    [2010/08/10 05:05:20 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
    [2010/05/13 20:39:00 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2010/04/16 22:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
    [2010/08/02 22:31:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2010/01/26 20:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
    [2010/07/12 21:14:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010/02/05 06:38:13 | 000,000,000 | ---D | M] (MidnightFoxy) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}
    [2010/08/02 23:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/02/05 06:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}\chrome\mozapps\extensions
    [2010/02/05 06:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}\chrome\mozapps\extensions\CVS
    [2009/12/07 06:13:06 | 000,005,407 | ---- | M] () -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\searchplugins\fast-browser-search.xml
    [2010/08/12 21:24:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/11/17 17:45:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
    [2009/07/17 04:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
    [2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    [2009/12/10 18:39:28 | 000,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
    [2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    [2009/01/28 23:08:04 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
    [2008/09/10 03:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
    [2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
    [2010/03/24 11:34:04 | 000,002,456 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  4. August 17th, 2010, 09:24 PM #64
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272
    OTL logfile created on: 8/17/2010 10:56:38 PM - Run 2
    OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Tim\Desktop
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18372)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
    5.00 Gb Paging File | 4.00 Gb Available in Paging File | 86.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 298.08 Gb Total Space | 45.72 Gb Free Space | 15.34% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: BEVINS-NEW
    Current User Name: Tim
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010/08/17 22:54:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
    PRC - [2010/07/29 22:13:42 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2010/07/15 09:59:49 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
    PRC - [2010/07/15 09:59:47 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
    PRC - [2010/07/15 09:59:46 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
    PRC - [2010/07/15 09:59:44 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
    PRC - [2010/07/15 09:59:16 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
    PRC - [2010/07/15 09:59:15 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
    PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/06/02 20:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    PRC - [2010/03/18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    PRC - [2009/08/18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    PRC - [2009/07/10 14:49:24 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    PRC - [2009/03/26 16:04:26 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe
    PRC - [2007/12/14 00:27:34 | 000,212,992 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\ECSXPV_5762_010208\WDM\stacsv.exe
    PRC - [2007/12/14 00:26:40 | 000,413,696 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
    PRC - [2007/07/11 18:25:20 | 000,025,640 | R--- | M] (Amazon.com) -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
    PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2002/10/07 01:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/08/17 22:54:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
    MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
    MOD - [2004/08/03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
    SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
    SRV - [2010/07/15 09:59:44 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
    SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
    SRV - [2009/03/26 16:04:26 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
    SRV - [2009/02/16 20:39:00 | 002,736,890 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
    SRV - [2007/12/14 00:27:34 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\ECSXPV_5762_010208\WDM\stacsv.exe -- (STacSV)
    SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
    SRV - [2007/07/11 18:25:20 | 000,025,640 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
    SRV - [2004/03/18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\zumbus.sys -- (zumbus)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Pam\LOCALS~1\Temp\catchme.sys -- (catchme)
    DRV - [2010/07/15 09:59:48 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
    DRV - [2010/07/15 09:59:16 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
    DRV - [2010/06/16 05:48:18 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2010/06/02 09:31:50 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
    DRV - [2010/05/15 00:08:14 | 000,039,480 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stdriver32.sys -- (stdriver)
    DRV - [2010/02/27 15:36:47 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
    DRV - [2010/02/27 15:36:46 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
    DRV - [2009/07/24 23:15:31 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nocashio.sys -- (nocashio)
    DRV - [2008/02/26 01:51:43 | 002,863,616 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2008/01/03 10:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2007/12/14 00:28:20 | 001,270,872 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
    DRV - [2007/10/11 08:40:12 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)
    DRV - [2007/07/20 13:40:10 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
    DRV - [2005/01/07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
    DRV - [2005/01/04 14:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
    DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
    DRV - [2004/08/03 22:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
    DRV - [2002/07/17 08:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com
    IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
    FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
    FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
    FF - prefs.js..browser.search.order.1: "Fast Browser Search"
    FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
    FF - prefs.js..browser.search.suggest.enabled: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://yahoo.com"
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
    FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
    FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.1
    FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
    FF - prefs.js..extensions.enabledItems: [email protected]:1.3.5
    FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.64
    FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
    FF - prefs.js..extensions.enabledItems: [email protected]d:1.5.3
    FF - prefs.js..extensions.enabledItems: [email protected]:7.3
    FF - prefs.js..extensions.enabledItems: {dc961bb0-dfb2-11dc-95ff-0800200c9a66}:2.20100123
    FF - prefs.js..extensions.enabledItems: [email protected]:1.3.5
    FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="
    FF - prefs.js..network.proxy.type: 0


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/14 15:07:07 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/29 22:13:47 | 000,000,000 | ---D | M]

    [2008/09/05 15:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Extensions
    [2010/08/10 20:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions
    [2009/10/15 19:50:22 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
    [2010/03/17 15:08:00 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
    [2010/08/10 05:05:20 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
    [2010/05/13 20:39:00 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2010/04/16 22:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
    [2010/08/02 22:31:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2010/01/26 20:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
    [2010/07/12 21:14:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010/02/05 06:38:13 | 000,000,000 | ---D | M] (MidnightFoxy) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}
    [2010/08/02 23:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/02/05 06:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}\chrome\mozapps\extensions
    [2010/02/05 06:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}\chrome\mozapps\extensions\CVS
    [2009/12/07 06:13:06 | 000,005,407 | ---- | M] () -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\searchplugins\fast-browser-search.xml
    [2010/08/12 21:24:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/11/17 17:45:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
    [2009/07/17 04:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
    [2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    [2009/12/10 18:39:28 | 000,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
    [2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    [2009/01/28 23:08:04 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
    [2008/09/10 03:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
    [2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
    [2010/03/24 11:34:04 | 000,002,456 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  6. August 17th, 2010, 09:32 PM #65
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272
    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com
    IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
    FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
    FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
    FF - prefs.js..browser.search.order.1: "Fast Browser Search"
    FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
    FF - prefs.js..browser.search.suggest.enabled: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://yahoo.com"
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
    FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
    FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.1
    FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
    FF - prefs.js..extensions.enabledItems: [email protected]:1.3.5
    FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.64
    FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
    FF - prefs.js..extensions.enabledItems: [email protected]d:1.5.3
    FF - prefs.js..extensions.enabledItems: [email protected]:7.3
    FF - prefs.js..extensions.enabledItems: {dc961bb0-dfb2-11dc-95ff-0800200c9a66}:2.20100123
    FF - prefs.js..extensions.enabledItems: [email protected]:1.3.5
    FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="
    FF - prefs.js..network.proxy.type: 0


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/14 15:07:07 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/29 22:13:47 | 000,000,000 | ---D | M]

    [2008/09/05 15:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Extensions
    [2010/08/10 20:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions
    [2009/10/15 19:50:22 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
    [2010/03/17 15:08:00 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
    [2010/08/10 05:05:20 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
    [2010/05/13 20:39:00 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2010/04/16 22:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
    [2010/08/02 22:31:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2010/01/26 20:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
    [2010/07/12 21:14:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010/02/05 06:38:13 | 000,000,000 | ---D | M] (MidnightFoxy) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}
    [2010/08/02 23:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/02/05 06:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}\chrome\mozapps\extensions
    [2010/02/05 06:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}\chrome\mozapps\extensions\CVS
    [2009/12/07 06:13:06 | 000,005,407 | ---- | M] () -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\searchplugins\fast-browser-search.xml
    [2010/08/12 21:24:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/11/17 17:45:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
    [2009/07/17 04:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
    [2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    [2009/12/10 18:39:28 | 000,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
    [2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    [2009/01/28 23:08:04 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
    [2008/09/10 03:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
    [2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
    [2010/03/24 11:34:04 | 000,002,456 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  7. August 17th, 2010, 09:34 PM #66
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272
    I know I kind of butchered that up, but as you are well aware by now I'm not exactly a whiz at this...
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  8. August 17th, 2010, 09:38 PM #67
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Please, attach the file and I'll post it for you
    My Home Page
    Reply With Quote Reply With Quote
  9. August 17th, 2010, 09:40 PM #68
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272

    Sorry
    Attached Files Attached Files
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  11. August 17th, 2010, 09:44 PM #69
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    No worries

    OTL logfile created on: 8/17/2010 10:56:38 PM - Run 2
    OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Tim\Desktop
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18372)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
    5.00 Gb Paging File | 4.00 Gb Available in Paging File | 86.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 298.08 Gb Total Space | 45.72 Gb Free Space | 15.34% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: BEVINS-NEW
    Current User Name: Tim
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010/08/17 22:54:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
    PRC - [2010/07/29 22:13:42 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2010/07/15 09:59:49 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
    PRC - [2010/07/15 09:59:47 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
    PRC - [2010/07/15 09:59:46 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
    PRC - [2010/07/15 09:59:44 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
    PRC - [2010/07/15 09:59:16 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
    PRC - [2010/07/15 09:59:15 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
    PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/06/02 20:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    PRC - [2010/03/18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    PRC - [2009/08/18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    PRC - [2009/07/10 14:49:24 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    PRC - [2009/03/26 16:04:26 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe
    PRC - [2007/12/14 00:27:34 | 000,212,992 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\ECSXPV_5762_010208\WDM\stacsv.exe
    PRC - [2007/12/14 00:26:40 | 000,413,696 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
    PRC - [2007/07/11 18:25:20 | 000,025,640 | R--- | M] (Amazon.com) -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
    PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2002/10/07 01:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/08/17 22:54:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
    MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
    MOD - [2004/08/03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
    SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
    SRV - [2010/07/15 09:59:44 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
    SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
    SRV - [2009/03/26 16:04:26 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
    SRV - [2009/02/16 20:39:00 | 002,736,890 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
    SRV - [2007/12/14 00:27:34 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\ECSXPV_5762_010208\WDM\stacsv.exe -- (STacSV)
    SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
    SRV - [2007/07/11 18:25:20 | 000,025,640 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
    SRV - [2004/03/18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\zumbus.sys -- (zumbus)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Pam\LOCALS~1\Temp\catchme.sys -- (catchme)
    DRV - [2010/07/15 09:59:48 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
    DRV - [2010/07/15 09:59:16 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
    DRV - [2010/06/16 05:48:18 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2010/06/02 09:31:50 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
    DRV - [2010/05/15 00:08:14 | 000,039,480 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stdriver32.sys -- (stdriver)
    DRV - [2010/02/27 15:36:47 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
    DRV - [2010/02/27 15:36:46 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
    DRV - [2009/07/24 23:15:31 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nocashio.sys -- (nocashio)
    DRV - [2008/02/26 01:51:43 | 002,863,616 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2008/01/03 10:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2007/12/14 00:28:20 | 001,270,872 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
    DRV - [2007/10/11 08:40:12 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)
    DRV - [2007/07/20 13:40:10 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
    DRV - [2005/01/07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
    DRV - [2005/01/04 14:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
    DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
    DRV - [2004/08/03 22:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
    DRV - [2002/07/17 08:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com
    IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
    FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
    FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
    FF - prefs.js..browser.search.order.1: "Fast Browser Search"
    FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
    FF - prefs.js..browser.search.suggest.enabled: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://yahoo.com"
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
    FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
    FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.1
    FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
    FF - prefs.js..extensions.enabledItems: [email protected]:1.3.5
    FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.64
    FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
    FF - prefs.js..extensions.enabledItems: [email protected]d:1.5.3
    FF - prefs.js..extensions.enabledItems: [email protected]:7.3
    FF - prefs.js..extensions.enabledItems: {dc961bb0-dfb2-11dc-95ff-0800200c9a66}:2.20100123
    FF - prefs.js..extensions.enabledItems: [email protected]:1.3.5
    FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="
    FF - prefs.js..network.proxy.type: 0


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/14 15:07:07 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/29 22:13:47 | 000,000,000 | ---D | M]

    [2008/09/05 15:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Extensions
    [2010/08/10 20:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions
    [2009/10/15 19:50:22 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
    [2010/03/17 15:08:00 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
    [2010/08/10 05:05:20 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
    [2010/05/13 20:39:00 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2010/04/16 22:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
    [2010/08/02 22:31:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2010/01/26 20:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
    [2010/07/12 21:14:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010/02/05 06:38:13 | 000,000,000 | ---D | M] (MidnightFoxy) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}
    [2010/08/02 23:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/04/14 20:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\[email protected]
    [2010/02/05 06:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}\chrome\mozapps\extensions
    [2010/02/05 06:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}\chrome\mozapps\extensions\CVS
    [2009/12/07 06:13:06 | 000,005,407 | ---- | M] () -- C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\9emoq70k.default\searchplugins\fast-browser-search.xml
    [2010/08/12 21:24:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/11/17 17:45:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
    [2009/07/17 04:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
    [2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    [2009/12/10 18:39:28 | 000,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
    [2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    [2009/01/28 23:08:04 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
    [2008/09/10 03:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
    [2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
    [2010/03/24 11:34:04 | 000,002,456 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml
    My Home Page
    Reply With Quote Reply With Quote
  12. August 17th, 2010, 09:45 PM #70
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    O1 HOSTS File: ([2010/08/17 20:22:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O2 - BHO: (TBSB05974 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Search Toolbar\tbcore3.dll File not found
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe ()
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [EnGraph QuickTimeKiller] C:\Program Files\EnGraph\QuicktimeKiller\QuickTimeKiller.exe ( )
    O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
    O4 - HKCU..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe (Uniblue Systems Limited)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
    O15 - HKCU\..Trusted Domains: microsoft.com ([support] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: yahoo.com ([www] http in Trusted sites)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/reso...an8/oscan8.cab (BDSCANONLINE Control)
    O16 - DPF: {680285A8-96D3-43DA-9D3D-51DD987D0B77} http://www.nero.com/doc/NeroVersionCheckerControl.cab (NeroVersionCheckerControl Control)
    O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} http://www.acclaim.com/cabs/acclaim_v5.cab (GameLauncher Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_11)
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab (IWinAmpActiveX Class)
    O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activ...eX_Control.cab (Photo Upload Plugin Class)
    O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Java Plug-in 1.5.0)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_11)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_11)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...nt/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
    O24 - Desktop WallPaper: C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008/09/03 10:11:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{0aa8d410-c8ec-11dd-bceb-001e90bea03a}\Shell\AutoRun\command - "" = E:\StartPortableApps.exe -- File not found
    O33 - MountPoints2\{611668f8-e266-11de-8aa7-001e90bea03a}\Shell - "" = AutoRun
    O33 - MountPoints2\{611668f8-e266-11de-8aa7-001e90bea03a}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{611668f8-e266-11de-8aa7-001e90bea03a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
    O33 - MountPoints2\{a1cf75d5-0ab4-11de-89e5-001e90bea03a}\Shell - "" = AutoRun
    O33 - MountPoints2\{a1cf75d5-0ab4-11de-89e5-001e90bea03a}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{a1cf75d5-0ab4-11de-89e5-001e90bea03a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found
    My Home Page
    Reply With Quote Reply With Quote
  13. August 17th, 2010, 09:46 PM #71
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
    Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
    Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
    Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
    Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
    Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
    Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
    Drivers32: vidc.ffds - - File not found
    Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
    Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
    Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
    Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
    Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
    Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
    Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
    Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
    Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
    Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
    Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
    Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
    Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
    Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
    Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
    Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
    Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

    CREATERESTOREPOINT
    Error starting restore point: System Restore is disabled.
    Error closing restore point: System Restore is disabled.

    ========== Files/Folders - Created Within 90 Days ==========

    [2010/08/17 22:54:55 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
    [2010/08/17 21:50:21 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2010/08/17 00:57:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2010/08/16 00:19:25 | 000,000,000 | ---D | C] -- C:\_OTL
    [2010/08/11 23:04:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
    [2010/08/09 05:34:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tim\Recent
    [2010/08/04 16:18:36 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\ScUnin.exe
    [2010/07/15 09:59:46 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
    [2010/07/09 15:08:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tim\Desktop\pics
    [2010/07/08 09:03:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2010/07/08 09:03:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2010/07/08 09:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/07/07 22:15:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    [2010/07/07 08:34:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Tim\IECompatCache
    [2010/07/01 12:24:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
    [2010/07/01 12:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2010/07/01 12:21:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
    [2010/06/30 00:36:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Conduit
    [2010/06/29 21:52:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
    [2010/06/29 21:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Google
    [2010/06/29 21:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\usxkdalio
    [2010/06/29 21:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
    [2010/06/28 10:22:22 | 000,015,760 | ---- | C] (InterVideo, Inc.) -- C:\WINDOWS\System32\iviaspi.sys
    [2010/06/28 10:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\SanDisk
    [2010/06/28 05:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
    [2010/06/28 05:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
    [2010/06/27 01:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
    [2010/06/27 01:16:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
    [2010/06/22 17:35:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010/06/22 17:35:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2010/06/22 17:31:50 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2010/06/06 12:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
    [2010/06/06 12:00:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
    [2010/05/31 01:06:56 | 000,000,000 | ---D | C] -- C:\divx

    ========== Files - Modified Within 90 Days ==========

    [2010/08/17 22:54:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe
    [2010/08/17 22:51:22 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/08/17 22:51:15 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2010/08/17 22:50:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2010/08/17 22:50:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/08/17 22:33:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-926492609-725345543-1003UA.job
    [2010/08/17 22:10:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2010/08/17 22:02:14 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
    [2010/08/17 21:50:27 | 000,000,281 | RHS- | M] () -- C:\boot.ini
    [2010/08/17 21:42:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
    [2010/08/17 20:22:02 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2010/08/17 20:17:22 | 000,000,281 | ---- | M] () -- C:\Boot.bak
    [2010/08/17 15:33:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-926492609-725345543-1003Core.job
    [2010/08/17 13:28:41 | 063,535,211 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
    [2010/08/16 00:20:56 | 003,932,160 | ---- | M] () -- C:\Documents and Settings\Tim\ntuser.dat
    [2010/08/14 20:37:33 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Tim\ntuser.ini
    [2010/08/13 13:55:44 | 000,398,744 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
    [2010/08/08 21:42:23 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\wavepadDowngrade.job
    [2010/08/07 12:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2010/08/06 22:35:53 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
    [2010/08/04 16:18:36 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\ScUnin.exe
    [2010/08/04 16:18:36 | 000,013,044 | ---- | M] () -- C:\WINDOWS\scunin.dat
    [2010/08/04 16:18:36 | 000,000,967 | ---- | M] () -- C:\WINDOWS\ScUnin.pif
    [2010/08/02 12:36:28 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/07/22 20:55:54 | 001,602,560 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
    [2010/07/18 13:58:12 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\Dependable Astro AWD won.doc
    [2010/07/15 09:59:48 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
    [2010/07/15 09:59:46 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
    [2010/07/15 09:59:16 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
    [2010/07/13 14:35:36 | 003,348,480 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
    [2010/07/08 09:03:45 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/06/30 13:30:49 | 000,000,891 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\My Sharing Folders.lnk
    [2010/06/30 13:20:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
    [2010/06/30 13:20:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
    [2010/06/28 12:52:32 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
    [2010/06/28 12:52:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
    [2010/06/28 12:45:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
    [2010/06/28 12:45:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
    [2010/06/28 12:26:13 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
    [2010/06/28 12:26:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
    [2010/06/27 21:59:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
    [2010/06/27 21:59:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
    [2010/06/27 20:40:26 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\Chrysler LeBaron GTC 2.doc
    [2010/06/25 22:39:57 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
    [2010/06/25 22:39:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
    [2010/06/24 03:18:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
    [2010/06/24 03:18:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
    [2010/06/24 03:02:29 | 000,500,732 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
    [2010/06/24 03:02:29 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2010/06/24 03:02:29 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2010/06/22 17:36:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
    [2010/06/22 17:36:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
    [2010/06/22 08:29:05 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
    [2010/06/22 08:29:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
    [2010/06/21 08:08:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
    [2010/06/21 08:08:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
    [2010/06/19 21:13:05 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\CCleaner.lnk
    [2010/06/17 10:07:31 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
    [2010/06/17 10:07:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
    [2010/06/13 21:23:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
    [2010/06/13 21:23:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
    [2010/06/13 13:24:22 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
    [2010/06/13 13:24:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
    [2010/06/11 19:17:35 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\Summer is here.doc
    [2010/06/11 03:15:00 | 000,165,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2010/06/08 22:36:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
    [2010/06/08 22:36:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
    [2010/06/07 10:56:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
    [2010/06/07 10:56:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
    [2010/06/06 19:58:48 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
    [2010/06/06 19:58:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
    [2010/06/02 09:31:50 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
    [2010/06/01 13:53:02 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
    [2010/06/01 13:53:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
    [2010/05/31 22:42:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
    [2010/05/31 17:03:54 | 000,103,511 | ---- | M] () -- C:\WINDOWS\hpoins04.dat
    [2010/05/31 15:25:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
    [2010/05/31 15:25:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
    [2010/05/28 07:15:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
    [2010/05/28 07:15:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
    [2010/05/27 07:32:47 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
    [2010/05/27 07:32:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
    My Home Page
    Reply With Quote Reply With Quote
  14. August 17th, 2010, 09:46 PM #72
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    ========== Files Created - No Company Name ==========

    [2010/08/17 01:39:56 | 000,000,281 | ---- | C] () -- C:\Boot.bak
    [2010/08/17 01:39:52 | 000,260,272 | ---- | C] () -- C:\cmldr
    [2010/08/08 21:42:22 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
    [2010/08/08 21:42:22 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\wavepadDowngrade.job
    [2010/08/04 16:18:36 | 000,013,044 | ---- | C] () -- C:\WINDOWS\scunin.dat
    [2010/08/04 16:18:36 | 000,000,967 | ---- | C] () -- C:\WINDOWS\ScUnin.pif
    [2010/07/18 13:58:12 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\Dependable Astro AWD won.doc
    [2010/07/08 09:03:45 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/07/01 15:28:23 | 000,000,970 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-926492609-725345543-1003UA.job
    [2010/07/01 15:28:23 | 000,000,918 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-926492609-725345543-1003Core.job
    [2010/06/30 13:30:49 | 000,000,891 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\My Sharing Folders.lnk
    [2010/06/27 20:28:04 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\Chrysler LeBaron GTC 2.doc
    [2010/06/25 08:13:09 | 003,932,160 | ---- | C] () -- C:\Documents and Settings\Tim\ntuser.dat
    [2010/06/11 19:17:35 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\Summer is here.doc
    [2010/06/06 12:00:07 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2010/06/06 12:00:06 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2010/05/31 17:03:09 | 000,104,156 | ---- | C] () -- C:\WINDOWS\hpoins04.dat.temp
    [2010/05/31 17:03:09 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
    [2010/05/25 22:42:06 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
    [2010/03/01 06:46:23 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Tim\Application Data\default.pls
    [2010/01/07 13:05:40 | 000,000,100 | ---- | C] () -- C:\WINDOWS\ka.ini
    [2009/12/31 20:32:12 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/12/27 21:02:51 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
    [2009/11/09 12:32:04 | 000,000,330 | ---- | C] () -- C:\WINDOWS\RBuilder.ini
    [2009/10/18 17:08:52 | 000,000,034 | ---- | C] () -- C:\WINDOWS\Sierra.ini
    [2009/09/30 19:10:39 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
    [2009/09/30 19:10:34 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
    [2009/09/30 19:10:29 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
    [2009/09/30 19:10:28 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
    [2009/08/28 10:58:31 | 000,177,664 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
    [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
    [2009/07/24 23:15:31 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\nocashio.sys
    [2009/06/03 21:22:47 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
    [2009/06/03 21:22:47 | 000,006,399 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
    [2009/06/03 21:22:47 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
    [2009/05/25 21:16:27 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
    [2009/05/01 10:14:36 | 000,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
    [2009/04/02 05:34:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
    [2009/03/12 05:38:23 | 002,788,800 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
    [2009/03/12 05:34:47 | 021,011,904 | ---- | C] () -- C:\Program Files\FLV PlayerRCSetup.exe
    [2009/02/12 21:01:22 | 000,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
    [2009/02/12 21:01:22 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
    [2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
    [2008/12/30 21:27:42 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2008/12/30 21:27:42 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
    [2008/12/30 21:27:40 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\cdga.dll
    [2008/10/16 03:02:03 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
    [2008/10/14 20:24:09 | 000,005,087 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ywasvxup.hvs
    [2008/10/14 18:01:39 | 000,002,528 | ---- | C] () -- C:\WINDOWS\FCIC.INI
    [2008/10/08 20:07:09 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
    [2008/09/09 18:37:25 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\Tim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/09/09 18:24:17 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Tim\Local Settings\Application Data\fusioncache.dat
    [2008/09/09 18:10:52 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
    [2008/09/09 16:38:38 | 000,002,072 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
    [2008/09/07 08:37:32 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2008/09/06 21:12:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
    [2008/03/04 19:52:34 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
    [2007/11/26 22:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
    [2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
    [2007/08/06 19:22:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
    [2007/06/28 06:54:10 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2007/06/28 06:52:18 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2007/05/17 14:58:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
    [2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
    [2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
    [2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
    [2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS

    ========== LOP Check ==========

    [2008/11/10 19:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acoustica
    [2008/11/15 13:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Amazon
    [2010/03/11 09:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    [2010/03/11 06:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
    [2009/01/10 13:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
    [2009/01/08 23:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc
    [2009/04/18 23:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IJJIGame
    [2009/01/08 23:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Launcher
    [2008/09/06 21:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
    [2010/03/15 21:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NBC Direct
    [2010/05/15 00:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    [2009/12/05 12:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
    [2008/09/15 20:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
    [2008/09/30 05:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
    [2010/05/15 19:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
    [2009/03/12 22:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/03/15 21:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{2853BFD5-3865-45EB-A4E3-967D4A9B969A}
    [2010/04/10 17:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2009/09/24 23:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
    [2008/11/11 06:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Acoustica
    [2009/07/10 21:14:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\BitTorrent
    [2009/09/18 23:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\NCH Swift Sound
    [2009/12/31 09:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Skinux
    [2010/02/13 19:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Uniblue
    [2010/05/31 22:42:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
    [2010/08/08 21:42:23 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadDowngrade.job
    [2010/08/17 21:42:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < >

    < >

    < >

    < &#37;SYSTEMDRIVE%\*.* >
    [2008/09/03 10:11:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2010/08/17 20:17:22 | 000,000,281 | ---- | M] () -- C:\Boot.bak
    [2010/08/17 21:50:27 | 000,000,281 | RHS- | M] () -- C:\boot.ini
    [2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
    [2010/08/17 22:49:31 | 000,002,127 | ---- | M] () -- C:\ComboFix.txt
    [2008/09/03 10:11:30 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2008/12/30 21:28:55 | 000,003,108 | ---- | M] () -- C:\Cucu_Video_log.txt
    [2009/04/02 05:34:28 | 000,003,532 | ---- | M] () -- C:\drmHeader.bin
    [2009/03/29 16:27:34 | 000,000,017 | ---- | M] () -- C:\gputest.txt
    [2008/10/12 13:59:01 | 000,000,425 | ---- | M] () -- C:\InstallHelper.log
    [2008/09/03 10:11:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2009/03/08 18:20:47 | 000,000,449 | ---- | M] () -- C:\LOGA.log
    [2008/09/03 10:11:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2009/08/03 22:49:00 | 000,000,000 | ---- | M] () -- C:\NdoorsLog.txt
    [2008/09/03 10:28:42 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
    [2008/09/03 10:28:42 | 000,250,032 | RHS- | M] () -- C:\ntldr
    [2010/08/15 23:07:15 | 000,097,964 | ---- | M] () -- C:\OTL.Txt
    [2010/08/17 22:50:44 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
    [2008/11/11 17:19:39 | 000,044,967 | ---- | M] () -- C:\session.log
    [2010/05/28 07:15:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
    [2010/05/31 15:25:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
    [2010/06/01 13:53:02 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
    [2010/06/21 08:08:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
    [2010/06/22 08:29:05 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
    [2010/06/06 19:58:48 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
    [2010/06/07 10:56:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
    [2010/06/08 22:36:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
    [2010/06/13 13:24:22 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
    [2010/06/13 21:23:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
    [2010/06/17 10:07:31 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
    [2010/06/22 17:36:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
    [2010/06/24 03:18:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
    [2010/06/25 22:39:57 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
    [2010/06/27 21:59:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
    [2010/06/28 12:26:13 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
    [2010/06/28 12:45:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
    [2010/06/28 12:52:32 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
    [2010/06/30 13:20:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
    [2010/05/27 07:32:47 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
    [2010/05/28 07:15:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
    [2010/05/31 15:25:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
    [2010/06/01 13:53:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
    [2010/06/21 08:08:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
    [2010/06/22 08:29:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
    [2010/06/06 19:58:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
    [2010/06/07 10:56:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
    [2010/06/08 22:36:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
    [2010/06/13 13:24:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
    [2010/06/13 21:23:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
    [2010/06/17 10:07:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
    [2010/06/22 17:36:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
    [2010/06/24 03:18:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
    [2010/06/25 22:39:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
    [2010/06/27 21:59:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
    [2010/06/28 12:26:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
    [2010/06/28 12:45:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
    [2010/06/28 12:52:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
    [2010/06/30 13:20:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
    [2010/05/27 07:32:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
    [2008/09/09 16:45:58 | 000,001,167 | ---- | M] () -- C:\_Sid.txt

    < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
    [2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

    < %systemroot%\system32\*.wt >

    < %systemroot%\system32\*.ruy >

    < %systemroot%\Fonts\*.com >
    [2006/04/18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
    [2006/06/29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
    [2006/04/18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
    [2006/06/29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

    < %systemroot%\*. /mp /s >


    < %systemroot%\system32\*.dll /lockedfiles >
    [2008/02/25 23:12:07 | 000,372,736 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\System32\config\*.sav >
    [2008/09/03 05:59:34 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2008/09/03 05:59:34 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2008/09/03 05:59:34 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

    < %systemroot%\system32\user32.dll /md5 >
    [2007/03/08 11:36:28 | 000,577,536 | ---- | M] (Microsoft Corporation) MD5=B409909F6E2E8A7067076ED748ABF1E7 -- C:\WINDOWS\system32\user32.dll

    < %systemroot%\system32\ws2_32.dll /md5 >
    [2004/08/04 00:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\system32\ws2_32.dll

    < %systemroot%\system32\ws2help.dll /md5 >
    [2004/08/04 00:56:48 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9BEACB911CA61E5881102188AB7FB431 -- C:\WINDOWS\system32\ws2help.dll

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
    "NoAutoUpdate" = 0

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-17 07:00:35

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Tim\My Documents\My Music:Roxio EMC Stream
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB1B13D8
    < End of report >
    My Home Page
    Reply With Quote Reply With Quote
  15. August 17th, 2010, 09:52 PM #73
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Uninstall Uniblue Registry Booster
    Registry tools are not recommended and here is why: http://miekiemoes.blogspot.com/2008/...eaking_13.html

    =================================================================

    Update your Java version here: http://www.java.com/en/download/installed.jsp

    Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

    Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

    Now, we need to remove old Java version and its remnants...

    Download JavaRa to your desktop and unzip it to its own folder
    • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.


    ================================================================

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
O2 - BHO: (TBSB05974 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Search Toolbar\tbcore3.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O4 - HKCU..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe (Uniblue Systems Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O33 - MountPoints2\{0aa8d410-c8ec-11dd-bceb-001e90bea03a}\Shell\AutoRun\command - "" = E:\StartPortableApps.exe -- File not found
O33 - MountPoints2\{611668f8-e266-11de-8aa7-001e90bea03a}\Shell - "" = AutoRun
O33 - MountPoints2\{611668f8-e266-11de-8aa7-001e90bea03a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{611668f8-e266-11de-8aa7-001e90bea03a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a1cf75d5-0ab4-11de-89e5-001e90bea03a}\Shell - "" = AutoRun
O33 - MountPoints2\{a1cf75d5-0ab4-11de-89e5-001e90bea03a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a1cf75d5-0ab4-11de-89e5-001e90bea03a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
[2010/07/01 12:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/06/29 21:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\usxkdalio
[2010/02/13 19:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Uniblue
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Tim\My Documents\My Music:Roxio EMC Stream
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB1B13D8


:Services

:Reg

:Files
C:\Program Files\Uniblue

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.


    =============================================================

    Last scans....

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



    2. Download Temp File Cleaner (TFC)
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.



    3. Go to Kaspersky website and perform an online antivirus scan.

    • Disable your active antivirus program.
    • Read through the requirements and privacy statement and click on Accept button.
    • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    • When the downloads have finished, click on Settings.
    • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

      • Spyware, Adware, Dialers, and other potentially dangerous programs
      • Archives
      • Mail databases
    • Click on My Computer under Scan.
    • Once the scan is complete, it will display the results. Click on View Scan Report.
    • You will see a list of infected items there. Click on Save Report As....
    • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
    Last edited by Broni; August 17th, 2010 at 10:15 PM.
    My Home Page
    Reply With Quote Reply With Quote
  16. August 17th, 2010, 09:59 PM #74
    timmyb74
    timmyb74 is offline Virtual Intern
    Join Date
    Nov 2000
    Location
    Hollansburg, OH, USA
    Posts
    272

    How do I uninstall Uniblue Registry Booster? I can't find it in add/remove programs.
    Windows 7 Ultimate, Service Pack 1

    AMD FX-4170 Quad-Core Processor 4.2 Ghz

    8.0 GB RAM

    64-bit Operating System
    Reply With Quote Reply With Quote
  17. August 17th, 2010, 10:16 PM #75
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I just edited OTL script, so Registry Booster will be removed automatically.

    Proceed with Java step and OTL.
    My Home Page
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules