Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer suddenly crashes to blue screen

Started by kaosjon , Sep 04 2011 09:04 AM

  • Please log in to reply

#1
kaosjon
Posted 04 September 2011 - 09:04 AM

kaosjon

    New Member

  • Member
  • Pip
  • 1 posts
Hi, i have been having a problem with my computer for the last 3 weeks and as far as i can tell it is virus related. Whenever i turn my computer on after about 5-10 minutes my computer suddenly crashes to a blue screen saying there is a memory problem etc... and it then has to restart. I tried scanning with malwarebytes which found a number of viruses, when i tried removing them my computer just crashed and restarted, meaning they won't get removed. My logs are below, i could really do with some help.

Thanks





OTL logfile created on: 04/09/2011 15:54:48 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Al\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 56.54% Memory free
8.17 Gb Paging File | 6.43 Gb Available in Paging File | 78.80% Paging File free
Paging file location(s): c:\pagefile.sys 4393 6139 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 147.74 Gb Free Space | 52.13% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 11.78 Gb Free Space | 80.43% Space Free | Partition Type: NTFS

Computer Name: AL-PC | User Name: Al | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/04 15:52:53 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Al\Desktop\OTL.exe
PRC - [2011/08/08 17:51:54 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Al\AppData\Local\Google\Update\1.3.21.65\GoogleCrashHandler.exe
PRC - [2011/07/20 23:05:58 | 000,182,880 | -H-- | M] (Konami Digital Entertainment Co., Ltd.) -- C:\Users\Al\AppData\Roaming\login.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/01 21:44:15 | 001,546,640 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/02/15 02:32:52 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/27 16:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2009/04/11 00:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/30 08:50:34 | 000,400,440 | ---- | M] () -- C:\Users\Al\AppData\Local\Google\Chrome\Application\13.0.782.218\ppgooglenaclpluginchrome.dll
MOD - [2011/08/30 08:50:33 | 004,118,072 | ---- | M] () -- C:\Users\Al\AppData\Local\Google\Chrome\Application\13.0.782.218\pdf.dll
MOD - [2011/08/30 08:49:01 | 000,104,520 | ---- | M] () -- C:\Users\Al\AppData\Local\Google\Chrome\Application\13.0.782.218\avutil-50.dll
MOD - [2011/08/30 08:49:00 | 000,203,848 | ---- | M] () -- C:\Users\Al\AppData\Local\Google\Chrome\Application\13.0.782.218\avformat-52.dll
MOD - [2011/08/30 08:48:58 | 001,846,344 | ---- | M] () -- C:\Users\Al\AppData\Local\Google\Chrome\Application\13.0.782.218\avcodec-52.dll
MOD - [2011/08/30 06:50:36 | 006,338,720 | ---- | M] () -- C:\Users\Al\AppData\Local\Google\Chrome\Application\13.0.782.218\gcswf32.dll
MOD - [2011/05/22 18:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/02/15 02:33:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/02/15 02:32:52 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/11/17 14:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/11 15:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 15:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2008/12/10 18:04:58 | 000,935,424 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/11/18 21:19:28 | 000,281,600 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/11/17 20:22:44 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/10/13 15:17:42 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/01/21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/11/07 10:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/01/27 16:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/03/29 22:42:16 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2010/12/14 19:51:20 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/10/24 22:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/09/22 20:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\taphss.sys -- (taphss)
DRV:64bit: - [2010/02/25 16:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tap0901.sys -- (tap0901)
DRV:64bit: - [2009/10/01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/19 18:02:00 | 000,311,296 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2009/03/06 08:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008/12/10 19:31:26 | 004,993,024 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/12/02 15:01:42 | 000,068,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/11/18 21:19:28 | 000,472,064 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/10/13 15:17:36 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/10/13 15:17:34 | 001,374,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/406
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 99 C3 53 C7 FE 37 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {ab64cb5e-bb6c-4761-b0c5-fd51824f89c5} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Al\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Al\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/03/12 14:47:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/03/12 14:47:18 | 000,000,000 | ---D | M]

[2011/02/13 23:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/18 20:18:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/02/12 02:33:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/07/19 20:49:56 | 000,000,258 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.7.33 free.grisoft.com
O1 - Hosts: 127.0.7.33 cert.org
O1 - Hosts: 127.0.7.33 www.cert.org
O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Users\Al\AppData\Roaming\login.exe (Konami Digital Entertainment Co., Ltd.)
O4 - HKCU..\Run: [FreeVPN] File not found
O4 - HKCU..\Run: [server] File not found
O4 - HKCU..\Run: [uTorrent] c:\Users\Al\Downloads\utorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Windows Defender] C:\Users\Al\AppData\Roaming\login.exe (Konami Digital Entertainment Co., Ltd.)
O4 - Startup: C:\Users\Al\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: Windows Defender = C:\Users\Al\AppData\Roaming\login.exe (Konami Digital Entertainment Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Download with FLV Blaster - C:\Program Files (x86)\FLV Blaster\Addons\Internet Explorer\script.htm ()
O8 - Extra context menu item: Download with FLV Blaster - C:\Program Files (x86)\FLV Blaster\Addons\Internet Explorer\script.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57A8C3F8-70CE-408C-B5C1-2EF41AD6CBFC}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI371A~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI371A~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\wi371a~1\datamngr\datamngr.dll) - c:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\wi371a~1\datamngr\iebho.dll) - c:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Al\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Al\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/09/04 13:54:05 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2010/09/04 02:26:48 | 000,000,051 | -H-- | M] () - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/04 15:52:35 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Al\Desktop\OTL.exe
[2011/09/04 14:35:24 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/09/04 12:43:22 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{27525BC8-98A8-4E9F-B168-368A04747C38}
[2011/09/04 12:43:10 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{93AE952F-BB31-469B-B810-626C426052D4}
[2011/09/04 12:17:14 | 000,000,000 | ---D | C] -- C:\Users\Al\Desktop\laptop transfer
[2011/09/04 12:15:20 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{44F77485-A00D-437F-8DB7-D5E36FF9C903}
[2011/09/04 12:15:03 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{C103DFD9-9033-490C-A0C4-A28513C01EEB}
[2011/09/04 11:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/09/04 11:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/09/04 11:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/09/04 10:59:01 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/09/04 00:59:20 | 000,000,000 | ---D | C] -- C:\Users\Al\Desktop\colors
[2011/09/04 00:19:54 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{BE6E1FCE-2FFF-42AE-B28C-2177C8F9C9E1}
[2011/09/04 00:19:30 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{43E8E49A-3EE4-4F52-AC17-E2C1F48F6E9F}
[2011/09/03 16:53:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2011/09/03 16:46:28 | 000,000,000 | ---D | C] -- C:\Users\Al\Adobe Flash Builder 4
[2011/09/03 16:42:28 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2011/09/03 16:35:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2011/09/03 16:35:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2011/09/02 23:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ActiveState Komodo IDE 6
[2011/09/02 22:54:52 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{D55701DE-42AE-4989-BA41-5E12B2F9AF6B}
[2011/09/02 22:54:29 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{9CC7C14E-A80F-4BC7-92F6-4C27F4513BF0}
[2011/09/02 22:50:17 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{9253E85E-C5BE-40FD-B9A1-4840F9FB9775}
[2011/09/02 22:49:55 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{DFE4381C-2043-4CD1-9338-8AB4F14186B6}
[2011/09/01 16:08:03 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{BFE448D8-E7B7-4C3B-A742-302AD583AEF3}
[2011/09/01 16:07:36 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{50C029D2-0200-4DFC-8C0A-B1F6715BA17C}
[2011/08/31 18:30:47 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{8B821D63-D1B8-4CCE-A997-BAE2383A8B43}
[2011/08/31 18:15:25 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{3B87F62D-BB17-49B2-B6D9-A7D278BD84EC}
[2011/08/31 18:15:02 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{B009EED9-F078-484F-AD70-69FDB92DCDEE}
[2011/08/30 20:20:10 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{AE9149E9-0269-4A2D-9B04-275B27FBCA42}
[2011/08/30 20:19:47 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{688DC913-2A0B-4CD0-A235-418C16545C0B}
[2011/08/29 22:07:01 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\ActiveState
[2011/08/29 17:42:45 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{586A21A1-7037-4601-8B4F-4F5D262AD9B5}
[2011/08/27 21:37:21 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{6B34A079-E2A1-41A0-94B6-4243A3911CBD}
[2011/08/27 18:20:49 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{DF0CA714-53A1-4506-A87C-106978EEB942}
[2011/08/27 00:57:06 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{BDE92545-BBF6-4742-9014-3133375573D4}
[2011/08/27 00:56:55 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{9675571D-B121-42A7-8BCC-AFCB2EB3ACC7}
[2011/08/26 20:52:33 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{0B3CE20F-2EEB-4BEA-BA29-BB53A8E6B7C3}
[2011/08/26 20:52:09 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{8A0387E9-F57C-4034-AA11-924C23C1B052}
[2011/08/25 18:10:31 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{66F8259A-FA01-42FE-9A5B-ACB1B7E76491}
[2011/08/24 22:37:36 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{72685C67-6BAD-449A-B09C-3DF5EEDAC13F}
[2011/08/24 18:26:17 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{CCD1ED0A-0EEA-4445-8D0C-5B1B905F2D19}
[2011/08/23 18:08:39 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{AB0DFA8A-11C0-41AB-92AE-7D7E2E7F9CD2}
[2011/08/23 18:08:04 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{B66D647D-AB93-44FD-BA22-40C58FAACFBB}
[2011/08/22 20:49:39 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{304C963A-9F3A-462E-9C7F-853F641ABFA2}
[2011/08/22 19:02:28 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{6666A7F7-59DA-493A-932B-27E339A5D483}
[2011/08/21 07:57:51 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/08/19 17:15:11 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{D28367B8-61DB-42E2-B86E-64A477CB7E7F}
[2011/08/19 16:21:33 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{4CE2043D-1BD3-419B-ACA0-6296AD7374AA}
[2011/08/18 17:12:57 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{0048E73F-DC5C-4277-9DAC-8E5D97896D3F}
[2011/08/18 08:07:28 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{E71F8352-3469-40DF-A0E9-92C0D7B00DB5}
[2011/08/18 08:07:05 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{FE20546D-4066-49F1-9487-D208FADDA5F9}
[2011/08/17 20:17:04 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{A5BAA8E6-3106-4310-A532-8BEE207D34AE}
[2011/08/17 20:16:29 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{50E67A49-AD33-4A1C-B49F-E6893DC3852F}
[2011/08/16 19:56:36 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{339BE020-660C-43EC-AF99-9A0F1EE265CE}
[2011/08/15 22:04:49 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{998D823D-CD54-4F6C-BBD0-14D82633D1A5}
[2011/08/14 21:21:32 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{716BE2C3-DB45-4CF9-98BC-1C7E805B6AFE}
[2011/08/14 18:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realm Crafter Demo
[2011/08/14 11:20:46 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{FD6AEF24-F5D8-4514-8DD2-37FB844EFA19}
[2011/08/14 11:20:20 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{2A95EA76-E473-40DF-A525-A8F636CB0D3E}
[2011/08/14 10:38:50 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{9C74C591-C73F-4091-B938-54927431819C}
[2011/08/14 10:38:24 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{DF6FB1D6-4849-4C23-AF56-B6FD0C897447}
[2011/08/14 08:48:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/08/13 12:15:58 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{716DEFAA-8B03-401B-8DFB-159A4A5BD7CB}
[2011/08/12 17:44:55 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Roaming\FileZilla
[2011/08/12 17:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2011/08/12 17:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2011/08/10 19:34:04 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{515B2E24-3F92-414A-A10B-0EBA1993E358}
[2011/08/09 22:18:23 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{4610D9FB-A0D7-4265-94D8-9909CA2ACFEE}
[2011/08/09 22:17:49 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{3299D352-8353-4CA1-B8A9-A81DEED26048}
[2011/08/08 20:33:05 | 000,000,000 | ---D | C] -- C:\Users\Al\Desktop\Reward Site
[2011/08/08 18:30:51 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{8616190E-FE33-46DF-95A5-7BC339B05CC8}
[2011/08/08 18:30:22 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{64BBF9C2-6928-4558-BB1D-8584C2FD7FD0}
[2011/08/07 21:06:52 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{2B2711BA-A240-416C-B517-1353D8C5103A}
[2011/08/07 16:11:26 | 000,000,000 | ---D | C] -- C:\Users\Al\Documents\C4 Engine
[2011/08/07 16:11:26 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Roaming\C4 Engine
[2011/08/07 16:11:26 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\C4 Engine
[2011/08/07 10:45:02 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{E2E0A2AE-C3CC-4016-8DBA-F1D01A327D54}
[2011/08/07 10:44:35 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{E910F8E5-307E-46F0-A2C2-70556D3C272A}
[2011/08/07 09:18:07 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{893E7169-CF8B-40B4-8D45-A526C516743C}
[2011/08/07 09:17:42 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{A6C8C513-9458-4933-8A5B-4FC075F3DA40}
[2011/08/06 08:50:49 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{8A1EC3A2-EE3F-40D8-9CCC-B9EE09A4C63B}
[2011/08/06 08:50:20 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{E4EBC743-17DB-453E-8018-2EFC13BCD553}
[2011/08/05 19:47:13 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{34536E6C-4B87-4A63-8054-913972535FA5}
[2011/08/05 18:30:35 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{9D998F01-EDB5-40BF-B075-70387E16E2BF}
[2011/08/05 18:30:11 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{2C135485-D63B-457E-B996-A89D81567E74}
[2011/08/05 18:04:23 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{168BE201-46E5-4060-866D-A014D1DACDA8}
[2011/08/05 18:03:59 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{2C25048F-CB46-48F4-9B2A-95A2166E8578}
[2011/08/05 16:41:29 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{1B5E959E-2F53-4085-9E00-AA20EA4711FB}
[2011/08/05 16:40:36 | 000,000,000 | ---D | C] -- C:\Users\Al\AppData\Local\{3D810FAF-AA6B-4627-91CE-F1943451D436}
[2011/07/20 23:34:24 | 000,182,880 | -H-- | C] (Konami Digital Entertainment Co., Ltd.) -- C:\Users\Al\AppData\Roaming\login.exe

========== Files - Modified Within 30 Days ==========

[2011/09/04 15:58:35 | 000,158,483 | ---- | M] () -- C:\Users\Al\AppData\Roaming\data.dat
[2011/09/04 15:55:59 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1919591851-3882240012-3806700331-1000UA.job
[2011/09/04 15:52:53 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Al\Desktop\OTL.exe
[2011/09/04 15:23:57 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/04 15:23:56 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/04 15:23:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/04 14:41:30 | 597,241,891 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/09/01 17:56:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1919591851-3882240012-3806700331-1000Core.job
[2011/08/30 22:58:15 | 000,002,027 | ---- | M] () -- C:\Users\Al\Desktop\Google Chrome.lnk
[2011/08/30 22:58:15 | 000,001,989 | ---- | M] () -- C:\Users\Al\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/08/29 22:48:13 | 000,000,011 | ---- | M] () -- C:\Users\Al\postback.php
[2011/08/29 20:51:17 | 000,070,656 | ---- | M] () -- C:\Users\Al\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/28 20:05:54 | 000,710,764 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/08/28 20:05:54 | 000,609,506 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/08/28 20:05:54 | 000,106,014 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/08/21 08:11:16 | 000,000,968 | ---- | M] () -- C:\Users\Al\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/08/14 18:53:02 | 000,005,162 | RHS- | M] () -- C:\Windows\PCGWIN32.LI5
[2011/08/06 12:37:58 | 000,001,456 | ---- | M] () -- C:\Users\Al\AppData\Local\Adobe Save for Web 12.0 Prefs

========== Files Created - No Company Name ==========

[2011/08/29 22:48:13 | 000,000,011 | ---- | C] () -- C:\Users\Al\postback.php
[2011/08/21 08:11:16 | 000,000,968 | ---- | C] () -- C:\Users\Al\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/08/14 18:53:02 | 000,005,162 | RHS- | C] () -- C:\Windows\PCGWIN32.LI5
[2011/08/06 12:24:19 | 000,001,456 | ---- | C] () -- C:\Users\Al\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/07/20 23:35:48 | 000,158,483 | ---- | C] () -- C:\Users\Al\AppData\Roaming\data.dat
[2011/07/12 10:45:38 | 000,000,167 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/07/08 08:27:32 | 000,000,095 | ---- | C] () -- C:\Windows\ANS2000.INI
[2011/07/08 08:27:32 | 000,000,020 | -H-- | C] () -- C:\Windows\akebook.ini
[2011/07/08 08:27:32 | 000,000,004 | -H-- | C] () -- C:\Windows\a3kebook.ini
[2011/03/08 17:26:08 | 000,000,132 | ---- | C] () -- C:\Users\Al\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/03/06 18:24:28 | 000,000,132 | ---- | C] () -- C:\Users\Al\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/02/19 20:06:22 | 000,729,140 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/19 16:43:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/02/19 00:51:38 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2011/02/19 00:51:23 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2011/02/19 00:50:55 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2011/02/18 14:19:27 | 000,000,552 | ---- | C] () -- C:\Users\Al\AppData\Local\d3d8caps.dat
[2011/02/18 14:19:01 | 000,070,656 | ---- | C] () -- C:\Users\Al\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/18 14:09:35 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2011/02/18 10:46:54 | 000,000,680 | ---- | C] () -- C:\Users\Al\AppData\Local\d3d9caps.dat
[2011/02/18 03:04:01 | 000,000,732 | ---- | C] () -- C:\Users\Al\AppData\Local\d3d9caps64.dat
[2010/03/18 21:29:05 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2011/09/04 13:55:03 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\Azureus
[2011/08/07 16:13:13 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\C4 Engine
[2011/03/27 15:10:37 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\CasinoOnNet
[2011/06/29 13:07:58 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/05/27 09:28:02 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\DAEMON Tools Lite
[2011/08/12 17:49:40 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\FileZilla
[2011/03/18 17:46:55 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\FLV Blaster
[2011/07/08 00:12:04 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\GetRightToGo
[2011/07/27 20:33:53 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\gtk-2.0
[2011/05/17 00:50:01 | 000,000,000 | -H-D | M] -- C:\Users\Al\AppData\Roaming\IFViewer
[2011/07/31 20:39:23 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\Mount&Blade Warband
[2011/03/13 14:16:02 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\My Battle for Middle-earth™ II Files
[2011/09/04 15:52:54 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\NoNameScript
[2011/07/31 00:14:33 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\NUnit
[2011/04/07 16:41:35 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\rouletteassault
[2011/04/07 13:13:26 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\RouletteFighter
[2011/09/04 00:42:14 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\roulettesniper
[2011/04/08 07:26:55 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\Software Defender
[2011/02/25 15:54:31 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\The Creative Assembly
[2011/08/03 19:02:41 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\TuneUpMedia
[2011/05/13 17:03:17 | 000,000,000 | ---D | M] -- C:\Users\Al\AppData\Roaming\Windows Live Writer
[2011/09/04 14:52:29 | 000,032,528 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP