Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google Redirect and slow down.

Started by Scauthra , Jul 12 2011 11:07 PM

  • Please log in to reply

#1
Scauthra
Posted 12 July 2011 - 11:07 PM

Scauthra

    New Member

  • Member
  • Pip
  • 1 posts
Hello and thank you for your time.

A family member used my computer and downloaded a game with my permission on my system. However after they were done I ran into a number of problems.

First was the redirect virus as I seem to read it, but it happens in google and yahoo search engines, I have not tried other ones. I use Mozilla. Do not like IE and I can't recall why but Google Chrome gave me problems a long time ago so I stopped using that. Anyways when I search for anything I get redirected to the same page. hxxp://www.goingonearth.com/search.php?q= I am always redirected here. It's almost a blank page but sometimes all you see is jumbles of code, I assume because of my pop up blocker. Not sure.

Second problem I have noticed since this occured was my computer slows down or programs use way more processing power than they need to. Steam without any downloads going or games running, can go up to 250,000k. When I run WinAmp and do anything else, my music will lag and drag down when that other program is starting up or transitioning into something else.

Steps I have taken so far. I have jumped from using Avast to BullGuard. I do not have any other sort of Anti Virus (because until now I felt I was good at keeping my computer safe). I also followed the information given in this post.
http://www.geekstogo...ogle-redirects/

At the end of doing the steps, no threats were found, nothing needed cured or quartined. My virus scans all come up with no threats detected.

Anyways, here is my OTL entry I was asked to paste. Thank you for your time and thank you in advance for helping me out.

OTL logfile created on: 7/13/2011 12:54:39 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Scauthra\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 52.56% Memory free
5.99 Gb Paging File | 4.44 Gb Available in Paging File | 74.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 177.50 Gb Total Space | 15.26 Gb Free Space | 8.60% Space Free | Partition Type: NTFS
Drive D: | 8.79 Gb Total Space | 0.45 Gb Free Space | 5.07% Space Free | Partition Type: FAT32

Computer Name: SCAUTHRAPC | User Name: Scauthra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/13 00:54:02 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Scauthra\Downloads\OTL.exe
PRC - [2011/07/12 19:36:47 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2011/07/08 04:33:04 | 000,338,264 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
PRC - [2011/07/08 04:33:04 | 000,288,088 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
PRC - [2011/07/08 04:33:03 | 001,620,824 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
PRC - [2011/06/25 23:55:12 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/15 06:32:36 | 000,024,904 | ---- | M] () -- c:\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe
PRC - [2011/05/18 05:34:06 | 000,320,344 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
PRC - [2011/04/08 01:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/07 22:44:48 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/16 23:49:55 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2011/01/20 05:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/06/01 11:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2009/08/19 11:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 11:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 21:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/11/18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (SafeList) ==========

MOD - [2011/07/13 00:54:02 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Scauthra\Downloads\OTL.exe
MOD - [2011/05/23 10:55:36 | 000,100,184 | ---- | M] (BullGuard Ltd.) -- C:\Windows\System32\BgGamingMonitor.dll
MOD - [2010/11/11 10:49:17 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/07/12 19:36:47 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/07/08 04:33:04 | 000,338,264 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe -- (BsBhvScan)
SRV - [2011/07/08 04:33:04 | 000,288,088 | ---- | M] (BullGuard Ltd.) [On_Demand | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner)
SRV - [2011/07/08 04:33:03 | 000,322,904 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan)
SRV - [2011/07/08 04:33:03 | 000,195,928 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy)
SRV - [2011/05/18 05:34:14 | 000,125,784 | ---- | M] (BullGuard Ltd.) [On_Demand | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe -- (BgRaSvc)
SRV - [2011/05/18 05:34:06 | 000,320,344 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate)
SRV - [2011/05/18 05:34:04 | 000,500,056 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire)
SRV - [2011/05/18 05:34:04 | 000,186,712 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain)
SRV - [2011/05/18 05:34:04 | 000,067,928 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsBrowser.dll -- (BsBrowser)
SRV - [2011/04/08 01:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/12 14:14:29 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/03/10 04:00:57 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/06/20 23:25:08 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/06/15 06:32:36 | 000,215,624 | ---- | M] (NovaShield, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\NSKernel.sys -- (NovaShieldFilterDriver)
DRV - [2011/06/15 06:32:36 | 000,020,040 | ---- | M] (NovaShield, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NSNetmon.sys -- (NovaShieldTDIDriver)
DRV - [2011/06/15 06:32:32 | 000,328,296 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore)
DRV - [2011/06/15 06:32:32 | 000,304,712 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Trufos.sys -- (Trufos)
DRV - [2011/06/15 06:32:32 | 000,061,152 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\System32\drivers\BdSpy.sys -- (BdSpy)
DRV - [2011/06/15 06:32:32 | 000,034,920 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (AFW)
DRV - [2011/04/08 01:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/01/06 21:20:00 | 000,583,680 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/10/16 03:11:56 | 001,168,896 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2005/03/09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2E 15 2A 64 C7 E8 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.yahoo.com"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Scauthra\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Scauthra\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\antiphishing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\ [2011/07/09 12:47:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 23:55:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin [2011/07/06 00:41:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\TbSpamfilter [2011/07/06 00:41:25 | 000,000,000 | ---D | M]

[2011/04/29 13:42:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scauthra\AppData\Roaming\Mozilla\Extensions
[2011/07/02 00:10:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scauthra\AppData\Roaming\Mozilla\Firefox\Profiles\z3r60iu9.default\extensions
[2011/07/04 13:32:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/03 23:44:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/07/09 12:47:37 | 000,000,000 | ---D | M] (BullGuard Safe Browsing) -- C:\PROGRAM FILES\BULLGUARD LTD\BULLGUARD\ANTIPHISHING\FF\ANTIPHISHING@BULLGUARD
() (No name found) -- C:\USERS\SCAUTHRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z3R60IU9.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/06/25 23:55:12 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/09/02 04:09:28 | 000,002,486 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\iMeshWebSearch.xml

O1 HOSTS File: ([2011/07/13 00:39:44 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (BullGuard Safe Browsing) - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll (BullGuard Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.)
O4 - HKLM..\Run: [P17RunE] C:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Scauthra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.7.254
O18 - Protocol\Handler\bglink {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll (BullGuard Ltd.)
O20 - AppInit_DLLs: (BgGamingMonitor.dll) - C:\Windows\System32\BgGamingMonitor.dll (BullGuard Ltd.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2010/10/29 03:02:32 | 000,000,090 | ---- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/13 00:39:37 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/07/13 00:34:31 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\Download
[2011/07/11 22:05:20 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Roaming\Tropico 3
[2011/07/11 22:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\Kalypso
[2011/07/11 17:07:59 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{07998501-4ECE-4011-B282-9A2D41AFF233}
[2011/07/10 00:50:26 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{B0D11857-0D7E-43C0-AEF7-52B4F80ADF13}
[2011/07/09 12:50:13 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{2D823C2F-F4B2-46DE-B1C2-89424AAF12FD}
[2011/07/09 03:43:36 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\Documents\SEGA Genesis Classics
[2011/07/08 12:58:35 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\Documents\Pirates of the Burning Sea
[2011/07/08 04:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam
[2011/07/08 04:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2011/07/07 15:58:21 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{EA5BDAAD-98F4-402B-AFE0-DB1CF65EAB04}
[2011/07/07 03:57:57 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{262E6393-ED1A-45A6-AD58-B0D7857DEF5C}
[2011/07/06 00:50:30 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Roaming\Software Inspection Library
[2011/07/06 00:44:54 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{39965FCB-EC2E-48FF-B4A5-2D5473421FBA}
[2011/07/06 00:43:46 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Roaming\BullGuard
[2011/07/06 00:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard
[2011/07/06 00:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\BullGuard
[2011/07/06 00:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\BullGuard Ltd
[2011/07/06 00:39:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/07/04 18:31:15 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\Documents\18 WoS Extreme Trucker 2
[2011/07/04 17:51:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\18 WoS Extreme Trucker 2
[2011/07/04 17:49:18 | 000,000,000 | ---D | C] -- C:\Program Files\18 WoS Extreme Trucker 2
[2011/07/04 13:35:01 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{81D6253E-CF61-45D5-B9ED-0B51C1E98F98}
[2011/07/03 14:01:34 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{5C3A9922-2E35-4FE4-A861-F88630E7FF1A}
[2011/07/03 13:15:20 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/07/03 04:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/07/03 04:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/07/03 04:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/07/03 02:40:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/07/03 02:40:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/07/03 00:36:57 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{D5ACBF71-CD04-49CF-AAA9-16625E847DB7}
[2011/07/02 22:19:07 | 000,421,376 | ---- | C] (Criterion Software Ltd.) -- C:\Windows\System32\RWDL6D20.DLL
[2011/07/02 22:19:07 | 000,420,352 | ---- | C] (Criterion Software Ltd.) -- C:\Windows\System32\RWDL6C20.DLL
[2011/07/02 22:19:07 | 000,420,352 | ---- | C] (Criterion Software Ltd.) -- C:\Windows\System32\RWDL6B20.DLL
[2011/07/02 22:19:07 | 000,418,816 | ---- | C] (Criterion Software Ltd.) -- C:\Windows\System32\RWDL6A20.DLL
[2011/07/02 22:19:07 | 000,353,280 | ---- | C] (Criterion Software Ltd.) -- C:\Windows\System32\RWL20.DLL
[2011/07/02 22:19:07 | 000,348,672 | ---- | C] (Criterion Software Ltd.) -- C:\Windows\System32\RWDL8D20.DLL
[2011/07/02 22:19:07 | 000,347,648 | ---- | C] (Criterion Software Ltd.) -- C:\Windows\System32\RWDL8C20.DLL
[2011/07/02 22:19:07 | 000,347,136 | ---- | C] (Criterion Software Ltd.) -- C:\Windows\System32\RWDL8B20.DLL
[2011/07/02 22:19:07 | 000,346,112 | ---- | C] (Criterion Software Ltd.) -- C:\Windows\System32\RWDL8A20.DLL
[2011/07/02 22:19:07 | 000,000,000 | ---D | C] -- C:\Program Files\Space Station Simulator
[2011/07/02 22:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geoman
[2011/07/02 22:18:35 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Geoman
[2011/07/02 18:29:55 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Roaming\TerrariaWorldViewer
[2011/07/02 02:45:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2011/07/02 02:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2011/07/01 14:38:26 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{09259C08-ECA8-46D5-9373-8C4EC4F5F9CF}
[2011/07/01 09:18:00 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\Documents\My Received Files
[2011/07/01 02:38:12 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{AB981D67-4A84-43DA-915E-FFD6FFAC30B7}
[2011/06/30 03:08:28 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{51F0F079-C242-4901-8467-EE2A5452FD32}
[2011/06/29 03:23:14 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{6311AC01-0B6D-445A-A6CE-16D4209DB8F3}
[2011/06/28 15:05:43 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{8A4D7838-2EE9-416C-944B-84F026985EF2}
[2011/06/28 05:20:56 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{82646513-FDEC-4BD5-BAEE-2DA4AC23E667}
[2011/06/26 02:09:56 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{5C902D0C-A7A3-41A9-AFBE-6E1C76EFFA46}
[2011/06/26 02:09:46 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Roaming\Windows Live Writer
[2011/06/26 02:09:46 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\Windows Live Writer
[2011/06/23 23:58:23 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{D4AA5782-B0AA-4D61-BA51-C9CA68332AF4}
[2011/06/22 20:05:09 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{486E23EC-EDCD-40A9-B6CD-1F24D9027594}
[2011/06/22 16:10:50 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
[2011/06/22 16:10:49 | 000,000,000 | ---D | C] -- C:\SIMTOWER
[2011/06/22 07:21:17 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Roaming\Beat Hazard
[2011/06/22 05:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/06/21 07:21:51 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{6ACDAF69-298E-4466-BC7A-187D98827185}
[2011/06/20 23:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2011/06/20 23:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games
[2011/06/20 23:25:08 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011/06/20 23:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011/06/20 23:24:37 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Roaming\DAEMON Tools Lite
[2011/06/20 23:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011/06/20 19:21:38 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{1A6D9ABC-0166-44FD-B0D0-A913047795E2}
[2011/06/17 23:56:05 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{99EDDEBF-F098-482A-9FFE-0A0942A908FD}
[2011/06/17 11:55:53 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{59CDBDE8-5F63-469A-9D04-9C19CED112CD}
[2011/06/16 23:55:29 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{97B6FAC4-8CBF-4AB3-A1E5-AC36311DB857}
[2011/06/15 06:32:36 | 000,215,624 | ---- | C] (NovaShield, Inc.) -- C:\Windows\System32\drivers\NSKernel.sys
[2011/06/15 06:32:36 | 000,020,040 | ---- | C] (NovaShield, Inc.) -- C:\Windows\System32\drivers\NSNetmon.sys
[2011/06/15 06:32:32 | 000,328,296 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afwcore.sys
[2011/06/15 06:32:32 | 000,304,712 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\Trufos.sys
[2011/06/15 06:32:32 | 000,061,152 | ---- | C] (BullGuard Ltd.) -- C:\Windows\System32\drivers\BdSpy.sys
[2011/06/15 06:32:32 | 000,034,920 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afw.sys
[2011/06/14 15:35:51 | 000,000,000 | ---D | C] -- C:\Users\Scauthra\AppData\Local\{DC7DB60C-F479-4225-8665-BB9F11D08196}
[2011/06/14 13:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/06/14 13:33:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/06/13 20:51:07 | 000,000,000 | ---D | C] -- C:\Program Files\Dragon Age

========== Files - Modified Within 30 Days ==========

[2011/07/13 00:51:15 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/13 00:51:15 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/13 00:51:03 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/13 00:42:40 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/13 00:42:32 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/07/13 00:42:28 | 000,000,312 | -HS- | M] () -- C:\Windows\tasks\Tjzbfvx.job
[2011/07/13 00:42:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/13 00:42:19 | 2414,284,800 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/13 00:39:44 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/07/12 23:42:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1857611789-3349439081-1821341277-1000Core.job
[2011/07/12 23:42:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1857611789-3349439081-1821341277-1000UA.job
[2011/07/11 01:22:38 | 000,659,580 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/11 01:22:38 | 000,120,508 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/08 05:38:29 | 000,002,611 | ---- | M] () -- C:\Users\Scauthra\Desktop\Pirates of the Burning Sea.lnk
[2011/07/04 17:51:18 | 000,001,361 | ---- | M] () -- C:\Users\Public\Desktop\18 WoS Extreme Trucker 2.lnk
[2011/07/04 01:19:56 | 000,017,408 | ---- | M] () -- C:\Users\Scauthra\AppData\Local\WebpageIcons.db
[2011/07/03 04:19:39 | 000,001,244 | ---- | M] () -- C:\Users\Scauthra\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/07/03 02:41:23 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/07/02 23:19:11 | 000,126,976 | RHS- | M] () -- C:\Windows\System32\Defragg.dll
[2011/07/02 22:19:47 | 000,000,824 | ---- | M] () -- C:\Windows\QT$INST$.~32
[2011/07/02 22:19:13 | 000,000,077 | ---- | M] () -- C:\Windows\Maris.ini
[2011/07/02 04:19:41 | 000,028,643 | ---- | M] () -- C:\Users\Scauthra\Documents\sdfg.odt
[2011/07/02 02:50:14 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011/07/02 02:26:07 | 000,023,304 | ---- | M] () -- C:\Users\Scauthra\Documents\sigh.odt
[2011/06/29 20:19:44 | 000,001,265 | ---- | M] () -- C:\Users\Scauthra\Desktop\Champions Online.lnk
[2011/06/29 03:21:38 | 000,285,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/28 23:31:09 | 000,001,284 | ---- | M] () -- C:\Users\Scauthra\Desktop\Terraria.lnk
[2011/06/24 04:18:30 | 000,035,169 | ---- | M] () -- C:\Users\Scauthra\Documents\story ideas.odt
[2011/06/22 16:10:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/06/22 16:10:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/06/22 05:56:48 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/06/20 23:46:18 | 000,002,544 | ---- | M] () -- C:\Users\Public\Desktop\Alice Madness Returns.lnk
[2011/06/20 23:25:08 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011/06/20 23:25:03 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/06/15 06:32:36 | 000,215,624 | ---- | M] (NovaShield, Inc.) -- C:\Windows\System32\drivers\NSKernel.sys
[2011/06/15 06:32:36 | 000,020,040 | ---- | M] (NovaShield, Inc.) -- C:\Windows\System32\drivers\NSNetmon.sys
[2011/06/15 06:32:32 | 000,328,296 | ---- | M] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afwcore.sys
[2011/06/15 06:32:32 | 000,304,712 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\Trufos.sys
[2011/06/15 06:32:32 | 000,061,152 | ---- | M] (BullGuard Ltd.) -- C:\Windows\System32\drivers\BdSpy.sys
[2011/06/15 06:32:32 | 000,034,920 | ---- | M] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afw.sys
[2011/06/14 13:35:32 | 000,127,458 | ---- | M] () -- C:\Users\Scauthra\Documents\cc_20110614_133518.reg
[2011/06/14 01:41:43 | 000,001,328 | ---- | M] () -- C:\Users\Scauthra\Desktop\winamp - Shortcut.lnk

========== Files Created - No Company Name ==========

[2011/07/07 19:49:15 | 000,002,543 | ---- | C] () -- C:\Users\Scauthra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pirates of the Burning Sea (2).lnk
[2011/07/07 19:48:05 | 000,002,611 | ---- | C] () -- C:\Users\Scauthra\Desktop\Pirates of the Burning Sea.lnk
[2011/07/07 19:48:05 | 000,002,543 | ---- | C] () -- C:\Users\Scauthra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pirates of the Burning Sea.lnk
[2011/07/04 17:51:18 | 000,001,361 | ---- | C] () -- C:\Users\Public\Desktop\18 WoS Extreme Trucker 2.lnk
[2011/07/04 01:19:48 | 000,017,408 | ---- | C] () -- C:\Users\Scauthra\AppData\Local\WebpageIcons.db
[2011/07/03 11:32:25 | 000,000,252 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/07/03 04:19:39 | 000,001,244 | ---- | C] () -- C:\Users\Scauthra\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/07/02 23:19:11 | 000,126,976 | RHS- | C] () -- C:\Windows\System32\Defragg.dll
[2011/07/02 23:19:11 | 000,000,312 | -HS- | C] () -- C:\Windows\tasks\Tjzbfvx.job
[2011/07/02 22:19:23 | 000,000,824 | ---- | C] () -- C:\Windows\QT$INST$.~32
[2011/07/02 22:19:13 | 000,000,077 | ---- | C] () -- C:\Windows\Maris.ini
[2011/07/02 22:18:24 | 000,284,160 | ---- | C] () -- C:\Windows\unin040c.exe
[2011/07/02 03:40:10 | 000,028,643 | ---- | C] () -- C:\Users\Scauthra\Documents\sdfg.odt
[2011/07/02 02:45:27 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011/07/02 02:26:07 | 000,023,304 | ---- | C] () -- C:\Users\Scauthra\Documents\sigh.odt
[2011/06/29 20:19:44 | 000,001,265 | ---- | C] () -- C:\Users\Scauthra\Desktop\Champions Online.lnk
[2011/06/28 23:31:09 | 000,001,284 | ---- | C] () -- C:\Users\Scauthra\Desktop\Terraria.lnk
[2011/06/24 04:13:42 | 000,035,169 | ---- | C] () -- C:\Users\Scauthra\Documents\story ideas.odt
[2011/06/23 00:09:20 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/06/22 16:10:50 | 000,002,554 | ---- | C] () -- C:\Windows\WAVEMIX.INI
[2011/06/22 16:10:50 | 000,001,966 | ---- | C] () -- C:\Windows\System\DVA.386
[2011/06/22 16:10:29 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/06/22 16:10:29 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/06/22 05:56:48 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/06/20 23:46:18 | 000,002,544 | ---- | C] () -- C:\Users\Public\Desktop\Alice Madness Returns.lnk
[2011/06/20 23:25:03 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/06/14 13:35:22 | 000,127,458 | ---- | C] () -- C:\Users\Scauthra\Documents\cc_20110614_133518.reg
[2011/06/14 01:41:43 | 000,001,328 | ---- | C] () -- C:\Users\Scauthra\Desktop\winamp - Shortcut.lnk
[2011/04/29 02:36:10 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/03/11 04:01:14 | 000,166,912 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2011/03/11 04:01:14 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2011/02/17 00:16:27 | 000,006,136 | ---- | C] () -- C:\Users\Scauthra\AppData\Local\TimerStop64.sys
[2011/02/17 00:16:27 | 000,004,096 | ---- | C] () -- C:\Users\Scauthra\AppData\Local\TimerStop.sys
[2010/11/11 10:51:29 | 000,000,805 | ---- | C] () -- C:\Windows\System32\RTSLCS.dll
[2009/10/16 07:50:54 | 000,003,930 | ---- | C] () -- C:\Windows\System32\ludap17.ini
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,285,056 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,659,580 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,120,508 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008/11/13 07:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2007/12/04 06:20:30 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini
[2007/06/07 06:25:42 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini
[2005/03/08 07:17:00 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini

========== LOP Check ==========

[2011/04/12 13:56:35 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\.BitTornado
[2011/06/05 02:48:57 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\.minecraft
[2011/06/22 07:21:17 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\Beat Hazard
[2011/07/06 00:50:30 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\BullGuard
[2011/06/20 23:26:10 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\DAEMON Tools Lite
[2011/03/15 02:35:36 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\Kalypso Media
[2011/05/17 00:01:32 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\Lionhead Studios
[2011/02/16 23:54:22 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\LolClient
[2011/03/08 23:14:20 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\OpenOffice.org
[2011/06/04 00:23:26 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\Roaming
[2011/07/06 00:50:30 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\Software Inspection Library
[2011/07/02 18:30:05 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\TerrariaWorldViewer
[2011/04/11 00:56:31 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\The Creative Assembly
[2011/07/11 22:05:27 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\Tropico 3
[2011/02/21 21:51:28 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\Ubisoft
[2011/06/26 02:09:46 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\Windows Live Writer
[2011/02/19 01:06:33 | 000,000,000 | ---D | M] -- C:\Users\Scauthra\AppData\Roaming\YOUDONTKNOWJACK
[2009/07/14 00:53:46 | 000,013,122 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/07/13 00:42:28 | 000,000,312 | -HS- | M] () -- C:\Windows\Tasks\Tjzbfvx.job
[2011/07/13 00:42:32 | 000,000,252 | -H-- | M] () -- C:\Windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP