Adware:Win32/Midaddle High
TrojanDownloader:Win32/Agent.AB Severe
SoftwareBundler:Win32/KaZaA Medium
Adware:Win32Altnet Medium
Adware:Win32/ABetterInternet.A High
BrowserModifier:Win32/ClearSearch High
Adware:Win32/Toprebates.C Medium
Adware:Win32/SEP Severe
Trojan:Win32/SecondThought Severe
TrojanDownloader:Win32/Small.TF Severe
Adware:Win32/Ebates.A High
Program:Win32/PowerRegScheduler Medium
Adware:Win32/WinFetcher Medium
Adware:Win32/TwainTech High
Adware:Win32/ABetterInternet.F High
BrowserModifier:Win32/Adstart Medium
Adware:Win32/Ezula.F High
Adware;Win32/Avenuemedia High
TrojanDropper:Win32/Agent.EC
Adware:Win32/StatBlaster High
Adware:Win32/Clickspring.C High
Trojan:Win32/VB.KQ Severe
I clicked the Clean button, and the green progress bar froze almost immediately at about 1/20th done. I waited for a few minutes, but since MSE said it would only take a few seconds, I used Task Manager to abort. I then repeated the scan, jotted down the list above from it (they didn't show in history, I'm guessing because I forced it to end), and tried the Clean again, this time giving it two hours. It got no further than before. At that point, I came to this site, and followed the Malware and Spyware Cleaning Guide. I ran TFC (Temp File Cleaner) and ERUNT without problems, and ran the quick MalwareBytes scan as instructed - it found no issues (log posted at very bottom, below the 2 OTL logs). I then saw that MSE was your top-recommended virus removal pick, so I ran another scan with it, rather than installing something else, with the same result - it stuck in the same place, given an hour and a half wait. I rebooted, then attempted to run GMER Rootkit Scanner. It popped up this error:
C:\Windows/system32\config\system: The system cannot find the file specified.
Perhaps because I'm running Win 7 64 bit? In any event, I couldn't get it to produce anything but that error. Lastly, I ran OTL. Here are the logs (I'll thank you here, in advance, so as not to intermingle log and text):
OTL logfile created on: 8/29/2010 2:34:14 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Geoff\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 44.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 163.96 Gb Free Space | 58.67% Space Free | Partition Type: NTFS
Drive D: | 409.17 Gb Total Space | 233.14 Gb Free Space | 56.98% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GEOFF-PC
Current User Name: Geoff
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Processes (SafeList) ==========
PRC - C:\Users\Geoff\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Users\Geoff\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Manager\Page\iGear\GearHelp.exe (ASUSTeK Computer Inc.)
PRC - C:\Windows\SysWOW64\AsHookDevice.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe ()
PRC - C:\Program Files\Razer\Arctosa\razerhid.exe (Razer USA Ltd.)
========== Modules (SafeList) ==========
MOD - C:\Users\Geoff\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (DAUpdaterSvc) -- c:\Program Files (x86)\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (IntuitUpdateService) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (Device Handle Service) -- C:\Windows\SysWOW64\AsHookDevice.exe (ASUSTeK Computer Inc.)
SRV - (fsssvc) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\drivers\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (ASInsHelp) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2F 56 1C 32 4E AA CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.startup.homepage: "http://highergroundp....com/index.cgi"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..network.proxy.ftp: "168.94.74.68"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "168.94.74.68"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "168.94.74.68"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "168.94.74.68"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "168.94.74.68"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/08/03 07:40:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/03 07:40:47 | 000,000,000 | ---D | M]
[2010/02/12 08:10:37 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\Mozilla\Extensions
[2010/08/27 19:43:33 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\Mozilla\Firefox\Profiles\er7d5gp3.default\extensions
[2010/08/20 19:51:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Geoff\AppData\Roaming\Mozilla\Firefox\Profiles\er7d5gp3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/02/14 08:12:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/02/13 20:13:50 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Arctosa] C:\Program Files\Razer\Arctosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe (ASUSTeK Computer Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Geoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Geoff\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Windows\web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{02168669-503a-11df-8184-00248ce68ba9}\Shell - "" = AutoRun
O33 - MountPoints2\{02168669-503a-11df-8184-00248ce68ba9}\Shell\AutoRun\command - "" = H:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ==========
[2010/08/29 14:33:22 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Geoff\Desktop\OTL.exe
[2010/08/29 08:21:39 | 000,000,000 | ---D | C] -- C:\Users\Geoff\AppData\Roaming\Malwarebytes
[2010/08/29 08:21:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/08/29 08:21:23 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/08/29 08:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/29 08:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/08/29 08:19:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/29 08:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/08/29 08:10:49 | 000,000,000 | ---D | C] -- C:\Users\Geoff\Desktop\Malware and Spyware Cleaning Guide - Geeks to Go Forums_files
[2010/08/26 21:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2010/08/26 21:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragon Age Origins Character Creator
[2010/08/26 06:36:45 | 000,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2010/08/26 06:36:22 | 000,000,000 | ---D | C] -- C:\Users\Geoff\AppData\Roaming\NVIDIA
[2010/08/25 17:59:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010/08/25 17:51:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/08/25 17:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/08/25 13:29:36 | 000,000,000 | ---D | C] -- C:\Users\Geoff\Desktop\More kittens
[2010/08/25 13:29:36 | 000,000,000 | ---D | C] -- C:\Users\Geoff\Desktop\2004_09_15
[2010/08/25 13:29:36 | 000,000,000 | ---D | C] -- C:\Users\Geoff\Desktop\2004_09_14
[2010/08/25 12:58:11 | 000,000,000 | ---D | C] -- C:\Users\Geoff\Desktop\Law School Stuff from Old Computer
[2010/08/14 19:06:45 | 000,000,000 | ---D | C] -- C:\Users\Geoff\AppData\Local\Electronic Arts
[2010/08/14 18:54:19 | 000,000,000 | ---D | C] -- C:\Users\Geoff\Documents\Electronic Arts
[2010/08/14 18:54:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2010/08/11 17:09:12 | 000,000,000 | ---D | C] -- C:\Users\Geoff\Documents\StarCraft II
[2010/08/11 17:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2010/08/11 17:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010/08/11 17:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010/07/16 18:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\directx
[2010/07/16 18:00:10 | 000,000,000 | ---D | C] -- C:\DeusEx
[2010/07/10 05:38:00 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/07/10 05:38:00 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/06/30 03:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010/06/25 03:01:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
========== Files - Modified Within 90 Days ==========
[2010/08/29 14:37:45 | 001,835,008 | -HS- | M] () -- C:\Users\Geoff\NTUSER.DAT
[2010/08/29 14:32:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Geoff\Desktop\OTL.exe
[2010/08/29 14:26:06 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/29 14:26:06 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/29 14:23:43 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/29 14:23:43 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/29 14:23:43 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/29 14:18:18 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/29 14:18:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/29 14:17:48 | 2146,787,327 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/29 14:09:07 | 002,421,046 | -H-- | M] () -- C:\Users\Geoff\AppData\Local\IconCache.db
[2010/08/29 09:02:43 | 000,293,376 | ---- | M] () -- C:\Users\Geoff\Desktop\gmer.exe
[2010/08/29 08:21:28 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/29 08:18:34 | 000,000,932 | ---- | M] () -- C:\Users\Geoff\Desktop\NTREGOPT.lnk
[2010/08/29 08:18:34 | 000,000,913 | ---- | M] () -- C:\Users\Geoff\Desktop\ERUNT.lnk
[2010/08/29 08:10:57 | 000,097,396 | ---- | M] () -- C:\Users\Geoff\Desktop\Malware and Spyware Cleaning Guide - Geeks to Go Forums.htm
[2010/08/27 21:38:27 | 000,013,042 | ---- | M] () -- C:\Users\Geoff\Desktop\Blessed Weapons.zip
[2010/08/26 21:48:33 | 000,001,256 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age Origins Character Creator.lnk
[2010/08/25 18:11:44 | 000,000,221 | ---- | M] () -- C:\Users\Geoff\Desktop\Dragon Age Origins.url
[2010/08/25 13:20:38 | 005,780,037 | ---- | M] () -- C:\Users\Geoff\Desktop\HG_Jan_05.7z
[2010/08/14 18:59:24 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Dead Space™.lnk
[2010/08/14 10:22:10 | 000,001,167 | ---- | M] () -- C:\Users\Geoff\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/08/14 10:22:10 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/08/13 03:20:29 | 000,345,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/13 03:03:33 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010/08/11 17:22:03 | 000,001,442 | ---- | M] () -- C:\Users\Geoff\Desktop\StarCraft II.exe - Shortcut.lnk
[2010/08/02 14:43:45 | 000,090,163 | ---- | M] () -- C:\Users\Geoff\Desktop\1stegg.JPG
[2010/07/10 05:38:00 | 000,065,128 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/07/10 05:38:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/07/09 15:38:00 | 000,012,264 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2010/06/30 03:00:27 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/06/13 12:30:14 | 002,354,516 | ---- | M] () -- C:\Users\Geoff\Desktop\DnYak.JPG
[2010/06/02 15:55:51 | 000,001,445 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars - Knights of the Old Republic II - The Sith Lords.lnk
========== Files Created - No Company Name ==========
[2010/08/29 08:21:28 | 000,001,017 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/29 08:18:34 | 000,000,932 | ---- | C] () -- C:\Users\Geoff\Desktop\NTREGOPT.lnk
[2010/08/29 08:18:33 | 000,000,913 | ---- | C] () -- C:\Users\Geoff\Desktop\ERUNT.lnk
[2010/08/29 08:10:48 | 000,097,396 | ---- | C] () -- C:\Users\Geoff\Desktop\Malware and Spyware Cleaning Guide - Geeks to Go Forums.htm
[2010/08/27 21:38:26 | 000,013,042 | ---- | C] () -- C:\Users\Geoff\Desktop\Blessed Weapons.zip
[2010/08/26 21:48:33 | 000,001,256 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age Origins Character Creator.lnk
[2010/08/25 18:11:44 | 000,000,221 | ---- | C] () -- C:\Users\Geoff\Desktop\Dragon Age Origins.url
[2010/08/25 13:22:32 | 2867,035,986 | ---- | C] () -- C:\Users\Geoff\Desktop\Documents and Settings.rar
[2010/08/25 13:20:09 | 005,780,037 | ---- | C] () -- C:\Users\Geoff\Desktop\HG_Jan_05.7z
[2010/08/25 13:18:57 | 109,909,710 | ---- | C] () -- C:\Users\Geoff\Desktop\Path of Ascension CEP Epic.mod
[2010/08/14 18:59:24 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Dead Space™.lnk
[2010/08/14 10:22:10 | 000,001,167 | ---- | C] () -- C:\Users\Geoff\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/08/14 10:22:10 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/08/13 03:03:33 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010/08/11 17:22:03 | 000,001,442 | ---- | C] () -- C:\Users\Geoff\Desktop\StarCraft II.exe - Shortcut.lnk
[2010/08/02 14:43:43 | 000,090,163 | ---- | C] () -- C:\Users\Geoff\Desktop\1stegg.JPG
[2010/06/13 12:29:48 | 002,354,516 | ---- | C] () -- C:\Users\Geoff\Desktop\DnYak.JPG
[2010/06/02 17:51:25 | 000,012,264 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010/06/02 15:55:51 | 000,001,445 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars - Knights of the Old Republic II - The Sith Lords.lnk
[2010/02/14 07:40:21 | 000,000,600 | ---- | C] () -- C:\Users\Geoff\AppData\Local\PUTTY.RND
[2010/02/13 21:47:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/13 07:44:37 | 000,000,134 | ---- | C] () -- C:\Users\Geoff\AppData\Roaming\wklnhst.dat
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/15 16:35:10 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\drivers\ServiceHelp.dll
[2009/05/15 16:34:26 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009/05/15 16:34:26 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009/05/15 16:34:24 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/05/15 16:34:24 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/05/15 16:30:45 | 000,001,746 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009/05/15 16:13:43 | 000,026,261 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/05/15 16:13:32 | 000,019,853 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2007/12/28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
========== LOP Check ==========
[2010/04/23 21:20:47 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\CreeperWorld
[2010/04/23 21:17:57 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\CreeperWorldDEMO.BA6B793AB2C9FDD744493F22666C1F8DFA806A5E.1
[2010/04/25 00:20:25 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\DAEMON Tools Lite
[2010/08/29 14:18:56 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\Dropbox
[2010/02/13 21:15:45 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\FileZilla
[2010/02/13 20:14:24 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\Foxit
[2010/04/23 00:53:57 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\gtk-2.0
[2010/02/14 16:05:48 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\Leadertech
[2010/03/18 23:45:21 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\runic games
[2010/02/14 08:16:54 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\Subversion
[2010/02/27 01:42:57 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\Template
[2010/08/14 19:58:08 | 000,000,000 | ---D | M] -- C:\Users\Geoff\AppData\Roaming\uTorrent
[2009/07/13 22:08:49 | 000,018,890 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/07/13 18:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/02/10 06:17:25 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/08/29 14:17:48 | 2146,787,327 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/29 14:17:56 | 4294,041,599 | -HS- | M] () -- C:\pagefile.sys
[2009/05/15 16:18:44 | 000,001,701 | ---- | M] () -- C:\RHDSetup.log
[2009/05/15 16:24:18 | 000,000,087 | ---- | M] () -- C:\setup.log
< %systemroot%\Fonts\*.com >
[2009/07/13 22:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 22:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 22:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 22:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 13:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2008/12/04 22:55:20 | 000,307,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2010/08/20 19:50:13 | 000,001,686 | -HS- | M] () -- C:\Users\Geoff\AppData\Roaming\Microsoft\LastFlashConfig.wfc
< %PROGRAMFILES%\*.* >
[2009/07/13 21:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/02/10 04:33:34 | 000,000,221 | -HS- | M] () -- C:\Users\Geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2010/02/10 05:39:35 | 000,000,221 | -HS- | M] () -- C:\Users\Geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2010/08/29 09:02:43 | 000,293,376 | ---- | M] () -- C:\Users\Geoff\Desktop\gmer.exe
[2010/08/29 14:32:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Geoff\Desktop\OTL.exe
[2010/02/13 22:34:18 | 020,565,723 | ---- | M] (IDM Computer Solutions, Inc.) -- C:\Users\Geoff\Desktop\UltraEdit Text Editor.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
[2009/06/10 14:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
[2010/08/25 18:00:32 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2010/08/25 18:00:32 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2010/08/25 18:00:32 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2010/08/25 18:00:32 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2010/08/25 18:00:32 | 000,786,432 | ---- | M] () -- C:\Windows\security\database\edbtmp.log
[2010/08/25 18:00:32 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2010/08/03 03:18:18 | 000,000,402 | -HS- | M] () -- C:\Users\Geoff\Favorites\desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >
OTL Extras logfile created on: 8/29/2010 2:34:14 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Geoff\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 44.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 163.96 Gb Free Space | 58.67% Space Free | Partition Type: NTFS
Drive D: | 409.17 Gb Total Space | 233.14 Gb Free Space | 56.98% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GEOFF-PC
Current User Name: Geoff
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- File not found
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- File not found
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{48B0F24F-B828-4B1A-A22E-C65454B32A7A}" = Windows Live Family Safety
"{70AC9B8B-5DC4-4E5E-964B-2A695D157FCB}" = Sun VirtualBox
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{9F313496-82E8-4A99-9D4C-311531023746}" = TortoiseSVN 1.6.7.18415 (64 bit)
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Essentials" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2208D65A-1BF9-485E-A308-1BA6CADCDC1D}" = Windows Live Movie Maker Beta
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{2D9C81F2-CF30-47F9-860E-58DACF92ABC9}" = Razer Arctosa
"{35D5A740-EAA2-012B-AD08-000000000000}" = TurboTax 2009 waziper
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}" = AI Manager
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN Card
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = iSEEK AnswerWorks English Runtime
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1033-7B44-A81100000003}" = Adobe Reader 8.1.1
"{B09B47DC-8775-9A6D-C482-1265E615E87D}" = Creeper World DEMO
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1583439-B034-4881-819C-D52A0587662B}" = Neverwinter Nights
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = THE SETTLERS - Rise of an Empire
"{D8B5B7C3-47B1-40FA-8251-59C74A543880}" = Dragon Age: Origins Character Creator
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ask Toolbar_is1" = Foxit Toolbar
"CreeperWorldDEMO.BA6B793AB2C9FDD744493F22666C1F8DFA806A5E.1" = Creeper World DEMO
"ERUNT_is1" = ERUNT 1.1j
"Fallout 2 Restoration Project_is1" = FO2 Restoration Project 2.0
"Fallout2" = Fallout2
"FileZilla Client" = FileZilla Client 3.3.1
"Foxit Reader" = Foxit Reader
"GameSpy Arcade" = GameSpy Arcade
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mIRC" = mIRC
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PuTTY_is1" = PuTTY version 0.60
"Runic Games Torchlight" = Torchlight
"Sid Meier's Alpha Centauri" = Sid Meier's Alpha Centauri
"Star Wars: Knights of the Old Republic II - The ~0219FD26_is1" = Star Wars®: Knights of the Old Republic II: The Sith Lords
"Star Wars: Knights of the Old Republic_is1" = Star Wars®: Knights of the Old Republic
"StarCraft II" = StarCraft II
"Steam App 17450" = Dragon Age: Origins
"TurboTax 2009" = TurboTax 2009
"uTorrent" = µTorrent
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinMerge_is1" = WinMerge 2.12.4
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/4/2010 8:53:12 PM | Computer Name = Geoff-PC | Source = Application Error | ID = 1000
Description = Faulting application name: YahooMessenger.exe, version: 10.0.0.1102,
time stamp: 0x4af9f8ef Faulting module name: MSVCR80.dll, version: 8.0.50727.4927,
time stamp: 0x4a2752ff Exception code: 0xc000000d Fault offset: 0x00008aa0 Faulting
process id: 0x9c0 Faulting application start time: 0x01cb3433397d3390 Faulting application
path: C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe Faulting module
path: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\MSVCR80.dll
Report
Id: d1fc6e68-a02b-11df-a135-00248ce68ba9
Error - 8/5/2010 3:30:12 AM | Computer Name = Geoff-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 8/6/2010 12:21:32 AM | Computer Name = Geoff-PC | Source = Application Error | ID = 1000
Description = Faulting application name: YahooMessenger.exe, version: 10.0.0.1102,
time stamp: 0x4af9f8ef Faulting module name: ymsdk.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4af9f9b4 Exception code: 0xc0000005 Fault offset: 0x6103432d Faulting
process id: 0x108c Faulting application start time: 0x01cb34cd2503e616 Faulting application
path: C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe Faulting module
path: ymsdk.dll Report Id: 17186ac3-a112-11df-a135-00248ce68ba9
Error - 8/6/2010 3:30:12 AM | Computer Name = Geoff-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 8/7/2010 8:07:45 PM | Computer Name = Geoff-PC | Source = Application Error | ID = 1000
Description = Faulting application name: YahooMessenger.exe, version: 10.0.0.1102,
time stamp: 0x4af9f8ef Faulting module name: MSVCR80.dll, version: 8.0.50727.4927,
time stamp: 0x4a2752ff Exception code: 0xc000000d Fault offset: 0x00008aa0 Faulting
process id: 0x598 Faulting application start time: 0x01cb35717afe2984 Faulting application
path: C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe Faulting module
path: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\MSVCR80.dll
Report
Id: f7df640d-a280-11df-a135-00248ce68ba9
Error - 8/7/2010 9:21:38 PM | Computer Name = Geoff-PC | Source = Application Error | ID = 1000
Description = Faulting application name: YahooMessenger.exe, version: 10.0.0.1102,
time stamp: 0x4af9f8ef Faulting module name: MSVCR80.dll, version: 8.0.50727.4927,
time stamp: 0x4a2752ff Exception code: 0xc000000d Fault offset: 0x00008aa0 Faulting
process id: 0xd24 Faulting application start time: 0x01cb36918e61dcb1 Faulting application
path: C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe Faulting module
path: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\MSVCR80.dll
Report
Id: 4a1466f9-a28b-11df-a135-00248ce68ba9
Error - 8/8/2010 3:33:00 AM | Computer Name = Geoff-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 8/9/2010 3:30:12 AM | Computer Name = Geoff-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 8/9/2010 3:30:31 AM | Computer Name = Geoff-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 8/9/2010 10:46:22 AM | Computer Name = Geoff-PC | Source = Application Error | ID = 1000
Description = Faulting application name: YahooMessenger.exe, version: 10.0.0.1102,
time stamp: 0x4af9f8ef Faulting module name: MSVCR80.dll, version: 8.0.50727.4927,
time stamp: 0x4a2752ff Exception code: 0xc000000d Fault offset: 0x00008aa0 Faulting
process id: 0x1018 Faulting application start time: 0x01cb36bf67a6b8a5 Faulting application
path: C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe Faulting module
path: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\MSVCR80.dll
Report
Id: dfecfab3-a3c4-11df-a135-00248ce68ba9
[ System Events ]
Error - 8/29/2010 5:51:43 AM | Computer Name = Geoff-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Dragon
Age: Origins - Content Updater service to connect.
Error - 8/29/2010 5:52:13 AM | Computer Name = Geoff-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Browser service.
Error - 8/29/2010 5:52:13 AM | Computer Name = Geoff-PC | Source = Service Control Manager | ID = 7000
Description = The Computer Browser service failed to start due to the following
error: %%1053
Error - 8/29/2010 5:52:43 AM | Computer Name = Geoff-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Dragon
Age: Origins - Content Updater service to connect.
Error - 8/29/2010 5:53:05 AM | Computer Name = Geoff-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
Error - 8/29/2010 5:53:13 AM | Computer Name = Geoff-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Browser service.
Error - 8/29/2010 5:53:13 AM | Computer Name = Geoff-PC | Source = Service Control Manager | ID = 7000
Description = The Computer Browser service failed to start due to the following
error: %%1053
Error - 8/29/2010 5:53:43 AM | Computer Name = Geoff-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Appinfo service.
Error - 8/29/2010 5:53:43 AM | Computer Name = Geoff-PC | Source = Service Control Manager | ID = 7000
Description = The Application Information service failed to start due to the following
error: %%1053
Error - 8/29/2010 11:13:18 AM | Computer Name = Geoff-PC | Source = Service Control Manager | ID = 7034
Description = The Device Handle Service service terminated unexpectedly. It has
done this 1 time(s).
< End of report >
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4502
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
8/29/2010 8:27:52 AM
mbam-log-2010-08-29 (08-27-52).txt
Scan type: Quick scan
Objects scanned: 130053
Time elapsed: 5 minute(s), 43 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)