Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

virus sending out emails to everyone in my address book


  • This topic is locked This topic is locked

#1
pugs09

pugs09

    New Member

  • Member
  • Pip
  • 8 posts
Today, i received a bunch of returned emails to people in my address book that I did not send out emails to. the emails were returned deliverable because I had the persons old email address. Some virus got into my email and sent these emails out. I had a few people tell me about the email they received. It was just a link for a website. There was nothing listed in the email subject line. I have AVG for my anti-virus. How do I get rid of this virus so this does not happen again?

Jim
  • 0

Advertisements


#2
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Hi, Jim, Welcome to GeeksToGo! My name is BlackOxide and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :unsure:

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just incase you are unable to access this site.

Please note the following:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply, unless I specifically need you to attach them.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for me to analyse and fix your PC in the long run.
  • I will always try and respond to replies as soon as possible, but please be patient as some logs require more time than others to fully analyse.
  • If you are not sure of anything along the way, just ask.

OK, lets start :)



Could you go through the following steps please, then get back to me with the logs that they create.



1)
OTL Quick Scan
Download OTL to your Desktop
  • Double click on the OTL icon to run it.
  • When the window appears, underneath Output at the top, make sure Standard Output is selected.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic




2)
Download aswMBR.exe (1.8mb) to your desktop.

Double click aswMBR.exe to run it.

Click the "Scan" button to start the scan.

Posted Image


On completion of the scan click save log, save it to your desktop and post it in your next reply.

Posted Image




In your next reply
Please post the contents of...
OTL logs
aswMBR log

  • 0

#3
pugs09

pugs09

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
OTL logfile created on: 7/23/2011 11:57:01 AM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Jim\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 49.20% Memory free
5.98 Gb Paging File | 4.39 Gb Available in Paging File | 73.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 83.37 Gb Free Space | 56.49% Space Free | Partition Type: NTFS
Drive E: | 465.65 Gb Total Space | 302.00 Gb Free Space | 64.86% Space Free | Partition Type: FAT32

Computer Name: JIM-PC | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/23 11:56:47 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Downloads\OTL (1).exe
PRC - [2011/07/19 13:39:21 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/06/03 12:54:33 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Jim\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
PRC - [2011/06/02 08:56:52 | 000,853,504 | ---- | M] () -- C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.6.0.0_0\plugin\ClickClean.exe
PRC - [2011/05/25 16:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jim\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/29 10:47:46 | 000,170,624 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgfws.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/02/08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/10/25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/27 00:01:58 | 003,474,848 | ---- | M] (Webshots.com) -- C:\Program Files\Webshots\3.1.5.7619\Webshots.scr
PRC - [2010/06/29 08:04:18 | 000,020,480 | ---- | M] (AG Interactive) -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/18 16:36:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
PRC - [2009/06/07 08:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\nlssrv32.exe
PRC - [2009/06/05 01:00:00 | 000,843,776 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009/04/07 10:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/03/20 08:36:58 | 000,210,216 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2008/12/09 10:32:06 | 000,055,120 | ---- | M] (NewSoft Technology Corporation) -- C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe
PRC - [2008/11/03 16:21:18 | 000,030,544 | ---- | M] (NewSoft Technology Corporation) -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2008/05/24 15:34:28 | 000,026,448 | ---- | M] (NewSoft Technology Corporation) -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
PRC - [2007/10/23 10:45:40 | 001,336,632 | ---- | M] () -- C:\ProgramData\U3\U3Launcher\LaunchU3.exe
PRC - [2007/03/29 13:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2007/01/25 20:50:26 | 000,063,096 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2007/01/25 20:47:50 | 000,136,816 | ---- | M] () -- C:\TOSHIBA\IVP\ISM\pinger.exe
PRC - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/11/14 23:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2006/11/06 20:14:44 | 000,034,352 | ---- | M] () -- C:\Program Files\Toshiba\Utilities\KeNotify.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/07/23 11:56:47 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Downloads\OTL (1).exe
MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (HPSLPSVC)
SRV - File not found [On_Demand | Stopped] -- -- (hpqcxs08)
SRV - [2011/06/29 14:39:21 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/06 23:34:17 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/26 16:00:24 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/06/29 08:04:18 | 000,020,480 | ---- | M] (AG Interactive) [Auto | Running] -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe -- (AGCoreService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/09/18 16:36:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA HD DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/07 08:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\nlssrv32.exe -- (nlsX86cc)
SRV - [2007/03/29 13:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/01/25 20:50:26 | 000,063,096 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/01/25 20:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/11/14 23:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - [2011/04/14 21:28:30 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/07/12 05:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010/06/14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/08/07 18:41:30 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2009/07/14 16:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
DRV - [2009/07/13 18:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/01/26 18:17:09 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/01/26 18:17:08 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/11/10 13:26:00 | 000,135,680 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/07/13 12:23:00 | 000,070,528 | ---- | M] (Broadcom Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BRCMHD32.sys -- (BRCMDECO)
DRV - [2007/05/02 04:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/09/27 23:06:00 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr3npxp.sys -- (KR3NPXP)
DRV - [2006/02/14 14:50:00 | 000,216,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2005/09/27 19:57:00 | 000,207,104 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2002/07/17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\Aspi32.sys -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/?_bc=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://att.my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "att.my.yahoo.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: [email protected]:2.9.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.0.5


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.60401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Jim\Program Files\DNA\plugins\npbtdna.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jim\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jim\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/07/12 09:03:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/07/05 13:52:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/19 13:40:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/19 13:40:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/19 13:40:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Jim\Program Files\DNA
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

[2010/11/06 14:10:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim\AppData\Roaming\Mozilla\Extensions
[2009/12/10 18:08:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/07/07 22:07:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions
[2010/11/06 14:10:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/06 14:10:54 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/11/22 14:14:21 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/07/04 23:26:57 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/07/04 23:26:57 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\[email protected]
[2011/06/26 12:14:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\staged
[2011/06/09 10:56:02 | 000,000,000 | ---D | M] (Window Shopper - Powered by Superfish) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\[email protected]
[2011/05/25 15:14:01 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\[email protected]
[2010/12/28 12:56:35 | 000,001,919 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\searchplugins\bing-zugo.xml
[2009/12/16 23:01:33 | 000,000,938 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\searchplugins\facebook.xml
[2008/05/17 21:40:45 | 000,000,887 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\searchplugins\mininova.xml
[2011/07/01 06:16:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/06 13:54:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/06 13:54:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/04/27 08:32:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/06/16 08:30:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/06/18 06:38:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
File not found (No name found) --
[2011/07/12 09:03:54 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
() (No name found) -- C:\USERS\JIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UFYZ4L9J.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
() (No name found) -- C:\USERS\JIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UFYZ4L9J.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\JIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UFYZ4L9J.DEFAULT\EXTENSIONS\[email protected]
[2011/06/15 01:50:10 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/08/29 17:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/07/31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/11/04 23:03:49 | 000,351,190 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 12040 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (WinAVI FLVSense) - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\Toshiba\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe (NewSoft Technology Corporation)
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [PMSpeed] C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation)
O4 - HKCU..\Run: [WorkForce 610(Network)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\Users\Jim\AppData\Roaming\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe ()
O4 - Startup: C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7619\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found
O9 - Extra Button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O9 - Extra 'Tools' menuitem : WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Jim\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Jim\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007/09/26 15:55:14 | 000,000,000 | ---D | M] - E:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2007/05/18 10:37:12 | 000,000,069 | ---- | M] () - E:\autorun.inf.vir -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/22 22:24:51 | 000,000,000 | -HSD | C] -- C:\found.001
[2011/07/22 22:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\AGI
[2011/07/22 21:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\agi
[2011/07/22 21:37:54 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/07/22 21:35:51 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Downloads
[2011/07/22 21:35:46 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNET TechTracker
[2011/07/22 21:35:44 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\CBS Interactive
[2011/07/22 19:54:10 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/07/22 16:26:40 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Search Class
[2011/07/19 14:34:00 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Apps
[2011/07/19 13:41:20 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Real
[2011/07/19 13:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/07/19 13:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2011/07/19 13:33:41 | 000,000,000 | ---D | C] -- C:\Users\Jim\FrostWire
[2011/07/19 13:32:06 | 000,000,000 | ---D | C] -- C:\Users\Jim\.frostwire5
[2011/07/14 21:54:24 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\My Print Creations
[2011/07/11 18:13:04 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Any Video Converter
[2011/07/11 18:12:40 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\AnvSoft
[2011/07/11 17:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2011/07/11 17:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2011/07/11 17:59:51 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\Real
[2011/07/07 22:26:40 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Aimersoft Audio Converter
[2011/07/07 21:58:20 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\vlc
[2011/07/07 21:58:01 | 000,208,896 | ---- | C] (Kiouiidar Xflboxjarey) -- C:\Windows\System32\mfc71ux.dll.vir
[2011/07/07 09:09:39 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\{0CB957F2-762F-4CDF-910A-1F2F0DE2E7FA}
[2011/07/07 09:07:01 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/07/06 13:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[2011/07/06 13:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
[2011/07/05 13:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2011/07/04 10:35:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/07/02 06:35:05 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Water Knot
[2011/07/01 06:03:59 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2011/06/27 10:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDneXtCOPY Ultimate
[2011/06/27 10:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\DVDneXtCOPYUltimate
[2010/09/23 12:53:00 | 000,850,200 | ---- | C] (DivX, Inc. ) -- C:\Users\Jim\AppData\Roaming\DivXInstaller.exe
[2009/12/07 19:37:59 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Jim\AppData\Roaming\pcouffin.sys
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/23 11:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2510932389-418221527-457999020-1000UA.job
[2011/07/23 11:45:30 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/23 11:45:29 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/23 11:43:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/23 11:38:12 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/23 11:37:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/23 11:37:45 | 2408,390,656 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/23 11:04:19 | 000,204,605 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011/07/23 08:24:50 | 290,215,389 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/07/23 07:48:28 | 125,125,551 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/07/22 22:02:44 | 000,001,117 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
[2011/07/22 21:37:54 | 000,002,953 | ---- | M] () -- C:\Users\Jim\Desktop\HiJackThis.lnk
[2011/07/22 12:59:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2510932389-418221527-457999020-1000Core.job
[2011/07/22 11:04:21 | 000,658,369 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2011/07/21 13:14:08 | 000,011,734 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\wklnhst.dat
[2011/07/17 06:12:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2011/07/13 18:41:20 | 000,379,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/12 09:03:55 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/07/11 17:38:33 | 000,071,935 | ---- | M] () -- C:\Users\Jim\Documents\trench rescue class Materials.pdf
[2011/07/07 22:23:05 | 000,001,363 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\dht.table
[2011/07/07 21:58:01 | 000,208,896 | ---- | M] (Kiouiidar Xflboxjarey) -- C:\Windows\System32\mfc71ux.dll.vir
[2011/07/05 13:54:01 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2011/07/05 12:02:01 | 000,000,000 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\AcrobatProX_SpyrosA.exe
[2011/07/05 08:48:10 | 000,010,240 | ---- | M] () -- C:\Users\Jim\Documents\PS3 New Release dates.wps
[2011/07/04 23:26:33 | 000,000,948 | ---- | M] () -- C:\Users\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/07/04 22:38:19 | 000,635,850 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/04 22:38:19 | 000,111,392 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/29 22:23:38 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/06/29 12:55:46 | 000,001,057 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\vso_ts_preview.xml
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/22 23:27:07 | 290,215,389 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/07/22 21:37:54 | 000,002,953 | ---- | C] () -- C:\Users\Jim\Desktop\HiJackThis.lnk
[2011/07/22 21:35:46 | 000,001,198 | ---- | C] () -- C:\Users\Jim\Desktop\CNET TechTracker.lnk
[2011/07/11 17:38:33 | 000,071,935 | ---- | C] () -- C:\Users\Jim\Documents\trench rescue class Materials.pdf
[2011/07/07 22:13:23 | 000,001,363 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\dht.table
[2011/07/05 13:54:01 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2011/07/05 13:54:01 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2011/07/05 13:54:01 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2011/07/05 12:02:01 | 000,000,000 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\AcrobatProX_SpyrosA.exe
[2011/07/04 23:26:33 | 000,000,948 | ---- | C] () -- C:\Users\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/07/01 06:05:18 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/07/01 06:03:39 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011/07/01 06:03:27 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011/06/18 06:40:27 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/06/18 06:40:27 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/06/18 06:40:27 | 000,073,216 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/05/25 06:20:52 | 000,004,608 | ---- | C] () -- C:\Users\Jim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/09 06:27:51 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/12/27 22:05:26 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC0.dat
[2010/12/27 22:05:26 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2010/12/10 13:30:30 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/12/10 13:30:30 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/12/06 08:55:34 | 000,000,000 | ---- | C] () -- C:\Windows\System32\auujbqmwuqraxagn.exe
[2010/11/18 13:18:44 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/11/18 13:18:44 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/11/18 13:18:44 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/11/18 13:18:44 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/11/18 13:18:43 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/11/18 13:18:43 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/11/18 13:18:43 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/11/18 13:18:43 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/11/18 13:18:43 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/11/18 13:18:43 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/11/18 13:18:43 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/11/18 13:18:43 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/11/18 13:18:43 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/11/18 13:18:43 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/11/18 13:18:43 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/11/18 13:18:43 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/11/18 13:17:25 | 000,000,089 | ---- | C] () -- C:\Windows\EPWF610.ini
[2010/11/14 14:27:25 | 000,062,989 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\Jim3SQLite3.dll
[2010/11/11 21:34:54 | 000,201,734 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010/11/11 21:34:54 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010/11/11 18:13:12 | 000,011,250 | ---- | C] () -- C:\ProgramData\search_result.xml
[2010/11/07 12:08:08 | 000,069,545 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2010/11/06 15:10:54 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/11/06 14:23:12 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010/10/22 22:46:33 | 000,202,381 | ---- | C] () -- C:\Windows\hpoins18.dat.temp
[2010/10/22 22:46:33 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat.temp
[2010/10/22 21:55:57 | 000,077,824 | ---- | C] () -- C:\Windows\System32\HPZIDS01.dll
[2010/09/08 12:13:31 | 000,004,489 | ---- | C] () -- C:\Windows\checkip.dat
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010/05/23 16:59:34 | 000,059,924 | ---- | C] () -- C:\Windows\System32\libdvdcss-2.dll
[2010/02/21 10:07:58 | 000,000,025 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\bdfvconp.ini
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wsbl.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_white.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_summ.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_black.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2010/01/22 23:32:22 | 000,000,132 | ---- | C] () -- C:\Windows\System32\rezumatenoi.dat
[2010/01/22 20:51:49 | 000,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat
[2010/01/22 20:51:49 | 000,000,004 | ---- | C] () -- C:\Windows\System32\aspdict-en.dat
[2010/01/12 20:09:52 | 000,275,255 | ---- | C] () -- C:\Windows\closesec.exe
[2009/12/20 15:05:52 | 000,086,016 | ---- | C] () -- C:\Windows\System32\Machinist2.dll
[2009/12/07 19:41:04 | 000,001,057 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\vso_ts_preview.xml
[2009/12/07 19:37:59 | 000,087,608 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\inst.exe
[2009/12/07 19:37:59 | 000,007,887 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\pcouffin.cat
[2009/12/07 19:37:59 | 000,001,144 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\pcouffin.inf
[2009/10/26 06:14:54 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009/09/23 19:16:08 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/08/05 13:14:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,379,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,635,850 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,111,392 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/28 13:29:09 | 000,116,842 | ---- | C] () -- C:\Windows\hpqins00.dat
[2009/03/16 03:03:05 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/03/06 16:46:22 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2009/03/06 16:46:22 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2009/03/06 16:46:22 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2009/03/06 16:46:22 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2009/01/27 15:19:25 | 000,017,709 | ---- | C] () -- C:\Windows\System32\718page.dat
[2009/01/27 15:19:25 | 000,017,153 | ---- | C] () -- C:\Windows\System32\keys726.dat
[2009/01/27 15:19:25 | 000,004,401 | ---- | C] () -- C:\Windows\System32\uninstall2b4.bin
[2009/01/27 15:19:25 | 000,003,845 | ---- | C] () -- C:\Windows\System32\701_data.bin
[2009/01/27 15:19:25 | 000,003,288 | ---- | C] () -- C:\Windows\System32\709part.bin
[2009/01/27 15:19:24 | 000,017,841 | ---- | C] () -- C:\Windows\System32\soap664.bin
[2009/01/27 15:19:24 | 000,017,285 | ---- | C] () -- C:\Windows\System32\sparse0672.bin
[2009/01/27 15:19:24 | 000,015,790 | ---- | C] () -- C:\Windows\System32\user681.dat
[2009/01/27 15:19:24 | 000,012,146 | ---- | C] () -- C:\Windows\System32\797base.bin
[2009/01/27 15:19:24 | 000,011,590 | ---- | C] () -- C:\Windows\System32\cookies805.bin
[2009/01/27 15:19:24 | 000,010,096 | ---- | C] () -- C:\Windows\System32\data032E.bin
[2009/01/27 15:19:24 | 000,009,539 | ---- | C] () -- C:\Windows\System32\keys822.dat
[2009/01/27 15:19:24 | 000,008,045 | ---- | C] () -- C:\Windows\System32\33f.dat
[2009/01/27 15:19:24 | 000,007,489 | ---- | C] () -- C:\Windows\System32\user839.dat
[2009/01/27 15:19:24 | 000,005,580 | ---- | C] () -- C:\Windows\System32\1ed.dat
[2009/01/27 15:19:24 | 000,005,024 | ---- | C] () -- C:\Windows\System32\502backup.dat
[2009/01/27 15:19:24 | 000,003,420 | ---- | C] () -- C:\Windows\System32\028F.bin
[2009/01/27 15:19:23 | 000,015,376 | ---- | C] () -- C:\Windows\System32\resource581.bin
[2009/01/27 15:19:23 | 000,014,820 | ---- | C] () -- C:\Windows\System32\soap589.bin
[2009/01/27 15:19:23 | 000,013,326 | ---- | C] () -- C:\Windows\System32\user598.dat
[2009/01/27 15:19:23 | 000,012,769 | ---- | C] () -- C:\Windows\System32\threat606y.dat
[2009/01/27 15:19:23 | 000,011,275 | ---- | C] () -- C:\Windows\System32\uninstall267.dat
[2009/01/27 15:19:23 | 000,003,661 | ---- | C] () -- C:\Windows\System32\uninstall1c8.dat
[2009/01/27 15:19:23 | 000,003,105 | ---- | C] () -- C:\Windows\System32\images465.dat
[2009/01/27 15:19:23 | 000,002,549 | ---- | C] () -- C:\Windows\System32\wtl_dt473.dat
[2009/01/27 15:19:22 | 000,013,457 | ---- | C] () -- C:\Windows\System32\0121mixed.bin
[2009/01/27 15:19:22 | 000,012,901 | ---- | C] () -- C:\Windows\System32\297backup.bin
[2009/01/27 15:19:22 | 000,011,407 | ---- | C] () -- C:\Windows\System32\306base.dat
[2009/01/27 15:19:22 | 000,010,850 | ---- | C] () -- C:\Windows\System32\wtl_dt314.dat
[2009/01/27 15:19:22 | 000,009,356 | ---- | C] () -- C:\Windows\System32\323page.dat
[2009/01/27 15:19:22 | 000,007,206 | ---- | C] () -- C:\Windows\System32\wtl_dt430.bin
[2009/01/27 15:19:22 | 000,005,712 | ---- | C] () -- C:\Windows\System32\user439.bin
[2009/01/27 15:19:22 | 000,005,287 | ---- | C] () -- C:\Windows\System32\139backup.bin
[2009/01/27 15:19:22 | 000,005,156 | ---- | C] () -- C:\Windows\System32\threat448y.bin
[2009/01/27 15:19:22 | 000,003,793 | ---- | C] () -- C:\Windows\System32\147base.bin
[2009/01/27 15:19:22 | 000,003,237 | ---- | C] () -- C:\Windows\System32\data009C.bin
[2009/01/27 15:19:21 | 000,008,386 | ---- | C] () -- C:\Windows\System32\231part.dat
[2009/01/27 15:19:21 | 000,006,891 | ---- | C] () -- C:\Windows\System32\240page.dat
[2008/10/09 12:50:28 | 000,038,430 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\Comma Separated Values (Windows).ADR
[2008/07/23 17:54:48 | 000,003,082 | ---- | C] () -- C:\Windows\System32\affv9553p6now.sys
[2008/07/03 14:27:23 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin
[2008/06/26 20:07:58 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/04/30 16:51:14 | 000,167,936 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2008/02/09 22:13:04 | 000,196,608 | ---- | C] () -- C:\Windows\System32\avisynth.dll
[2008/02/02 11:09:34 | 000,000,068 | ---- | C] () -- C:\Windows\swupdate.INI
[2008/01/05 09:06:41 | 000,011,734 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\wklnhst.dat
[2007/12/03 17:47:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/06/26 02:19:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/05/30 22:15:21 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/05/30 22:15:21 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/05/30 22:15:21 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/05/30 22:15:21 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/05/30 22:15:21 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/05/30 22:15:21 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/05/30 20:37:51 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/05/30 20:36:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007/05/30 20:31:39 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/05/30 20:31:39 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/05/30 20:31:39 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/05/30 20:31:39 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007/05/30 20:20:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2007/05/30 20:20:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2007/05/30 20:20:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007/05/30 20:20:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2005/11/23 17:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/05/08 09:36:58 | 000,045,280 | -H-- | C] () -- C:\Users\Jim\AppData\Roaming\Jimlog.dat
[2005/04/27 13:40:30 | 000,002,570 | ---- | C] () -- C:\Windows\WINDVDBOOTRECDOE.sys
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2000/02/04 01:18:12 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll

========== LOP Check ==========

[2011/07/23 11:39:15 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\.oit
[2011/04/08 13:06:39 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Acer
[2011/07/11 18:12:40 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\AnvSoft
[2010/11/11 22:33:54 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\AVG10
[2010/01/22 19:06:06 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\BD_TEMP
[2010/11/06 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\BitTorrent
[2010/11/06 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/11/06 14:10:34 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\DNA
[2011/07/23 11:39:44 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Dropbox
[2010/11/14 21:38:45 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Easeware
[2010/12/07 15:10:56 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Epson
[2011/05/02 22:18:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\FrostWire
[2010/11/06 14:10:36 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Image Zone Express
[2010/11/18 13:42:09 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Leader Technologies
[2010/11/06 14:10:36 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Leadertech
[2011/07/22 21:35:45 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\OpenCandy
[2010/11/06 14:10:57 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\OpenOffice.org
[2010/11/06 14:10:58 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Printer Info Cache
[2010/11/07 12:09:28 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\QuickScan
[2010/12/06 08:55:11 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Registry Booster
[2010/12/10 16:27:24 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Samsung
[2010/11/06 14:10:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Simply Super Software
[2010/11/06 14:10:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\SpinTop
[2010/11/06 14:10:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Template
[2010/11/06 14:10:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\TOSHIBA
[2010/11/06 14:11:04 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Ulead Systems
[2011/07/22 21:41:08 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\uTorrent
[2011/06/29 12:38:04 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Vso
[2010/11/06 14:11:05 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Webshots
[2010/11/06 14:11:08 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\WinAVI
[2010/11/06 14:11:08 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\WinBatch
[2010/11/17 08:13:09 | 000,000,000 | RHSD | M] -- C:\Users\Jim\AppData\Roaming\WinDr
[2011/07/17 06:12:05 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2011/07/11 16:12:17 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
  • 0

#4
pugs09

pugs09

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
OTL Extras logfile created on: 7/23/2011 11:02:38 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Jim\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 42.61% Memory free
5.98 Gb Paging File | 4.29 Gb Available in Paging File | 71.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 83.54 Gb Free Space | 56.60% Space Free | Partition Type: NTFS
Drive E: | 465.65 Gb Total Space | 302.00 Gb Free Space | 64.86% Space Free | Partition Type: FAT32

Computer Name: JIM-PC | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- ()
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- ()
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine -- (TOSHIBA Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0E9C4531-58C4-4349-AD2F-A4D999E451EC}" = TOSHIBA Music
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = LizardTech DjVu Control
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E1300BC-6DBA-476B-8CCF-4AA81ED4DF6A}" = AVG 2011
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 26
"{2857dbef-0b50-361c-8690-7d505747009f}" = Webshots Desktop
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA HD DVD PLAYER
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73CD9967-000C-49C6-A900-C87D5B2D253F}" = Presto! PageManager 8.15.01 SE
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{759142E8-25B0-42AE-B408-4215065D3F4B}" = Windows Live Family Safety
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{80490945-CE48-45CF-9CCA-CA0EF44D9FE4}" = AVG 2011
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B38E9B55-7136-4E66-A084-320512FF3F6F}" = LTCM Client
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BC66FD90-7BF4-4026-8119-04161D02A2F3}" = ArcSoft Print Creations
"{BCB4C18A-ACA6-4383-8688-E19933A705DD}" = Microsoft SOAP Toolkit 3.0
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}" = U3Launcher
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.10.324
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEE2C7D1-47BE-49F6-A850-9C518780D87F}_is1" = RebateRobot Chrome Extension version 1.2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FFFAE01B-466F-4C07-9821-A94FD753BDDA}" = EpsonNet Setup
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Aimersoft Audio Converter_is1" = Aimersoft Audio Converter(Build 2.2.0.37)
"Aimersoft DVD Copy_is1" = Aimersoft DVD Copy(Build 2.0.0.16)
"Aimersoft DVD Creator_is1" = Aimersoft DVD Creator(Build 2.1.1.0)
"Aimersoft DVD Ripper_is1" = Aimersoft DVD Ripper(Build 2.2.0.27)
"Aimersoft DVD Studio Pack_is1" = Aimersoft DVD Studio Pack(Build 2.2.0.19)
"Aimersoft Video Converter_is1" = Aimersoft Video Converter(Build 2.2.0.19)
"Akamai" = Akamai NetSession Interface
"ATT-PRT22" = ATT-PRT22
"AVG" = AVG 2011
"BCM70010" = Broadcom High Definition Video Decoder 2.6.0.2
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Desktop Dialer" = Desktop Dialer
"DVDneXtCOPY" = DVDneXtCOPY
"DVDneXtCOPY 3 Ultimate" = DVDneXtCOPY 3 Ultimate
"DVDneXtCOPYUltimate" = DVDneXtCOPYUltimate
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"EPSON WorkForce 610 Series" = EPSON WorkForce 610 Series Printer Uninstall
"FileHippo.com" = FileHippo.com Update Checker
"Flame Skin" = Flame Skin
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Full)
"Machinist 2" = Machinist 2
"Machinist2DLL" = Machinist2DLL
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"Prism" = Prism Video Converter
"RealPlayer 12.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Game Console" = TOSHIBA Game Console
"TOSHIBA Media Center Game Console" = TOSHIBA Media Center Game Console
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Trojan Remover_is1" = Trojan Remover 6.8.2
"TVWiz" = Intel® TV Wizard
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"VobSub" = VobSub v2.05 (Remove Only)
"WinAVI DVD Copy_is1" = WinAVI DVD Copy
"WinAVI FLV Converter 1.0_is1" = WinAVI FLV Converter
"WinAVI Video Converter_is1" = WinAVI Video Converter
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WT022090" = Mah Jong Quest
"Yahoo! Companion" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"CNET TechTracker" = CNET TechTracker
"Dropbox" = Dropbox
"fortickbags" = CiD Help
"Google Chrome" = Google Chrome
"LastPass" = LastPass (uninstall only)

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
  • 0

#5
pugs09

pugs09

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
aswMBR version 0.9.8.977 Copyright© 2011 AVAST Software
Run date: 2011-07-23 12:10:50
-----------------------------
12:10:50.847 OS Version: Windows 6.1.7601 Service Pack 1
12:10:50.848 Number of processors: 2 586 0xF0D
12:10:50.850 ComputerName: JIM-PC UserName: Jim
12:10:52.867 Initialize success
12:11:16.470 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
12:11:16.474 Disk 0 Vendor: Hitachi_HTS542516K9SA00 BBCOC33P Size: 152627MB BusType: 11
12:11:16.488 Disk 0 MBR read successfully
12:11:16.493 Disk 0 MBR scan
12:11:16.498 Disk 0 Windows 7 default MBR code
12:11:16.506 Disk 0 scanning sectors +312580096
12:11:16.595 Disk 0 scanning C:\Windows\system32\drivers
12:11:29.253 Service scanning
12:11:31.318 Modules scanning
12:11:52.168 Disk 0 trace - called modules:
12:11:52.189 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
12:11:52.195 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8618d030]
12:11:52.201 3 CLASSPNP.SYS[8b84959e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x86089908]
12:11:52.208 Scan finished successfully
12:13:40.966 Disk 0 MBR has been saved successfully to "C:\Users\Jim\Documents\MBR.dat"
12:13:40.978 The log file has been saved successfully to "C:\Users\Jim\Documents\aswMBR.txt"
  • 0

#6
pugs09

pugs09

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
thanks in advance for the help!
  • 0

#7
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Thanks for the logs. There are some items in the OTL log I'd like to remove, but most are just Adware entries. Your aswMBR log looks good.

Could you do the following two steps for me please, then get back to me with the logs :)



1)
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
    [2010/11/22 14:14:21 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
    [2011/07/04 23:26:57 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\[email protected]
    O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
    O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
    O32 - AutoRun File - [2007/09/26 15:55:14 | 000,000,000 | ---D | M] - E:\autorun -- [ FAT32 ]
    O32 - AutoRun File - [2007/05/18 10:37:12 | 000,000,069 | ---- | M] () - E:\autorun.inf.vir -- [ FAT32 ]
    [2011/07/07 21:58:01 | 000,208,896 | ---- | C] (Kiouiidar Xflboxjarey) -- C:\Windows\System32\mfc71ux.dll.vir
    [2008/07/23 17:54:48 | 000,003,082 | ---- | C] () -- C:\Windows\System32\affv9553p6now.sys
    [2011/07/23 11:39:15 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\.oit
    
    :Services
    
    :Reg
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.




2)
Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.




In your next reply
Please post the contents of...
OTL log
MBAM log

  • 0

#8
pugs09

pugs09

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
OTL logfile created on: 7/23/2011 7:31:40 PM - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Jim\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 49.27% Memory free
5.98 Gb Paging File | 4.42 Gb Available in Paging File | 73.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 83.65 Gb Free Space | 56.68% Space Free | Partition Type: NTFS
Drive E: | 465.65 Gb Total Space | 302.00 Gb Free Space | 64.86% Space Free | Partition Type: FAT32

Computer Name: JIM-PC | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/23 11:01:37 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Downloads\OTL.exe
PRC - [2011/07/19 13:39:21 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/06/03 12:54:33 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Jim\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
PRC - [2011/06/02 08:56:52 | 000,853,504 | ---- | M] () -- C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.6.0.0_0\plugin\ClickClean.exe
PRC - [2011/05/25 16:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jim\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgfws.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/02/08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/10/25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/27 00:01:58 | 003,474,848 | ---- | M] (Webshots.com) -- C:\Program Files\Webshots\3.1.5.7619\Webshots.scr
PRC - [2010/06/29 08:04:18 | 000,020,480 | ---- | M] (AG Interactive) -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/18 16:36:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
PRC - [2009/06/07 08:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\nlssrv32.exe
PRC - [2009/06/05 01:00:00 | 000,843,776 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009/04/07 10:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/03/20 08:36:58 | 000,210,216 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2008/12/09 10:32:06 | 000,055,120 | ---- | M] (NewSoft Technology Corporation) -- C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe
PRC - [2008/11/03 16:21:18 | 000,030,544 | ---- | M] (NewSoft Technology Corporation) -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2008/05/24 15:34:28 | 000,026,448 | ---- | M] (NewSoft Technology Corporation) -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
PRC - [2007/10/23 10:45:40 | 001,336,632 | ---- | M] () -- C:\ProgramData\U3\U3Launcher\LaunchU3.exe
PRC - [2007/03/29 13:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2007/01/25 20:50:26 | 000,063,096 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2007/01/25 20:47:50 | 000,136,816 | ---- | M] () -- C:\TOSHIBA\IVP\ISM\pinger.exe
PRC - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/11/14 23:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2006/11/06 20:14:44 | 000,034,352 | ---- | M] () -- C:\Program Files\Toshiba\Utilities\KeNotify.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/07/23 11:01:37 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Downloads\OTL.exe
MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (HPSLPSVC)
SRV - File not found [On_Demand | Stopped] -- -- (hpqcxs08)
SRV - [2011/06/29 14:39:21 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/06 23:34:17 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/26 16:00:24 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/06/29 08:04:18 | 000,020,480 | ---- | M] (AG Interactive) [Auto | Running] -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe -- (AGCoreService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/09/18 16:36:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA HD DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/07 08:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\nlssrv32.exe -- (nlsX86cc)
SRV - [2007/03/29 13:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/01/25 20:50:26 | 000,063,096 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/01/25 20:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/11/14 23:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - [2011/04/14 21:28:30 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/07/12 05:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010/06/14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/08/07 18:41:30 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2009/07/14 16:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
DRV - [2009/07/13 18:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/01/26 18:17:09 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/01/26 18:17:08 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/11/10 13:26:00 | 000,135,680 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/07/13 12:23:00 | 000,070,528 | ---- | M] (Broadcom Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\BRCMHD32.sys -- (BRCMDECO)
DRV - [2007/05/02 04:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/09/27 23:06:00 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr3npxp.sys -- (KR3NPXP)
DRV - [2006/02/14 14:50:00 | 000,216,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2005/09/27 19:57:00 | 000,207,104 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2002/07/17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\Aspi32.sys -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/?_bc=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://att.my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "att.my.yahoo.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: [email protected]:2.9.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.0.5


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.60401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Jim\Program Files\DNA\plugins\npbtdna.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jim\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jim\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/07/12 09:03:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/07/05 13:52:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/19 13:40:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/19 13:40:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/19 13:40:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Jim\Program Files\DNA
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

[2010/11/06 14:10:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim\AppData\Roaming\Mozilla\Extensions
[2009/12/10 18:08:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/07/23 19:25:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions
[2010/11/06 14:10:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/06 14:10:54 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/07/04 23:26:57 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/06/26 12:14:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\staged
[2011/06/09 10:56:02 | 000,000,000 | ---D | M] (Window Shopper - Powered by Superfish) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\[email protected]
[2011/05/25 15:14:01 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\extensions\[email protected]
[2010/12/28 12:56:35 | 000,001,919 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\searchplugins\bing-zugo.xml
[2009/12/16 23:01:33 | 000,000,938 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\searchplugins\facebook.xml
[2008/05/17 21:40:45 | 000,000,887 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\ufyz4l9j.default\searchplugins\mininova.xml
[2011/07/01 06:16:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/06 13:54:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/06 13:54:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/04/27 08:32:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/06/16 08:30:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/06/18 06:38:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
File not found (No name found) --
[2011/07/12 09:03:54 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
() (No name found) -- C:\USERS\JIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UFYZ4L9J.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
() (No name found) -- C:\USERS\JIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UFYZ4L9J.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\JIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UFYZ4L9J.DEFAULT\EXTENSIONS\[email protected]
[2011/06/15 01:50:10 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/08/29 17:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/07/31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/07/23 19:25:37 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (WinAVI FLVSense) - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\Toshiba\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe (NewSoft Technology Corporation)
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [PMSpeed] C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation)
O4 - HKCU..\Run: [WorkForce 610(Network)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\Users\Jim\AppData\Roaming\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe ()
O4 - Startup: C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7619\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found
O9 - Extra Button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O9 - Extra 'Tools' menuitem : WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Jim\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Jim\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007/09/26 15:55:14 | 000,000,000 | ---D | M] - E:\autorun -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/23 19:29:00 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\.oit
[2011/07/23 19:25:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/22 22:24:51 | 000,000,000 | -HSD | C] -- C:\found.001
[2011/07/22 22:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\AGI
[2011/07/22 21:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\agi
[2011/07/22 21:37:54 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/07/22 21:35:51 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Downloads
[2011/07/22 19:54:10 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/07/22 16:26:40 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Search Class
[2011/07/19 14:34:00 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Apps
[2011/07/19 13:41:20 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Real
[2011/07/19 13:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/07/19 13:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2011/07/19 13:33:41 | 000,000,000 | ---D | C] -- C:\Users\Jim\FrostWire
[2011/07/19 13:32:06 | 000,000,000 | ---D | C] -- C:\Users\Jim\.frostwire5
[2011/07/14 21:54:24 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\My Print Creations
[2011/07/11 18:13:04 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Any Video Converter
[2011/07/11 18:12:40 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\AnvSoft
[2011/07/11 17:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2011/07/11 17:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2011/07/11 17:59:51 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\Real
[2011/07/07 22:26:40 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Aimersoft Audio Converter
[2011/07/07 21:58:20 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\vlc
[2011/07/07 09:09:39 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\{0CB957F2-762F-4CDF-910A-1F2F0DE2E7FA}
[2011/07/07 09:07:01 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/07/06 13:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[2011/07/06 13:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
[2011/07/05 13:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2011/07/04 10:35:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/07/02 06:35:05 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Water Knot
[2011/07/01 06:03:59 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2011/06/27 10:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDneXtCOPY Ultimate
[2011/06/27 10:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\DVDneXtCOPYUltimate
[2010/09/23 12:53:00 | 000,850,200 | ---- | C] (DivX, Inc. ) -- C:\Users\Jim\AppData\Roaming\DivXInstaller.exe
[2009/12/07 19:37:59 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Jim\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/07/23 19:35:10 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/23 19:35:10 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/23 19:27:49 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/23 19:27:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/23 19:27:14 | 2408,390,656 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/23 19:25:37 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/07/23 19:15:14 | 125,143,956 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/07/23 19:11:30 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2510932389-418221527-457999020-1000UA.job
[2011/07/23 19:11:30 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/23 12:59:01 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2510932389-418221527-457999020-1000Core.job
[2011/07/23 12:13:40 | 000,000,512 | ---- | M] () -- C:\Users\Jim\Documents\MBR.dat
[2011/07/23 11:04:19 | 000,204,605 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011/07/22 22:02:44 | 000,001,117 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
[2011/07/22 21:37:54 | 000,002,953 | ---- | M] () -- C:\Users\Jim\Desktop\HiJackThis.lnk
[2011/07/22 11:04:21 | 000,658,369 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2011/07/21 13:14:08 | 000,011,734 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\wklnhst.dat
[2011/07/17 06:12:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2011/07/13 18:41:20 | 000,379,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/12 09:03:55 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/07/11 17:38:33 | 000,071,935 | ---- | M] () -- C:\Users\Jim\Documents\trench rescue class Materials.pdf
[2011/07/07 22:23:05 | 000,001,363 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\dht.table
[2011/07/05 13:54:01 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2011/07/05 12:02:01 | 000,000,000 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\AcrobatProX_SpyrosA.exe
[2011/07/05 08:48:10 | 000,010,240 | ---- | M] () -- C:\Users\Jim\Documents\PS3 New Release dates.wps
[2011/07/04 23:26:33 | 000,000,948 | ---- | M] () -- C:\Users\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/07/04 22:38:19 | 000,635,850 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/04 22:38:19 | 000,111,392 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/29 22:23:38 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/06/29 12:55:46 | 000,001,057 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\vso_ts_preview.xml

========== Files Created - No Company Name ==========

[2011/07/23 12:13:40 | 000,000,512 | ---- | C] () -- C:\Users\Jim\Documents\MBR.dat
[2011/07/22 21:37:54 | 000,002,953 | ---- | C] () -- C:\Users\Jim\Desktop\HiJackThis.lnk
[2011/07/11 17:38:33 | 000,071,935 | ---- | C] () -- C:\Users\Jim\Documents\trench rescue class Materials.pdf
[2011/07/07 22:13:23 | 000,001,363 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\dht.table
[2011/07/05 13:54:01 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2011/07/05 13:54:01 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2011/07/05 13:54:01 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2011/07/05 12:02:01 | 000,000,000 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\AcrobatProX_SpyrosA.exe
[2011/07/04 23:26:33 | 000,000,948 | ---- | C] () -- C:\Users\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/07/01 06:05:18 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/07/01 06:03:39 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011/07/01 06:03:27 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011/06/18 06:40:27 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/06/18 06:40:27 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/06/18 06:40:27 | 000,073,216 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/05/25 06:20:52 | 000,004,608 | ---- | C] () -- C:\Users\Jim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/09 06:27:51 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/12/27 22:05:26 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC0.dat
[2010/12/27 22:05:26 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2010/12/10 13:30:30 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/12/10 13:30:30 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/12/06 08:55:34 | 000,000,000 | ---- | C] () -- C:\Windows\System32\auujbqmwuqraxagn.exe
[2010/11/18 13:18:44 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/11/18 13:18:44 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/11/18 13:18:44 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/11/18 13:18:44 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/11/18 13:18:43 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/11/18 13:18:43 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/11/18 13:18:43 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/11/18 13:18:43 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/11/18 13:18:43 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/11/18 13:18:43 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/11/18 13:18:43 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/11/18 13:18:43 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/11/18 13:18:43 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/11/18 13:18:43 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/11/18 13:18:43 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/11/18 13:18:43 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/11/18 13:17:25 | 000,000,089 | ---- | C] () -- C:\Windows\EPWF610.ini
[2010/11/14 14:27:25 | 000,062,989 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\Jim3SQLite3.dll
[2010/11/11 21:34:54 | 000,201,734 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010/11/11 21:34:54 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010/11/11 18:13:12 | 000,011,250 | ---- | C] () -- C:\ProgramData\search_result.xml
[2010/11/07 12:08:08 | 000,069,545 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2010/11/06 15:10:54 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/11/06 14:23:12 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010/10/22 22:46:33 | 000,202,381 | ---- | C] () -- C:\Windows\hpoins18.dat.temp
[2010/10/22 22:46:33 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat.temp
[2010/10/22 21:55:57 | 000,077,824 | ---- | C] () -- C:\Windows\System32\HPZIDS01.dll
[2010/09/08 12:13:31 | 000,004,489 | ---- | C] () -- C:\Windows\checkip.dat
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010/05/23 16:59:34 | 000,059,924 | ---- | C] () -- C:\Windows\System32\libdvdcss-2.dll
[2010/02/21 10:07:58 | 000,000,025 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\bdfvconp.ini
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010/01/29 21:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wsbl.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_white.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_summ.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_black.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2010/01/24 10:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2010/01/22 23:32:22 | 000,000,132 | ---- | C] () -- C:\Windows\System32\rezumatenoi.dat
[2010/01/22 20:51:49 | 000,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat
[2010/01/22 20:51:49 | 000,000,004 | ---- | C] () -- C:\Windows\System32\aspdict-en.dat
[2010/01/12 20:09:52 | 000,275,255 | ---- | C] () -- C:\Windows\closesec.exe
[2009/12/20 15:05:52 | 000,086,016 | ---- | C] () -- C:\Windows\System32\Machinist2.dll
[2009/12/07 19:41:04 | 000,001,057 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\vso_ts_preview.xml
[2009/12/07 19:37:59 | 000,087,608 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\inst.exe
[2009/12/07 19:37:59 | 000,007,887 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\pcouffin.cat
[2009/12/07 19:37:59 | 000,001,144 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\pcouffin.inf
[2009/10/26 06:14:54 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009/09/23 19:16:08 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/08/05 13:14:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,379,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,635,850 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,111,392 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/28 13:29:09 | 000,116,842 | ---- | C] () -- C:\Windows\hpqins00.dat
[2009/03/16 03:03:05 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/03/06 16:46:22 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2009/03/06 16:46:22 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2009/03/06 16:46:22 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2009/03/06 16:46:22 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2009/01/27 15:19:25 | 000,017,709 | ---- | C] () -- C:\Windows\System32\718page.dat
[2009/01/27 15:19:25 | 000,017,153 | ---- | C] () -- C:\Windows\System32\keys726.dat
[2009/01/27 15:19:25 | 000,004,401 | ---- | C] () -- C:\Windows\System32\uninstall2b4.bin
[2009/01/27 15:19:25 | 000,003,845 | ---- | C] () -- C:\Windows\System32\701_data.bin
[2009/01/27 15:19:25 | 000,003,288 | ---- | C] () -- C:\Windows\System32\709part.bin
[2009/01/27 15:19:24 | 000,017,841 | ---- | C] () -- C:\Windows\System32\soap664.bin
[2009/01/27 15:19:24 | 000,017,285 | ---- | C] () -- C:\Windows\System32\sparse0672.bin
[2009/01/27 15:19:24 | 000,015,790 | ---- | C] () -- C:\Windows\System32\user681.dat
[2009/01/27 15:19:24 | 000,012,146 | ---- | C] () -- C:\Windows\System32\797base.bin
[2009/01/27 15:19:24 | 000,011,590 | ---- | C] () -- C:\Windows\System32\cookies805.bin
[2009/01/27 15:19:24 | 000,010,096 | ---- | C] () -- C:\Windows\System32\data032E.bin
[2009/01/27 15:19:24 | 000,009,539 | ---- | C] () -- C:\Windows\System32\keys822.dat
[2009/01/27 15:19:24 | 000,008,045 | ---- | C] () -- C:\Windows\System32\33f.dat
[2009/01/27 15:19:24 | 000,007,489 | ---- | C] () -- C:\Windows\System32\user839.dat
[2009/01/27 15:19:24 | 000,005,580 | ---- | C] () -- C:\Windows\System32\1ed.dat
[2009/01/27 15:19:24 | 000,005,024 | ---- | C] () -- C:\Windows\System32\502backup.dat
[2009/01/27 15:19:24 | 000,003,420 | ---- | C] () -- C:\Windows\System32\028F.bin
[2009/01/27 15:19:23 | 000,015,376 | ---- | C] () -- C:\Windows\System32\resource581.bin
[2009/01/27 15:19:23 | 000,014,820 | ---- | C] () -- C:\Windows\System32\soap589.bin
[2009/01/27 15:19:23 | 000,013,326 | ---- | C] () -- C:\Windows\System32\user598.dat
[2009/01/27 15:19:23 | 000,012,769 | ---- | C] () -- C:\Windows\System32\threat606y.dat
[2009/01/27 15:19:23 | 000,011,275 | ---- | C] () -- C:\Windows\System32\uninstall267.dat
[2009/01/27 15:19:23 | 000,003,661 | ---- | C] () -- C:\Windows\System32\uninstall1c8.dat
[2009/01/27 15:19:23 | 000,003,105 | ---- | C] () -- C:\Windows\System32\images465.dat
[2009/01/27 15:19:23 | 000,002,549 | ---- | C] () -- C:\Windows\System32\wtl_dt473.dat
[2009/01/27 15:19:22 | 000,013,457 | ---- | C] () -- C:\Windows\System32\0121mixed.bin
[2009/01/27 15:19:22 | 000,012,901 | ---- | C] () -- C:\Windows\System32\297backup.bin
[2009/01/27 15:19:22 | 000,011,407 | ---- | C] () -- C:\Windows\System32\306base.dat
[2009/01/27 15:19:22 | 000,010,850 | ---- | C] () -- C:\Windows\System32\wtl_dt314.dat
[2009/01/27 15:19:22 | 000,009,356 | ---- | C] () -- C:\Windows\System32\323page.dat
[2009/01/27 15:19:22 | 000,007,206 | ---- | C] () -- C:\Windows\System32\wtl_dt430.bin
[2009/01/27 15:19:22 | 000,005,712 | ---- | C] () -- C:\Windows\System32\user439.bin
[2009/01/27 15:19:22 | 000,005,287 | ---- | C] () -- C:\Windows\System32\139backup.bin
[2009/01/27 15:19:22 | 000,005,156 | ---- | C] () -- C:\Windows\System32\threat448y.bin
[2009/01/27 15:19:22 | 000,003,793 | ---- | C] () -- C:\Windows\System32\147base.bin
[2009/01/27 15:19:22 | 000,003,237 | ---- | C] () -- C:\Windows\System32\data009C.bin
[2009/01/27 15:19:21 | 000,008,386 | ---- | C] () -- C:\Windows\System32\231part.dat
[2009/01/27 15:19:21 | 000,006,891 | ---- | C] () -- C:\Windows\System32\240page.dat
[2008/10/09 12:50:28 | 000,038,430 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\Comma Separated Values (Windows).ADR
[2008/07/03 14:27:23 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin
[2008/06/26 20:07:58 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/04/30 16:51:14 | 000,167,936 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2008/02/09 22:13:04 | 000,196,608 | ---- | C] () -- C:\Windows\System32\avisynth.dll
[2008/02/02 11:09:34 | 000,000,068 | ---- | C] () -- C:\Windows\swupdate.INI
[2008/01/05 09:06:41 | 000,011,734 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\wklnhst.dat
[2007/12/03 17:47:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/06/26 02:19:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/05/30 22:15:21 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/05/30 22:15:21 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/05/30 22:15:21 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/05/30 22:15:21 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/05/30 22:15:21 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/05/30 22:15:21 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/05/30 20:37:51 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/05/30 20:36:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007/05/30 20:31:39 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/05/30 20:31:39 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/05/30 20:31:39 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/05/30 20:31:39 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007/05/30 20:20:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2007/05/30 20:20:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2007/05/30 20:20:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007/05/30 20:20:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2005/11/23 17:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/05/08 09:36:58 | 000,045,280 | -H-- | C] () -- C:\Users\Jim\AppData\Roaming\Jimlog.dat
[2005/04/27 13:40:30 | 000,002,570 | ---- | C] () -- C:\Windows\WINDVDBOOTRECDOE.sys
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2000/02/04 01:18:12 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll

========== LOP Check ==========

[2011/07/23 19:29:31 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\.oit
[2011/04/08 13:06:39 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Acer
[2011/07/11 18:12:40 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\AnvSoft
[2010/11/11 22:33:54 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\AVG10
[2010/01/22 19:06:06 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\BD_TEMP
[2010/11/06 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\BitTorrent
[2010/11/06 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/11/06 14:10:34 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\DNA
[2011/07/23 19:29:33 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Dropbox
[2010/11/14 21:38:45 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Easeware
[2010/12/07 15:10:56 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Epson
[2011/05/02 22:18:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\FrostWire
[2010/11/06 14:10:36 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Image Zone Express
[2010/11/18 13:42:09 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Leader Technologies
[2010/11/06 14:10:36 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Leadertech
[2011/07/22 21:35:45 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\OpenCandy
[2010/11/06 14:10:57 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\OpenOffice.org
[2010/11/06 14:10:58 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Printer Info Cache
[2010/11/07 12:09:28 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\QuickScan
[2010/12/06 08:55:11 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Registry Booster
[2010/12/10 16:27:24 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Samsung
[2010/11/06 14:10:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Simply Super Software
[2010/11/06 14:10:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\SpinTop
[2010/11/06 14:10:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Template
[2010/11/06 14:10:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\TOSHIBA
[2010/11/06 14:11:04 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Ulead Systems
[2011/07/22 21:41:08 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\uTorrent
[2011/06/29 12:38:04 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Vso
[2010/11/06 14:11:05 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Webshots
[2010/11/06 14:11:08 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\WinAVI
[2010/11/06 14:11:08 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\WinBatch
[2010/11/17 08:13:09 | 000,000,000 | RHSD | M] -- C:\Users\Jim\AppData\Roaming\WinDr
[2011/07/17 06:12:05 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2011/07/11 16:12:17 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
  • 0

#9
pugs09

pugs09

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7255

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

7/23/2011 7:58:38 PM
mbam-log-2011-07-23 (19-58-38).txt

Scan type: Quick scan
Objects scanned: 240086
Time elapsed: 7 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\5EZBYSHFNV (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#10
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Excellent. Now lets run a scan with the Kaspersky Virus Removal Tool, just to check to see if any other items are lurking, that shouldn't be there :)



Kaspersky Virus Removal Tool

Click here to download the Kaspersky Virus Removal Tool.
  • Save it to your desktop.
  • Double click the setup file to run it.
  • Follow the onscreen prompts until it is installed
  • Click the Options button (the 'cog' icon), then make sure only the following are ticked:

  • System Memory
  • Hidden startup objects
  • Disk boot sectors
  • Local Disk (C:)
  • Also any other drives (Removable that you may have)


Leave the rest of the settings as they appear as default.

  • Then click on Automatic Scan
  • Now click the Start Scanning button, to run the scan
  • If a message appears asking how to handle an infection, tick the Apply to all objects box, then click Disinfection
  • If it says it cannot be Disinfected, then chooose the Delete option when prompted.
  • After the scan is complete, click the reports button ('Paper icon', next to the 'cog' icon) on the right hand side
  • Click Detected threats on the left
  • Now click the Save button, and save it as kaslog.txt to your Desktop
  • Please copy and paste the contents of kaslog.txt in your next reply.



In your next reply
Please post the contents of...
kaslog.txt
  • 0

#11
pugs09

pugs09

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Status: Deleted (events: 2)
7/24/2011 1:37:30 PM Deleted Trojan program Trojan-Downloader.MSIL.Agent.afy File C:\Documents and Settings\Jim\AppData\Roaming\WinDr\ Svchost.exe.vir High
7/24/2011 3:01:52 PM Deleted Trojan program Backdoor.Win32.IRCNite.cgo File C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\ GameConsole.exe High
Status: Absent (events: 1)
7/24/2011 5:17:24 PM Not found Trojan program Trojan-Downloader.MSIL.Agent.afy File C:\Documents and Settings\Jim\Application Data\WinDr\ Svchost.exe.vir High
  • 0

#12
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Looks like Kaspersky removed a previously found infection there. Overall your logs are looking good now. What I would strongly advise you to do now, is to change the password for your email account. If you are unsure of how to do this for your account, just let me know what provider your email account is held with (Google, Hotmail, your ISP if it is with them etc). Please don't post your full email address though.

Just let me know if you were able to change the password and whether the rogue emails have stopped now :)
  • 0

#13
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP