Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google redirect virus

Started by Alexandra D. Porsi , Aug 05 2011 12:42 PM

  • This topic is locked This topic is locked

#16
Alexandra D. Porsi
Posted 09 August 2011 - 05:08 AM

Alexandra D. Porsi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7413

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18702

8/8/2011 4:52:55 PM
mbam-log-2011-08-08 (16-52-55).txt

Scan type: Quick scan
Objects scanned: 196532
Time elapsed: 3 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ESET:
C:\Program Files\YTD Setup\trafficplace-us-2-silent.exe Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\Program Files\Search Toolbar\SearchToolbar.dll.vir Win32/Toolbar.Zugo application
C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Default\bpnlkeaajinnogjecobgoekldabhindm\contentscript.js Win32/TrojanDownloader.Tracur.F trojan
C:\Users\alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\1b584456-5b1017b6 a variant of Win32/Kryptik.QVR trojan
C:\Users\alex\Desktop\GooredFix Backups\C\Users\alex\Application Data\Mozilla\Firefox\Profiles\1i9rftxy.default\extensions\{0f95afae-33f4-4bf5-af5d-90952a49452b}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan
C:\Users\alex\Desktop\GooredFix Backups\C\Users\alex\Application Data\Mozilla\Firefox\Profiles\1i9rftxy.default\extensions\{0f95afae-33f4-4bf5-af5d-90952a49452b}\chrome\xulcache.jar JS/Agent.NDJ trojan


SECURITY CHECK
Results of screen317's Security Check version 0.99.18
Windows Vista Service Pack 1 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
ESET Online Scanner v3
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java™ 7
Adobe Flash Player 10.3.181.26
Adobe Reader X (10.1.0)
Mozilla Thunderbird (5.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
ESET ESET Online Scanner OnlineScannerApp.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````
  • 0

Advertisements

#17
SweetTech
Posted 09 August 2011 - 07:21 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

These threat(s) below are currently in Quarantine/System Restore and shall be removed when we clean up our tools later on.

:\Qoobox\Quarantine\C\Program Files\Search Toolbar\SearchToolbar.dll.vir Win32/Toolbar.Zugo application
:\Users\alex\Desktop\GooredFix Backups\C\Users\alex\Application Data\Mozilla\Firefox\Profiles\1i9rftxy.default\extensions\{0f95afae-33f4-4bf5-af5d-90952a49452b}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan
C:\Users\alex\Desktop\GooredFix Backups\C\Users\alex\Application Data\Mozilla\Firefox\Profiles\1i9rftxy.default\extensions\{0f95afae-33f4-4bf5-af5d-90952a49452b}\chrome\xulcache.jar JS/Agent.NDJ trojan


These threat(s) below will be removed very shortly:

C:\Program Files\YTD Setup\trafficplace-us-2-silent.exe Win32/Toolbar.Zugo application
C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Default\bpnlkeaajinnogjecobgoekldabhindm\contentscript.js Win32/TrojanDownloader.Tracur.F trojan
C:\Users\alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\1b584456-5b1017b6 a variant of Win32/Kryptik.QVR tro


____________________________________________________

OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
:OTL

:Reg

:Files
C:\Program Files\YTD Setup\trafficplace-us-2-silent.exe
C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Default\bpnlkeaajinnogjecobgoekldabhindm\
C:\Users\alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\1b584456-5b1017C:\Program Files\YTD Setup\trafficplace-us-2-silent.exe
C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Default\bpnlkeaajinnogjecobgoekldabhindm\
C:\Users\alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\1b584456-5b1017b6
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



Your computer is currently running with an outdated Service Pack installed. This is not something that I recommend you continue to do. Please visit this link here: http://support.micro.../935791#Method2 for information on how to obtain the latest Service Pack for Vista. The latest service pack for Vista is currently Service Pack 2.


NEXT:



OTL Custom Scan

We need to run an OTL Custom Scan
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.


    netsvcs
    drivers32
    hklm\software\clients\startmenuinternet|command /rs
    %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Push the Posted Image button.
  • A report will open. Copy and Paste that report in your next reply.


NEXT:



What outstanding issues (if any) are you still experiencing with your computer?
  • 0

#18
Alexandra D. Porsi
Posted 09 August 2011 - 07:33 AM

Alexandra D. Porsi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I ran OTL and it had me reboot and when I did, Security Essentials said it detected one potential threat...

TrojanDownloader:Win32 Karagany.A

Category: Trojan Downloader

Description: This program is dangerous and downloads other programs.

Recommended action: Remove this software immediately.

Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the Allow action and click Apply actions. If this option is not available, log on as administrator or ask the security administrator for help.

Items:
file:C:\_OTL\MovedFiles\08092011_092323\C_Users\alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\1b584456-5b1017b6

_____________________

Should I let Security Essentials take care of it?

Also, here's the OTL log.

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
========== REGISTRY ==========
========== FILES ==========
C:\Program Files\YTD Setup\trafficplace-us-2-silent.exe moved successfully.
C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Default\bpnlkeaajinnogjecobgoekldabhindm folder moved successfully.
File\Folder C:\Users\alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\1b584456-5b1017C:\Program Files\YTD Setup\trafficplace-us-2-silent.exe not found.
Folder C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Default\bpnlkeaajinnogjecobgoekldabhindm not found.
C:\Users\alex\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\1b584456-5b1017b6 moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\alex\Desktop\cmd.bat deleted successfully.
C:\Users\alex\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully


[EMPTYTEMP]

User: alex
->Temp folder emptied: 40760 bytes
->Temporary Internet Files folder emptied: 120920 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 148934833 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 3699 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Premiere Alex
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24365 bytes
RecycleBin emptied: 8609462 bytes

Total Files Cleaned = 150.00 mb


[EMPTYFLASH]

User: alex
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Premiere Alex

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 08092011_092323

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
  • 0

#19
SweetTech
Posted 09 August 2011 - 07:43 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

That threat that was found by MSE is currently in quarantine, and will be removed once we clean-up our tools.

If it'd make you feel better, you can let it take action on that file, but it will get cleaned up later.
  • 0

#20
Alexandra D. Porsi
Posted 09 August 2011 - 07:45 AM

Alexandra D. Porsi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Up, never mind. Security Essentials removed it automatically. I'll go update Vista, do OTL again and get back to you.

As for outstanding issues, nothing I can remember. That's the problem. I can remember specific weirdnesses. I just know they've occurred. Except last night I got another warning about a potentially dangerous Flash script when I was surfing with Firefox, and I never got warnings about Flash until the last few months.
  • 0

#21
SweetTech
Posted 09 August 2011 - 07:51 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Okay. Thanks for that information.
  • 0

#22
Alexandra D. Porsi
Posted 09 August 2011 - 02:19 PM

Alexandra D. Porsi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
OTL logfile created on: 8/9/2011 4:14:18 PM - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\alex\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 56.00% Memory free
6.19 Gb Paging File | 4.93 Gb Available in Paging File | 79.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 71.50 Gb Free Space | 24.82% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 223.71 Gb Free Space | 75.05% Space Free | Partition Type: NTFS
Drive E: | 10.00 Gb Total Space | 6.38 Gb Free Space | 63.82% Space Free | Partition Type: NTFS
Drive L: | 465.64 Gb Total Space | 273.30 Gb Free Space | 58.69% Space Free | Partition Type: FAT32

Computer Name: DESKTOP | User Name: alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/05 14:24:52 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL.exe
PRC - [2011/07/31 09:56:03 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.65\GoogleCrashHandler.exe
PRC - [2011/07/09 18:23:47 | 000,399,536 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2011/06/26 13:53:42 | 001,706,544 | ---- | M] (Soluto) -- C:\Program Files\Soluto\Soluto.exe
PRC - [2011/06/26 13:53:42 | 000,376,352 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/11/30 14:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/17 01:28:48 | 000,818,176 | ---- | M] (Jay Elaraj) -- C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe


========== Modules (SafeList) ==========

MOD - [2011/08/05 14:24:52 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL.exe
MOD - [2010/08/31 11:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/06/26 13:53:42 | 000,376,352 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/11/11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/09/13 11:48:12 | 000,025,704 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2010/04/19 19:43:50 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/04/03 11:24:29 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [On_Demand | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/09/28 16:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2011/08/09 16:05:09 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C74C5CCF-A691-430E-9F23-D88EE0055CD0}\MpKslc2f9243e.sys -- (MpKslc2f9243e)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/12 17:55:22 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/06/26 13:34:52 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Soluto.sys -- (Soluto)
DRV - [2010/12/24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010/12/24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010/12/24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010/12/24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010/12/24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2010/10/24 22:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 22:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/06/04 02:48:12 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2009/06/04 02:48:00 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2009/06/04 02:47:50 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2009/06/04 02:47:42 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2009/06/04 02:47:34 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2009/06/04 02:47:24 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2009/06/04 02:47:14 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2009/06/04 02:47:06 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2009/06/04 02:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV - [2009/06/04 02:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2009/06/04 02:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV - [2009/06/04 02:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2009/06/04 02:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV - [2009/06/04 02:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2008/11/02 04:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/05/15 01:15:42 | 000,813,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atinavrr.sys -- (ATIAVPCI)
DRV - [2008/04/06 22:24:08 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/04/06 22:24:08 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/09/17 09:07:00 | 007,624,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/02/06 15:01:48 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\aspi32.sys -- (ASPI32)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 03:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2005/11/02 16:47:26 | 000,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)
DRV - [2004/06/21 15:03:22 | 000,078,976 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002/03/19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...UGO&form=ZGAPHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.netflix.c...Now?lnkctr=mhWN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 43 F3 3D 06 4D B7 22 47 B1 57 05 BF 86 76 7B D5 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Photosynth,version=2.0: C:\Program Files\Photosynth\npPhotosynthMozilla.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2010/02/14 14:33:29 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\alex\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2768: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2826: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1578: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\alex\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\alex\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/06 00:26:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/20 16:17:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/07 20:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/07/09 18:23:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/08/07 20:44:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\alex\AppData\Roaming\Move Networks [2009/10/03 09:23:25 | 000,000,000 | ---D | M]

[2010/01/24 15:51:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alex\AppData\Roaming\Mozilla\Extensions
[2010/01/24 15:51:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alex\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2008/08/15 21:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alex\AppData\Roaming\Mozilla\Extensions\{6334D996-EA3E-4a0e-AA8D-15BA56B37241}
[2011/08/05 14:10:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\1i9rftxy.default\extensions
[2011/07/02 09:53:10 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\1i9rftxy.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/08/03 17:40:25 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\1i9rftxy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/03/16 09:36:02 | 000,000,000 | ---D | M] (ChromEdit Plus) -- C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\1i9rftxy.default\extensions\[email protected]
[2011/03/11 11:12:24 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\1i9rftxy.default\extensions\[email protected]
[2011/02/20 13:03:58 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\1i9rftxy.default\extensions\[email protected]
[2011/08/07 20:20:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/07 20:20:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
[2011/06/16 00:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/07 20:19:13 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/02/04 23:02:56 | 001,642,496 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2005/11/29 18:28:00 | 000,626,688 | ---- | M] (ebrary) -- C:\Program Files\mozilla firefox\plugins\NPinfotl.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/09 09:23:25 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (TextAloud) - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files\TextAloud\TAForIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O24 - Desktop WallPaper: C:\Users\alex\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/02/12 10:36:24 | 000,000,000 | ---D | M] - L:\autorun -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\DivXa32.acm (Hacked With Joy !)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.MPEGacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.ACDV - C:\Windows\System32\ACDV.dll (ACD Systems)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIV3 - C:\Windows\System32\DivXc32.dll (Hacked with Joy !)
Drivers32: vidc.DIV4 - C:\Windows\System32\DivXc32f.dll (Hacked with Joy !)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel® Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel® Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Users\alex\Desktop\Various -
File not found -- C:\Users\alex\Desktop\New Year Flood
[2011/08/09 10:10:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/08/08 19:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/08/08 19:04:49 | 002,322,184 | ---- | C] (ESET) -- C:\Users\alex\Desktop\esetsmartinstaller_enu.exe
[2011/08/08 10:00:33 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/08/08 10:00:32 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Local\temp
[2011/08/08 09:51:45 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/08 09:36:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/08/08 09:36:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/08/08 09:36:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/08/08 09:36:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/08/08 09:36:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/08 09:15:06 | 006,640,296 | ---- | C] (OPSWAT, Inc.) -- C:\Users\alex\Desktop\AppRemover.exe
[2011/08/07 21:01:17 | 004,165,965 | R--- | C] (Swearware) -- C:\Users\alex\Desktop\ComboFix.exe
[2011/08/07 20:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/08/07 20:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/08/07 19:48:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/07 18:37:03 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL(1).exe
[2011/08/05 18:45:07 | 000,000,000 | ---D | C] -- C:\Users\alex\Desktop\gmer
[2011/08/05 14:24:50 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL.exe
[2011/08/05 14:15:41 | 000,000,000 | ---D | C] -- C:\Users\alex\Desktop\tdsskiller
[2011/08/05 14:10:42 | 000,000,000 | ---D | C] -- C:\Users\alex\Desktop\GooredFix Backups
[2011/08/05 14:09:04 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\alex\Desktop\GooredFix.exe
[2011/08/05 13:55:49 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/08/05 13:54:54 | 000,522,752 | ---- | C] (OldTimer Tools) -- C:\Users\alex\Desktop\OTM.exe
[2011/08/05 13:54:42 | 000,000,000 | ---D | C] -- C:\Users\alex\Desktop\8-5-2011
[2011/08/05 13:53:22 | 000,000,000 | ---D | C] -- C:\Users\alex\Desktop\erunt
[2011/07/28 15:37:45 | 000,000,000 | ---D | C] -- C:\Users\alex\AppData\Roaming\SUPERAntiSpyware.com
[2011/07/28 15:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/07/28 15:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/07/28 10:44:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/07/28 10:04:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/07/28 09:46:07 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2011/07/28 09:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/07/28 09:35:01 | 006,619,456 | ---- | C] (SurfRight B.V.) -- C:\Users\alex\Desktop\HitmanPro35.exe
[2011/07/24 14:42:29 | 000,000,000 | ---D | C] -- C:\Users\alex\Desktop\!for bedroom
[2011/07/15 19:47:44 | 000,000,000 | ---D | C] -- C:\Users\alex\Desktop\ifoedit096
[2009/06/04 00:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[2009/06/04 00:32:54 | 000,012,800 | ---- | C] ( ) -- C:\Windows\System32\killapps.exe

========== Files - Modified Within 30 Days ==========

File not found -- C:\Users\alex\Desktop\Various -
File not found -- C:\Users\alex\Desktop\New Year Flood
[2011/08/09 16:09:11 | 000,002,324 | ---- | M] () -- C:\Windows\System32\.rsp
[2011/08/09 16:09:11 | 000,001,479 | ---- | M] () -- C:\Windows\System32\.lck
[2011/08/09 16:08:26 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/08/09 16:06:32 | 000,005,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/09 16:06:32 | 000,005,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/09 16:05:22 | 002,773,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/08/09 16:04:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/09 16:01:05 | 000,055,084 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000008-00000000-00000006-00001102-00000005-10031102}.rfx
[2011/08/09 16:01:05 | 000,055,084 | ---- | M] () -- C:\Windows\System32\BMXState-{00000008-00000000-00000006-00001102-00000005-10031102}.rfx
[2011/08/09 16:01:05 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000008-00000000-00000006-00001102-00000005-10031102}.rfx
[2011/08/09 11:01:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/09 09:41:08 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7A482A68-0330-4A8D-9FD3-200B36A2F2C2}.job
[2011/08/09 09:23:25 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/08/09 07:05:02 | 000,879,225 | ---- | M] () -- C:\Users\alex\Desktop\SecurityCheck.exe
[2011/08/08 19:04:52 | 002,322,184 | ---- | M] (ESET) -- C:\Users\alex\Desktop\esetsmartinstaller_enu.exe
[2011/08/08 09:15:06 | 006,640,296 | ---- | M] (OPSWAT, Inc.) -- C:\Users\alex\Desktop\AppRemover.exe
[2011/08/07 21:01:24 | 004,165,965 | R--- | M] (Swearware) -- C:\Users\alex\Desktop\ComboFix.exe
[2011/08/07 20:44:38 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/08/07 19:42:42 | 000,002,359 | ---- | M] () -- C:\Users\alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2007.lnk
[2011/08/07 18:37:06 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL(1).exe
[2011/08/07 17:03:41 | 000,026,947 | ---- | M] () -- C:\Users\alex\Desktop\Burial - Untrue .nzb
[2011/08/07 16:16:55 | 000,147,456 | ---- | M] () -- C:\Users\alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/05 19:12:26 | 000,008,283 | ---- | M] () -- C:\Users\alex\Desktop\Hospice The Antlers.nzb
[2011/08/05 14:24:52 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\alex\Desktop\OTL.exe
[2011/08/05 14:09:29 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\alex\Desktop\GooredFix.exe
[2011/08/05 13:54:57 | 000,522,752 | ---- | M] (OldTimer Tools) -- C:\Users\alex\Desktop\OTM.exe
[2011/08/04 20:48:18 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/30 13:33:17 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2011/07/30 13:14:54 | 000,021,064 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/07/28 15:37:39 | 000,001,762 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/07/28 10:44:20 | 000,000,766 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/07/28 09:35:18 | 006,619,456 | ---- | M] (SurfRight B.V.) -- C:\Users\alex\Desktop\HitmanPro35.exe
[2011/07/25 08:49:10 | 000,744,011 | ---- | M] () -- C:\Users\alex\Desktop\adult_sized_bean_bag_chair.pdf
[2011/07/21 10:47:48 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2011/07/16 22:21:04 | 000,302,592 | ---- | M] () -- C:\Users\alex\Desktop\gmer.exe
[2011/07/15 19:58:04 | 000,000,107 | ---- | M] () -- C:\Windows\IfoEdit.INI

========== Files Created - No Company Name ==========

[2011/08/09 10:07:39 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/08/09 10:07:39 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/08/09 10:07:39 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/08/09 10:05:07 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/08/09 10:02:12 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/08/09 07:05:02 | 000,879,225 | ---- | C] () -- C:\Users\alex\Desktop\SecurityCheck.exe
[2011/08/08 09:36:59 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/08/08 09:36:59 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/08/08 09:36:59 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/08/08 09:36:59 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/08/08 09:36:59 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/08/07 20:44:38 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/08/07 20:44:37 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/08/07 17:03:41 | 000,026,947 | ---- | C] () -- C:\Users\alex\Desktop\Burial - Untrue .nzb
[2011/08/05 19:12:26 | 000,008,283 | ---- | C] () -- C:\Users\alex\Desktop\Hospice The Antlers.nzb
[2011/08/05 18:45:08 | 000,302,592 | ---- | C] () -- C:\Users\alex\Desktop\gmer.exe
[2011/07/28 15:37:39 | 000,001,762 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/07/28 10:44:20 | 000,000,766 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/07/28 09:35:50 | 000,021,064 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/07/25 08:49:09 | 000,744,011 | ---- | C] () -- C:\Users\alex\Desktop\adult_sized_bean_bag_chair.pdf
[2011/07/15 19:58:04 | 000,000,107 | ---- | C] () -- C:\Windows\IfoEdit.INI
[2011/04/02 09:19:45 | 002,440,206 | ---- | C] () -- C:\Users\alex\AppData\Local\[j0007]-[p04].bmp
[2011/04/02 09:19:43 | 002,440,206 | ---- | C] () -- C:\Users\alex\AppData\Local\[j0007]-[p03].bmp
[2011/01/01 16:32:48 | 000,134,656 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/09/15 09:46:35 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010/09/12 19:55:38 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2010/06/12 19:47:53 | 000,000,411 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/04/19 19:42:02 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2010/04/19 19:42:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2010/04/16 12:51:46 | 001,336,536 | ---- | C] () -- C:\Users\alex\AppData\Roaming\698e8de9c79e614b8d6a96b5ce9682e6-i686.cache-2
[2010/02/05 18:44:08 | 000,000,652 | ---- | C] () -- C:\Windows\hpomdl36.dat.temp
[2010/01/09 16:29:24 | 000,163,706 | ---- | C] () -- C:\Windows\hpoins36.dat
[2009/07/01 09:54:26 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/06/30 20:25:31 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2009/06/24 05:40:36 | 000,000,652 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2009/06/20 13:03:10 | 000,000,623 | ---- | C] () -- C:\Windows\fnerr.dat
[2009/06/04 01:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2009/06/04 01:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2009/06/04 00:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll
[2009/06/04 00:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\CTXFIRES.DLL
[2009/06/04 00:40:44 | 000,321,512 | ---- | C] () -- C:\Windows\System32\ctdlang.dat
[2009/06/04 00:40:44 | 000,056,509 | ---- | C] () -- C:\Windows\System32\ctdnlstr.dat
[2009/06/04 00:36:30 | 000,016,384 | ---- | C] () -- C:\Windows\System32\regplib.exe
[2009/06/04 00:33:04 | 000,007,680 | ---- | C] () -- C:\Windows\System32\enlocstr.exe
[2009/05/27 09:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini
[2009/05/21 21:20:45 | 000,003,636 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/11/15 04:02:22 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/11/15 04:02:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/19 15:57:13 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/06/11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/06/11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/06/11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/06/11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/06/05 11:24:08 | 000,002,113 | ---- | C] () -- C:\Windows\APDFPRP.INI
[2008/06/05 08:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/04/25 11:41:09 | 000,000,905 | ---- | C] () -- C:\Windows\MD_MicroDiffs.INI
[2008/04/25 11:41:09 | 000,000,905 | ---- | C] () -- C:\Windows\MD_MacroDiffs.INI
[2008/04/25 11:38:01 | 000,000,026 | ---- | C] () -- C:\Windows\SW_Win2000X16.DLL
[2008/04/25 11:38:00 | 000,000,078 | ---- | C] () -- C:\Windows\SW_Win2000X9.DLL
[2008/04/25 11:35:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\RegisterExe.exe
[2008/04/25 11:35:34 | 000,221,184 | ---- | C] () -- C:\Windows\System32\SII_PDF.dll
[2008/04/25 11:35:34 | 000,131,072 | ---- | C] () -- C:\Windows\System32\CSVSpecialProcessing.dll
[2008/04/25 11:35:33 | 000,225,280 | ---- | C] () -- C:\Windows\System32\DrakeCom.dll
[2007/11/21 18:18:24 | 000,000,046 | ---- | C] () -- C:\Users\alex\AppData\Roaming\speech.wav
[2007/10/18 19:38:06 | 000,001,900 | ---- | C] () -- C:\Windows\System32\MSMINI.DLL
[2007/10/12 19:13:13 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2007/10/12 19:13:13 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2007/10/12 19:13:13 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2007/10/12 19:13:13 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2007/10/12 19:13:13 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2007/10/11 14:14:55 | 000,000,085 | ---- | C] () -- C:\Windows\QTW.INI
[2007/10/11 14:14:26 | 000,000,141 | ---- | C] () -- C:\Windows\asym.ini
[2007/08/21 20:30:33 | 000,000,532 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2007/07/29 12:21:19 | 000,000,120 | ---- | C] () -- C:\Users\alex\AppData\Roaming\FixVTS.ini
[2007/07/29 11:19:49 | 000,000,000 | ---- | C] () -- C:\Users\alex\AppData\Local\rx_image.Cache
[2007/07/18 18:35:13 | 002,433,400 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2007/07/15 20:52:16 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2007/07/13 11:02:30 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2007/06/14 17:41:22 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2007/06/10 23:19:13 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007/06/10 23:19:13 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/05/27 11:35:02 | 000,001,564 | ---- | C] () -- C:\Windows\mozver.dat
[2007/05/23 09:37:30 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2007/05/23 09:36:14 | 000,000,020 | ---- | C] () -- C:\Windows\Ulead32.ini
[2007/05/23 09:26:48 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/05/22 22:45:20 | 000,024,206 | ---- | C] () -- C:\Users\alex\AppData\Roaming\UserTile.png
[2007/05/22 19:51:53 | 000,147,456 | ---- | C] () -- C:\Users\alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/22 19:39:42 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2006/11/10 09:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 002,773,472 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,600,450 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,102,988 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/03/18 09:16:04 | 000,540,178 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2006/01/16 21:56:44 | 000,002,032 | ---- | C] () -- C:\Users\alex\AppData\Local\d3d9caps.dat
[2005/05/12 09:25:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2002/10/15 18:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2002/09/18 00:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe
[2002/03/21 15:39:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\UNACEV2.DLL

========== LOP Check ==========

[2008/08/17 09:17:03 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\.thinkingrock
[2007/06/01 16:08:46 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\ACD Systems
[2010/01/04 20:29:23 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Amazon
[2011/01/07 11:12:16 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\AnvSoft
[2009/03/13 19:53:24 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Artisteer
[2008/11/27 12:48:15 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Artweaver
[2007/05/30 07:59:41 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Bitstream
[2009/03/27 19:15:01 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\calibre
[2010/01/04 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Canon
[2010/06/18 11:34:39 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\com.1minus1.socialsafe.D675411CF670AA3EFAC13BDD847989BEDE2115E2.1
[2011/01/28 15:03:12 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\com.adobe.ExMan
[2010/01/14 16:35:04 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Convivea
[2008/09/02 17:49:56 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\DAEMON Tools Pro
[2011/02/06 14:41:52 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Dropbox
[2009/01/07 19:15:02 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Expression Media 2
[2008/07/19 22:16:03 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Flexigen
[2008/06/30 10:29:14 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\FusionDesk
[2007/07/20 14:15:49 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\GHISLER
[2011/01/07 11:05:01 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\HandBrake
[2008/12/26 19:14:18 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\IrfanView
[2008/07/15 14:52:29 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\JAM Software
[2011/04/10 18:32:13 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\JGsoft
[2010/08/13 08:52:04 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\KompoZer
[2008/07/15 16:02:00 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Launchy
[2009/01/07 16:14:46 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Locate32
[2010/12/01 19:50:25 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Mp3tag
[2007/11/21 18:17:39 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\NCH Swift Sound
[2008/06/29 16:46:54 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\NewsLeecher
[2009/03/21 15:32:34 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Notepad++
[2007/05/28 10:40:21 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Opera
[2008/08/15 21:00:21 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Participatory Culture Foundation
[2008/08/16 23:52:05 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\PCF-VLC
[2007/05/22 22:45:20 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\PeerNetworking
[2008/02/12 17:27:59 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Pointstone
[2011/05/14 10:40:11 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\RipIt4Me
[2011/02/06 14:38:42 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\SanDisk
[2007/08/21 20:30:45 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\ScanSoft
[2009/02/10 10:32:46 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\SmartDraw
[2008/06/30 10:26:44 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\stickies
[2010/01/24 15:51:34 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Thunderbird
[2007/10/16 09:32:11 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Transana 2
[2007/05/23 17:32:59 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\Ulead Systems
[2011/07/23 10:56:48 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\uTorrent
[2007/06/07 17:54:19 | 000,000,000 | ---D | M] -- C:\Users\alex\AppData\Roaming\XnView
[2011/08/09 16:00:55 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/08/09 09:41:08 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7A482A68-0330-4A8D-9FD3-200B36A2F2C2}.job

========== Purity Check ==========



========== Custom Scans ==========


< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/07/27 04:03:22 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/07/27 04:03:22 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/07/27 04:03:22 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/07/27 04:03:22 | 001,017,912 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/28 02:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/05/28 02:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >
[2011/07/29 09:16:18 | 000,000,004 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
[2011/07/28 11:21:03 | 000,000,000 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\First Run
[2011/07/29 09:16:18 | 000,008,791 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Local State
[2008/12/29 10:52:52 | 009,329,664 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Safe Browsing
[2010/11/04 18:38:04 | 006,267,000 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom
[2010/11/04 18:38:05 | 001,792,415 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Filter 2
[2008/12/29 10:53:52 | 000,406,251 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Safe Browsing Filter
[2011/07/29 09:16:18 | 000,081,920 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Archived History
[2010/11/04 14:04:00 | 000,109,274 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Bookmarks
[2010/11/04 14:04:00 | 000,109,274 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak
[2011/07/30 13:33:17 | 000,010,240 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Cookies
[2011/07/29 09:16:18 | 000,003,345 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Current Session
[2011/07/29 09:16:18 | 000,002,802 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
[2011/07/29 09:15:55 | 000,139,264 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Favicons
[2011/07/29 09:16:18 | 004,939,776 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\History
[2011/07/29 09:16:18 | 001,056,768 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\History Index 2008-07
[2008/09/02 17:45:13 | 002,105,344 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\History Index 2008-08
[2008/12/29 10:50:45 | 000,385,024 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\History Index 2008-09
[2008/12/29 10:50:45 | 000,036,864 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\History Index 2008-12
[2010/02/13 19:49:08 | 000,012,288 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\History Index 2010-02
[2011/04/21 17:20:47 | 000,036,864 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\History Index 2011-04
[2011/07/29 09:15:55 | 000,036,864 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\History Index 2011-07
[2011/07/29 07:52:51 | 000,000,837 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Last Session
[2011/07/29 07:52:51 | 000,000,706 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
[2011/07/29 09:15:49 | 000,104,448 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Login Data
[2011/07/29 09:16:18 | 000,003,176 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Preferences
[2011/04/21 17:20:46 | 000,020,480 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Top Sites
[2011/07/29 09:16:18 | 000,131,072 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Visited Links
[2011/07/29 09:15:49 | 000,167,936 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Web Data
[2011/07/29 09:15:48 | 000,003,072 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.zaarly.com_0.localstorage
[2010/02/13 19:49:08 | 000,017,408 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\localserver.db
[2008/09/02 17:51:54 | 000,019,456 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\permissions.db
[2011/04/21 17:20:27 | 000,000,000 | ---- | M] () -- C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets\Custom.css

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-09 14:53:38

< End of report >
  • 0

#23
SweetTech
Posted 09 August 2011 - 02:31 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

Did you have issues trying to install Service Pack 2?
  • 0

#24
Alexandra D. Porsi
Posted 09 August 2011 - 02:32 PM

Alexandra D. Porsi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
A minor issue, but when I saw this:

File not found -- C:\Users\alex\Desktop\Various -
File not found -- C:\Users\alex\Desktop\New Year Flood

...it reminded me that those files have been on my desktop for ages. They're both dated 4/2009, but when I try to delete them, I get, "Could not find this item. This is no longer located in C:\Users\alex\Desktop. Verify the item's location and try again."

Also, just lately, whenever I open Photoshop CS4, I get the message, "Photoshop has encountered a problem with the display driver and has temporarily disabled GPU enhancements. Check the video card manufacturer's website for the latest software. GPU enhancements can be enabled in the Performance panel of Preferences."

I haven't done anything different, and as far as I can tell, my display driver is up to date.
  • 0

#25
Alexandra D. Porsi
Posted 09 August 2011 - 02:36 PM

Alexandra D. Porsi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Installing Service Pack 2 went fine. No problems at all.
  • 0

Advertisements

#26
Alexandra D. Porsi
Posted 10 August 2011 - 07:24 AM

Alexandra D. Porsi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Not to be a nudge, but did I post everything you asked for, or did I forget something? If you're busy, no problem.
  • 0

#27
SweetTech
Posted 11 August 2011 - 08:58 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Nope, you did post everything I had asked for, I was completely swamped yesterday with work, and some other things that I needed to take care of, and am just getting around to my logs right now. I need to look through your latest post and see what we maybe dealing with here.

But let me ask you this, do you have any idea if these 2 files:

File not found -- C:\Users\alex\Desktop\Various -
File not found -- C:\Users\alex\Desktop\New Year Flood

Were created on this system?
  • 0

#28
Alexandra D. Porsi
Posted 11 August 2011 - 09:08 AM

Alexandra D. Porsi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Those files have been there for been ages, and I'm not sure if I created them, but I don't think so.

On the other hand, I think I did resolve the Photoshop video driver problem. I went to Preferences, Performance and un-checked "Enable OpenGL Drawing"under GPU Settings.

Thank you so much for all of your help!
  • 0

#29
SweetTech
Posted 12 August 2011 - 12:38 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

Thanks for that information! I needed to do some research and find the solution for that issue.

Please run this OTL fix:

OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
:Processes
KILLALLPROCESSES
:OTL

:Reg

:Files
echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c
ipconfig /flushdns /c
del "\\?\C:\Users\alex\Desktop\Various -" /c
del "\\?\C:\Users\alex\Desktop\New Year Flood" /c
:Commands
[purity]
[resethosts]
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



Are you experiencing any outstanding issues with your computer?
  • 0

#30
Alexandra D. Porsi
Posted 12 August 2011 - 01:27 PM

Alexandra D. Porsi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I pasted the report below, but

C:\Users\alex\Desktop\New Year Flood

and

C:\Users\alex\Desktop\Various -


...are still on my desktop.

Other than that, everything seems fine.



All processes killed
========== SERVICES/DRIVERS ==========
========== PROCESSES ==========
========== OTL ==========
========== REGISTRY ==========
========== FILES ==========
< echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c >
Are you sure (Y/N)?processed file: C:\Windows\system32\drivers\etc\Hosts
C:\Users\alex\Desktop\cmd.bat deleted successfully.
C:\Users\alex\Desktop\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\alex\Desktop\cmd.bat deleted successfully.
C:\Users\alex\Desktop\cmd.txt deleted successfully.
< del "\\?\C:\Users\alex\Desktop\Various -" /c >
C:\Users\alex\Desktop\cmd.bat deleted successfully.
C:\Users\alex\Desktop\cmd.txt deleted successfully.
< del "\\?\C:\Users\alex\Desktop\New Year Flood" /c >
C:\Users\alex\Desktop\cmd.bat deleted successfully.
C:\Users\alex\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully


[EMPTYTEMP]

User: alex
->Temp folder emptied: 3799004 bytes
->Temporary Internet Files folder emptied: 1370075 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 781654583 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 16433 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Premiere Alex
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 102743 bytes
RecycleBin emptied: 52830831 bytes

Total Files Cleaned = 801.00 mb


[EMPTYFLASH]

User: alex
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Premiere Alex

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 08122011_151440

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP