Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google redirect infection, did not respond to the "How to fix Goog

Started by Arwen3000 , Oct 06 2011 02:51 PM

  • This topic is locked This topic is locked

#16
SweetTech
Posted 11 October 2011 - 11:43 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Okay. Lets hope it encounters no more hiccups.
  • 0

Advertisements

#17
Arwen3000
Posted 11 October 2011 - 11:45 AM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
BTW, thanks again for all your help, and you're so quick to respond! I mean, for me this whole thing is very exciting and breathtaking, you know, no exaggeration because I'm so upset about it. But for you, I'm just some random person who let their computer get a virus and now comes around demanding help! And yet you are doing it! You guys are the best!
  • 0

#18
SweetTech
Posted 11 October 2011 - 12:13 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
You're more than welcome! I completely understand how you are feeling. I was in your shoes a long time ago, so I know what it's like to be infected with a virus.
  • 0

#19
Arwen3000
Posted 11 October 2011 - 01:29 PM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi! The ESET scan finished successfully! Here are the results, and the report from Security Check:

*****

C:\Program Files (x86)\VistaCodecPack\Tools\renderer32.exe Win32/Packed.Autoit.E.Gen application
C:\ProgramData\VistaCodecs\{CE8A1292-3EE0-42E0-9C78-DB078E7165F2}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
C:\Qoobox\Quarantine\C\Windows\System32\consrv.dll.vir probably a variant of Win32/Agent.IKPFSXV trojan
C:\Users\All Users\VistaCodecs\{CE8A1292-3EE0-42E0-9C78-DB078E7165F2}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7530f604-1725e6cd Java/Agent.DU trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-2875f244 a variant of Java/Agent.DT trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-28df84c2 a variant of Java/Agent.DT trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-44c80d86 a variant of Java/Agent.DT trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-5a15c6aa a variant of Java/Agent.DT trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-6c32385e a variant of Java/Agent.DT trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-7ebe4509 a variant of Java/Agent.DT trojan
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\ACS3MCD1.iso a variant of Win32/Keygen.BR application
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\MS Office 2007.iso probably a variant of Win32/Agent.FGHQVIS trojan
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Launcher.exe probably a variant of Win32/Agent.FGHQVIS trojan


*****

Results of screen317's Security Check version 0.99.24
Windows Vista x64 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
ESET Online Scanner v3
McAfee Security Scan Plus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java™ 6 Update 23
Java™ 6 Update 7
Out of date Java installed!
Adobe Flash Player ( 10.0.42.34) Flash Player Out of Date!
Adobe Reader X (10.1.1)
Mozilla Firefox (3.6.23) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````

Edited by Arwen3000, 11 October 2011 - 01:31 PM.

  • 0

#20
SweetTech
Posted 11 October 2011 - 01:42 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

These threat(s) below are currently in Quarantine/System Restore and shall be removed when we clean up our tools later on.

C:\Qoobox\Quarantine\C\Windows\System32\consrv.dll.vir probably a variant of Win32/Agent.IKPFSXV trojan


These threat(s) below will be removed very shortly:

C:\Program Files (x86)\VistaCodecPack\Tools\renderer32.exe Win32/Packed.Autoit.E.Gen application
C:\ProgramData\VistaCodecs\{CE8A1292-3EE0-42E0-9C78-DB078E7165F2}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
C:\Users\All Users\VistaCodecs\{CE8A1292-3EE0-42E0-9C78-DB078E7165F2}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7530f604-1725e6cd Java/Agent.DU trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-2875f244 a variant of Java/Agent.DT trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-28df84c2 a variant of Java/Agent.DT trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-44c80d86 a variant of Java/Agent.DT trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-5a15c6aa a variant of Java/Agent.DT trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-6c32385e a variant of Java/Agent.DT trojan
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-7ebe4509 a variant of Java/Agent.DT trojan
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\ACS3MCD1.iso a variant of Win32/Keygen.BR application
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\MS Office 2007.iso probably a variant of Win32/Agent.FGHQVIS trojan
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Launcher.exe probably a variant of Win32/Agent.FGHQVIS trojan


____________________________________________________

From the looks of your SecurityCheck log, I can see that we have some outdated programs that need to be updated.

Lets address those programs that need updating now!

Your SecurityCheck log indicates that your version of Flash Player is outdated. This is a vulnerability that needs to be addressed. Please remove the outdated version of Flash Player and then install the latest version.

Java Outdated

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform:
    • 32-bit Select: Windows x86 Offline.
    • 64-bit Select: Windows x64.
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


NEXT



Update FireFox
You're currently using an outdated version of Firefox. The latest version of Firefox is 7.0.1.

You can get the latest version of Firefox by accessing the Posted Image menu in Firefox and then selecting Posted Image.

Please make sure that you Posted Image again after updating to the latest version to make sure that you have in fact received the latest version.



NEXT:



OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
:OTL

:Reg

:Files
C:\Program Files (x86)\VistaCodecPack\Tools\renderer32.exe
C:\ProgramData\VistaCodecs\{CE8A1292-3EE0-42E0-9C78-DB078E7165F2}\Vista Codec Package.msi
C:\Users\All Users\VistaCodecs\{CE8A1292-3EE0-42E0-9C78-DB078E7165F2}\Vista Codec Package.msi
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7530f604-1725e6cd
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-2875f244
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-28df84c2
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-44c80d86
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-5a15c6aa
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-6c32385e
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-7ebe4509
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



Your computer is currently running with No Service Packs installed. This is not something that I recommend you continue to do. Please visit this link here: http://support.micro.../935791#Method2 for information on how to obtain the latest Service Pack for Vista. The latest service pack for Vista is currently Service Pack 2.

To ensure that everything goes smoothly with the Service Pack update, I'd like to see a final OTL scan, and then we will clean-up our tools in the next post.


NEXT:



No Anti-Virus Present

Looking over your log it seems you don't have any evidence of an anti-virus software.

Anti-virus software are programs that detect cleans and erase harmful virus files on a computer
Web server or network. Unchecked virus files can unintentionally be forwarded to others including trading partners and thereby spreading infection. Because new viruses regularly emerge anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present and will clean delete (or quarantine) infected files or directories. Please download a free anti-virus software from one these excellent vendors

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer then only one of them should be active in memory at a time.



NEXT:



OTL Custom Scan

We need to run an OTL Custom Scan
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.


    netsvcs
    drivers32
    hklm\software\clients\startmenuinternet|command /rs
    %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Push the Posted Image button.
  • A report will open. Copy and Paste that report in your next reply.


NEXT:



What outstanding issues (if any) are you still experiencing with your computer?
  • 0

#21
Arwen3000
Posted 11 October 2011 - 01:47 PM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi! I am getting started on the updates, but I want to ask, is it really absolutely necessary to update Firefox? The newest version really bugs me to use, that's why I haven't updated it in so long.

Thanks!
  • 0

#22
SweetTech
Posted 11 October 2011 - 02:04 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Okay, you can skip the update instructions for Firefox. I wasn't sure if you were aware of the latest version.
  • 0

#23
Arwen3000
Posted 11 October 2011 - 03:01 PM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi! Here is the OTL log from running the OTL fix. I will post a new OTL log after I finish installing the Service Pack.

*****

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
========== REGISTRY ==========
========== FILES ==========
C:\Program Files (x86)\VistaCodecPack\Tools\renderer32.exe moved successfully.
C:\ProgramData\VistaCodecs\{CE8A1292-3EE0-42E0-9C78-DB078E7165F2}\Vista Codec Package.msi moved successfully.
File\Folder C:\Users\All Users\VistaCodecs\{CE8A1292-3EE0-42E0-9C78-DB078E7165F2}\Vista Codec Package.msi not found.
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7530f604-1725e6cd moved successfully.
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-2875f244 moved successfully.
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-28df84c2 moved successfully.
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-44c80d86 moved successfully.
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-5a15c6aa moved successfully.
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-6c32385e moved successfully.
C:\Users\Dawn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-7ebe4509 moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\resources\media\img folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\resources\media\css folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\resources\media folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\resources\common\scripts folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\resources\common\alert folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\resources\common folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\resources folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\redist folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\BridgeStartMeeting folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AHVSTIAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeXMPPanelsDVAAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeXMPPanelsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeWinSoftLinguisticsPluginAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeWASAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeVideoProfilesAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeVersionCueClient3All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeVersionCue3All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeTypeSupportAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeStockPhotos1.5All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeSoundboothCodecsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeSoundboothAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeSINGAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobePremierePro3ProtectedAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobePremierePro3FCAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobePremierePro3All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobePhotoshop10en_US folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobePDFSettingsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobePDFL8All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeMotionPictureAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeMasterCollectionSuiteen_US_Volume folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeLinguisticsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeInDesignCS3IconHandler folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeInDesign5en_US\OEM_\Adobe InDesign CS3\Plug-Ins\InCopyWorkflow folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeInDesign5en_US\OEM_\Adobe InDesign CS3\Plug-Ins folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeInDesign5en_US\OEM_\Adobe InDesign CS3 folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeInDesign5en_US\OEM_ folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeInDesign5en_US folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeIllustrator13en_US folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeHelpViewerAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeFontsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeFlashVideoEncoder2en_US folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeFlashPlayer9_plDbg_mul folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeFlashPlayer9_axDbg_mul folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeFlash9en_US folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeFireworks9en_US folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeExtensionManager1.8All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeExtendScriptToolKitAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeEncore3CodecsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeEncore3All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeDreamweaver9en_US folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeDeviceCentralAll\oem\Adobe Device Central CS3 folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeDeviceCentralAll\oem folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeDeviceCentralAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeDefaultLanguageCS3All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeContribute4.1en_US folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeColorPhotoshopAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeColorNA_RecommendedAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeColorNA_ExtraSettingsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeColorJA_RecommendedAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeColorJA_ExtraSettingsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeColorEU_RecommendedAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeColorEU_ExtraSettingsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeColorCommonSetAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeCMapsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeCameraRaw4.0All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeBridgeTalkPluginAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeBridge2All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeAUM5.1All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeAssetServices3All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeALMAnchorServiceAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeAfterEffects8PresetsAll folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeAfterEffects8All folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads\AdobeAcrobat8.1en_US folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\payloads folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3\deployment folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate\Adobe CS3 folder moved successfully.
Folder move failed. C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate scheduled to be moved on reboot.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\VisPro.WW folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Visio.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Updates folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Rosebud.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Proofing.en-us\Proof.fr folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Proofing.en-us\Proof.es folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Proofing.en-us\Proof.en folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Proofing.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Office64.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Office.en-us\1033 folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Office.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Catalog folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Admin\zh-tw folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Admin\zh-cn folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Admin\ko-kr folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Admin\ja-jp folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Admin\it-it folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Admin\fr-fr folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Admin\es-es folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Admin\en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Admin\de-de folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio\Admin folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Visio folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Updates folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Rosebud.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Proofing.en-us\Proof.fr folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Proofing.en-us\Proof.es folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Proofing.en-us\Proof.en folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Proofing.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Project.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\PrjPro.WW folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Office64.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Office.en-us\1033 folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Office.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project\Catalog folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Project folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Word.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Updates folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Rosebud.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Publisher.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Proofing.en-us\Proof.fr folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Proofing.en-us\Proof.es folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Proofing.en-us\Proof.en folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Proofing.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\PowerPoint.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Outlook.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\OneNote.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Office64.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Office.en-us\1033 folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Office.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\InfoPath.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Groove.en-us\Groove.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Groove.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Excel.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Enterprise.WW folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Catalog folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Admin\zh-tw folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Admin\zh-cn folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Admin\ko-kr folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Admin\ja-jp folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Admin\it-it folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Admin\fr-fr folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Admin\es-es folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Admin\en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Admin\de-de folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Admin folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Access.en-us\Access.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise\Access.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Office 2007 Enterprise folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\Images folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\WebDesigner.WW folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\WebDesigner.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\Updates folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\Rosebud.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\Proofing.en-us\Proof.fr folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\Proofing.en-us\Proof.es folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\Proofing.en-us\Proof.en folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\Proofing.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\Office64.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\Office.en-us\1033 folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\Office.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb\Catalog folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office\ExpressionWeb folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\Language Pack Links folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\WebDesigner.WW folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\WebDesigner.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\Updates folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\Rosebud.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\Proofing.en-us\Proof.fr folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\Proofing.en-us\Proof.es folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\Proofing.en-us\Proof.en folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\Proofing.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\Office64.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\Office.en-us\1033 folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\Office.en-us folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb\Catalog folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\ExpressionWeb folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\Other\7-ZipSource folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\Other\7-ZipPortableSource folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\Other folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\Data\settings folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\Data folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\App\DefaultData\settings folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\App\DefaultData folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\App\AppInfo folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\App\7-Zip\Lang folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\App\7-Zip\Formats folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\App\7-Zip\Codecs folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\App\7-Zip folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable\App folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\7-ZipPortable folder moved successfully.
C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition folder moved successfully.
Folder C:\Users\Dawn\Desktop\New Folder\Microsoft Office 2007 Complete Third Edition\office not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Dawn\Downloads\cmd.bat deleted successfully.
C:\Users\Dawn\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Dawn
->Temp folder emptied: 119855889 bytes
->Temporary Internet Files folder emptied: 26800906 bytes
->Java cache emptied: 2710 bytes
->FireFox cache emptied: 85901667 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 1629184 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1314 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 76996 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 555 bytes
RecycleBin emptied: 2254 bytes

Total Files Cleaned = 223.00 mb


[EMPTYFLASH]

User: All Users

User: Dawn
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.29.1 log created on 10112011_223002

Files\Folders moved on Reboot...
Folder move failed. C:\Users\Dawn\Desktop\New Folder\Adobe.CS3.Master.Collection.Corporate scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LO7YE3QA\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I7SZJR9M\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3Y6E5QM\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIC7SHNB\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\deployment.properties scheduled to be moved on reboot.

Registry entries deleted on Reboot...
  • 0

#24
SweetTech
Posted 11 October 2011 - 03:04 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Okay
  • 0

#25
Arwen3000
Posted 11 October 2011 - 08:51 PM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi! Here is the result from the OTL custom scan (follows).

My system was so out of date!! Ahhh embarrassing. Since the day I bought this computer it's had a serious overheating problem, which I finally rectified a couple of weeks ago - I guess I became so obsessed with dealing with overheating and preventing the computer from frying its own brain out that I have been overlooking the risk of malware and such, and neglected to update enough. Sigh. Lesson learned!

I think I can now cautiously say things are looking good? When I click links from google, I get the actual site I want! Success!

After I installed some windows updates (but prior to the service pack), I did have a weird thing when I restarted: A message bubble opened in the lower corner that read "Windows could not connect to the system event notification service. |This problem prevents limited users from logging on to the system. as an administrative user, you can review the System Event Log for details about why the service didn't respond" and the mouse was frozen. I restarted and the mouse worked, but this message appeared again. After installing the service pack and restarting, it hasn't reappeared. I've never seen this before. Could it be connected to the malware problems? Is it anything I need to worry about?

THANKS!!!!!!!!!!!!

******

OTL logfile created on: 12/10/2011 4:23:16 AM - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = c:\Users\Dawn\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.75 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 47.51% Memory free
7.72 Gb Paging File | 5.24 Gb Available in Paging File | 67.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.55 Gb Total Space | 129.90 Gb Free Space | 58.90% Space Free | Partition Type: NTFS
Drive D: | 12.33 Gb Total Space | 1.96 Gb Free Space | 15.91% Space Free | Partition Type: NTFS
Drive G: | 3.31 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DAWN-LAPTOP | User Name: Dawn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - c:\Users\Dawn\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Dawn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\SMINST\BLService.exe ()
PRC - C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
PRC - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\js3250.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Recovery Service for Windows) -- C:\Program Files (x86)\SMINST\BLService.exe ()
SRV - (DpHost) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV - (TVCapSvc) TV Background Capture Service (TVBCS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
SRV - (TVSched) TV Task Scheduler (TVTS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation)
DRV:64bit: - (smserial) -- C:\Windows\SysNative\DRIVERS\smserial.sys (Motorola Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (ahcix64s) -- C:\Windows\SysNative\DRIVERS\ahcix64s.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.)
DRV:64bit: - (enecir) -- C:\Windows\SysNative\DRIVERS\enecir.sys (ENE TECHNOLOGY INC.)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (NtrigDigitizerUSBLowerFilter) -- C:\Windows\SysNative\DRIVERS\NtrigDigitizerUSBLowerFilter.sys (Windows ® Codename Longhorn DDK provider)
DRV:64bit: - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\SysNative\DRIVERS\ATSwpDrv.sys (AuthenTec, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\DRIVERS\usbfilter.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (NETw3v64) Intel® -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys (Intel Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell)
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.ca"
FF - prefs.js..extensions.enabledItems: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.2.2
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.7
FF - prefs.js..extensions.enabledItems: {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.22.1
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.11
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.3.0
FF - prefs.js..extensions.enabledItems: {a95d8332-e4b4-6e7f-98ac-20b733364387}:0.5.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013
FF - prefs.js..extensions.enabledItems: {58c64034-c5f3-4179-85f5-81642f42b6d5}:2.22.1

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Dawn\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Dawn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Dawn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dawn\AppData\Local\Google\Update\1.3.21.71\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dawn\AppData\Local\Google\Update\1.3.21.71\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2009/06/23 12:23:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/04/01 20:36:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/04/01 20:36:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/03 01:59:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/02 19:50:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext [2009/06/23 12:23:33 | 000,000,000 | ---D | M]

[2010/03/16 12:25:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions
[2010/03/16 12:25:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/10/11 23:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions
[2010/05/18 19:32:31 | 000,000,000 | ---D | M] (Auto Copy) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}
[2010/05/18 19:32:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/09 01:31:04 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2011/09/01 13:51:15 | 000,000,000 | ---D | M] (Fingerfox (SE)) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{58c64034-c5f3-4179-85f5-81642f42b6d5}
[2011/09/01 13:49:08 | 000,000,000 | ---D | M] (Showcase) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2011/09/07 03:22:29 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2011/09/07 03:22:28 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2011/03/22 01:04:18 | 000,000,000 | ---D | M] (LeechBlock) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}
[2011/09/28 14:13:09 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/03/09 19:38:46 | 000,000,000 | ---D | M] (EBrary Reader Plugin) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\[email protected]
[2010/09/12 01:46:26 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\extensions\[email protected]
[2010/09/10 15:39:07 | 000,001,030 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\searchplugins\wikipedia-sv.xml
[2010/09/10 15:34:18 | 000,002,275 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\ffs9koaa.default\searchplugins\wolframalpha.xml
[2011/10/11 23:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/26 15:33:22 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/05/18 20:08:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/04/01 20:36:49 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011/04/01 20:36:49 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2011/10/11 22:30:45 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Dawn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - %SystemRoot%\System32\nwprovau.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFBFE645-EA36-471B-ACBD-A863ECCCF8BF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6F58D1A-ADBF-4192-B2A8-F06ADB763CD4}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img7.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img7.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/20 01:57:31 | 000,000,086 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2008/08/05 17:58:42 | 000,000,000 | ---D | M] - G:\Autoplay -- [ CDFS ]
O32 - AutoRun File - [2007/01/23 07:57:44 | 000,186,552 | R--- | M] (Adobe Systems Incorporated) - G:\Autoplay.exe -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.ac3filter - ac3filter64.acm ()
Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3filter - ac3filter.acm ()
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - ff_vfw.dll ()
Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.XVID - xvidvfw.dll ()
Drivers32: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/10/12 03:12:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2011/10/12 03:12:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2011/10/12 03:12:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2011/10/12 03:12:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2011/10/12 03:12:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2011/10/12 03:12:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2011/10/12 01:47:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/10/12 00:10:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2011/10/12 00:10:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2011/10/11 23:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/10/11 23:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/10/11 22:30:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/10/11 22:18:38 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/10/10 23:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/10/10 22:40:20 | 000,000,000 | ---D | C] -- C:\Users\Dawn\AppData\Local\Temp
[2011/10/10 22:29:47 | 000,000,000 | ---D | C] -- C:\Users\Dawn\AppData\Roaming\Malwarebytes
[2011/10/10 22:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/10 22:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/10 22:29:08 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/10/10 22:29:08 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Desktop\Malwarebytes' Anti-Malware
[2011/10/10 22:27:28 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Dawn\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/10 22:07:57 | 001,558,832 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Dawn\Desktop\tdsskillerupdate.exe
[2011/10/10 21:34:03 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/10/10 21:21:33 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/10/10 20:39:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/10/10 20:39:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/10/10 20:39:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/10/10 20:37:49 | 004,251,069 | R--- | C] (Swearware) -- C:\Users\Dawn\Desktop\ComboFix.exe
[2011/10/10 20:29:40 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/10/10 20:28:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/07 00:52:34 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Desktop\Zeilinger work
[2011/10/06 21:05:19 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Desktop\GooredFix Backups
[2011/10/06 20:58:10 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/10/06 20:16:45 | 000,000,000 | ---D | C] -- C:\Users\Dawn\AppData\Roaming\SPE
[2011/10/06 03:48:06 | 000,000,000 | ---D | C] -- C:\Users\Dawn\AppData\Roaming\SUPERAntiSpyware.com
[2011/10/06 03:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/10/06 03:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/10/06 03:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/10/05 20:53:52 | 001,548,592 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Dawn\Desktop\TDSSKiller.exe
[2011/10/04 23:24:37 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Documents\MA 2011-12
[2011/10/02 19:42:58 | 000,000,000 | R--D | C] -- C:\Users\Dawn\Dropbox
[2011/10/02 19:38:57 | 000,000,000 | ---D | C] -- C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011/10/02 19:38:08 | 000,000,000 | ---D | C] -- C:\Users\Dawn\AppData\Roaming\Dropbox
[2011/09/29 00:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

========== Files - Modified Within 30 Days ==========

[2011/10/12 04:19:04 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2010556232-2437373572-405493-1000UA.job
[2011/10/12 03:49:27 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/12 03:49:27 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/12 03:35:06 | 001,485,166 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/12 03:35:06 | 000,677,384 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011/10/12 03:35:06 | 000,605,382 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/12 03:35:06 | 000,129,422 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011/10/12 03:35:06 | 000,107,696 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/12 03:24:52 | 002,319,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/12 03:24:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/12 03:22:37 | 4023,533,568 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/12 02:19:06 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2010556232-2437373572-405493-1000Core.job
[2011/10/12 00:42:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011/10/12 00:26:58 | 000,000,973 | ---- | M] () -- C:\Users\Dawn\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/11 23:48:19 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/10/11 23:48:02 | 001,497,996 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/11 22:30:45 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/10/11 21:23:34 | 000,869,194 | ---- | M] () -- C:\Users\Dawn\Desktop\SecurityCheck.exe
[2011/10/11 21:03:21 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AE9E65B5-E830-4C7E-9D8C-73FB700A3CDC}.job
[2011/10/10 22:29:16 | 000,000,692 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/10 22:27:48 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dawn\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/10 22:08:19 | 001,558,832 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Dawn\Desktop\tdsskillerupdate.exe
[2011/10/10 20:37:59 | 004,251,069 | R--- | M] (Swearware) -- C:\Users\Dawn\Desktop\ComboFix.exe
[2011/10/10 20:32:32 | 000,002,341 | ---- | M] () -- C:\Users\Dawn\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/10/06 21:07:28 | 001,548,592 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Dawn\Desktop\TDSSKiller.exe
[2011/10/06 20:47:35 | 000,124,390 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\SMRResults210.dat
[2011/10/06 03:47:35 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/10/06 00:58:44 | 000,000,089 | ---- | M] () -- C:\Users\Dawn\Desktop\page2.htm
[2011/10/06 00:58:36 | 000,000,089 | ---- | M] () -- C:\Users\Dawn\Desktop\page1.htm
[2011/10/06 00:58:22 | 000,000,210 | ---- | M] () -- C:\Users\Dawn\Desktop\mainpage.htm
[2011/10/02 19:50:01 | 000,000,916 | ---- | M] () -- C:\Users\Dawn\Desktop\Dropbox.lnk
[2011/10/02 19:50:01 | 000,000,896 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/09/29 00:55:38 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

========== Files Created - No Company Name ==========

[2011/10/12 00:42:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011/10/12 00:33:47 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011/10/12 00:26:38 | 000,000,979 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/10/12 00:26:38 | 000,000,973 | ---- | C] () -- C:\Users\Dawn\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/12 00:05:11 | 000,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/10/12 00:05:11 | 000,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/10/11 23:48:19 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/10/11 23:47:14 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/10/11 23:32:15 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2011/10/11 23:32:15 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2011/10/11 23:32:15 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2011/10/11 23:32:15 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2011/10/11 23:32:15 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2011/10/11 23:32:15 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2011/10/11 21:23:31 | 000,869,194 | ---- | C] () -- C:\Users\Dawn\Desktop\SecurityCheck.exe
[2011/10/10 22:29:16 | 000,000,692 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/10 20:39:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/10/10 20:39:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/10/10 20:39:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/10/10 20:39:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/10/10 20:39:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/06 20:47:20 | 000,124,390 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\SMRResults210.dat
[2011/10/06 03:47:35 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/10/06 00:58:43 | 000,000,089 | ---- | C] () -- C:\Users\Dawn\Desktop\page2.htm
[2011/10/06 00:58:35 | 000,000,089 | ---- | C] () -- C:\Users\Dawn\Desktop\page1.htm
[2011/10/06 00:58:21 | 000,000,210 | ---- | C] () -- C:\Users\Dawn\Desktop\mainpage.htm
[2011/10/02 19:42:58 | 000,000,916 | ---- | C] () -- C:\Users\Dawn\Desktop\Dropbox.lnk
[2011/10/02 19:39:13 | 000,000,896 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/09/29 00:55:38 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/09/07 04:33:32 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/04/08 13:48:33 | 000,000,732 | ---- | C] () -- C:\Users\Dawn\AppData\Local\d3d9caps64.dat
[2010/03/16 12:25:32 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/02/05 15:24:54 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2009/12/12 22:25:42 | 018,030,130 | ---- | C] () -- C:\Program Files\vlc-1.0.3-win32.exe
[2009/11/22 23:08:58 | 000,027,528 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\UserTile.png
[2009/11/02 17:47:56 | 000,002,896 | ---- | C] () -- C:\Windows\dhstatus.dat
[2009/10/25 19:57:41 | 000,177,136 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2009/10/08 15:27:45 | 000,002,883 | ---- | C] () -- C:\Windows\checkip.dat
[2009/09/24 01:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/09/11 18:56:29 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/11 18:55:05 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/09/11 18:53:45 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/11 16:40:42 | 000,007,052 | ---- | C] () -- C:\Users\Dawn\AppData\Local\d3d9caps.dat
[2009/09/04 18:16:33 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009/08/24 20:47:19 | 001,497,996 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/08/23 08:01:22 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2009/08/23 01:55:46 | 000,248,320 | ---- | C] () -- C:\Users\Dawn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/23 11:59:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/05/29 17:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 17:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/02/11 09:18:12 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/12/10 18:28:16 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008/01/21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/09/04 13:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007/02/05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2009/11/10 23:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\BitZipper
[2009/08/22 23:39:47 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\DigitalPersona
[2011/10/12 04:04:10 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Dropbox
[2010/02/28 17:38:53 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Facebook
[2011/09/01 13:51:26 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Fingerfox (SE)
[2010/02/07 14:20:15 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\funkitron
[2010/04/23 11:25:14 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Microgaming
[2009/10/21 09:10:07 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Opera
[2009/11/22 23:08:57 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\PeerNetworking
[2009/10/04 19:57:35 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Personal
[2011/10/06 20:29:43 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\SPE
[2011/10/06 02:40:43 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Spotify
[2010/03/16 12:25:30 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Thunderbird
[2009/11/04 13:25:30 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\VistaCodecs
[2011/10/12 03:20:31 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/10/11 21:03:21 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AE9E65B5-E830-4C7E-9D8C-73FB700A3CDC}.job

========== Purity Check ==========



========== Custom Scans ==========


< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/10/02 19:50:06 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/10/02 19:50:06 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/10/02 19:50:06 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2011/10/02 19:50:03 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2011/10/02 19:50:03 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2011/10/02 19:50:03 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -hide [2010/12/18 06:48:23 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -show [2010/12/18 06:48:23 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -reinstall [2010/12/18 06:48:23 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2010/12/18 08:28:35 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2010/12/18 08:28:35 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2011/02/15 23:18:16 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2011/02/15 23:18:16 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2011/02/15 23:18:16 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2011/02/15 23:18:16 | 002,388,264 | ---- | M] (Apple Inc.)

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >
[2010/03/28 21:35:00 | 000,002,924 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Local State
[2010/03/02 14:15:39 | 005,351,424 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom
[2010/03/02 14:15:39 | 000,781,419 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Filter 2
[2010/03/28 21:35:01 | 000,774,144 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Archived History
[2010/03/02 14:13:34 | 000,006,941 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Bookmarks
[2010/03/02 14:13:34 | 000,006,941 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak
[2010/08/16 05:08:37 | 000,010,240 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Cookies
[2010/03/28 21:35:01 | 000,008,077 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Current Session
[2010/03/28 21:35:00 | 000,005,097 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
[2010/03/28 21:35:00 | 001,531,904 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\History
[2010/03/02 14:11:17 | 000,377,856 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\History Index 2009-10
[2010/03/02 14:11:18 | 000,414,720 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\History Index 2009-11
[2010/03/28 21:35:01 | 000,012,288 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\History Index 2009-12
[2010/03/02 14:11:19 | 000,016,384 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\History Index 2010-01
[2010/03/02 14:14:29 | 001,304,576 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\History Index 2010-02
[2010/03/28 21:33:54 | 000,361,472 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\History Index 2010-03
[2010/03/02 14:17:02 | 000,414,732 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Last Session
[2010/03/02 14:17:02 | 000,051,750 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
[2010/03/28 21:35:01 | 000,008,207 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Preferences
[2010/03/28 21:33:53 | 000,139,264 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Thumbnails
[2010/03/28 21:35:01 | 000,262,160 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Visited Links
[2010/03/28 21:33:12 | 000,053,248 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Web Data
[2010/03/02 14:17:02 | 000,017,408 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\localserver.db
[2010/03/02 14:17:02 | 000,019,456 | ---- | M] () -- C:\Users\Dawn\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears\permissions.db

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >
  • 0

Advertisements

#26
SweetTech
Posted 12 October 2011 - 10:50 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hi!

No, I wouldn't worry to much about that windows bubble pop-up message.

We should be able to wrap things up in my next post.


OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
:Processes
KILLALLPROCESSES
:OTL
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
[2009/12/12 22:25:42 | 018,030,130 | ---- | C] () -- C:\Program Files\vlc-1.0.3-win32.exe

:Reg

:Files
echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.

  • 0

#27
Arwen3000
Posted 12 October 2011 - 12:27 PM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi! This is great!! Here's the report from the OTL fix:

****

All processes killed
========== SERVICES/DRIVERS ==========
========== PROCESSES ==========
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Program Files\vlc-1.0.3-win32.exe moved successfully.
========== REGISTRY ==========
========== FILES ==========
< echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c >
Are you sure (Y/N)?processed file: C:\Windows\system32\drivers\etc\hosts
C:\Users\Dawn\Desktop\cmd.bat deleted successfully.
C:\Users\Dawn\Desktop\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Dawn\Desktop\cmd.bat deleted successfully.
C:\Users\Dawn\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Dawn
->Temp folder emptied: 43327 bytes
->Temporary Internet Files folder emptied: 71107 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36051807 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 676494 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 555 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 35.00 mb


[EMPTYFLASH]

User: All Users

User: Dawn
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.29.1 log created on 10122011_201141

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

Registry entries deleted on Reboot...
  • 0

#28
SweetTech
Posted 12 October 2011 - 09:58 PM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Hello,

Your logs appear to be clean, so if you have no further issues with your computer, then please proceed with the following housekeeping procedures outlined below.



Time for some housekeeping
The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK: ComboFix /Uninstall



NEXT:



OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Commands
[ClearAllRestorePoints]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.


NEXT:



OTL Clean-Up

We Need to Clean Up our Mess
Our work on your machine has left considerable leftovers on your box. Let's clean those up real quick:
  • Reopen Posted Image on your desktop.
  • Click on Posted Image
  • You will be prompted to reboot your system. Please do so.
If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.


NEXT:



All Clean Speech

===> Make sure you've re-enabled any Security Programs that we may have disabled during the malware removal process. <===



Below I have included a number of recommendations for how to protect your computer against malware infections.


Updated Anti-Virus Program
It's essential that you have an updated anti-virus program running on your computer. You don't want to run more than one as it can cause program conflicts, as well as false positives

You can view an excellent list of Free Security Software programs that has been compiled by GeekstoGo.


Avoid P2P Programs

Remember that no matter how clean the program you're using for peer-to-peer filesharing may be, it offers no guarantees regarding the cleanliness of files you may choose to download. All files available via p2p filesharing carry a high risk, particularly those that offer you illegitimate methods of using legitimate software programs without paying for them. Some further readings on this subject, along the included links, are as follows: File-Sharing, otherwise known as Peer To Peer and Risks of File-Sharing Technology.

If you have any of these programs installed then I highly suggest you uninstall them.

NOTE: Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.


Internet Browsers

Many of the users that I assist here on the forums, ask me which programs they can use to prevent themselves from getting infected again in the future. The best answer I can give you is too practice safe browsing.

Please consider using an alternative browser such as Google Chrome or Opera. They are both much more secure than Internet Explorer, immune to almost all known browser hijackers, and also have great built-in pop-up blockers.

I also suggest you make your Internet Explore more secure.


Make Internet Explorer more secure

  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.



Extra Goodies

  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them     then consider a password keeper, to keep all your passwords safe.
  • Keep Windows updated by regularly checking their website at: http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.
  • You should run an updated scan with MalwareBytes' Anti-Malware weekly. Instructions are included below:

    • Open Malwarebytes' Anti-Malware
    • Select the Update tab
    • Click Check for Updates

  • Be weary of e-mails from unknown senders. Keep the following in mind as well: If it's to good to be true, then it more than likely is.

  • FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.
  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for Chrome and Opera.
  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:
    Think Prevention.
    PC Safety and Security--What Do I Need?.
**Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.

Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Cheers,
SweetTech.
  • 0

#29
Arwen3000
Posted 13 October 2011 - 07:24 AM

Arwen3000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi! Here's the report from the last OTL fix. It was very brief.

*****

========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.29.1 log created on 10132011_145342

*****

Everything is running great now! Thank you SO MUCH. THANK YOU!!!!!!!!!!!!!!!!!!!
  • 0

#30
SweetTech
Posted 13 October 2011 - 09:48 AM

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
You're more than welcome! I'm glad to have been of assistance.

Please take good care.

Kindest Regards,
SweetTech.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP