Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

AV Protection 2011 Internet Problems

Started by Renais , Nov 21 2011 02:54 PM

  • Please log in to reply

#1
Renais
Posted 21 November 2011 - 02:54 PM

Renais

    New Member

  • Member
  • Pip
  • 1 posts
While browsing through a manga website, AV Protection 2011 popped up along with a Rootkit. Malwarebytes removed them, but problems such as lack of internet connection along with some files such as visual C++ have stopped working. TDSS couldn't find other problems, so I ran OTL and this is what the log says:


OTL logfile created on: 11/21/2011 12:30:28 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\YULS ARRIOLA\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 72.88% Memory free
3.60 Gb Paging File | 3.30 Gb Available in Paging File | 91.60% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 280.02 Gb Free Space | 60.12% Space Free | Partition Type: NTFS
Drive E: | 1.86 Gb Total Space | 0.89 Gb Free Space | 47.86% Space Free | Partition Type: FAT32

Computer Name: WOTAMIN | User Name: YULS ARRIOLA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/21 12:26:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YULS ARRIOLA\desktop\OTL.com
PRC - [2011/09/27 19:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2011/09/06 12:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 12:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/01 23:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/02/04 00:28:07 | 000,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe
PRC - [2009/10/16 12:10:34 | 000,589,824 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdxcoms.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/10/15 17:45:22 | 000,413,696 | ---- | M] () -- C:\Program Files\Wireless LAN\WlanUtil.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/20 08:55:59 | 001,618,432 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11112001\algo.dll
MOD - [2011/11/15 03:59:54 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11112001\aswRep.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/16 06:55:10 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/02/05 10:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2010/02/03 23:39:11 | 000,364,544 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\iptk.dll
MOD - [2009/10/16 12:12:44 | 000,162,816 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxdrui.dll
MOD - [2009/10/16 12:12:44 | 000,147,968 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdxdrpp.dll
MOD - [2009/10/16 12:12:43 | 000,230,912 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxdr.dll
MOD - [2009/10/16 12:09:08 | 000,811,008 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxptpc.dll
MOD - [2009/01/15 11:42:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008/04/14 04:42:04 | 000,562,176 | ---- | M] () -- C:\WINDOWS\system32\qedit.dll
MOD - [2008/04/14 04:42:04 | 000,386,048 | ---- | M] () -- C:\WINDOWS\system32\qdvd.dll
MOD - [2008/04/14 04:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 04:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/06 04:11:34 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxptp.dll
MOD - [2004/10/15 17:45:22 | 000,413,696 | ---- | M] () -- C:\Program Files\Wireless LAN\WlanUtil.exe
MOD - [2004/09/21 17:59:50 | 000,040,960 | ---- | M] () -- C:\Program Files\Wireless LAN\ZDWlan.dll
MOD - [2004/09/03 15:11:52 | 000,200,704 | ---- | M] () -- C:\Program Files\Wireless LAN\dot1x_dll.dll
MOD - [2004/03/05 14:00:58 | 000,155,648 | ---- | M] () -- C:\Program Files\Wireless LAN\ssleay32.dll
MOD - [2004/03/05 14:00:26 | 000,827,392 | ---- | M] () -- C:\Program Files\Wireless LAN\libeay32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/09/27 19:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/09/06 12:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/16 12:10:34 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdxcoms.exe -- (lxdx_device)
SRV - [2009/10/16 12:00:50 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/10/20 10:58:48 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/09/06 12:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 12:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 12:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 12:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 12:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 12:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 12:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/03/12 01:25:12 | 005,051,904 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/11/12 00:58:38 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008/08/05 04:10:12 | 001,684,736 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/07/31 18:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/07/31 18:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/01/03 23:41:48 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/02/04 14:48:46 | 000,247,296 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (ZD1211U(WLAN)) IEEE 802.11g USB Wireless LAN Driver(WLAN)
DRV - [2004/01/14 10:30:00 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ZDPNDIS5.sys -- (ZDPNDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..keyword.URL: "http://search.yahoo....type=937811&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/14 16:38:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/30 05:02:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/23 19:41:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Mozilla\Extensions
[2011/11/16 06:25:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Mozilla\Firefox\Profiles\0zd0953w.default\extensions
[2011/10/28 05:29:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/05 18:30:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\YULS ARRIOLA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0ZD0953W.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
[2011/09/14 16:38:54 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/11/05 16:34:59 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011/10/05 18:30:20 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/10/28 05:29:27 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\FF
[2011/09/30 05:02:25 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/11 19:16:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/11/21 11:49:20 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [lxdxmon.exe] C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\Wireless LAN\WlanUtil.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E28DD7F-34F0-4083-85ED-59C9FA1E3336}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FFBEEA6-A236-4503-9C70-371F9EEBD0FC}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\YULS ARRIOLA\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\YULS ARRIOLA\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/23 18:57:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/08/28 22:03:35 | 000,000,067 | ---- | M] () - C:\AutoHotkey.ahk -- [ NTFS ]
O33 - MountPoints2\{4a4ba041-cdc0-11e0-8b28-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{4a4ba041-cdc0-11e0-8b28-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4a4ba041-cdc0-11e0-8b28-806d6172696f}\Shell\AutoRun\command - "" = D:\DVDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/21 12:26:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\YULS ARRIOLA\Desktop\OTL.com
[2011/11/21 11:32:23 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\YULS ARRIOLA\Desktop\tdsskiller.exe
[2011/11/21 00:15:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\o22oonF44mH5sJf
[2011/11/21 00:15:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\FLLL8gTTZqYCwIr
[2011/11/21 00:15:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\aVVVellOBt
[2011/11/21 00:15:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\XzzzP0yycAivDoF
[2011/11/17 00:21:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\My Documents\Spanish
[2011/11/13 10:29:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\Local Settings\Application Data\The Weather Channel
[2011/11/12 17:02:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\My Documents\English
[2011/11/06 14:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\My Documents\Fire Emblem Hacks
[2011/11/04 23:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\Desktop\Original Text Edit fe8
[2011/11/04 23:15:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\My Documents\OneNote Notebooks
[2011/11/04 23:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Hextator
[2011/11/04 22:24:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\My Documents\VBA
[2011/11/04 21:20:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\My Documents\Nightmare 2
[2011/11/04 21:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\My Documents\Tsukiyomi
[2011/11/02 18:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Malwarebytes
[2011/11/02 18:51:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/02 18:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/11/02 18:51:15 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/02 18:51:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/02 18:39:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/11/02 18:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\AoA Audio Extractor Platinum
[2011/10/28 08:51:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\YouTube Downloader
[2011/10/28 05:29:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Search Settings
[2011/10/28 05:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader Toolbar
[2011/10/28 05:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2011/10/28 05:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011/08/24 10:52:05 | 000,409,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcoin.dll
[2011/08/24 10:51:33 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxserv.dll
[2011/08/24 10:51:33 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxusb1.dll
[2011/08/24 10:51:33 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxhbn3.dll
[2011/08/24 10:51:33 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxpmui.dll
[2011/08/24 10:51:33 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxlmpm.dll
[2011/08/24 10:51:33 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDXhcp.dll
[2011/08/24 10:51:33 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxinpa.dll
[2011/08/24 10:51:33 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxiesc.dll
[2011/08/24 10:51:33 | 000,315,392 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxih.exe
[2011/08/24 10:51:33 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxprox.dll
[2011/08/24 10:51:32 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomc.dll
[2011/08/24 10:51:32 | 000,589,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcoms.exe
[2011/08/24 10:51:32 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomm.dll
[2011/08/24 10:51:32 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcfg.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/21 12:26:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YULS ARRIOLA\Desktop\OTL.com
[2011/11/21 12:05:22 | 000,442,500 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/21 12:05:22 | 000,069,534 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/21 12:01:21 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011/11/21 12:01:10 | 000,207,407 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/11/21 12:01:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/21 11:37:42 | 000,058,368 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/21 11:34:54 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\YULS ARRIOLA\Desktop\tdsskiller.exe
[2011/11/21 00:46:44 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/11/20 10:58:45 | 000,057,729 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\300815_201085669960387_152384944830460_467944_885687367_n.jpg
[2011/11/19 02:35:14 | 000,002,533 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/11/19 02:00:00 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-WOTAMIN-YULS ARRIOLA.job
[2011/11/17 17:13:55 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes (2).lnk
[2011/11/17 00:48:42 | 000,003,336 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\aww.gif
[2011/11/17 00:48:42 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Adobe GIF Format CS5 Prefs
[2011/11/12 10:49:53 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/11 23:40:35 | 000,009,870 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\test2.png
[2011/11/10 19:40:58 | 000,008,012 | ---- | M] () -- C:\Advance Guardian Heroes.clt
[2011/11/09 01:27:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/09 00:27:34 | 000,008,012 | ---- | M] () -- C:\Dragonball Z - Supersonic Warriors.clt
[2011/11/08 20:40:13 | 000,008,012 | ---- | M] () -- C:\Naruto - Ninja Council 2.clt
[2011/11/06 18:46:04 | 000,008,012 | ---- | M] () -- C:\1828 - Kingdom Hearts - Chain of Memories (U).clt
[2011/11/04 23:15:10 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/11/04 05:25:01 | 000,042,292 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\9982359050.jpg
[2011/11/02 18:51:19 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/01 20:30:31 | 000,008,652 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\celeste.png
[2011/10/31 22:23:50 | 001,342,439 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\840433.jpg
[2011/10/30 19:58:40 | 000,010,637 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\test1.png
[2011/10/28 05:28:40 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YouTube Downloader.lnk
[2011/10/26 22:20:21 | 000,011,525 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\309740_10150348938932613_573457612_8470250_1540966684_n.jpg
[2011/10/26 16:12:42 | 000,015,601 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\300415_2032970631870_1472282837_31632570_853649242_n.jpg
[2011/10/23 15:23:24 | 000,037,596 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\102111_50off_web_coupon.gif
[2011/10/23 15:22:44 | 000,180,541 | ---- | M] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\ab_signup_email_01.jpg
[2011/10/23 09:23:16 | 000,013,744 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/20 10:58:45 | 000,057,729 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\300815_201085669960387_152384944830460_467944_885687367_n.jpg
[2011/11/17 17:13:55 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes (2).lnk
[2011/11/17 00:48:42 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Adobe GIF Format CS5 Prefs
[2011/11/17 00:48:38 | 000,003,336 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\aww.gif
[2011/11/12 10:49:52 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/11 23:40:35 | 000,009,870 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\test2.png
[2011/11/10 19:40:58 | 000,008,012 | ---- | C] () -- C:\Advance Guardian Heroes.clt
[2011/11/09 00:22:57 | 000,008,012 | ---- | C] () -- C:\Dragonball Z - Supersonic Warriors.clt
[2011/11/08 20:40:13 | 000,008,012 | ---- | C] () -- C:\Naruto - Ninja Council 2.clt
[2011/11/05 00:05:49 | 000,008,012 | ---- | C] () -- C:\1828 - Kingdom Hearts - Chain of Memories (U).clt
[2011/11/04 23:15:10 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/11/04 22:19:54 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\readme.html
[2011/11/04 05:25:01 | 000,042,292 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\9982359050.jpg
[2011/11/02 18:51:19 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/01 20:30:31 | 000,008,652 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\celeste.png
[2011/10/31 22:22:56 | 001,342,439 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\840433.jpg
[2011/10/30 19:57:48 | 000,010,637 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\test1.png
[2011/10/28 05:28:40 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\YouTube Downloader.lnk
[2011/10/26 22:20:21 | 000,011,525 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\My Documents\309740_10150348938932613_573457612_8470250_1540966684_n.jpg
[2011/10/26 16:12:41 | 000,015,601 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\300415_2032970631870_1472282837_31632570_853649242_n.jpg
[2011/10/23 15:23:24 | 000,037,596 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\102111_50off_web_coupon.gif
[2011/10/23 15:22:44 | 000,180,541 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\Desktop\ab_signup_email_01.jpg
[2011/10/16 21:15:02 | 000,028,500 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/08/29 00:37:14 | 000,000,093 | ---- | C] () -- C:\WINDOWS\GECKOS.INI
[2011/08/24 10:52:07 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdxvs.dll
[2011/08/24 10:51:53 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdxdrs.dll
[2011/08/24 10:51:53 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdxcaps.dll
[2011/08/24 10:51:53 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdxcnv4.dll
[2011/08/24 10:51:33 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDXinst.dll
[2011/08/24 10:51:32 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdxgrd.dll
[2011/08/24 00:05:47 | 000,058,368 | ---- | C] () -- C:\Documents and Settings\YULS ARRIOLA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/23 19:09:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2011/08/23 19:09:43 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[2011/08/23 19:04:35 | 000,004,984 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/08/23 18:59:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/08/23 18:56:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/08/23 11:45:21 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/08/23 11:44:28 | 003,462,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/15 11:42:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/01/15 11:42:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/01/15 11:42:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/01/15 11:42:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/01/15 11:42:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/01/15 11:42:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/01/15 11:42:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/01/15 11:42:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2004/08/04 04:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 04:00:00 | 000,442,500 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 04:00:00 | 000,069,534 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 04:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 04:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011/08/23 20:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/10/20 10:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/10/21 09:00:32 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\DSS
[2011/10/20 11:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2011/10/20 11:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2011/10/21 07:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin
[2011/09/14 20:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011/11/02 18:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/10/28 05:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
[2011/08/23 20:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/11/21 00:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\aVVVellOBt
[2011/10/20 11:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\DAEMON Tools Lite
[2011/11/21 00:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\FLLL8gTTZqYCwIr
[2011/09/10 00:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\GlarySoft
[2011/11/04 23:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Hextator
[2011/11/21 00:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\o22oonF44mH5sJf
[2011/10/28 05:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Orbit
[2011/10/20 13:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Origin
[2011/09/09 23:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\ProgSense
[2011/10/28 05:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\Search Settings
[2011/10/16 20:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/10/31 23:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\uTorrent
[2011/11/21 00:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\XzzzP0yycAivDoF
[2011/10/28 08:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YULS ARRIOLA\Application Data\YouTube Downloader
[2011/11/21 12:01:21 | 000,000,326 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP