Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Ghost Audio virus

Started by JNunley , Aug 04 2010 06:29 AM

  • Please log in to reply

#1
JNunley
Posted 04 August 2010 - 06:29 AM

JNunley

    New Member

  • Member
  • Pip
  • 6 posts
A virus/malware/spyware has appeared on my computer were ghost audio would randomly pop up on my computer and play some random commercial or 'congratulations you message. This message even occurs even when I'm not even on the browser. But besides the audio popping up at random times,nothing else had occurred which is odd. I have run avast antiviral scan multiple times with no luck to figuring out what it is. My OS is windows vista, i also have downloaded hijack this and have the log right here:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:27:38 AM, on 8/4/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\WeFi\WeFi.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Vuze\Azureus.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - ~266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
R3 - URLSearchHook: (no name) - ~EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - ~E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - (no file)
R3 - URLSearchHook: (no name) - ~97bceb59-cfcd-4b16-a863-b3f72cf9f196} - (no file)
R3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - ~c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
R3 - URLSearchHook: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll
R3 - URLSearchHook: (no name) - ~ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: BitZipperSearch Toolbar - {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files\BitZipperSearch\tbBitZ.dll
O2 - BHO: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com NetAssistant\NetAssistant.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: BitZipperSearch Toolbar - {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files\BitZipperSearch\tbBitZ.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
O3 - Toolbar: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe (User 'Default user')
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: npkcmsvc - Unknown owner - C:\Nexon\MapleStory\npkcmsvc.exe (file missing)
O23 - Service: pinger - Unknown owner - C:\TOSHIBA\IVP\ISM\pinger.exe
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WeFi Engine Service (WefiEngSvc) - WeFi - C:\Program Files\WeFi\WefiEngSvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 9250 bytes
  • 0

Advertisements

#2
kahdah
Posted 04 August 2010 - 07:14 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello JNunley

Welcome to G2Go. :)
=====================
  • Download OTL to your desktop.
  • Double click on OTL to run it.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Under Custom scan's and fixes section paste in the below in bold


    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll

  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
=========
  • Please download mbrcheck from Here
  • Save that file to your desktop and double click on it to run it.
  • It will show a Black screen with some data on it then hit any key to continue.
  • Once it finishes there will be a log produced on your desktop that is labeled mbrcheck*.txt (where the * is date)
  • Please post the contents of that log in your next reply.

  • 0

#3
JNunley
Posted 04 August 2010 - 07:49 AM

JNunley

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Okay thank you for for assistance by the way

Otl.txt
OTL logfile created on: 8/4/2010 9:16:53 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Jalen Nunley\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 36.93 Gb Free Space | 15.96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JALENNUNLEY-PC
Current User Name: Jalen Nunley
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Jalen Nunley\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\WeFi\WefiEngSvc.exe (WeFi)
PRC - C:\Program Files\WeFi\WeFi.exe (WeFi)
PRC - C:\Program Files\Vuze\Azureus.exe (Vuze Inc.)
PRC - C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashSimpl.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe ()
PRC - C:\TOSHIBA\IVP\ISM\pinger.exe ()
PRC - C:\TOSHIBA\IVP\ISM\Ivpsvmgr.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\Jalen Nunley\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (RelevantKnowledge) -- C:\Program Files\RelevantKnowledge\rlservice.exe File not found
SRV - (npkcmsvc) -- C:\Nexon\MapleStory\npkcmsvc.exe File not found
SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\rswin_3725.dll ()
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WefiEngSvc) -- C:\Program Files\WeFi\WefiEngSvc.exe (WeFi)
SRV - (HssTrayService) -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe ()
SRV - (HotspotShieldService) -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe ()
SRV - (HssWd) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
SRV - (HssSrv) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (ASKService) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA SMART Log Service) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (jswpsapi) -- C:\Program Files\Jumpstart\jswpsapi.exe (Atheros Communications, Inc.)
SRV - (Swupdtmr) -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe ()
SRV - (GameConsoleService) -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (pinger) -- C:\TOSHIBA\IVP\ISM\pinger.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (XDva352) -- C:\Windows\System32\XDva352.sys File not found
DRV - (XDva273) -- C:\Windows\System32\XDva273.sys File not found
DRV - (SVRPEDRV) -- C:\Windows\System32\sysprep\UP_date\PEDrv.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (npkcrypt) -- C:\Nexon\MapleStory\npkcrypt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (IO_Memory) -- C:\Windows\System32\SYSPREP\Drivers\ioport.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (HssDrv) -- C:\Windows\System32\drivers\hssdrv.sys (AnchorFree Inc.)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (jswpslwf) -- C:\Windows\System32\drivers\jswpslwf.sys (Atheros Communications, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (FwLnk) -- C:\Windows\System32\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (tapvpn) -- C:\Windows\System32\drivers\tapvpn.sys (The OpenVPN Project)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (Cdralw2k) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files\BitZipperSearch\tbBitZ.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll (CyberDefender Corp.)
IE - HKCU\..\URLSearchHook: ~266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: ~97bceb59-cfcd-4b16-a863-b3f72cf9f196} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: ~ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: ~c95a4e8e-816d-4655-8c79-d736da1adb6d} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: ~E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: ~EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com...19,6692,0,15,0"
FF - prefs.js..extensions.enabledItems: {BFF829B6-B433-42CE-9A19-E459D3E4E483}:3.6.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.11
FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com...93&searchterm="


FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/10/05 03:00:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/02 08:26:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/03 07:56:46 | 000,000,000 | ---D | M]

[2009/07/20 08:05:32 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Extensions
[2009/07/20 08:05:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/22 20:32:23 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Firefox\extensions
[2009/04/22 20:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/08/03 09:11:31 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Firefox\Profiles\gt9sh1r1.default\extensions
[2009/10/05 21:19:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Firefox\Profiles\gt9sh1r1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/20 08:03:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/22 00:44:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/07/22 00:44:02 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/07/22 00:44:02 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/11/09 21:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Program Files\Mozilla Firefox\plugins\NPMFireLauncher.dll
[2010/07/22 00:44:09 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010/03/20 09:16:34 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010/06/19 15:34:11 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/10/08 19:47:04 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/10/08 19:47:05 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/10/08 19:47:05 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/10/08 19:47:05 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/10/08 19:47:05 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/10/08 19:47:05 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/05/08 18:11:00 | 000,000,859 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahoo.xml

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (BitZipperSearch Toolbar) - {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files\BitZipperSearch\tbBitZ.dll (Conduit Ltd.)
O2 - BHO: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll (CyberDefender Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (NetAssistantBHO Class) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com NetAssistant\NetAssistant.dll (W3i, LLC)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (BitZipperSearch Toolbar) - {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files\BitZipperSearch\tbBitZ.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll (CyberDefender Corp.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Program Files\IsoBuster\tbIso0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitZipperSearch Toolbar) - {97BCEB59-CFCD-4B16-A863-B3F72CF9F196} - C:\Program Files\BitZipperSearch\tbBitZ.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll (CyberDefender Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a19a35a0-3373-11df-b678-001e336763b1}\Shell - "" = AutoRun
O33 - MountPoints2\{a19a35a0-3373-11df-b678-001e336763b1}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a9eb5ac8-d98d-11dd-8c8a-001e336763b1}\Shell - "" = AutoRun
O33 - MountPoints2\{a9eb5ac8-d98d-11dd-8c8a-001e336763b1}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{e92dc809-4ee0-11df-8b1e-001e336763b1}\Shell - "" = AutoRun
O33 - MountPoints2\{e92dc809-4ee0-11df-8b1e-001e336763b1}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/08/02 08:46:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/08/02 08:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/08/02 08:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/01 23:04:10 | 000,000,000 | ---D | C] -- C:\Users\Jalen Nunley\AppData\Roaming\ParetoLogic
[2010/08/01 23:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2010/08/01 23:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2010/08/01 23:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2010/07/31 15:30:35 | 000,000,000 | ---D | C] -- C:\Program Files\alaplaya
[2010/07/31 14:30:38 | 678,781,366 | ---- | C] (InstallShield Software Corporation) -- C:\Users\Jalen Nunley\Desktop\S4League.exe
[2010/07/30 12:06:10 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010/07/30 12:06:09 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010/07/30 12:06:08 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010/07/30 12:06:07 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010/07/30 12:06:04 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010/07/30 12:06:02 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010/07/30 12:05:52 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010/07/30 12:05:51 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010/07/30 12:05:50 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010/07/30 12:05:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010/07/30 12:05:49 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010/07/30 12:05:49 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010/07/30 12:05:48 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010/07/30 12:05:47 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010/07/30 12:05:46 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010/07/30 12:05:44 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010/07/30 12:05:44 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010/07/30 12:05:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010/07/30 12:05:42 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010/07/30 12:05:41 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010/07/30 12:05:41 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010/07/30 12:05:39 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010/07/30 12:05:37 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010/07/30 12:05:37 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/07/30 12:05:36 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010/07/30 12:05:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010/07/30 12:05:35 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010/07/30 12:05:34 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/07/30 12:05:33 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/07/30 12:05:27 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010/07/30 12:05:27 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010/07/30 12:05:25 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010/07/30 12:05:25 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010/07/30 12:05:24 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010/07/30 12:05:24 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010/07/30 12:05:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010/07/30 12:05:19 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010/07/30 12:05:19 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010/07/30 12:05:17 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010/07/30 12:05:15 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010/07/30 12:05:15 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010/07/30 12:05:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010/07/30 12:04:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010/07/30 12:04:50 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010/07/30 12:04:50 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010/07/30 12:04:48 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010/07/30 12:04:47 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010/07/30 12:04:46 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010/07/30 12:04:45 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010/07/30 12:04:44 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010/07/30 12:04:44 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010/07/30 12:04:42 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010/07/30 12:04:41 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010/07/30 12:04:39 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010/07/30 12:04:39 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010/07/30 12:04:37 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010/07/30 12:04:36 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010/07/30 12:04:34 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010/07/30 12:04:34 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010/07/30 12:04:32 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010/07/30 12:04:29 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010/07/30 12:04:29 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010/07/30 12:04:28 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010/07/30 12:04:28 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010/07/30 12:04:26 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010/07/30 12:04:25 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010/07/30 12:04:24 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010/07/30 12:04:23 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010/07/30 12:04:22 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010/07/30 12:04:21 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010/07/30 12:04:20 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010/07/30 12:04:18 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010/07/30 12:04:17 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010/07/30 12:04:16 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010/07/30 12:04:16 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010/07/30 12:04:15 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010/07/30 12:04:14 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010/07/30 12:04:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010/07/30 12:04:13 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010/07/30 12:04:12 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010/07/30 12:04:11 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010/07/30 12:03:54 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010/07/30 12:03:53 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010/07/30 12:03:53 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010/07/30 12:03:52 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010/07/30 12:03:51 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010/07/30 12:03:50 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010/07/30 12:03:49 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010/07/30 12:03:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010/07/30 12:03:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010/07/30 11:57:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/07/30 00:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\Gravity
[2010/07/26 08:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Graboid
[2010/07/23 09:40:09 | 000,000,000 | ---D | C] -- C:\Users\Jalen Nunley\Desktop\Castlevania Symphony Of The Night OST
[2010/07/21 14:20:29 | 000,000,000 | ---D | C] -- C:\Users\Jalen Nunley\Desktop\Super Castlevania IV (E) [!]
[2010/07/21 14:20:08 | 000,000,000 | ---D | C] -- C:\Users\Jalen Nunley\Desktop\zsnesw151
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/04 09:24:05 | 002,621,440 | -HS- | M] () -- C:\Users\Jalen Nunley\ntuser.dat
[2010/08/04 09:23:48 | 000,001,142 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\ Mabinogi .lnk
[2010/08/04 08:31:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/04 08:00:47 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/04 08:00:47 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/04 06:31:02 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/04 03:42:40 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{498516EE-2BF8-40D6-B141-4BB9695BF4BB}.job
[2010/08/03 18:00:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/03 11:10:11 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\WefiStartup.job
[2010/08/03 11:09:52 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010/08/03 11:09:51 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PCConfidential.job
[2010/08/03 11:09:41 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/03 11:07:14 | 000,524,288 | -HS- | M] () -- C:\Users\Jalen Nunley\ntuser.dat{ae9f35e6-4495-11df-bf98-001e336763b1}.TMContainer00000000000000000001.regtrans-ms
[2010/08/03 11:07:14 | 000,065,536 | -HS- | M] () -- C:\Users\Jalen Nunley\ntuser.dat{ae9f35e6-4495-11df-bf98-001e336763b1}.TM.blf
[2010/08/03 11:06:46 | 003,561,806 | -H-- | M] () -- C:\Users\Jalen Nunley\AppData\Local\IconCache.db
[2010/08/03 10:19:38 | 000,002,231 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\iTunes.lnk
[2010/08/03 10:14:57 | 116,871,069 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\Rockman X Command Mission - Original Soundtrack.zip
[2010/08/03 07:56:46 | 000,001,898 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/03 07:50:35 | 000,000,432 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2010/08/03 01:31:17 | 000,006,784 | ---- | M] () -- C:\Users\Jalen Nunley\Documents\cc_20100803_013055.reg
[2010/08/02 20:53:05 | 000,000,572 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Jalen Nunley.job
[2010/08/02 14:50:58 | 000,176,964 | ---- | M] () -- C:\Users\Jalen Nunley\Documents\cc_20100802_145027.reg
[2010/08/02 08:45:38 | 000,000,815 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\CCleaner.lnk
[2010/08/02 08:42:02 | 000,001,885 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\HijackThis.lnk
[2010/08/02 03:47:01 | 000,000,460 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Privacy Controls_{938FE28A-9DE2-11DF-8D6E-A9875ADEE37E}.job
[2010/08/01 23:03:51 | 000,001,054 | ---- | M] () -- C:\Users\Jalen Nunley\Application Data\Microsoft\Internet Explorer\Quick Launch\ParetoLogic Privacy Controls.lnk
[2010/08/01 23:03:50 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\ParetoLogic Privacy Controls.lnk
[2010/07/31 15:59:56 | 1027,541,461 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\FlorensiaInstall_2010-07.exe
[2010/07/31 15:27:48 | 678,781,366 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Jalen Nunley\Desktop\S4League.exe
[2010/07/30 09:21:18 | 000,000,907 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\RagnarokFree - Shortcut.lnk
[2010/07/29 00:31:26 | 000,150,528 | ---- | M] () -- C:\Users\Jalen Nunley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/23 02:24:59 | 466,751,794 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\castlevania4.rar
[2010/07/23 01:34:16 | 082,401,560 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\Castlevania Symphony Of The Night OST.rar
[2010/07/14 06:31:59 | 000,124,642 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\genis_sage.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/03 10:10:05 | 116,871,069 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\Rockman X Command Mission - Original Soundtrack.zip
[2010/08/03 01:31:10 | 000,006,784 | ---- | C] () -- C:\Users\Jalen Nunley\Documents\cc_20100803_013055.reg
[2010/08/02 14:50:32 | 000,176,964 | ---- | C] () -- C:\Users\Jalen Nunley\Documents\cc_20100802_145027.reg
[2010/08/02 08:45:38 | 000,000,815 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\CCleaner.lnk
[2010/08/02 08:40:42 | 000,001,885 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\HijackThis.lnk
[2010/08/01 23:04:02 | 000,000,432 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2010/08/01 23:03:51 | 000,000,460 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Privacy Controls_{938FE28A-9DE2-11DF-8D6E-A9875ADEE37E}.job
[2010/08/01 23:03:50 | 000,001,054 | ---- | C] () -- C:\Users\Jalen Nunley\Application Data\Microsoft\Internet Explorer\Quick Launch\ParetoLogic Privacy Controls.lnk
[2010/08/01 23:03:50 | 000,001,030 | ---- | C] () -- C:\Users\Public\Desktop\ParetoLogic Privacy Controls.lnk
[2010/08/01 06:26:40 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/01 06:26:38 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/31 14:28:41 | 1027,541,461 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\FlorensiaInstall_2010-07.exe
[2010/07/30 09:21:18 | 000,000,907 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\RagnarokFree - Shortcut.lnk
[2010/07/23 02:06:27 | 466,751,794 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\castlevania4.rar
[2010/07/23 01:30:29 | 082,401,560 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\Castlevania Symphony Of The Night OST.rar
[2010/07/14 06:31:55 | 000,124,642 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\genis_sage.jpg
[2010/07/13 10:18:02 | 000,001,142 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\ Mabinogi .lnk
[2010/02/27 15:08:22 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/02/09 21:48:20 | 000,000,270 | ---- | C] () -- C:\Windows\ACTIVEJP.INI
[2009/09/17 15:59:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/07/18 22:34:12 | 000,000,029 | ---- | C] () -- C:\Windows\Index.ini
[2009/07/07 19:55:12 | 000,041,808 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/06/07 21:24:13 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2009/05/28 17:44:34 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2009/03/05 07:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2008/12/25 13:29:52 | 000,000,013 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2008/12/25 13:29:52 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/09/17 13:07:02 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2008/09/17 13:07:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2008/09/17 13:07:02 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2008/09/17 13:07:02 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/02/13 14:15:06 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/02/12 22:23:20 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/02/12 22:23:20 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/02/12 22:23:20 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/02/12 22:23:20 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/02/12 22:23:20 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/02/12 22:23:20 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/07/28 01:26:30 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 12:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/12/08 03:19:22 | 000,061,440 | ---- | C] () -- C:\Windows\System32\EGamesPlugin.dll
[2005/12/08 03:19:22 | 000,036,864 | ---- | C] () -- C:\Windows\System32\EGameEncrypt.dll

========== LOP Check ==========

[2010/08/04 09:26:45 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\Azureus
[2010/04/28 03:21:33 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\BitTorrent
[2009/07/10 11:21:02 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\BitZipper
[2009/12/09 15:42:34 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\FOG Downloader
[2009/07/10 00:06:42 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\GetRightToGo
[2009/10/15 05:00:33 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\gtk-2.0
[2009/05/07 06:35:03 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\ImgBurn
[2010/05/08 18:11:18 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\My.Freeze.com NetAssistant
[2008/12/26 12:35:38 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\Nexon
[2010/08/01 23:04:10 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\ParetoLogic
[2009/10/20 23:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\PeerNetworking
[2009/05/29 03:28:25 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\Secret of the Solstice
[2010/06/03 21:28:41 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\TOSHIBA
[2010/08/03 10:56:36 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\TuneUpMedia
[2009/03/24 20:39:21 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\Uniblue
[2009/03/29 20:15:26 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\WeatherBug
[2009/05/19 20:57:17 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\WildTangent
[2010/08/02 03:47:01 | 000,000,460 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Privacy Controls_{938FE28A-9DE2-11DF-8D6E-A9875ADEE37E}.job
[2010/08/03 07:50:35 | 000,000,432 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2010/08/03 11:09:51 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\PCConfidential.job
[2010/03/31 04:25:16 | 000,000,376 | ---- | M] () -- C:\Windows\Tasks\PerfectOptimizer_home.job
[2010/08/03 11:07:31 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/04 03:42:40 | 000,000,436 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{498516EE-2BF8-40D6-B141-4BB9695BF4BB}.job
[2010/08/03 11:10:11 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\WefiStartup.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/02/12 18:27:46 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2009/10/01 13:30:37 | 000,049,094 | ---- | M] () -- C:\CybDefInstallInfo.log
[2009/12/08 20:04:01 | 000,000,302 | ---- | M] () -- C:\DV.txt
[2010/03/21 20:26:19 | 212,976,896 | ---- | M] (Skyunion(IGG), Joyconnect Studio ) -- C:\gw_setup_2.2.000_usa.exe.sl
[2010/08/03 11:08:45 | 3398,316,032 | -HS- | M] () -- C:\pagefile.sys
[2009/06/05 17:46:08 | 000,000,204 | ---- | M] () -- C:\Plugins

< %systemroot%\system32\*.dll /lockedfiles >
[2010/05/04 01:55:41 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll
[2009/03/08 07:22:37 | 000,156,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msls31.dll
[2009/04/11 02:28:23 | 000,286,720 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rasapi32.dll
[2008/01/20 22:24:11 | 000,071,168 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rasman.dll
[2009/04/11 02:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 02:28:24 | 000,036,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rtutils.dll
[2006/11/02 05:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SensApi.dll
[2009/04/11 02:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2008/01/20 22:24:13 | 000,376,832 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\sxs.dll
[2006/11/02 05:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\tapi32.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/02/12 18:27:35 | 012,820,480 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/02/12 18:27:30 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/02/12 18:27:35 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2008/02/12 18:27:42 | 017,186,816 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2008/02/12 18:27:44 | 006,635,520 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\drivers\*.sys /90 >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 23:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:BEB15613
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >

Extras.txt
OTL Extras logfile created on: 8/4/2010 9:16:53 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Jalen Nunley\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 36.93 Gb Free Space | 15.96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JALENNUNLEY-PC
Current User Name: Jalen Nunley
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3655913385-1390485762-1043438615-1000]
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{068582DF-A7CB-4DF8-BB0D-043A5CE97D0F}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{0987AEA9-0353-476B-8CF3-80FB65C0FDCF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0B891BBC-AFBF-4F26-A3FB-CAA7107C9949}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{11E6236B-C7F9-4F96-9071-E2DB6F291C22}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{165E7609-9489-49F7-AE4A-3572DD7B15D4}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{187CD3D9-F9D3-453C-95CC-BD82C3C23AA9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1CFB5566-D5BD-47F3-A005-4CAD28624E03}" = rport=5357 | protocol=6 | dir=out | app=system |
"{1DF19EAD-6D94-4CFA-81E3-CC5C217E4E5F}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{1DFF0C36-DB86-4E33-8E7F-006B2DB290B1}" = lport=137 | protocol=17 | dir=in | app=system |
"{24CBB741-0893-4FDF-8735-A03F467CD6DE}" = lport=445 | protocol=6 | dir=in | app=system |
"{25B4B4B3-B76D-452E-8955-303FC71A08AC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{27F77355-6100-446D-8E41-49E2789EB81D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{293D74F7-4314-48B0-8E7A-A3CF2C30C6F1}" = rport=139 | protocol=6 | dir=out | app=system |
"{2AD8577C-58E0-46F0-887F-E8D434F04837}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{2C8EB3ED-CFEE-4212-B283-CB290AD9E4F6}" = lport=5357 | protocol=6 | dir=in | app=system |
"{386CAE63-D452-4271-B40C-E59632D1CD1F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38F86742-5179-48A1-8403-7CC977591A3B}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{4C1723E6-037C-472C-898A-DBEA5777345A}" = rport=445 | protocol=6 | dir=out | app=system |
"{4DBBB4BB-A063-49E7-B959-3EBE78E25AFD}" = lport=5358 | protocol=6 | dir=in | app=system |
"{5568FBF2-88B3-4B70-9C83-672CB4599981}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{57E87616-D907-4BD2-B7D8-4F582F41379E}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{5D6D7A7F-D356-4C7A-8822-3ED86B544A1F}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{69BDFC28-FA41-40FF-B067-98764C520A7C}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{69C5C856-08B5-4E1D-83F1-CAC7B61FD07B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6CF8B3EB-5480-45FB-B135-B744988AF6FC}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6E2AA555-667E-4490-9078-4349EDDF04BF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{6E7E0801-2818-45C3-8D84-BAAAF7BFE80A}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{7646CE83-ABA6-4295-97F5-073B04952097}" = rport=5358 | protocol=6 | dir=out | app=system |
"{77B2ED1E-3846-4BB2-AB20-D866F398884A}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{7ACB5BB7-D19F-4375-968F-A91E6D779360}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{91B925E4-3FA7-4DCB-9C29-A64E03C6B128}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{92C55333-D3D4-4BC0-A996-F76E7088BF1E}" = lport=139 | protocol=6 | dir=in | app=system |
"{943C1B08-71E9-4775-B577-93329DA8D338}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{94A2BE93-3DE3-4141-8EFC-8645A7B3BD7E}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{9FB00BFE-C720-48B7-9389-8FE7CF1CE1A2}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{B14219BE-43FD-4A4A-B6BF-A59DF616AF6F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{B1FD2E85-07C7-4078-BBC7-C9813FB9C2E6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B5360E1E-DCE9-4583-B160-AF7592493287}" = lport=138 | protocol=17 | dir=in | app=system |
"{CD2C3044-DC25-4BF5-A26D-25D95A25D2DA}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{CD4BA60A-F154-4E72-B6AF-4F3A2C5BD51C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D41C6C68-520D-46B7-AB69-7058CEEA56B9}" = rport=138 | protocol=17 | dir=out | app=system |
"{D7BEBD0C-F59C-40AD-8204-E49A4F38C56E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DA738803-52CE-49D3-B78D-FB22AE17A893}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{E16D3AF9-8DB0-4362-90E9-BC466AD8FF8B}" = lport=51993 | protocol=6 | dir=in | name=akamai netsession interface |
"{E9A37663-4A22-42D5-B834-F75A13F9FB29}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{ECE4A877-27BF-4579-B85C-8D9456526B45}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{EF37C3EF-CF48-4073-860D-DDFE34918764}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F34A15AD-EC7B-4E85-A714-5134B25F4B85}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{F554EB14-3681-480D-9200-349CEB17C6B2}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034F038C-5813-40CC-AFED-F7FAE2212B95}" = protocol=6 | dir=in | app=c:\aeriagames\domo\domopatch.exe |
"{087EE40D-64AF-4CA6-8105-0059F5469CC3}" = protocol=58 | dir=in | [email protected],-28545 |
"{0D2061B0-F617-4634-9DCD-B5151B19F298}" = protocol=17 | dir=in | app=c:\aeriagames\domo\domopatch.exe |
"{0E5590E1-25E9-4AFA-A5FE-E32D1333B673}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{12A21862-B704-4FB9-935A-482465197F87}" = protocol=6 | dir=in | app=c:\windows\temp\~os672d.tmp\rlvknlg.exe |
"{1A44BDBA-70A1-4EC9-91E8-048D269F85F4}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{1E1B955D-4A93-4FB0-9E73-8CCC9C13653D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{24C72A0C-1E0D-4741-99AB-19E891F86D87}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{2597E794-2AD0-4633-BB94-C6D9BA9BC677}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{31FEE34E-447F-43A6-A46F-CB613179494D}" = protocol=6 | dir=in | app=c:\windows\temp\~os15f0.tmp\rlvknlg.exe |
"{3E07B1C4-78D8-4416-8ECE-A747B1F09169}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3FFE2D18-25BE-4604-B8BB-D0B92FF4DF9B}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{441B516B-BA57-4029-A766-882616E67714}" = protocol=1 | dir=out | [email protected],-28544 |
"{4F3A7D1D-7EA5-4EDB-9A01-500FD0BF570E}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{59001750-CB9A-4B1D-BBAD-C7044A11643F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5D47D0E2-BE33-4F89-BB03-0C34055B91D1}" = protocol=6 | dir=in | app=c:\windows\temp\~os8992.tmp\rlvknlg.exe |
"{62029945-6C0A-4351-B8CC-A9A7D6CA0BF1}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{70A95CD6-4D06-4C8E-B1F8-135755FC3E0F}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{728654D1-B8FA-474C-BAC1-E42EE9DD7D77}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{73AB4C28-9692-414F-875B-CC228E8B10F8}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{750A3EB9-74BA-40A9-BDA4-B0FD197EF127}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{77E67662-EA17-4B3C-A116-9B5785D6E25D}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7DD3F21D-5ED1-4F2F-8322-3CBD95B5C376}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{82782196-A850-4F35-B1B4-DC66FF020891}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{82D2BAA1-512A-4A21-AF43-6F5A72C3294E}" = protocol=58 | dir=out | [email protected],-28546 |
"{8B404A46-4ADB-4206-B22B-C3DEF904285D}" = protocol=17 | dir=in | app=c:\users\jalen nunley\appdata\locallow\dyyno receiver\dppm.exe |
"{8D469C92-0EF9-4CF8-B2ED-AFEF2A66CBBA}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8E27DC70-8B44-4BB0-AE28-C0F2A8E7943F}" = protocol=6 | dir=in | app=c:\windows\temp\~os6e84.tmp\ossproxy.exe |
"{9679788D-25CA-4EC2-B5D1-7B7B709E9F71}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{96D9227F-E8AF-4029-932E-25E6F9B14269}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{99E52D88-910F-4725-820C-C3D0E3C1342B}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{9C995E9B-0D2B-418E-8263-96C50FD40CDA}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{A572420D-778B-4095-8F43-B8CC27A1A034}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ADEFCA36-E9CA-4C25-8748-5A0CF1635D38}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B20C3AA7-9899-4457-A28C-A7D1DF2943F1}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{B2ACA0D2-89AB-41A2-974B-313C2F437D1C}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{B5473721-3FA7-42A2-997E-6E345358DDCD}" = protocol=1 | dir=in | [email protected],-28543 |
"{B8E551A3-D37C-4E6A-BA86-6D2AE11D0CC3}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{BED94657-993E-4666-83A1-33A3C2A0FEDE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BFAAB426-80CC-476F-B677-31CBDEC00817}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{C1082D5C-82F7-4B94-BFB8-118C268EA299}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CB8CC56E-94A6-4FDE-A314-7E34C283155A}" = protocol=6 | dir=in | app=c:\users\jalen nunley\appdata\locallow\dyyno receiver\dppm.exe |
"{CF888360-5BAC-49C0-90AE-ECFA94D36729}" = protocol=6 | dir=in | app=c:\windows\temp\~os44da.tmp\ossproxy.exe |
"{D3336E89-A72E-4085-90D2-343F63A664ED}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{DCEBB4FE-E009-49FA-A84E-51B8D68B1670}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{E1F3588D-73FC-4F42-895D-78563AD7E945}" = protocol=6 | dir=in | app=c:\windows\temp\~os63f5.tmp\ossproxy.exe |
"{E8A374EA-68A6-48F1-947D-947B4B89A4C7}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{E9DEFF29-3515-45A5-9BC4-F0280222AA79}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{ECCA1D6C-92A5-4AE3-90F1-7EA14C7BE3F1}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F072B6EB-317C-41D0-93A8-51C15455C613}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{F186C464-0E7E-419D-9F9C-44CE40B79CF7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F6326620-7F31-4C70-B7DD-22FE9FCACEF6}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{FC1AF793-325D-478D-A8DF-0413E6F3462F}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"TCP Query User{1CA175A8-EA99-48DB-A0B5-C5A845B374CF}C:\users\jalen nunley\downloads\fogdownloader-rom_2_1_0_1871.exe" = protocol=6 | dir=in | app=c:\users\jalen nunley\downloads\fogdownloader-rom_2_1_0_1871.exe |
"TCP Query User{3BEDEE35-01C6-43DA-AAE1-8EDC59C8B5B6}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{45AD427E-8B6C-4D95-A0FC-6ECAA8B4D2A1}C:\gamepotusa\brightshadow\brightshadow.exe" = protocol=6 | dir=in | app=c:\gamepotusa\brightshadow\brightshadow.exe |
"TCP Query User{B19F1C34-4BE9-4EDE-BD12-E8A401F4070A}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{EF6D75D7-370C-4438-AB33-383C8CD276A9}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{449C9C88-10F6-4706-B66A-7B0F2FF91C3C}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{59A11243-709D-43FD-B871-E0DCD3819C07}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{7138ACBC-C1D6-429C-A897-29062B8B09C4}C:\users\jalen nunley\downloads\fogdownloader-rom_2_1_0_1871.exe" = protocol=17 | dir=in | app=c:\users\jalen nunley\downloads\fogdownloader-rom_2_1_0_1871.exe |
"UDP Query User{C9B3BE58-D1A7-4372-917C-05F014A825D7}C:\gamepotusa\brightshadow\brightshadow.exe" = protocol=17 | dir=in | app=c:\gamepotusa\brightshadow\brightshadow.exe |
"UDP Query User{CE4CED74-693A-440B-AAF8-9AEE64717E47}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{03240EBA-04F2-4652-BC7F-B055902BDCD3}" = Memeo AutoBackup
"{062ABD24-47F8-D865-BCB6-A724A94BC9A5}" = CCC Help Japanese
"{06F2B3DC-74F4-300D-D41A-B21B46101CA2}" = Skins
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A573F30-FB63-9A85-2E6E-39E1AC5366D0}" = Catalyst Control Center Localization Hungarian
"{0A9F311E-A4B9-4808-1D1C-0B2E7705A735}" = Catalyst Control Center Localization Spanish
"{0F15A965-99BA-BC9D-5A00-D7E1E7B2AE7F}" = Catalyst Control Center Localization French
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{14FEF8C7-0EB1-47F2-6A13-D43171D4DFBB}" = Catalyst Control Center Localization Greek
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D4D4C5C-6771-A416-0FC9-167F47C4D977}" = Catalyst Control Center Localization Polish
"{1E32C2AB-9722-5F41-7BDE-24B5AFD2BCE6}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{21AEC16B-1C21-81B4-DA88-2235CC1F7E39}" = Catalyst Control Center Localization Japanese
"{2243C6DC-39EA-4D5E-B743-3AE510A91B3A}" = WeatherBug
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{288306FF-D5B5-7398-0617-E52F625C6797}" = CCC Help Norwegian
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{29ACDA07-0CAD-4751-B3A4-3E03C5F74673}" = ParetoLogic Privacy Controls
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{397AC65E-CB4A-29C2-ACF9-D04444438971}" = Catalyst Control Center Localization Thai
"{3B96A467-811C-F9FE-B8D6-3BC952025F44}" = Catalyst Control Center Localization Dutch
"{3BEEC9AD-FA8F-B413-6BBC-8B5DC7C8E08F}" = Catalyst Control Center Localization Portuguese
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{45ECDC05-71AC-6372-2A17-4139B6296F4F}" = ccc-core-static
"{480C3278-56A7-3F05-3829-6DC5D4B0CB06}" = CCC Help Portuguese
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{4CA4D9FC-212C-9F69-E760-DB4BEB34FEB5}" = CCC Help Thai
"{4DE0D937-FEB0-0D89-C8D6-35F600300BD4}" = CCC Help French
"{526B6DD3-0C43-2C13-7DF8-44D20D4E9853}" = CCC Help English
"{544587B1-B057-F0B3-7B19-6898ADBED9AC}" = Catalyst Control Center Localization Czech
"{571C0874-A931-EEFE-E89D-8F912F633B9F}" = CCC Help Danish
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{63427619-C918-6F3C-7318-11DDA4975241}" = ATI Catalyst Install Manager
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{648B4A01-F609-1D4E-556C-0F18B54E9E1C}" = Catalyst Control Center Localization Italian
"{64F18837-72CE-DC38-899C-260AF20F979A}" = CCC Help Swedish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69C82DDB-3FBC-EBEC-AE0A-3ABF1F3BD39B}" = CCC Help Polish
"{6C530FF7-F6F2-FD4C-0CFC-49AD3E7244A9}" = Catalyst Control Center Localization Turkish
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6CA2BE46-A562-8CA4-1C33-CC2681B2DDA1}" = CCC Help Finnish
"{6DBBEC03-716B-7954-873A-B782100831C5}" = Catalyst Control Center Graphics Full New
"{70BCBA77-83D9-2075-1F99-69D65C44B422}" = Catalyst Control Center Graphics Full Existing
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{78E6BC53-F765-2629-C028-9F3CD49F70D4}" = CCC Help Chinese Standard
"{7ECE1045-66CB-2A70-7EAE-BE508AF95CF2}" = Catalyst Control Center Graphics Previews Vista
"{81F93FA5-BA87-322F-2166-4D1F0FFE196E}" = CCC Help Greek
"{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = MyIdentityDefender Toolbar
"{8376FC56-5456-DFF9-5C36-FAB3DE39F5DF}" = Catalyst Control Center Localization Norwegian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85B3880D-F0D2-A50C-1464-7EF646A1D21D}" = Catalyst Control Center Localization Danish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{890EF3F8-742F-46BD-9E8E-084B3A1F4364}" = QuickBooks Financial Center
"{8D0957A4-8EE7-E273-0BFC-9B235BEAA41A}" = CCC Help Dutch
"{8D44F868-DA59-B1BF-CC33-58B0AF8E2E39}" = Catalyst Control Center Localization Chinese Traditional
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3F65CA-78FA-4749-004B-23743CF642D1}" = Catalyst Control Center Localization Korean
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5B13934-D1C9-D33B-982E-BB09A19C0F90}" = Catalyst Control Center Localization Finnish
"{A60F4402-4CCE-E695-64C6-F0636ACC347F}" = CCC Help Italian
"{A91A0484-8087-A838-9BA6-03374BE3F2CE}" = Catalyst Control Center Localization Russian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA725670-A7B4-D1B0-4EF5-F4B2E418C9F4}" = Catalyst Control Center Localization German
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{ADBE6E56-60E7-7FC3-467A-827987BE09CE}" = Catalyst Control Center Localization Swedish
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B1819DF7-D6B1-27AA-3A3B-6560C348C386}" = Catalyst Control Center Core Implementation
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B9CD69C2-D14E-C499-C18B-7342E5FE245E}" = Catalyst Control Center Localization Chinese Standard
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BFF829B6-B433-42CE-9A19-E459D3E4E483}" = My.Freeze.com NetAssistant
"{C26B06A9-27BB-45B0-9873-9C623EC2BA38}" = iTunes
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C7EEC93A-2A61-4B1E-B696-A264680A889D}" = MobileMe Control Panel
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D47087E7-AA15-4D1D-8C0A-60F7E446D597}" = PSP ISO Compressor
"{D58A1E94-9EEA-4C6E-B9FB-D7C63DC6C941}" = Catalyst Control Center - Branding
"{D8F9F4CB-41A1-CF15-39A2-75F28E0B9991}" = CCC Help Korean
"{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}" = Safari
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DDA258BA-57D9-A76C-84CB-F19571A45FC8}" = ccc-utility
"{DF73BEDD-8A09-A6E2-462B-3BDF398BAFB2}" = CCC Help Czech
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3CE8E57-1FD8-4E0D-994D-C34019885A28}" = S4 League_EU
"{E70A3EE1-067D-8C6C-1C89-9F3A1BA4CF2C}" = Catalyst Control Center Graphics Light
"{E87A8D96-5795-A788-18A2-3BCC20B09E7C}" = CCC Help Chinese Traditional
"{EB295AF7-C2D1-D911-9E62-F288874B96F4}" = CCC Help Turkish
"{EBCD5E4C-F14A-B147-39FE-906F75AC4ACE}" = CCC Help Russian
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F36D6137-FD4C-1F67-7B2A-815BB05BB825}" = CCC Help German
"{F84C1DC6-4B39-1A34-AD6E-A6EE49A3DD78}" = CCC Help Hungarian
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"7-Zip" = 7-Zip 4.57
"8461-7759-5462-8226" = Vuze
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Ask Toolbar_is1" = Vuze Toolbar
"avast!" = avast! Antivirus
"BitTorrent" = BitTorrent
"BitZipperSearch Toolbar" = BitZipperSearch Toolbar
"CCleaner" = CCleaner
"DoremiSoft AVI to MP4 Converter" = DoremiSoft AVI to MP4 Converter 1.0
"Dream Of Mirror Online" = Dream Of Mirror Online
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FlorensiaEN" = FlorensiaEN 1.0
"Free RAR Extract Frog 1.00" = Free RAR Extract Frog 1.00
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.2
"Hotspot_Shield Toolbar" = Hotspot_Shield Toolbar
"HotspotShield" = Hotspot Shield 1.37
"InstallShield_{03240EBA-04F2-4652-BC7F-B055902BDCD3}" = Memeo AutoBackup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{B7A9964C-A9A7-4714-B494-50067238876E}" = Fantasy Earth Zero
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IsoBuster Toolbar" = IsoBuster Toolbar
"IsoBuster_is1" = IsoBuster 2.5
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Mabinogi" = Mabinogi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"My.Freeze.com NetAssistant" = My.Freeze.com NetAssistant
"NSS" = Norton Security Scan
"Picasa2" = Picasa 2
"PROHYBRIDR" = 2007 Microsoft Office system
"Shin Megami Tensei: Imagine Online" = Shin Megami Tensei: Imagine Online
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TuneUpMedia" = TuneUp Companion 1.7.1
"VLC media player" = VLC media player 0.9.2
"Vuze_Remote Toolbar" = Vuze_Remote Toolbar
"WeFi" = WeFi 3.9.3.1
"WildTangent toshiba Master Uninstall" = TOSHIBA Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinZip Self-Extractor" = WinZip Self-Extractor
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"ZyGoVideo 2.0" = ZyGoVideo 2.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"My.Freeze.com NetAssistant" = My.Freeze.com NetAssistant for Firefox

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 2/6/2010 5:57:00 PM | Computer Name = JalenNunley-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Windows\System32\conime.exe failed, 00000005.

Error - 3/31/2010 4:41:13 AM | Computer Name = JalenNunley-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.

Error - 3/31/2010 4:41:13 AM | Computer Name = JalenNunley-PC | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.

Error - 3/31/2010 4:41:17 AM | Computer Name = JalenNunley-PC | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
!m_strErrorWnd.IsEmpty().

Error - 3/31/2010 4:51:50 AM | Computer Name = JalenNunley-PC | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.

Error - 5/30/2010 3:24:01 PM | Computer Name = JalenNunley-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\AeriaGames\MegaTen\ImagineUpdate.cvc failed, 00000005.


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

MBR check
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: ATI Corp.
BIOS Manufacturer: Insyde Corp.
System Manufacturer: TOSHIBA
System Product Name: Satellite L355D
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 147):
0x8221E000 \SystemRoot\system32\ntkrnlpa.exe
0x825D7000 \SystemRoot\system32\hal.dll
0x8040D000 \SystemRoot\system32\kdcom.dll
0x80414000 \SystemRoot\system32\PSHED.dll
0x80425000 \SystemRoot\system32\BOOTVID.dll
0x8042D000 \SystemRoot\system32\CLFS.SYS
0x8046E000 \SystemRoot\system32\CI.dll
0x8054E000 \SystemRoot\system32\drivers\Wdf01000.sys
0x805CA000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80604000 \SystemRoot\system32\drivers\acpi.sys
0x8064A000 \SystemRoot\system32\drivers\WMILIB.SYS
0x80653000 \SystemRoot\system32\drivers\msisadrv.sys
0x8065B000 \SystemRoot\system32\drivers\pci.sys
0x80682000 \SystemRoot\System32\drivers\partmgr.sys
0x80691000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80694000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8069E000 \SystemRoot\system32\drivers\volmgr.sys
0x806AD000 \SystemRoot\System32\drivers\volmgrx.sys
0x806F7000 \SystemRoot\system32\drivers\pciide.sys
0x806FE000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8070C000 \SystemRoot\System32\drivers\mountmgr.sys
0x8071C000 \SystemRoot\system32\drivers\atapi.sys
0x80724000 \SystemRoot\system32\drivers\ataport.SYS
0x80742000 \SystemRoot\system32\drivers\fltmgr.sys
0x80774000 \SystemRoot\system32\drivers\fileinfo.sys
0x80784000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x8078D000 \SystemRoot\System32\Drivers\ksecdd.sys
0x82C0A000 \SystemRoot\system32\drivers\ndis.sys
0x82D15000 \SystemRoot\system32\drivers\msrpc.sys
0x82D40000 \SystemRoot\system32\drivers\NETIO.SYS
0x82E0A000 \SystemRoot\System32\drivers\tcpip.sys
0x82EF4000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8A006000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8A116000 \SystemRoot\system32\drivers\volsnap.sys
0x8A14F000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS
0x8A154000 \SystemRoot\system32\DRIVERS\tos_sps32.sys
0x8A19F000 \SystemRoot\System32\Drivers\spldr.sys
0x8A1A7000 \SystemRoot\System32\Drivers\mup.sys
0x8A1B6000 \SystemRoot\System32\drivers\ecache.sys
0x8A1DD000 \SystemRoot\system32\drivers\disk.sys
0x82F0F000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8A1EE000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x8A1F6000 \SystemRoot\system32\drivers\crcdisk.sys
0x82F50000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x82F5B000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x82F64000 \SystemRoot\system32\DRIVERS\FwLnk.sys
0x82F6C000 \SystemRoot\system32\DRIVERS\amdk8.sys
0x8A000000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8DC0C000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x8E334000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8E3D5000 \SystemRoot\System32\drivers\watchdog.sys
0x82F7C000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x8E608000 \SystemRoot\system32\DRIVERS\athr.sys
0x8E6EF000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x8E6F9000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8E737000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8E746000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys
0x8E74B000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8E764000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0x8E769000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8E3E1000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8E3F4000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x82FB4000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8E7F6000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8DC00000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x82D7B000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x82DAA000 \SystemRoot\system32\DRIVERS\storport.sys
0x82FE4000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x82FEF000 \SystemRoot\system32\DRIVERS\HssDrv.sys
0x805D7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x82DEB000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8EA08000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8EA2B000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8EA3A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8EA4E000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8EA63000 \SystemRoot\system32\DRIVERS\tapvpn.sys
0x8EA6E000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8EA7E000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8EA80000 \SystemRoot\system32\DRIVERS\ks.sys
0x8EAAA000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8EAB4000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8EAC1000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8EAF6000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8EC05000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x8ED21000 \SystemRoot\system32\drivers\modem.sys
0x8EE00000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8ED2E000 \SystemRoot\system32\drivers\portcls.sys
0x8ED5B000 \SystemRoot\system32\drivers\drmk.sys
0x8EFF5000 \SystemRoot\System32\Drivers\Cdr4_xp.SYS
0x8EFF6000 \SystemRoot\System32\Drivers\Cdralw2k.SYS
0x8EFF7000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8ED80000 \SystemRoot\System32\Drivers\Null.SYS
0x8ED87000 \SystemRoot\System32\Drivers\Beep.SYS
0x8ED8E000 \SystemRoot\System32\drivers\vga.sys
0x8ED9A000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8EDBB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8EDC3000 \SystemRoot\system32\drivers\RTSTOR.SYS
0x8EDD6000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8EDDE000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8EDE9000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8EDF7000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8EB07000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8EB1D000 \SystemRoot\system32\DRIVERS\smb.sys
0x8EB31000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x8EB3B000 \SystemRoot\system32\drivers\afd.sys
0x8EC00000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x8EB83000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8EBB5000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8EBCB000 \SystemRoot\system32\DRIVERS\jswpslwf.sys
0x8EBD0000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8EBDE000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8F205000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8F241000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8F24B000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x8F2A9000 \SystemRoot\System32\Drivers\dfsc.sys
0x8F2C0000 \SystemRoot\System32\Drivers\aswSP.SYS
0x8F2E1000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8F2EE000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x8F2F9000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x97410000 \SystemRoot\System32\win32k.sys
0x8F301000 \SystemRoot\System32\drivers\Dxapi.sys
0x8F30B000 \SystemRoot\system32\DRIVERS\monitor.sys
0x97630000 \SystemRoot\System32\TSDDD.dll
0x97650000 \SystemRoot\System32\cdd.dll
0x8F31A000 \SystemRoot\system32\drivers\luafv.sys
0x8F335000 \SystemRoot\system32\DRIVERS\aswMonFlt.sys
0x8F34C000 \SystemRoot\system32\DRIVERS\aswFsBlk.sys
0x9AE01000 \SystemRoot\system32\drivers\spsys.sys
0x9AEB1000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9AEC1000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9AEEB000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9AEF5000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9AF08000 \SystemRoot\system32\drivers\HTTP.sys
0x9AF75000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9AF92000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9AFAB000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9AFC0000 \SystemRoot\system32\drivers\mrxdav.sys
0x9AFE1000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x8F354000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x8F38D000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x8F3A5000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9C802000 \SystemRoot\System32\DRIVERS\srv.sys
0x9C850000 \SystemRoot\system32\drivers\peauth.sys
0x9C92E000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9C938000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9C944000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77BF0000 \Windows\System32\ntdll.dll

Processes (total 69):
0 System Idle Process
4 System
452 C:\Windows\System32\smss.exe
584 csrss.exe
640 C:\Windows\System32\wininit.exe
652 csrss.exe
684 C:\Windows\System32\services.exe
712 C:\Windows\System32\winlogon.exe
740 C:\Windows\System32\lsass.exe
748 C:\Windows\System32\lsm.exe
780 C:\Windows\System32\svchost.exe
916 C:\Windows\System32\svchost.exe
980 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
1024 C:\Windows\System32\svchost.exe
1068 C:\Windows\System32\svchost.exe
1152 C:\Windows\System32\Ati2evxx.exe
1176 C:\Windows\System32\svchost.exe
1208 C:\Windows\System32\svchost.exe
1264 C:\Windows\System32\svchost.exe
1352 C:\Windows\System32\audiodg.exe
1380 C:\Windows\System32\svchost.exe
1388 C:\Windows\System32\svchost.exe
1416 C:\Windows\System32\SLsvc.exe
1460 C:\Windows\System32\svchost.exe
1580 C:\Windows\System32\Ati2evxx.exe
1760 C:\Windows\System32\svchost.exe
1864 C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
1880 C:\Program Files\Alwil Software\Avast4\ashServ.exe
320 C:\Windows\System32\spoolsv.exe
464 C:\Windows\System32\svchost.exe
900 C:\Windows\System32\agrsmsvc.exe
2064 C:\Windows\System32\svchost.exe
2088 C:\Program Files\Bonjour\mDNSResponder.exe
2104 C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
2196 C:\Windows\System32\dwm.exe
2232 C:\Windows\explorer.exe
2240 C:\Windows\System32\taskeng.exe
2344 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
2364 C:\Program Files\Hotspot Shield\bin\hsswd.exe
2468 C:\Windows\System32\taskeng.exe
2508 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
2576 C:\TOSHIBA\IVP\ISM\pinger.exe
2672 C:\Windows\System32\svchost.exe
2732 C:\Windows\System32\svchost.exe
2776 C:\TOSHIBA\IVP\swupdate\swupdtmr.exe
2808 C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
2848 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
2916 C:\Windows\System32\TODDSrv.exe
2992 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
3040 C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
3132 C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
3164 C:\Windows\System32\svchost.exe
3224 C:\Windows\System32\SearchIndexer.exe
3288 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
3472 C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
3504 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
3888 C:\Program Files\WeFi\WefiEngSvc.exe
4068 C:\Program Files\WeFi\WeFi.exe
4504 C:\Program Files\Windows Media Player\wmpnscfg.exe
4560 C:\Program Files\Windows Media Player\wmpnetwk.exe
4568 C:\Windows\System32\wbem\unsecapp.exe
4796 WmiPrvSE.exe
5220 C:\Program Files\Mozilla Firefox\firefox.exe
5352 C:\Program Files\Vuze\Azureus.exe
5180 C:\TOSHIBA\IVP\ISM\Ivpsvmgr.exe
6064 C:\Windows\System32\conime.exe
3480 C:\Windows\System32\SearchProtocolHost.exe
2956 C:\Windows\System32\SearchFilterHost.exe
5660 C:\Users\Jalen Nunley\Downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK2546GSX, Rev: LB013M

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black Internet)!
SHA1: A62092C47B7D2C680BCDBF59796808D7B7F65AB2


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
  • 0

#4
kahdah
Posted 04 August 2010 - 12:45 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Run mbrcheck once more and once it gets to the end type in Y for more option then hit the enter key to access more options.
Then type in 2 at the next prompt hit enter.
At the next prompt it should say this :Enter the physical disk number to fix (0-99, -1 to cancel): type 1 then hit Enter.
Then the next option would be this Please select the MBR code to write to this drive: type in 3 then hit the enter key.
Then it will say this Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: type in yes then hit enter again.
Then it should say this:
Successfully wrote new MBR code!


Done! Press ENTER to exit...

If it does this then reboot and run MBR check once more and post the new log on your desktop.
  • 0

#5
JNunley
Posted 04 August 2010 - 03:33 PM

JNunley

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Have a slight issue, since it says'error opening disc' here's that log


MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: ATI Corp.
BIOS Manufacturer: Insyde Corp.
System Manufacturer: TOSHIBA
System Product Name: Satellite L355D
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 147):
0x82207000 \SystemRoot\system32\ntkrnlpa.exe
0x825C0000 \SystemRoot\system32\hal.dll
0x80409000 \SystemRoot\system32\kdcom.dll
0x80410000 \SystemRoot\system32\PSHED.dll
0x80421000 \SystemRoot\system32\BOOTVID.dll
0x80429000 \SystemRoot\system32\CLFS.SYS
0x8046A000 \SystemRoot\system32\CI.dll
0x8054A000 \SystemRoot\system32\drivers\Wdf01000.sys
0x805C6000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80602000 \SystemRoot\system32\drivers\acpi.sys
0x80648000 \SystemRoot\system32\drivers\WMILIB.SYS
0x80651000 \SystemRoot\system32\drivers\msisadrv.sys
0x80659000 \SystemRoot\system32\drivers\pci.sys
0x80680000 \SystemRoot\System32\drivers\partmgr.sys
0x8068F000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80692000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8069C000 \SystemRoot\system32\drivers\volmgr.sys
0x806AB000 \SystemRoot\System32\drivers\volmgrx.sys
0x806F5000 \SystemRoot\system32\drivers\pciide.sys
0x806FC000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8070A000 \SystemRoot\System32\drivers\mountmgr.sys
0x8071A000 \SystemRoot\system32\drivers\atapi.sys
0x80722000 \SystemRoot\system32\drivers\ataport.SYS
0x80740000 \SystemRoot\system32\drivers\fltmgr.sys
0x80772000 \SystemRoot\system32\drivers\fileinfo.sys
0x80782000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x8078B000 \SystemRoot\System32\Drivers\ksecdd.sys
0x82C08000 \SystemRoot\system32\drivers\ndis.sys
0x82D13000 \SystemRoot\system32\drivers\msrpc.sys
0x82D3E000 \SystemRoot\system32\drivers\NETIO.SYS
0x82E0B000 \SystemRoot\System32\drivers\tcpip.sys
0x82EF5000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8A00C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8A11C000 \SystemRoot\system32\drivers\volsnap.sys
0x8A155000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS
0x8A15A000 \SystemRoot\system32\DRIVERS\tos_sps32.sys
0x8A1A5000 \SystemRoot\System32\Drivers\spldr.sys
0x8A1AD000 \SystemRoot\System32\Drivers\mup.sys
0x8A1BC000 \SystemRoot\System32\drivers\ecache.sys
0x8A1E3000 \SystemRoot\system32\drivers\disk.sys
0x82F10000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8A1F4000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x8A000000 \SystemRoot\system32\drivers\crcdisk.sys
0x82F51000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x82F5C000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x82F65000 \SystemRoot\system32\DRIVERS\FwLnk.sys
0x82F6D000 \SystemRoot\system32\DRIVERS\amdk8.sys
0x8A1FC000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8DE0C000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x8E534000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8E5D5000 \SystemRoot\System32\drivers\watchdog.sys
0x82F7D000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x8E804000 \SystemRoot\system32\DRIVERS\athr.sys
0x8E8EB000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x8E8F5000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8E933000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8E942000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys
0x8E947000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8E960000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0x8E965000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8E5E1000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8E9F2000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x82FB5000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8E9FD000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8E5F4000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x82D79000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x82DA8000 \SystemRoot\system32\DRIVERS\storport.sys
0x8DE00000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x82FE5000 \SystemRoot\system32\DRIVERS\HssDrv.sys
0x82DE9000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x82FF5000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x805D3000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8EA05000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8EA14000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8EA28000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8EA3D000 \SystemRoot\system32\DRIVERS\tapvpn.sys
0x8EA48000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8EA58000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8EA5A000 \SystemRoot\system32\DRIVERS\ks.sys
0x8EA84000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8EA8E000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8EA9B000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8EAD0000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8EAE1000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x8F00D000 \SystemRoot\system32\drivers\modem.sys
0x8F200000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8F01A000 \SystemRoot\system32\drivers\portcls.sys
0x8F047000 \SystemRoot\system32\drivers\drmk.sys
0x8F3F5000 \SystemRoot\System32\Drivers\Cdr4_xp.SYS
0x8F3F6000 \SystemRoot\System32\Drivers\Cdralw2k.SYS
0x8F3F7000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8F06C000 \SystemRoot\System32\Drivers\Null.SYS
0x8F073000 \SystemRoot\System32\Drivers\Beep.SYS
0x8F07A000 \SystemRoot\System32\drivers\vga.sys
0x8F086000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8F0A7000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8F0AF000 \SystemRoot\system32\drivers\RTSTOR.SYS
0x8F0C2000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8F0CA000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8F0D5000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8F0E3000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8F0EC000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8F102000 \SystemRoot\system32\DRIVERS\smb.sys
0x8F116000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x8F120000 \SystemRoot\system32\drivers\afd.sys
0x8F168000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x8F16C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8F19E000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8F1B4000 \SystemRoot\system32\DRIVERS\jswpslwf.sys
0x8F1B9000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8F1C7000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8F405000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8F441000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8F44B000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x8F4A9000 \SystemRoot\System32\Drivers\dfsc.sys
0x8F4C0000 \SystemRoot\System32\Drivers\aswSP.SYS
0x8F4E1000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8F4EE000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x8F4F9000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x97870000 \SystemRoot\System32\win32k.sys
0x8F501000 \SystemRoot\System32\drivers\Dxapi.sys
0x8F50B000 \SystemRoot\system32\DRIVERS\monitor.sys
0x97A90000 \SystemRoot\System32\TSDDD.dll
0x97AB0000 \SystemRoot\System32\cdd.dll
0x8F51A000 \SystemRoot\system32\drivers\luafv.sys
0x8F535000 \SystemRoot\system32\DRIVERS\aswMonFlt.sys
0x8F54C000 \SystemRoot\system32\DRIVERS\aswFsBlk.sys
0x9AA02000 \SystemRoot\system32\drivers\spsys.sys
0x9AAB2000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9AAC2000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9AAEC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9AAF6000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9AB09000 \SystemRoot\system32\drivers\HTTP.sys
0x9AB76000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9AB93000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9ABAC000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9ABC1000 \SystemRoot\system32\drivers\mrxdav.sys
0x8F554000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x8F573000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9ABE2000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x8F5AC000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9D801000 \SystemRoot\System32\DRIVERS\srv.sys
0x9D84F000 \SystemRoot\system32\drivers\peauth.sys
0x9D92D000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9D937000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9D943000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x775F0000 \Windows\System32\ntdll.dll

Processes (total 69):
0 System Idle Process
4 System
460 C:\Windows\System32\smss.exe
584 csrss.exe
640 C:\Windows\System32\wininit.exe
652 csrss.exe
684 C:\Windows\System32\services.exe
712 C:\Windows\System32\winlogon.exe
728 C:\Windows\System32\lsass.exe
740 C:\Windows\System32\lsm.exe
896 C:\Windows\System32\svchost.exe
956 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
1004 C:\Windows\System32\svchost.exe
1016 C:\Windows\System32\svchost.exe
1052 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\Ati2evxx.exe
1188 C:\Windows\System32\svchost.exe
1256 C:\Windows\System32\svchost.exe
1268 C:\Windows\System32\svchost.exe
1348 C:\Windows\System32\audiodg.exe
1372 C:\Windows\System32\svchost.exe
1392 C:\Windows\System32\SLsvc.exe
1456 C:\Windows\System32\svchost.exe
1492 C:\Windows\System32\Ati2evxx.exe
1564 C:\Windows\System32\svchost.exe
1652 C:\Windows\System32\svchost.exe
1816 C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
1856 C:\Program Files\Alwil Software\Avast4\ashServ.exe
564 C:\Windows\System32\spoolsv.exe
576 C:\Windows\System32\svchost.exe
1696 C:\Windows\System32\taskeng.exe
264 C:\Windows\System32\dwm.exe
2052 C:\Windows\explorer.exe
2076 C:\Windows\System32\taskeng.exe
2396 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
2460 C:\Windows\System32\agrsmsvc.exe
2520 C:\Windows\System32\svchost.exe
2564 C:\Program Files\Bonjour\mDNSResponder.exe
2596 C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
2784 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
2916 C:\Program Files\Hotspot Shield\bin\hsswd.exe
2964 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
3076 C:\TOSHIBA\IVP\ISM\pinger.exe
3108 C:\Windows\System32\svchost.exe
3144 C:\Windows\System32\svchost.exe
3164 C:\TOSHIBA\IVP\swupdate\swupdtmr.exe
3252 C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
3276 C:\Windows\System32\TODDSrv.exe
3292 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
3324 C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
3404 C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
3424 C:\Windows\System32\svchost.exe
3448 C:\Windows\System32\SearchIndexer.exe
3520 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
3688 C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
3716 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
3872 C:\Program Files\WeFi\WefiEngSvc.exe
2932 C:\Program Files\WeFi\WeFi.exe
4276 C:\Windows\System32\wbem\unsecapp.exe
4384 WmiPrvSE.exe
5016 C:\Program Files\Windows Media Player\wmpnscfg.exe
5344 C:\Program Files\Windows Media Player\wmpnetwk.exe
5012 C:\Program Files\iPod\bin\iPodService.exe
5804 C:\Program Files\Mozilla Firefox\firefox.exe
4312 C:\Windows\System32\conime.exe
1296 <unknown>
2840 <unknown>
3780 C:\Program Files\Alwil Software\Avast4\Setup\avast.setup
872 C:\Users\Jalen Nunley\Downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK2546GSX, Rev: LB013M

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black Internet)!
SHA1: A62092C47B7D2C680BCDBF59796808D7B7F65AB2


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 1Available MBR codes:
[ 0] Default (Windows Vista)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 3
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: yes
Error opening disk (2)!


Done!
  • 0

#6
kahdah
Posted 04 August 2010 - 03:54 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hi try to run it as administrator.
Right click on mbr check and choose run as administrator.
  • 0

#7
JNunley
Posted 04 August 2010 - 05:11 PM

JNunley

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Nope it still says 'error opening disc'
  • 0

#8
kahdah
Posted 05 August 2010 - 04:55 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok.


Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.



When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#9
JNunley
Posted 05 August 2010 - 06:55 AM

JNunley

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
ok here's the file

ComboFix 10-08-04.05 - Jalen Nunley 08/05/2010 8:08.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2941.2112 [GMT -4:00]
Running from: c:\users\Jalen Nunley\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\vlc-1.0.5-win32.exe
c:\users\Jalen Nunley\Documents\cc_20100802_145027.reg
c:\windows\system32\%appdata% . . . . failed to delete
c:\windows\system32\%appdata%\Microsoft\Windows\IETldCache\index.dat . . . . failed to delete

.
\\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_RelevantKnowledge


((((((((((((((((((((((((( Files Created from 2010-07-05 to 2010-08-05 )))))))))))))))))))))))))))))))
.

2010-08-02 12:45 . 2010-08-02 12:45 -------- d-----w- c:\program files\CCleaner
2010-08-02 12:40 . 2010-08-02 12:40 -------- d-----w- c:\program files\Trend Micro
2010-08-02 03:04 . 2010-08-02 03:04 -------- d-----w- c:\users\Jalen Nunley\AppData\Roaming\ParetoLogic
2010-08-02 03:03 . 2010-08-02 03:03 -------- d-----w- c:\programdata\ParetoLogic
2010-08-02 03:03 . 2010-08-02 03:03 -------- d-----w- c:\program files\Common Files\ParetoLogic
2010-08-02 03:03 . 2010-08-02 03:03 -------- d-----w- c:\program files\ParetoLogic
2010-08-01 02:52 . 2010-08-01 02:52 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Yahoo
2010-08-01 02:52 . 2010-08-01 14:58 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Google
2010-07-31 19:30 . 2010-07-31 19:30 -------- d-----w- c:\program files\alaplaya
2010-07-30 16:06 . 2010-06-02 08:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-07-30 16:06 . 2010-06-02 08:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-07-30 16:06 . 2010-06-02 08:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-07-30 16:06 . 2010-05-26 15:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-07-30 16:06 . 2010-05-26 15:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-07-30 16:06 . 2010-05-26 15:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-07-30 16:04 . 2008-05-30 18:17 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2010-07-30 16:03 . 2005-05-26 19:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-07-30 04:16 . 2010-07-30 04:16 -------- d-----w- c:\program files\Gravity
2010-07-26 12:08 . 2010-07-26 12:09 -------- d-----w- c:\program files\Graboid

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-05 12:30 . 2009-07-19 01:33 -------- d-----w- c:\program files\Common Files\Akamai
2010-08-05 12:29 . 2009-11-14 02:17 -------- d-----w- c:\programdata\WeFi
2010-08-04 23:35 . 2009-12-10 08:47 -------- d-----w- c:\users\Jalen Nunley\AppData\Roaming\TuneUpMedia
2010-08-04 17:30 . 2009-04-23 00:32 -------- d-----w- c:\users\Jalen Nunley\AppData\Roaming\Azureus
2010-08-01 20:09 . 2010-05-08 22:14 -------- d-----w- c:\users\Jalen Nunley\AppData\Roaming\vlc
2010-08-01 10:26 . 2008-02-13 02:32 -------- d-----w- c:\program files\Google
2010-07-31 20:09 . 2008-02-13 01:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-31 19:30 . 2008-02-13 01:48 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-16 19:21 . 2009-12-10 08:47 -------- d-----w- c:\program files\TuneUpMedia
2010-07-15 07:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-30 02:16 . 2010-06-30 02:10 -------- d-----w- c:\programdata\NexonUS
2010-06-30 02:10 . 2010-06-30 02:10 98304 ----a-w- c:\programdata\NexonUS\NGM\npNxGameUS.dll
2010-06-30 02:10 . 2010-06-30 02:10 126976 ----a-w- c:\programdata\NexonUS\NGM\nxgameus.dll
2010-06-30 02:10 . 2010-06-30 02:10 765952 ----a-w- c:\programdata\NexonUS\NGM\NGMDll.dll
2010-06-30 02:10 . 2010-06-30 02:10 401408 ----a-w- c:\programdata\NexonUS\NGM\NGMResource.dll
2010-06-30 02:10 . 2010-06-30 02:10 258352 ----a-w- c:\programdata\NexonUS\NGM\unicows.dll
2010-06-30 02:10 . 2010-06-30 02:10 172032 ----a-w- c:\programdata\NexonUS\NGM\NGM.exe
2010-06-30 01:10 . 2008-12-26 06:33 -------- d-----w- c:\programdata\PMB Files
2010-06-27 07:06 . 2008-09-17 16:37 -------- d-----w- c:\program files\Microsoft.NET
2010-06-22 05:08 . 2009-04-25 01:21 1356 ----a-w- c:\users\Jalen Nunley\AppData\Local\d3d9caps.dat
2010-05-26 17:06 . 2010-06-09 05:11 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 15:41 . 2010-07-30 16:05 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 15:41 . 2010-07-30 16:05 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-05-26 14:47 . 2010-06-09 05:11 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 18:14 . 2009-10-05 00:05 221568 ------w- c:\windows\system32\MpSigStub.exe
2009-07-20 11:44 . 2009-07-20 11:44 1507 ----a-w- c:\program files\uninstal.log
2002-05-21 14:00 . 2002-05-21 14:00 1362 ----a-r- c:\program files\ReadMe.txt
2008-12-25 17:29 . 2008-12-25 17:29 13 --sh--r- c:\windows\System32\drivers\fbd.sys
2008-12-25 17:29 . 2008-12-25 17:29 4 --sh--r- c:\windows\System32\drivers\taishop.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll" [2009-09-21 3962184]

[HKEY_CLASSES_ROOT\clsid\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CD24EB02-9831-4838-99D0-726D411B1328}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-12-09 22:40 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
2008-11-24 03:03 1784856 ----a-w- c:\program files\IsoBuster\tbIso0.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{97bceb59-cfcd-4b16-a863-b3f72cf9f196}]
2008-11-24 03:03 1784856 ----a-w- c:\program files\BitZipperSearch\tbBitZ.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}]
2009-09-21 17:51 3962184 ----a-w- c:\users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-03-17 19:45 2355224 ----a-w- c:\program files\Vuze_Remote\tbVuze.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
2009-07-10 01:44 2215960 ----a-w- c:\program files\Hotspot_Shield\tbHot1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}]
2008-11-26 23:40 253048 ----a-w- c:\program files\My.Freeze.com NetAssistant\NetAssistant.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2009-07-10 01:39 218160 ----a-w- c:\program files\Hotspot Shield\hssie\HssIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\tbIso0.dll" [2008-11-24 1784856]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]
"{97bceb59-cfcd-4b16-a863-b3f72cf9f196}"= "c:\program files\BitZipperSearch\tbBitZ.dll" [2008-11-24 1784856]
"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files\Hotspot_Shield\tbHot1.dll" [2009-07-10 2215960]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll" [2009-09-21 3962184]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-03-17 2355224]

[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{97bceb59-cfcd-4b16-a863-b3f72cf9f196}]

[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]

[HKEY_CLASSES_ROOT\clsid\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CD24EB02-9831-4838-99D0-726D411B1328}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6}"= "c:\program files\IsoBuster\tbIso0.dll" [2008-11-24 1784856]
"{97BCEB59-CFCD-4B16-A863-B3F72CF9F196}"= "c:\program files\BitZipperSearch\tbBitZ.dll" [2008-11-24 1784856]
"{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}"= "c:\program files\Hotspot_Shield\tbHot1.dll" [2009-07-10 2215960]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll" [2009-09-21 3962184]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-03-17 2355224]

[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]

[HKEY_CLASSES_ROOT\clsid\{97bceb59-cfcd-4b16-a863-b3f72cf9f196}]

[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]

[HKEY_CLASSES_ROOT\clsid\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CD24EB02-9831-4838-99D0-726D411B1328}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10c.exe" [2009-07-18 257440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^Jalen Nunley^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
path=c:\users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
backup=c:\windows\pss\Xfire.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-03-06 04:50 177472 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2008-02-13 02:32 1862144 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-27 08:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-03-13 00:56 342312 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2010-03-20 13:16 2937528 ----a-w- c:\program files\Pando Networks\Media Booster\PMB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 21:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-05-30 15:10 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2008-01-30 01:38 583048 ----a-w- c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]
2007-08-29 14:55 1347584 ----a-r- c:\program files\AWS\WeatherBug\Weather.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):08,c7,2d,e5,b4,42,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3655913385-1390485762-1043438615-1000]
"EnableNotificationsRef"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-01 135664]
R3 IO_Memory;IO_Memory;c:\windows\SYSTEM32\SYSPREP\Drivers\ioport.sys [x]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\Jumpstart\jswpsapi.exe [2007-10-30 937984]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-06-11 2837916]
R3 SVRPEDRV;SVRPEDRV;c:\windows\System32\sysprep\UP_date\PEDrv.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 XDva273;XDva273;c:\windows\system32\XDva273.sys [x]
R3 XDva352;XDva352;c:\windows\system32\XDva352.sys [x]
R4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2008-12-09 464264]
R4 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888]
S1 aswSP;avast! Self Protection; [x]
S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2007-09-01 20352]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [2010-01-08 285744]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-04 126976]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
S3 WefiEngSvc;WeFi Engine Service;c:\program files\WeFi\WefiEngSvc.exe [2010-03-16 133976]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-01 10:26]

2010-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-01 10:26]

2010-08-05 c:\windows\Tasks\Norton Security Scan for Jalen Nunley.job
- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-04-16 17:46]

2010-08-02 c:\windows\Tasks\ParetoLogic Privacy Controls_{938FE28A-9DE2-11DF-8D6E-A9875ADEE37E}.job
- c:\program files\ParetoLogic\Privacy Controls\Pareto_PC.exe [2010-04-23 23:09]

2010-08-03 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-08-04 18:19]

2010-08-05 c:\windows\Tasks\User_Feed_Synchronization-{498516EE-2BF8-40D6-B141-4BB9695BF4BB}.job
- c:\windows\system32\msfeedssync.exe [2010-06-09 04:30]

2010-08-05 c:\windows\Tasks\WefiStartup.job
- c:\program files\WeFi\WefiStartup.exe [2010-03-16 15:23]
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\users\Jalen Nunley\AppData\Roaming\Mozilla\Firefox\Profiles\gt9sh1r1.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?fr=w3i&type=W3i_SP,151,0_0,StartPage,20100519,6692,0,15,0
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMFireLauncher.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(yahoo.homepage.dontask, truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-~266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
URLSearchHooks-~EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
URLSearchHooks-~E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - (no file)
URLSearchHooks-~97bceb59-cfcd-4b16-a863-b3f72cf9f196} - (no file)
URLSearchHooks-~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
URLSearchHooks-~c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
URLSearchHooks-~ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
MSConfigStartUp-Uniblue RegistryBooster 2009 - c:\program files\uniblue\registrybooster\StartRegistryBooster.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-05 08:32
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e4,7e,93,1d,73,64,cf,47,b7,89,dc,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e4,7e,93,1d,73,64,cf,47,b7,89,dc,\

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hotspot Shield\HssWPR\hsssrv.exe
c:\toshiba\IVP\ISM\pinger.exe
c:\toshiba\IVP\swupdate\swupdtmr.exe
c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\WeFi\WeFi.exe
c:\windows\system32\conime.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2010-08-05 08:43:12 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-05 12:43

Pre-Run: 38,611,963,904 bytes free
Post-Run: 38,358,470,656 bytes free

- - End Of File - - 9026F2F42C56456D5339F1E8DCD8CEB5
  • 0

#10
kahdah
Posted 05 August 2010 - 12:19 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
  • Double click on the icon to run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
    S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
    S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
    S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
    S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad window. OTL.Txt
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it with your next reply.

  • 0

#11
JNunley
Posted 05 August 2010 - 12:35 PM

JNunley

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
OTL logfile created on: 8/5/2010 2:25:07 PM - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Jalen Nunley\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 35.38 Gb Free Space | 15.29% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JALENNUNLEY-PC
Current User Name: Jalen Nunley
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Jalen Nunley\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\TuneUpMedia\TuneUpApp.exe ()
PRC - C:\Nexon\Mabinogi\Mabinogi.exe ()
PRC - C:\Program Files\WeFi\WefiEngSvc.exe (WeFi)
PRC - C:\Program Files\WeFi\WeFi.exe (WeFi)
PRC - C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe ()
PRC - C:\TOSHIBA\IVP\ISM\pinger.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\Jalen Nunley\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (npkcmsvc) -- C:\Nexon\MapleStory\npkcmsvc.exe File not found
SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\rswin_3725.dll ()
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WefiEngSvc) -- C:\Program Files\WeFi\WefiEngSvc.exe (WeFi)
SRV - (HssTrayService) -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe ()
SRV - (HotspotShieldService) -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe ()
SRV - (HssWd) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
SRV - (HssSrv) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (ASKService) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA SMART Log Service) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (jswpsapi) -- C:\Program Files\Jumpstart\jswpsapi.exe (Atheros Communications, Inc.)
SRV - (Swupdtmr) -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe ()
SRV - (GameConsoleService) -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (pinger) -- C:\TOSHIBA\IVP\ISM\pinger.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (XDva352) -- C:\Windows\System32\XDva352.sys File not found
DRV - (XDva273) -- C:\Windows\System32\XDva273.sys File not found
DRV - (SVRPEDRV) -- C:\Windows\System32\sysprep\UP_date\PEDrv.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (npkcrypt) -- C:\Nexon\MapleStory\npkcrypt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (IO_Memory) -- C:\Windows\System32\SYSPREP\Drivers\ioport.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (HssDrv) -- C:\Windows\System32\drivers\hssdrv.sys (AnchorFree Inc.)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (jswpslwf) -- C:\Windows\System32\drivers\jswpslwf.sys (Atheros Communications, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (FwLnk) -- C:\Windows\System32\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (tapvpn) -- C:\Windows\System32\drivers\tapvpn.sys (The OpenVPN Project)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (Cdralw2k) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files\BitZipperSearch\tbBitZ.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll (CyberDefender Corp.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com...19,6692,0,15,0"
FF - prefs.js..extensions.enabledItems: {BFF829B6-B433-42CE-9A19-E459D3E4E483}:3.6.3
FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com...93&searchterm="


FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/02 08:26:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/03 07:56:46 | 000,000,000 | ---D | M]

[2009/07/20 08:05:32 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Extensions
[2009/04/22 20:32:23 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Firefox\extensions
[2009/04/22 20:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/08/05 09:23:10 | 000,000,000 | ---D | M] -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Firefox\Profiles\gt9sh1r1.default\extensions
[2009/10/05 21:19:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jalen Nunley\AppData\Roaming\Mozilla\Firefox\Profiles\gt9sh1r1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/20 08:03:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/09 21:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Program Files\Mozilla Firefox\plugins\NPMFireLauncher.dll
[2010/03/20 09:16:34 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2010/08/05 08:30:11 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (BitZipperSearch Toolbar) - {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files\BitZipperSearch\tbBitZ.dll (Conduit Ltd.)
O2 - BHO: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll (CyberDefender Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O2 - BHO: (NetAssistantBHO Class) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com NetAssistant\NetAssistant.dll (W3i, LLC)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IsoBuster Toolbar) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIso0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (BitZipperSearch Toolbar) - {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - C:\Program Files\BitZipperSearch\tbBitZ.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll (CyberDefender Corp.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (IsoBuster Toolbar) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - C:\Program Files\IsoBuster\tbIso0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitZipperSearch Toolbar) - {97BCEB59-CFCD-4B16-A863-B3F72CF9F196} - C:\Program Files\BitZipperSearch\tbBitZ.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Jalen Nunley\AppData\LocalLow\CyberDefender\cdmyidd.dll (CyberDefender Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/05 08:30:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/08/05 07:58:39 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/08/05 07:58:39 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/08/05 07:58:39 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/08/05 07:58:08 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/08/05 07:57:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/05 07:57:02 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/05 07:56:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/02 08:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/08/02 08:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/01 23:04:10 | 000,000,000 | ---D | C] -- C:\Users\Jalen Nunley\AppData\Roaming\ParetoLogic
[2010/08/01 23:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2010/08/01 23:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2010/08/01 23:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2010/07/31 15:30:35 | 000,000,000 | ---D | C] -- C:\Program Files\alaplaya
[2010/07/31 14:30:38 | 678,781,366 | ---- | C] (InstallShield Software Corporation) -- C:\Users\Jalen Nunley\Desktop\S4League.exe
[2010/07/30 12:06:10 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010/07/30 12:06:09 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010/07/30 12:06:08 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010/07/30 12:06:07 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010/07/30 12:06:04 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010/07/30 12:06:02 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010/07/30 12:05:52 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010/07/30 12:05:51 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010/07/30 12:05:50 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010/07/30 12:05:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010/07/30 12:05:49 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010/07/30 12:05:49 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010/07/30 12:05:48 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010/07/30 12:05:47 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010/07/30 12:05:46 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010/07/30 12:05:44 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010/07/30 12:05:44 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010/07/30 12:05:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010/07/30 12:05:42 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010/07/30 12:05:41 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010/07/30 12:05:41 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010/07/30 12:05:39 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010/07/30 12:05:37 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010/07/30 12:05:37 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/07/30 12:05:36 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010/07/30 12:05:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010/07/30 12:05:35 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010/07/30 12:05:34 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/07/30 12:05:33 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/07/30 12:05:27 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010/07/30 12:05:27 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010/07/30 12:05:25 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010/07/30 12:05:25 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010/07/30 12:05:24 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010/07/30 12:05:24 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010/07/30 12:05:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010/07/30 12:05:19 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010/07/30 12:05:19 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010/07/30 12:05:17 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010/07/30 12:05:15 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010/07/30 12:05:15 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010/07/30 12:05:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010/07/30 12:04:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010/07/30 12:04:50 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010/07/30 12:04:50 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010/07/30 12:04:48 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010/07/30 12:04:47 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010/07/30 12:04:46 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010/07/30 12:04:45 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010/07/30 12:04:44 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010/07/30 12:04:44 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010/07/30 12:04:42 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010/07/30 12:04:41 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010/07/30 12:04:39 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010/07/30 12:04:39 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010/07/30 12:04:37 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010/07/30 12:04:36 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010/07/30 12:04:34 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010/07/30 12:04:34 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010/07/30 12:04:32 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010/07/30 12:04:29 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010/07/30 12:04:29 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010/07/30 12:04:28 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010/07/30 12:04:28 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010/07/30 12:04:26 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010/07/30 12:04:25 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010/07/30 12:04:24 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010/07/30 12:04:23 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010/07/30 12:04:22 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010/07/30 12:04:21 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010/07/30 12:04:20 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010/07/30 12:04:18 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010/07/30 12:04:17 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010/07/30 12:04:16 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010/07/30 12:04:16 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010/07/30 12:04:15 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010/07/30 12:04:14 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010/07/30 12:04:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010/07/30 12:04:13 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010/07/30 12:04:12 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010/07/30 12:04:11 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010/07/30 12:03:54 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010/07/30 12:03:53 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010/07/30 12:03:53 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010/07/30 12:03:52 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010/07/30 12:03:51 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010/07/30 12:03:50 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010/07/30 12:03:49 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010/07/30 12:03:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010/07/30 12:03:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010/07/30 11:57:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/07/30 00:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\Gravity
[2010/07/26 08:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Graboid
[2010/07/23 09:40:09 | 000,000,000 | ---D | C] -- C:\Users\Jalen Nunley\Desktop\Castlevania Symphony Of The Night OST
[2010/07/21 14:20:29 | 000,000,000 | ---D | C] -- C:\Users\Jalen Nunley\Desktop\Super Castlevania IV (E) [!]
[2010/07/21 14:20:08 | 000,000,000 | ---D | C] -- C:\Users\Jalen Nunley\Desktop\zsnesw151
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/05 14:31:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/05 14:26:38 | 002,621,440 | -HS- | M] () -- C:\Users\Jalen Nunley\ntuser.dat
[2010/08/05 13:41:30 | 000,001,142 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\ Mabinogi .lnk
[2010/08/05 13:36:14 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{498516EE-2BF8-40D6-B141-4BB9695BF4BB}.job
[2010/08/05 12:49:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/05 12:49:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/05 11:12:45 | 078,720,065 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\P-OotW.rar
[2010/08/05 10:55:22 | 000,002,231 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\iTunes.lnk
[2010/08/05 08:49:56 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\WefiStartup.job
[2010/08/05 08:49:53 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/05 08:49:39 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010/08/05 08:49:36 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/05 08:49:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/05 08:48:07 | 000,524,288 | -HS- | M] () -- C:\Users\Jalen Nunley\ntuser.dat{ae9f35e6-4495-11df-bf98-001e336763b1}.TMContainer00000000000000000001.regtrans-ms
[2010/08/05 08:48:07 | 000,065,536 | -HS- | M] () -- C:\Users\Jalen Nunley\ntuser.dat{ae9f35e6-4495-11df-bf98-001e336763b1}.TM.blf
[2010/08/05 08:48:02 | 003,568,876 | -H-- | M] () -- C:\Users\Jalen Nunley\AppData\Local\IconCache.db
[2010/08/05 08:46:45 | 000,001,735 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\Mozilla Firefox.lnk
[2010/08/05 08:30:32 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/08/05 08:30:11 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/04 23:33:14 | 115,105,117 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\Little Brother - Left Back (2010) [cbr320].rar
[2010/08/04 20:54:18 | 000,000,572 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Jalen Nunley.job
[2010/08/03 10:14:57 | 116,871,069 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\Rockman X Command Mission - Original Soundtrack.zip
[2010/08/03 07:56:46 | 000,001,898 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/03 07:50:35 | 000,000,432 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2010/08/03 01:31:17 | 000,006,784 | ---- | M] () -- C:\Users\Jalen Nunley\Documents\cc_20100803_013055.reg
[2010/08/02 08:45:38 | 000,000,815 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\CCleaner.lnk
[2010/08/02 08:42:02 | 000,001,885 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\HijackThis.lnk
[2010/08/02 03:47:01 | 000,000,460 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Privacy Controls_{938FE28A-9DE2-11DF-8D6E-A9875ADEE37E}.job
[2010/08/01 23:03:51 | 000,001,054 | ---- | M] () -- C:\Users\Jalen Nunley\Application Data\Microsoft\Internet Explorer\Quick Launch\ParetoLogic Privacy Controls.lnk
[2010/08/01 23:03:50 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\ParetoLogic Privacy Controls.lnk
[2010/07/31 15:59:56 | 1027,541,461 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\FlorensiaInstall_2010-07.exe
[2010/07/31 15:27:48 | 678,781,366 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Jalen Nunley\Desktop\S4League.exe
[2010/07/30 09:21:18 | 000,000,907 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\RagnarokFree - Shortcut.lnk
[2010/07/29 00:31:26 | 000,150,528 | ---- | M] () -- C:\Users\Jalen Nunley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/23 02:24:59 | 466,751,794 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\castlevania4.rar
[2010/07/23 01:34:16 | 082,401,560 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\Castlevania Symphony Of The Night OST.rar
[2010/07/14 06:31:59 | 000,124,642 | ---- | M] () -- C:\Users\Jalen Nunley\Desktop\genis_sage.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/05 11:02:34 | 078,720,065 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\P-OotW.rar
[2010/08/05 08:46:45 | 000,001,735 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\Mozilla Firefox.lnk
[2010/08/05 07:58:39 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/08/05 07:58:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/08/05 07:58:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/08/05 07:58:39 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/08/05 07:58:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/04 23:23:54 | 115,105,117 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\Little Brother - Left Back (2010) [cbr320].rar
[2010/08/03 10:10:05 | 116,871,069 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\Rockman X Command Mission - Original Soundtrack.zip
[2010/08/03 01:31:10 | 000,006,784 | ---- | C] () -- C:\Users\Jalen Nunley\Documents\cc_20100803_013055.reg
[2010/08/02 08:45:38 | 000,000,815 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\CCleaner.lnk
[2010/08/02 08:40:42 | 000,001,885 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\HijackThis.lnk
[2010/08/01 23:04:02 | 000,000,432 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2010/08/01 23:03:51 | 000,000,460 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Privacy Controls_{938FE28A-9DE2-11DF-8D6E-A9875ADEE37E}.job
[2010/08/01 23:03:50 | 000,001,054 | ---- | C] () -- C:\Users\Jalen Nunley\Application Data\Microsoft\Internet Explorer\Quick Launch\ParetoLogic Privacy Controls.lnk
[2010/08/01 23:03:50 | 000,001,030 | ---- | C] () -- C:\Users\Public\Desktop\ParetoLogic Privacy Controls.lnk
[2010/08/01 06:26:40 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/01 06:26:38 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/31 14:28:41 | 1027,541,461 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\FlorensiaInstall_2010-07.exe
[2010/07/30 09:21:18 | 000,000,907 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\RagnarokFree - Shortcut.lnk
[2010/07/23 02:06:27 | 466,751,794 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\castlevania4.rar
[2010/07/23 01:30:29 | 082,401,560 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\Castlevania Symphony Of The Night OST.rar
[2010/07/14 06:31:55 | 000,124,642 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\genis_sage.jpg
[2010/07/13 10:18:02 | 000,001,142 | ---- | C] () -- C:\Users\Jalen Nunley\Desktop\ Mabinogi .lnk
[2010/02/27 15:08:22 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/02/09 21:48:20 | 000,000,270 | ---- | C] () -- C:\Windows\ACTIVEJP.INI
[2009/09/17 15:59:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/07/18 22:34:12 | 000,000,029 | ---- | C] () -- C:\Windows\Index.ini
[2009/07/07 19:55:12 | 000,041,808 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/06/07 21:24:13 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2009/05/28 17:44:34 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2009/03/05 07:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2008/12/25 13:29:52 | 000,000,013 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2008/12/25 13:29:52 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/09/17 13:07:02 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2008/09/17 13:07:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2008/09/17 13:07:02 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2008/09/17 13:07:02 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/02/13 14:15:06 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/02/12 22:23:20 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/02/12 22:23:20 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/02/12 22:23:20 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/02/12 22:23:20 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/02/12 22:23:20 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/02/12 22:23:20 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/07/28 01:26:30 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 12:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/12/08 03:19:22 | 000,061,440 | ---- | C] () -- C:\Windows\System32\EGamesPlugin.dll
[2005/12/08 03:19:22 | 000,036,864 | ---- | C] () -- C:\Windows\System32\EGameEncrypt.dll

========== Custom Scans ==========


< >

< HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders >
"Common Start Menu" = C:\ProgramData\Microsoft\Windows\Start Menu -- [2009/11/03 22:11:49 | 000,000,000 | R--D | M]
"CommonVideo" = C:\Users\Public\Videos -- [2006/11/02 08:50:50 | 000,000,000 | R--D | M]
"CommonPictures" = C:\Users\Public\Pictures -- [2006/11/02 08:50:50 | 000,000,000 | R--D | M]
"Common Programs" = C:\ProgramData\Microsoft\Windows\Start Menu\Programs -- [2010/08/03 07:56:46 | 000,000,000 | R--D | M]
"CommonMusic" = C:\Users\Public\Music -- [2006/11/02 08:50:50 | 000,000,000 | R--D | M]
"Common Administrative Tools" = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools -- [2008/01/20 22:43:26 | 000,000,000 | R--D | M]
"Common Startup" = C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup -- [2009/03/29 09:32:47 | 000,000,000 | R--D | M]
"Common Desktop" = C:\Users\Public\Desktop -- [2010/08/03 07:56:46 | 000,000,000 | RH-D | M]
"Common Documents" = C:\Users\Public\Documents -- [2009/06/03 22:13:36 | 000,000,000 | R--D | M]
"OEM Links" = C:\ProgramData\OEM Links
"Common Templates" = C:\ProgramData\Microsoft\Windows\Templates -- [2006/11/02 06:23:35 | 000,000,000 | ---D | M]
"Common AppData" = C:\ProgramData -- [2010/08/05 08:25:42 | 000,000,000 | ---D | M]

< HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders >
"Common Desktop" = %PUBLIC%\Desktop -- [2010/08/03 07:56:46 | 000,000,000 | RH-D | M]
"Common Documents" = %PUBLIC%\Documents -- [2009/06/03 22:13:36 | 000,000,000 | R--D | M]
"CommonPictures" = %PUBLIC%\Pictures -- [2006/11/02 08:50:50 | 000,000,000 | R--D | M]
"CommonMusic" = %PUBLIC%\Music -- [2006/11/02 08:50:50 | 000,000,000 | R--D | M]
"CommonVideo" = %PUBLIC%\Videos -- [2006/11/02 08:50:50 | 000,000,000 | R--D | M]
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}" = %PUBLIC%\Downloads -- [2006/11/02 08:50:50 | 000,000,000 | R--D | M]
"Common Start Menu" = %ProgramData%\Microsoft\Windows\Start Menu -- [2009/11/03 22:11:49 | 000,000,000 | R--D | M]
"Common Programs" = %ProgramData%\Microsoft\Windows\Start Menu\Programs -- [2010/08/03 07:56:46 | 000,000,000 | R--D | M]
"Common Startup" = %ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup -- [2009/03/29 09:32:47 | 000,000,000 | R--D | M]
"Common AppData" = %ProgramData% -- [2010/08/05 08:25:42 | 000,000,000 | ---D | M]
"Common Templates" = %ProgramData%\Microsoft\Windows\Templates -- [2006/11/02 06:23:35 | 000,000,000 | ---D | M]

< HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders >
"!Do not use this registry key" = Use the SHGetFolderPath or SHGetKnownFolderPath function instead
"Local AppData" = C:\Users\Jalen Nunley\AppData\Local -- [2010/08/02 08:26:03 | 000,000,000 | ---D | M]
"My Video" = C:\Users\Jalen Nunley\Videos -- [2009/05/12 07:05:22 | 000,000,000 | R--D | M]
"AppData" = C:\Users\Jalen Nunley\AppData\Roaming -- [2010/08/05 08:02:09 | 000,000,000 | ---D | M]
"My Pictures" = C:\Users\Jalen Nunley\Pictures -- [2010/08/01 22:55:31 | 000,000,000 | R--D | M]
"Desktop" = C:\Users\Jalen Nunley\Desktop -- [2010/08/05 11:14:50 | 000,000,000 | R--D | M]
"History" = C:\Users\Jalen Nunley\AppData\Local\Microsoft\Windows\History -- [2010/08/02 08:30:24 | 000,000,000 | -HSD | M]
"NetHood" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Network Shortcuts -- [2006/11/02 06:23:35 | 000,000,000 | ---D | M]
"Cookies" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Cookies -- [2010/08/05 13:41:32 | 000,000,000 | -HSD | M]
"Favorites" = C:\Users\Jalen Nunley\Favorites -- [2009/06/29 14:41:22 | 000,000,000 | R--D | M]
"SendTo" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\SendTo -- [2009/07/10 10:36:57 | 000,000,000 | R--D | M]
"Start Menu" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Start Menu -- [2009/07/10 11:21:20 | 000,000,000 | R--D | M]
"My Music" = C:\Users\Jalen Nunley\Music -- [2010/06/06 11:21:19 | 000,000,000 | R--D | M]
"Programs" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs -- [2010/08/02 08:45:38 | 000,000,000 | R--D | M]
"Recent" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Recent -- [2010/08/05 11:52:17 | 000,000,000 | R--D | M]
"CD Burning" = C:\Users\Jalen Nunley\AppData\Local\Microsoft\Windows\Burn\Burn -- [2010/08/03 07:50:39 | 000,000,000 | RH-D | M]
"PrintHood" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -- [2006/11/02 06:23:35 | 000,000,000 | ---D | M]
"Startup" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup -- [2010/01/15 18:36:33 | 000,000,000 | R--D | M]
"Administrative Tools" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools -- [2008/12/25 13:30:08 | 000,000,000 | R--D | M]
"Personal" = C:\Users\Jalen Nunley\Documents -- [2010/08/05 08:25:42 | 000,000,000 | R--D | M]
"Cache" = C:\Users\Jalen Nunley\AppData\Local\Microsoft\Windows\Temporary Internet Files -- [2010/08/05 10:54:51 | 000,000,000 | -HSD | M]
"Templates" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Templates -- [2006/11/02 06:23:35 | 000,000,000 | ---D | M]
"Fonts" = C:\Windows\Fonts -- [2010/04/28 03:22:31 | 000,000,000 | R-SD | M]

< HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders >
"!Do not use this registry key" = Use the SHGetFolderPath or SHGetKnownFolderPath function instead
"Local AppData" = C:\Users\Jalen Nunley\AppData\Local -- [2010/08/02 08:26:03 | 000,000,000 | ---D | M]
"My Video" = C:\Users\Jalen Nunley\Videos -- [2009/05/12 07:05:22 | 000,000,000 | R--D | M]
"AppData" = C:\Users\Jalen Nunley\AppData\Roaming -- [2010/08/05 08:02:09 | 000,000,000 | ---D | M]
"My Pictures" = C:\Users\Jalen Nunley\Pictures -- [2010/08/01 22:55:31 | 000,000,000 | R--D | M]
"Desktop" = C:\Users\Jalen Nunley\Desktop -- [2010/08/05 11:14:50 | 000,000,000 | R--D | M]
"History" = C:\Users\Jalen Nunley\AppData\Local\Microsoft\Windows\History -- [2010/08/02 08:30:24 | 000,000,000 | -HSD | M]
"NetHood" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Network Shortcuts -- [2006/11/02 06:23:35 | 000,000,000 | ---D | M]
"Cookies" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Cookies -- [2010/08/05 13:41:32 | 000,000,000 | -HSD | M]
"Favorites" = C:\Users\Jalen Nunley\Favorites -- [2009/06/29 14:41:22 | 000,000,000 | R--D | M]
"SendTo" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\SendTo -- [2009/07/10 10:36:57 | 000,000,000 | R--D | M]
"Start Menu" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Start Menu -- [2009/07/10 11:21:20 | 000,000,000 | R--D | M]
"My Music" = C:\Users\Jalen Nunley\Music -- [2010/06/06 11:21:19 | 000,000,000 | R--D | M]
"Programs" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs -- [2010/08/02 08:45:38 | 000,000,000 | R--D | M]
"Recent" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Recent -- [2010/08/05 11:52:17 | 000,000,000 | R--D | M]
"CD Burning" = C:\Users\Jalen Nunley\AppData\Local\Microsoft\Windows\Burn\Burn -- [2010/08/03 07:50:39 | 000,000,000 | RH-D | M]
"PrintHood" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -- [2006/11/02 06:23:35 | 000,000,000 | ---D | M]
"Startup" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup -- [2010/01/15 18:36:33 | 000,000,000 | R--D | M]
"Administrative Tools" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools -- [2008/12/25 13:30:08 | 000,000,000 | R--D | M]
"Personal" = C:\Users\Jalen Nunley\Documents -- [2010/08/05 08:25:42 | 000,000,000 | R--D | M]
"Cache" = C:\Users\Jalen Nunley\AppData\Local\Microsoft\Windows\Temporary Internet Files -- [2010/08/05 10:54:51 | 000,000,000 | -HSD | M]
"Templates" = C:\Users\Jalen Nunley\AppData\Roaming\Microsoft\Windows\Templates -- [2006/11/02 06:23:35 | 000,000,000 | ---D | M]
"Fonts" = C:\Windows\Fonts -- [2010/04/28 03:22:31 | 000,000,000 | R-SD | M]

< S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders >

< S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders >

< S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders >

< S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders >

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:BEB15613
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
  • 0

#12
kahdah
Posted 06 August 2010 - 05:09 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Update Run Malwarebytes

Please update\run Malwarebytes' Anti-Malware.

Double Click the Malwarebytes Anti-Malware icon to run the application.
  • Click on the update tab then click on Check for updates.
  • If an update is found, it will download and install the latest version.
  • Once the update has loaded, go to the Scanner tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
=====
Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP