Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

recent virus infection still not back to normal

Started by geezy9723 , Jul 04 2011 01:25 PM

  • This topic is locked This topic is locked

#1
geezy9723
Posted 04 July 2011 - 01:25 PM

geezy9723

    Member

  • Member
  • PipPip
  • 36 posts
OTL logfile created on: 7/4/2011 1:49:14 PM - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\Wan\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.79 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 52.62% Memory free
7.58 Gb Paging File | 4.72 Gb Available in Paging File | 62.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 233.00 Gb Total Space | 175.24 Gb Free Space | 75.21% Space Free | Partition Type: NTFS
Drive D: | 347.22 Gb Total Space | 153.30 Gb Free Space | 44.15% Space Free | Partition Type: NTFS

Computer Name: SPACESHIP | User Name: Wan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/04 13:48:14 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Wan\Downloads\OTL.exe
PRC - [2011/06/19 17:57:36 | 000,240,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe
PRC - [2011/05/10 07:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/01/17 09:36:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/08/26 20:52:12 | 002,782,064 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
PRC - [2010/08/11 02:34:40 | 004,384,560 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2010/08/09 04:22:24 | 000,862,064 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010/07/30 03:20:18 | 001,752,680 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/04/24 02:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 02:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/02/28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2010/02/10 09:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2010/02/03 17:19:52 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/02/03 17:19:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/06/03 06:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/04/15 09:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe


========== Modules (SafeList) ==========

MOD - [2011/07/04 13:48:14 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Wan\Downloads\OTL.exe
MOD - [2011/05/10 07:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/06/07 01:39:40 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/06/07 01:34:20 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2010/04/16 16:07:42 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/03/04 20:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/04 20:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/04 20:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\svchost.exe -- (gpsvc)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/01/17 09:36:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/06/01 01:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/04/24 02:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 02:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/03 17:19:52 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/02/03 17:19:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/05/10 06:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/04/24 17:14:22 | 000,273,088 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/01/17 09:36:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/30 17:13:36 | 000,118,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/08/30 09:45:48 | 000,394,016 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010/08/29 14:17:36 | 000,289,280 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/08/24 22:36:02 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/06/17 20:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/05/30 22:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel®
DRV:64bit: - [2010/05/16 03:28:38 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp) Intel® Centrino®
DRV:64bit: - [2010/05/16 03:28:30 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2010/05/16 03:28:28 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/04/27 02:57:04 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/24 02:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/24 02:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/24 02:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/24 02:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/04/16 16:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/02/26 19:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/04 00:17:54 | 000,122,624 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smhwser.sys -- (smhwser) USB Device for Legacy Serial Communication (Normal)
DRV:64bit: - [2010/01/13 02:04:54 | 000,114,432 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smhwdev.sys -- (smhwdev) SmartPhone dummy USB PNP Device (Normal)
DRV:64bit: - [2009/12/23 11:00:39 | 000,031,744 | R--- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smhwadb.sys -- (androidusb)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/28 01:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/05/20 18:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2010/09/26 05:36:06 | 000,015,144 | ---- | M] (Windows ® 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AOL Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...rud=12-01-2011"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?...usaimc00000001"
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.6502
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "http://search.yahoo....anda2_0yatb&p="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/06/20 14:52:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/20 15:26:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/28 16:28:46 | 000,000,000 | ---D | M]

[2010/11/05 18:49:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wan\AppData\Roaming\Mozilla\Extensions
[2011/06/22 07:48:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wan\AppData\Roaming\Mozilla\Firefox\Profiles\svikweht.default\extensions
[2011/06/22 07:48:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Wan\AppData\Roaming\Mozilla\Firefox\Profiles\svikweht.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/06/12 20:07:20 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\Wan\AppData\Roaming\Mozilla\Firefox\Profiles\svikweht.default\extensions\[email protected]
[2011/01/12 01:28:11 | 000,002,242 | ---- | M] () -- C:\Users\Wan\AppData\Roaming\Mozilla\Firefox\Profiles\svikweht.default\searchplugins\AOL Search.xml
[2010/09/28 22:39:14 | 000,002,333 | ---- | M] () -- C:\Users\Wan\AppData\Roaming\Mozilla\Firefox\Profiles\svikweht.default\searchplugins\askcom.xml
[2011/06/20 15:26:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/20 20:00:24 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/06/09 09:08:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\WAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVIKWEHT.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}.XPI
[2011/06/15 23:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/06/09 09:08:39 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/01/12 01:28:11 | 000,002,242 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\AOL Search.xml
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/09 08:38:59 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (W2PBrowser Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (AOL Messaging Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (AOL Messaging Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Messaging Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKCU..\Run: [EPSON WorkForce 320 Series] File not found
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [googletalk] C:\Users\Wan\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} http://zone.msn.com/...PA.cab55579.cab (CheckersZPA Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/02 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\SlimWare Utilities Inc
[2011/06/30 21:18:00 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{EAA1BC44-76E7-41E0-93A5-4E3E5F6350E7}
[2011/06/29 22:16:29 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{D5E25975-4AFD-429B-8E1F-5D46E6F2E420}
[2011/06/29 21:30:45 | 000,000,000 | ---D | C] -- C:\Users\Wan\Desktop\LMFAO - Sorry for Party Rocking
[2011/06/29 21:30:06 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/29 21:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/29 21:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/06/28 10:59:21 | 000,000,000 | ---D | C] -- C:\Users\Wan\Desktop\eob_files
[2011/06/27 10:57:18 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{6E3D269F-22EB-47CD-88AB-1738D147726B}
[2011/06/27 01:52:16 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{82EC5289-3AF2-4F02-B4E9-5DFFB2550BBC}
[2011/06/20 19:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/06/20 19:59:30 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011/06/20 15:02:23 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{7B9872F6-7185-478C-9B10-2071BAD98C53}
[2011/06/20 01:13:14 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{61155635-CF4E-4C22-9EF6-E8E1C298CE47}
[2011/06/20 01:09:37 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/06/19 18:03:14 | 000,000,000 | ---D | C] -- C:\Users\Wan\Desktop\M860B617dload
[2011/06/14 00:48:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/06/12 20:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/12 20:24:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/12 20:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/06/12 20:24:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/12 20:21:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/06/12 20:16:15 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{B0E4F2D0-F756-4EE6-B3AF-706F4392BED1}
[2011/06/12 14:06:20 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Roaming\Panda Security
[2011/06/12 14:06:17 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
[2011/06/12 14:06:05 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Roaming\SurfSecret Privacy Suite
[2011/06/12 14:05:48 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\panda2_0dn
[2011/06/12 14:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011/06/12 14:05:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2011/06/12 13:56:36 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2011/06/09 21:27:40 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Roaming\QFX Software
[2011/06/09 21:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2011/06/09 09:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2011/06/09 09:45:15 | 000,273,088 | ---- | C] (QFX Software Corporation) -- C:\Windows\SysNative\drivers\keyscrambler.sys
[2011/06/09 09:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyScrambler
[2011/06/09 09:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileHippo.com
[2011/06/09 09:09:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/06/09 08:43:45 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{5CBEABAA-9F1E-4138-AE25-EBA297DFBCF0}
[2011/06/08 21:17:57 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{06798AFA-2E58-4901-B6EB-D351CD134D82}
[2011/06/07 18:41:05 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{E2AFFFEF-FB94-4AF0-9244-1122C01679E5}
[2011/06/07 14:49:46 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{BED29DC4-3174-4530-AB87-25FA595D764C}
[2011/06/07 14:43:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/06/07 14:42:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/06/07 14:36:14 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{04B4E1C9-C94E-443F-95F7-32CC0917FBF0}
[2011/06/06 23:09:54 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{E4F2139A-D052-4A7B-A8DB-2E9546BC5002}
[2011/06/06 10:07:12 | 000,000,000 | ---D | C] -- C:\Users\Wan\DoctorWeb
[2011/06/06 02:10:54 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/06/05 23:19:43 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\ElevatedDiagnostics
[2011/06/05 22:09:06 | 000,000,000 | ---D | C] -- C:\Users\Wan\AppData\Local\{02D3CA0B-D500-479D-A7DF-203FEAC8B077}
[2011/06/04 16:09:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/06/04 14:31:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/06/04 14:31:01 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/04 13:20:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/04 12:34:31 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/04 12:28:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/03 18:38:01 | 000,759,364 | ---- | M] () -- C:\Users\Wan\Desktop\pldg.xps
[2011/07/02 11:01:58 | 000,021,502 | ---- | M] () -- C:\Users\Wan\Desktop\2a86.jpg
[2011/07/01 14:05:31 | 002,257,860 | ---- | M] () -- C:\Users\Wan\Desktop\jeezy (2).mp3
[2011/07/01 14:00:34 | 000,004,071 | ---- | M] () -- C:\Users\Wan\Desktop\th_fgh.jpg
[2011/07/01 13:47:38 | 000,202,636 | ---- | M] () -- C:\Users\Wan\Desktop\jeezy.png
[2011/07/01 12:45:03 | 000,037,724 | ---- | M] () -- C:\Users\Wan\Desktop\untitled.png
[2011/07/01 11:59:12 | 002,304,627 | ---- | M] () -- C:\Users\Wan\Desktop\jeezy.mp3
[2011/07/01 11:45:43 | 000,001,678 | ---- | M] () -- C:\Users\Wan\Desktop\acid50 - Shortcut.lnk
[2011/06/30 03:25:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/06/30 00:23:19 | 000,039,902 | ---- | M] () -- C:\Users\Wan\Desktop\dcfvgJPG-1.jpg
[2011/06/30 00:23:01 | 000,015,793 | ---- | M] () -- C:\Users\Wan\Desktop\th_pooltube.png
[2011/06/29 23:30:22 | 000,052,906 | ---- | M] () -- C:\Users\Wan\Desktop\artworks-000008613078-3oo33i-crop.jpg
[2011/06/29 01:05:33 | 006,166,237 | ---- | M] () -- C:\Users\Wan\Desktop\asd.xps
[2011/06/28 23:56:38 | 000,006,034 | ---- | M] () -- C:\Users\Wan\Desktop\EmployeeSignature.htm
[2011/06/28 16:28:47 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/28 10:59:21 | 000,006,096 | ---- | M] () -- C:\Users\Wan\Desktop\eob.htm
[2011/06/28 10:54:16 | 000,006,034 | ---- | M] () -- C:\Users\Wan\Desktop\EmployeeSignature2.htm
[2011/06/28 10:39:12 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/28 10:39:12 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/27 10:54:28 | 4070,662,144 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/27 00:23:11 | 000,263,277 | ---- | M] () -- C:\Users\Wan\Desktop\agdiet.xps
[2011/06/25 16:02:33 | 001,935,738 | ---- | M] () -- C:\Users\Wan\Desktop\Shwayze - Love Letter [Main Radio].mp3
[2011/06/22 18:40:25 | 005,474,534 | ---- | M] () -- C:\Users\Wan\Desktop\Justbeatz Goes 3bal.mp3
[2011/06/22 10:23:11 | 000,276,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/21 21:30:08 | 000,000,284 | ---- | M] () -- C:\Users\Wan\Desktop\pig3.png
[2011/06/21 01:44:34 | 000,034,521 | ---- | M] () -- C:\Users\Wan\Documents\ana yay.png
[2011/06/20 19:59:35 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/06/20 15:34:28 | 000,002,048 | ---- | M] () -- C:\Users\Wan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/20 15:26:15 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/19 17:57:26 | 010,974,814 | ---- | M] () -- C:\Users\Wan\Desktop\LMFAO feat. Natalia Kills - Champagne Showers (Official Instrumental).mp3
[2011/06/19 17:55:11 | 145,372,484 | ---- | M] () -- C:\Users\Wan\Desktop\M860B617dload.zip
[2011/06/19 17:53:04 | 000,000,022 | ---- | M] () -- C:\Users\Wan\Desktop\New Compressed (zipped) Folder.zip
[2011/06/15 14:37:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_androidusb_01009.Wdf
[2011/06/15 13:24:49 | 010,487,641 | ---- | M] () -- C:\Users\Wan\Desktop\LMFAO - Party Rock Anthem ( Justbeatz iLag Remix ) master.mp3
[2011/06/12 20:57:54 | 000,036,395 | -HS- | M] () -- C:\Users\Wan\Desktop\Folder.jpg
[2011/06/12 20:57:54 | 000,007,630 | -HS- | M] () -- C:\Users\Wan\Desktop\AlbumArtSmall.jpg
[2011/06/12 20:42:44 | 009,448,472 | ---- | M] () -- C:\Users\Wan\Desktop\In The Dark (Instrumental).mp3
[2011/06/12 20:25:03 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/09 09:16:01 | 000,001,133 | ---- | M] () -- C:\Users\Wan\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2011/06/09 09:13:16 | 000,001,969 | ---- | M] () -- C:\Users\Wan\Desktop\Update Checker.lnk
[2011/06/09 08:38:59 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/06/07 18:44:18 | 000,000,082 | -HS- | M] () -- C:\Users\Wan\Desktop\desktop (3).ini
[2011/06/07 18:44:18 | 000,000,082 | -HS- | M] () -- C:\Users\Wan\Desktop\desktop (2).ini
[2011/06/07 18:37:08 | 000,019,990 | ---- | M] () -- C:\FixitRegBackup.reg
[2011/06/07 18:36:25 | 000,002,243 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/06/07 15:04:54 | 000,015,360 | ---- | M] () -- C:\Windows\SysNative\umstartup.etl
[2011/06/05 22:08:41 | 000,001,443 | ---- | M] () -- C:\Users\Wan\Desktop\Internet Explorer.lnk
[2011/06/05 22:08:41 | 000,001,437 | ---- | M] () -- C:\Users\Wan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/05 19:57:32 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/06/05 19:56:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/04 00:08:05 | 000,004,071 | ---- | C] () -- C:\Users\Wan\Desktop\th_fgh.jpg
[2011/07/03 18:37:59 | 000,759,364 | ---- | C] () -- C:\Users\Wan\Desktop\pldg.xps
[2011/07/02 10:45:19 | 000,021,502 | ---- | C] () -- C:\Users\Wan\Desktop\2a86.jpg
[2011/07/01 13:47:38 | 000,202,636 | ---- | C] () -- C:\Users\Wan\Desktop\jeezy.png
[2011/07/01 12:45:03 | 000,037,724 | ---- | C] () -- C:\Users\Wan\Desktop\untitled.png
[2011/07/01 12:26:34 | 002,257,860 | ---- | C] () -- C:\Users\Wan\Desktop\jeezy (2).mp3
[2011/07/01 11:59:09 | 002,304,627 | ---- | C] () -- C:\Users\Wan\Desktop\jeezy.mp3
[2011/07/01 11:45:43 | 000,001,678 | ---- | C] () -- C:\Users\Wan\Desktop\acid50 - Shortcut.lnk
[2011/06/30 00:24:05 | 000,015,793 | ---- | C] () -- C:\Users\Wan\Desktop\th_pooltube.png
[2011/06/30 00:23:34 | 000,039,902 | ---- | C] () -- C:\Users\Wan\Desktop\dcfvgJPG-1.jpg
[2011/06/29 23:32:50 | 000,052,906 | ---- | C] () -- C:\Users\Wan\Desktop\artworks-000008613078-3oo33i-crop.jpg
[2011/06/29 01:05:30 | 006,166,237 | ---- | C] () -- C:\Users\Wan\Desktop\asd.xps
[2011/06/28 23:56:38 | 000,006,034 | ---- | C] () -- C:\Users\Wan\Desktop\EmployeeSignature.htm
[2011/06/28 16:28:47 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/06/28 16:28:47 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/28 10:59:21 | 000,006,096 | ---- | C] () -- C:\Users\Wan\Desktop\eob.htm
[2011/06/28 10:54:16 | 000,006,034 | ---- | C] () -- C:\Users\Wan\Desktop\EmployeeSignature2.htm
[2011/06/27 00:23:09 | 000,263,277 | ---- | C] () -- C:\Users\Wan\Desktop\agdiet.xps
[2011/06/23 16:36:18 | 001,935,738 | ---- | C] () -- C:\Users\Wan\Desktop\Shwayze - Love Letter [Main Radio].mp3
[2011/06/22 18:35:42 | 005,474,534 | ---- | C] () -- C:\Users\Wan\Desktop\Justbeatz Goes 3bal.mp3
[2011/06/21 21:30:08 | 000,000,284 | ---- | C] () -- C:\Users\Wan\Desktop\pig3.png
[2011/06/21 01:44:26 | 000,034,521 | ---- | C] () -- C:\Users\Wan\Documents\ana yay.png
[2011/06/20 19:59:35 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/06/19 18:05:30 | 010,974,814 | ---- | C] () -- C:\Users\Wan\Desktop\LMFAO feat. Natalia Kills - Champagne Showers (Official Instrumental).mp3
[2011/06/19 17:53:04 | 000,000,022 | ---- | C] () -- C:\Users\Wan\Desktop\New Compressed (zipped) Folder.zip
[2011/06/19 17:30:41 | 145,372,484 | ---- | C] () -- C:\Users\Wan\Desktop\M860B617dload.zip
[2011/06/15 14:37:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_androidusb_01009.Wdf
[2011/06/15 13:23:42 | 010,487,641 | ---- | C] () -- C:\Users\Wan\Desktop\LMFAO - Party Rock Anthem ( Justbeatz iLag Remix ) master.mp3
[2011/06/12 20:42:59 | 000,036,395 | -HS- | C] () -- C:\Users\Wan\Desktop\Folder.jpg
[2011/06/12 20:42:59 | 000,007,630 | -HS- | C] () -- C:\Users\Wan\Desktop\AlbumArtSmall.jpg
[2011/06/12 20:42:33 | 009,448,472 | ---- | C] () -- C:\Users\Wan\Desktop\In The Dark (Instrumental).mp3
[2011/06/12 20:25:03 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/09 09:13:16 | 000,001,999 | ---- | C] () -- C:\Users\Wan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2011/06/09 09:13:16 | 000,001,969 | ---- | C] () -- C:\Users\Wan\Desktop\Update Checker.lnk
[2011/06/07 18:50:51 | 000,000,082 | -HS- | C] () -- C:\Users\Wan\Desktop\desktop (2).ini
[2011/06/07 18:44:18 | 000,000,082 | -HS- | C] () -- C:\Users\Wan\Desktop\desktop (3).ini
[2011/06/07 18:42:00 | 000,001,443 | ---- | C] () -- C:\Users\Wan\Desktop\Internet Explorer.lnk
[2011/06/07 18:37:07 | 000,019,990 | ---- | C] () -- C:\FixitRegBackup.reg
[2011/06/07 14:42:59 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/06/05 23:33:06 | 000,002,243 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/06/05 19:57:32 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/06/05 19:56:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/06/04 14:36:26 | 000,002,855 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
[2011/06/04 14:36:26 | 000,001,361 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2011/06/04 14:36:17 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/06/04 14:36:17 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/06/04 14:36:17 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2011/06/04 14:36:17 | 000,002,112 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Wireless Display.lnk
[2011/06/04 14:36:17 | 000,001,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LTCM Client.lnk
[2011/06/04 14:36:17 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/06/04 14:36:17 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/06/04 14:36:17 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/06/04 14:36:17 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2011/06/04 14:36:17 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/06/04 14:36:17 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2011/06/04 14:36:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/06/04 14:36:17 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/06/04 14:36:17 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2011/06/04 14:36:17 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2011/06/04 14:36:17 | 000,001,172 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk
[2011/06/04 14:36:17 | 000,001,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk
[2011/06/04 14:36:17 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/04 14:36:17 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio One x64.lnk
[2011/06/01 16:35:30 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/06/01 16:35:29 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/06/01 16:35:29 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/06/01 16:35:29 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/06/01 16:35:29 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/06/01 16:35:29 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/06/01 16:35:29 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/06/01 16:35:29 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/06/01 16:35:29 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/06/01 16:35:29 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/06/01 16:35:29 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/06/01 16:35:29 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/06/01 16:35:29 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/06/01 16:35:29 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/06/01 16:35:29 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/06/01 16:35:29 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/06/01 16:32:54 | 000,000,079 | ---- | C] () -- C:\Windows\EPWF320.ini
[2011/01/24 19:47:57 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/02 03:15:51 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/05 02:19:26 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2010/11/05 00:33:43 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ArtFfct.dll
[2010/09/09 15:09:47 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/09/09 15:09:47 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/09/09 15:09:47 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/09/09 15:09:46 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/09/09 15:09:45 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/09/08 23:54:45 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2010/09/08 23:16:20 | 000,002,134 | ---- | C] () -- C:\Windows\HotFixList.ini
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 16:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 16:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 16:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2010/11/05 01:25:02 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Ableton
[2011/06/12 20:52:38 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Canon
[2010/11/06 16:31:30 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Celemony Software GmbH
[2011/06/01 16:36:23 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Epson
[2010/11/06 21:32:00 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\FabFilter
[2011/04/28 22:12:26 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\FrostWire
[2011/06/03 08:31:29 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Leader Technologies
[2011/06/01 17:07:48 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Leadertech
[2010/11/05 02:02:24 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\NetMedia Providers
[2010/11/06 16:13:01 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\One
[2011/06/12 14:06:20 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Panda Security
[2010/11/05 01:21:44 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\PreSonus
[2010/11/05 02:02:24 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Publish Providers
[2011/06/09 21:27:40 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\QFX Software
[2011/04/28 21:48:31 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Research In Motion
[2011/06/22 10:21:48 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\SoftGrid Client
[2010/11/05 02:02:23 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Sony
[2011/06/12 14:06:05 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\SurfSecret Privacy Suite
[2011/01/24 19:48:46 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\TP
[2010/11/06 16:14:38 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Twin
[2011/06/04 10:46:40 | 000,000,000 | ---D | M] -- C:\Users\Wan\AppData\Roaming\Windows Live Writer
[2011/06/07 17:28:43 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >



there is also driverupdate.exe im not sure what it is or to uninstall it..i removed it via control pannel and its still on my computer...it looks like spyware or malware
recently I disabled windows updates because they would cause issues when restarting my computer. IM not sure if i should just restore the whole computer..and uninstalled windows defender...it seems notthing is working as it should
I really dont want to restore because i have several important files.

:unsure: :yes: :)
  • 0

Advertisements

#2
geezy9723
Posted 09 July 2011 - 10:23 AM

geezy9723

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
still no response?
  • 0

#3
Essexboy
Posted 09 July 2011 - 11:10 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there what are your current problems ?

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#4
Essexboy
Posted 13 July 2011 - 01:22 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP