Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't connect to internet and links redirects me to another site [


  • This topic is locked This topic is locked

#1
neataznguy

neataznguy

    Member

  • Member
  • PipPip
  • 15 posts
A few days ago I encountered a problem where I go into google or yahoo and search for something, ill click but it redirects me to some ad site then a couple days later i turn on the computer and it doesn't connect to the internet. I restart in safemode to do all te virus/malware/spyware checks and it detects and removes, I go through this process 2 times with both times saying I still have things that hasn't been removed. This process only worked 2 times and now the only way I can get back on is through safe mode with networking. Here's the OTL file

OTL logfile created on: 1/1/2012 8:06:41 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\henry\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.52 Gb Available Physical Memory | 81.55% Memory free
16.00 Gb Paging File | 14.59 Gb Available in Paging File | 91.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 285.94 Gb Free Space | 61.40% Space Free | Partition Type: NTFS
Drive D: | 379.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 7.45 Gb Total Space | 0.60 Gb Free Space | 8.06% Space Free | Partition Type: FAT32

Computer Name: BLACKMONSTER | User Name: henry | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/01 20:06:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\henry\Desktop\OTL.exe
PRC - [2011/12/21 13:39:15 | 000,912,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/02 05:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/08/15 05:49:50 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/07/21 13:59:08 | 001,101,960 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/21 13:39:15 | 000,849,368 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\js3250.dll
MOD - [2011/12/14 00:49:09 | 006,276,768 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/25 18:00:58 | 000,204,288 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/26 13:06:56 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/05/04 09:55:09 | 000,128,384 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/15 08:13:06 | 000,127,272 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV:64bit: - [2009/07/15 08:13:02 | 005,414,184 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2011/12/14 13:03:55 | 003,316,000 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011/09/02 05:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/01/10 14:13:41 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/15 04:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/04/18 03:00:00 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/25 19:05:10 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/25 17:21:58 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/07/21 13:59:08 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011/06/06 14:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/19 00:27:01 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/07/28 23:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010/05/15 03:11:48 | 001,327,520 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010/04/16 08:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/17 10:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 10:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/01/24 21:32:24 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2009/07/15 19:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/06/27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2007/02/16 11:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2007/02/15 16:11:26 | 000,012,976 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2011/12/04 20:20:42 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2011/08/09 22:34:44 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2011/06/24 11:35:48 | 000,045,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Game\SoftnyxGame\GunboundIS\Gun64.sys -- (Gun)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 5C D3 74 3D BA CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...TDF&PC=WLEM&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-US.start3....en-US:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="

FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.com/NxGame: C:\ProgramData\Nexon\NGM\npNxGame.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\henry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/21 13:39:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/21 13:39:16 | 000,000,000 | ---D | M]

[2010/12/01 19:17:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\henry\AppData\Roaming\Mozilla\Extensions
[2011/12/31 15:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\n3y4pmk6.default\extensions
[2011/10/31 00:11:46 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\n3y4pmk6.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2011/08/02 14:33:20 | 000,002,176 | ---- | M] () -- C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\n3y4pmk6.default\searchplugins\bing.xml
[2011/01/19 00:26:59 | 000,002,059 | ---- | M] () -- C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\n3y4pmk6.default\searchplugins\daemon-search.xml
[2011/08/09 19:57:48 | 000,001,211 | ---- | M] () -- C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\n3y4pmk6.default\searchplugins\Mp3Tube.xml
[2011/12/31 15:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/02/03 02:12:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/06/07 23:01:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2010/08/24 01:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/12/24 09:51:15 | 000,000,884 | RH-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 94.63.240.127 www.google.com
O1 - Hosts: 94.63.240.128 www.bing.com
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.11.9.dll (BitComet)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [devicemob] C:\ProgramData\devicemob.exe File not found
O4 - HKLM..\Run: [dplaysvr] C:\Users\henry\AppData\Local\dplaysvr.exe File not found
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [xmlimig] C:\Users\henry\AppData\Roaming\xmlimig.exe File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\henry\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [devicemob] C:\ProgramData\devicemob.exe File not found
O4 - HKCU..\Run: [dplaysvr] C:\Users\henry\AppData\Local\dplaysvr.exe File not found
O4 - HKCU..\Run: [EPSON Stylus Photo 1400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUA.EXE /FU "C:\Windows\TEMP\E_S6141.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [HydraVisionMDEngine] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe (AMD)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [xmlimig] C:\Users\henry\AppData\Roaming\xmlimig.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.11.9.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 76.14.0.8 76.14.0.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86E1ABD9-2324-4ED3-B82C-12BD956108CA}: DhcpNameServer = 76.14.0.8 76.14.0.9
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/11/25 06:05:10 | 000,000,046 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{43d62b6c-5fdc-11e0-a6de-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4c0dbbc3-2349-11e0-9f21-20cf30c8a524}\Shell - "" = AutoRun
O33 - MountPoints2\{4c0dbbc3-2349-11e0-9f21-20cf30c8a524}\Shell\AutoRun\command - "" = E:\INSTALL.EXE
O33 - MountPoints2\{946806a7-e96e-11df-bc27-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{946806a7-e96e-11df-bc27-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Install.exe -- [2009/05/11 13:57:48 | 000,509,414 | R--- | M] (Adobe Systems, Inc.)
O33 - MountPoints2\H\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/01/01 20:06:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\henry\Desktop\OTL.exe
[2012/01/01 19:57:09 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{D26DACB6-791E-4BDA-A2D2-F7E9D441689A}
[2012/01/01 19:51:04 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{3A7005B7-5564-4452-B23D-EE8A4910FAB2}
[2012/01/01 19:48:19 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{832160E0-C870-40BC-9CE3-E4504D59C94E}
[2012/01/01 18:16:35 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{B4E90E13-CB58-4833-BA00-311232726C53}
[2011/12/31 15:47:27 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{26535F0A-7E3B-4082-A0A7-C76A7828DB02}
[2011/12/31 15:47:16 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{6D4078B0-41B8-4301-9595-1B759BC10469}
[2011/12/31 15:44:13 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\PackageAware
[2011/12/31 15:44:02 | 002,374,968 | ---- | C] (iMesh Inc. ) -- C:\Users\henry\Desktop\iMeshV10.exe
[2011/12/31 15:44:02 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Users\henry\Desktop\WinsockxpFix.exe
[2011/12/31 15:38:01 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{2B42C1EE-B492-4F3A-8DFE-6A65BA6A990D}
[2011/12/31 15:34:34 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{FDE44FEB-CAA9-4294-AF5D-3780D0A0D798}
[2011/12/31 15:32:08 | 000,319,552 | ---- | C] (Softonic) -- C:\Users\henry\Desktop\SoftonicDownloader_for_winsockfix.exe
[2011/12/31 15:17:36 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{47200F5C-D338-4481-B619-8E4F36C10FAF}
[2011/12/31 13:53:31 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{ECA6E214-ED96-46C2-B390-BC19102B44D8}
[2011/12/31 13:42:46 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{73BBAFC3-FDCD-4DB8-9C53-A6D710F96A32}
[2011/12/30 15:31:17 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{5034D79C-9576-422B-BE53-AA9F93620F21}
[2011/12/30 15:31:06 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{8A8A835A-2798-47DE-A848-8DCE26E0C103}
[2011/12/30 15:28:36 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\henry\Desktop\TDSSKiller.exe
[2011/12/30 15:08:49 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{C8C4AEFB-281C-4EA6-8222-5FD9B8A4F0CD}
[2011/12/30 00:53:13 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{FE3EEA4C-4FB2-41AA-9524-1DD664A37163}
[2011/12/29 21:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2011/12/29 21:20:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/12/29 21:14:21 | 000,000,000 | ---D | C] -- C:\Users\henry\Desktop\Adobe CS3
[2011/12/29 16:40:11 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pen Tablet
[2011/12/29 12:52:51 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{2DB6B466-1462-42D4-B9E0-54F681DCA9DF}
[2011/12/29 12:52:40 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{40075942-3BC9-4733-B5CC-C9511CF812C5}
[2011/12/29 00:52:17 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{7A15578F-3F51-4269-A420-6767A4969F9D}
[2011/12/29 00:52:07 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{4CD87E7C-2190-4FCD-B1B3-DD336C3CE189}
[2011/12/28 12:51:37 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{9ED8AB7B-FA92-4785-986E-B28680F3C0F4}
[2011/12/28 12:51:26 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{0DF7718A-A21B-41CF-B0C1-9CCD100DECE6}
[2011/12/28 00:47:00 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{F28CB793-59B0-48B0-81A6-5A1918204D78}
[2011/12/28 00:46:49 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{52CB640D-A152-4B92-A83B-F5E11750DEC8}
[2011/12/27 12:46:25 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{EB3A7215-1F9F-4603-9B21-1678C9E2CB18}
[2011/12/27 12:46:15 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{5D218EAD-FF7F-458B-8FE4-BFE45F674F72}
[2011/12/27 00:45:50 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{2B07EB49-0A73-45DE-885F-7C0094DB3DBE}
[2011/12/27 00:45:39 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{FA8A7C94-7EA0-4BAB-B34C-C41313ABAB98}
[2011/12/26 12:45:13 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{E48F0A2C-53EF-4C18-9616-812C58E7BBC5}
[2011/12/26 12:45:02 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{7581E001-7025-4490-BB1D-7B97D7D00CE5}
[2011/12/25 12:15:05 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{A122BD91-8755-42AC-8CBF-F25FA925287C}
[2011/12/25 12:14:55 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{75DDC04A-EBF1-43F4-86E3-0317EA583F1F}
[2011/12/24 13:41:50 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{5817DC05-71FA-422E-8722-1104BB207C54}
[2011/12/24 13:41:39 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{5E20348F-431C-4A97-A78F-0A402D20D2F6}
[2011/12/24 01:41:16 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{9CDDD22A-8E25-4480-AEB6-E1FC396D99F4}
[2011/12/23 13:40:53 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{363292E8-4A51-46B7-BADA-5ECF8506A031}
[2011/12/23 13:40:42 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{D193E99B-080F-44BB-A7CB-895E76832EFA}
[2011/12/23 01:40:17 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{6277E96D-1741-4F4B-8622-7A510DD5CB69}
[2011/12/23 01:40:07 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{07880716-774F-49EA-A436-9ACF01DFF2F5}
[2011/12/22 13:39:42 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{908651CC-1FB5-414A-9C8E-4B9306E00B11}
[2011/12/22 13:39:31 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{D883FA1D-54A8-44B6-AC8C-704237DA4B71}
[2011/12/22 01:39:06 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{F1398A05-3DA2-4563-834C-DDB964819810}
[2011/12/22 01:38:56 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{9A7EF9BC-5849-401D-B71C-F01E1C2C2052}
[2011/12/21 13:38:28 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{2AE15F43-C4B2-4BC2-96A4-4C0A23635289}
[2011/12/21 13:38:18 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{2266409A-B9EC-4349-AC7D-1425ACA2EE05}
[2011/12/20 20:50:06 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{592283AA-94BD-4354-883B-991DCD094E1D}
[2011/12/20 20:49:48 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{207785CE-875F-45B8-BC1D-61EA4A1CD8F4}
[2011/12/20 03:12:50 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{3C055FD7-025B-4903-AF0B-5F0D8356B17F}
[2011/12/20 03:12:39 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{CE87F2FE-7BC2-4B20-9999-C03D2D9CCAA1}
[2011/12/19 15:12:10 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{FDCFBB7E-900F-4BE1-BF50-B15598EFFCF3}
[2011/12/19 15:11:59 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{09C18E8B-C83C-4397-82B6-1A92E602F5BC}
[2011/12/19 03:11:32 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{5B5D4CA6-D21D-425A-9552-A0FD46B530FF}
[2011/12/18 19:07:10 | 000,000,000 | ---D | C] -- C:\Users\henry\Desktop\sky
[2011/12/18 15:11:08 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{AA06EC78-5E75-489A-B330-1B36B50F9300}
[2011/12/18 15:10:55 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{009ED1FE-9C2B-47F8-BAD2-0A2F8A1D9E55}
[2011/12/17 23:46:08 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{719C039C-EFA3-471B-846F-A22FE7C323C1}
[2011/12/17 11:45:44 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{7C1597E4-E4C6-4C16-856E-878636408B48}
[2011/12/16 23:45:21 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{092258A0-1078-4B21-8BE7-447D81E1D9AB}
[2011/12/16 20:12:19 | 000,000,000 | ---D | C] -- C:\Users\henry\Desktop\real final
[2011/12/16 11:44:51 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{98CC8151-0DAC-460B-BBE0-13B30B16B661}
[2011/12/16 11:44:39 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{01EC0B33-459F-4646-AF81-AFE756E16150}
[2011/12/15 22:35:10 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{CBCB74BD-DCC8-48BA-838D-53B2B0A57890}
[2011/12/15 22:34:58 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{3029ACA3-07B8-4DEB-A2D7-D17F7DDE0467}
[2011/12/15 04:34:05 | 000,000,000 | ---D | C] -- C:\Users\henry\Desktop\adv perspective
[2011/12/14 13:44:27 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{0AD35C7E-D27F-49AB-B5C7-53E8532CB596}
[2011/12/14 13:44:17 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{E609AE6B-2401-4D80-9196-3B96B5838434}
[2011/12/14 01:43:51 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{FA33F81C-6518-448E-896E-8BD429E4227E}
[2011/12/13 13:43:29 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{77FFCAEE-4ED9-4799-A603-78B684351510}
[2011/12/13 13:43:18 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{9FD0DEA6-1D78-40EF-A02A-70BEB2271875}
[2011/12/13 01:42:55 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{8EDF21E2-0CE5-40E4-9AE5-7EC16355E006}
[2011/12/12 22:13:28 | 000,000,000 | ---D | C] -- C:\Users\henry\Desktop\close up
[2011/12/12 13:42:33 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{AB36BA6F-D459-4434-B6F0-22F3002851DF}
[2011/12/12 13:42:23 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{35773C31-A7FF-4A78-8999-27A2F71AF54F}
[2011/12/12 01:41:56 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{56B69E78-5CA9-4834-94E9-A8E737579CBB}
[2011/12/11 13:41:24 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{821CFA0E-8F7F-4A4C-947A-401F20CA14B3}
[2011/12/11 13:41:10 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{083E85B5-0D22-4DBF-892E-702418BCCE0E}
[2011/12/10 18:14:06 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{80358041-186B-4455-9D28-57F4CAB43F7F}
[2011/12/10 18:13:54 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{D9BEB169-6B38-483E-B5DE-144BAD12E266}
[2011/12/10 00:58:39 | 000,000,000 | ---D | C] -- C:\Users\henry\Desktop\final final
[2011/12/09 18:50:08 | 005,429,372 | ---- | C] (Phyxion.net ) -- C:\Users\henry\Desktop\DriverSweeper_3.2.0.exe
[2011/12/09 18:47:06 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{C2662384-F1B3-4930-B69D-39073725F774}
[2011/12/09 18:46:45 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{A5092359-AA54-4001-B31C-C006D72A4C09}
[2011/12/09 18:35:10 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\ElevatedDiagnostics
[2011/12/09 18:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/12/09 18:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/12/09 17:58:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net
[2011/12/09 17:58:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phyxion.net
[2011/12/09 17:58:20 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Roaming\OpenCandy
[2011/12/09 13:35:09 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{75F8D8E9-1C09-43CC-A6A4-949583E71CFE}
[2011/12/09 13:34:59 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{3F9132FB-B1E1-4992-944C-DDA6B95E0E0B}
[2011/12/09 01:34:34 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{FCAA89E8-6A25-46E8-8861-16E06B91D3FA}
[2011/12/09 01:34:23 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{92315A5E-2E4D-418F-9CB2-FA359158F3B0}
[2011/12/08 13:33:58 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{56287DB6-D1F4-4B1B-A1B6-E22682F11C69}
[2011/12/08 13:33:47 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{7071E995-E611-47EF-B556-0C04942A92B5}
[2011/12/08 01:33:22 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{0489198A-80C4-460E-8FBB-9C6B957EA1BA}
[2011/12/08 01:33:11 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{71328691-35AE-4FF3-A94B-D11409F10281}
[2011/12/07 13:32:44 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{87D17429-4A58-4009-A4F5-188980C04786}
[2011/12/07 13:32:34 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{7118D9B9-3898-40D5-B0D5-1C6F43454A3A}
[2011/12/07 01:32:09 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{57272337-0AB5-4F46-B038-ABCCBB009CB3}
[2011/12/07 01:31:58 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{0DD294BC-CB4B-497F-AB23-740B7A1380A4}
[2011/12/06 13:31:27 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{BFD9C67E-C66B-4B32-A025-DDA085DC5095}
[2011/12/06 13:31:12 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{1D9327E4-CEE1-4260-933C-EB7DB4D22327}
[2011/12/06 01:00:54 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{DB37C01C-306B-470A-9659-58F84C28F005}
[2011/12/06 01:00:41 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{FE45E2EE-B397-47D6-8814-0484131C4149}
[2011/12/05 13:00:14 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{C870E4F5-8398-45B7-B325-A73D2DA54C0A}
[2011/12/05 13:00:00 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{91124501-8162-4AA7-9D69-07DFF600650B}
[2011/12/05 12:52:10 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{39B204BD-9125-4F53-9591-5053DA82CDDD}
[2011/12/04 20:20:42 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2011/12/04 20:20:42 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\eSupport.com
[2011/12/04 20:16:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner
[2011/12/04 20:16:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverTuner
[2011/12/04 20:16:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/12/04 19:26:04 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{67F4D077-F265-4E56-9C78-DD11A04A17E3}
[2011/12/04 19:25:53 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{4B90CF47-4198-4D69-A5B8-CEC2B38BEF59}
[2011/12/04 00:02:03 | 000,000,000 | ---D | C] -- C:\Users\henry\Desktop\adv perpectve
[2011/12/03 23:18:50 | 000,000,000 | ---D | C] -- C:\AMD
[2011/12/03 20:39:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/12/03 19:42:41 | 000,792,704 | ---- | C] (AMD) -- C:\Users\henry\Desktop\amddriverdownloader.exe
[2011/12/03 19:10:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011/12/03 19:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Problem Report Wizard
[2011/12/03 19:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/12/03 19:07:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/12/03 19:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/12/03 18:19:37 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{06CF5469-18FD-4654-B2E5-66F1DED01577}
[2011/12/03 18:19:22 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{0FD64352-26D2-451C-8AEE-18C3EBE185DC}
[2011/12/03 01:25:48 | 000,000,000 | ---D | C] -- C:\Users\henry\AppData\Local\{DCA77C36-9341-411C-B331-EEADD2A28851}
[2009/11/19 21:08:02 | 003,749,224 | ---- | C] (Acresso Software Inc.) -- C:\Program Files (x86)\Common Files\adlmint_libFNP.dll
[2009/11/19 21:08:02 | 002,941,288 | ---- | C] (Autodesk, Inc.) -- C:\Program Files (x86)\Common Files\adlmint.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/01 20:08:13 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012/01/01 20:06:38 | 000,780,156 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/01 20:06:38 | 000,660,732 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/01 20:06:38 | 000,121,402 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/01 20:06:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\henry\Desktop\OTL.exe
[2012/01/01 20:02:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/01 20:02:06 | 2146,873,343 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/01 20:01:22 | 000,016,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/01 20:01:22 | 000,016,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/01 03:22:48 | 000,319,552 | ---- | M] (Softonic) -- C:\Users\henry\Desktop\SoftonicDownloader_for_winsockfix.exe
[2011/12/31 20:04:06 | 000,773,880 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/31 15:44:44 | 000,000,145 | ---- | M] () -- C:\Users\henry\Desktop\Continue iMesh installation.url
[2011/12/31 15:44:10 | 002,374,968 | ---- | M] (iMesh Inc. ) -- C:\Users\henry\Desktop\iMeshV10.exe
[2011/12/31 15:44:06 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Users\henry\Desktop\WinsockxpFix.exe
[2011/12/30 23:34:32 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/12/30 23:34:32 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/12/30 15:28:21 | 001,558,406 | ---- | M] () -- C:\Users\henry\Desktop\tdsskiller.zip
[2011/12/29 03:22:45 | 000,029,989 | ---- | M] () -- C:\Users\henry\Desktop\32110_445388931123_692166123_5882715_6949756_n.jpg
[2011/12/29 01:54:30 | 003,869,000 | ---- | M] () -- C:\Users\henry\Desktop\raz.jpg
[2011/12/28 13:07:21 | 001,916,843 | ---- | M] () -- C:\Users\henry\Desktop\imahes.jpg
[2011/12/25 18:59:43 | 000,010,752 | ---- | M] () -- C:\Users\henry\Desktop\exefix_xp.com
[2011/12/25 17:58:19 | 000,000,242 | ---- | M] () -- C:\Windows\wininit.ini
[2011/12/24 13:20:42 | 000,183,544 | ---- | M] () -- C:\Users\henry\Desktop\ryu.jpg
[2011/12/24 12:44:23 | 000,112,857 | ---- | M] () -- C:\Users\henry\Desktop\SFXT-Box-Art-Reveal.jpg
[2011/12/24 09:51:18 | 000,033,280 | -HS- | M] () -- C:\Users\henry\AppData\Local\dplayx.dll
[2011/12/24 02:24:45 | 000,265,382 | ---- | M] () -- C:\Users\henry\Desktop\Untitled-1.jpg
[2011/12/23 14:52:26 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\henry\Desktop\TDSSKiller.exe
[2011/12/22 13:16:54 | 000,054,110 | ---- | M] () -- C:\Users\henry\Desktop\Tekken_6_BR_Nina.jpg
[2011/12/18 03:52:27 | 003,735,257 | ---- | M] () -- C:\Users\henry\Desktop\Henry_Ong_Resume_kabam.pdf
[2011/12/18 01:01:34 | 013,748,889 | ---- | M] () -- C:\Users\henry\Desktop\1_-_More_Revealing_Redesigns-759-1-2.zip
[2011/12/18 01:00:21 | 017,089,678 | ---- | M] () -- C:\Users\henry\Desktop\4_-_Amazing_Nocturnal_Robes_Pack-759-1-2.zip
[2011/12/18 00:15:05 | 000,836,939 | ---- | M] () -- C:\Users\henry\Desktop\Fire_Dog-3487-1.rar
[2011/12/17 23:21:05 | 000,000,648 | ---- | M] () -- C:\Users\henry\Desktop\Hroki_Wife_Companion-3983--8.rar
[2011/12/17 22:54:51 | 000,475,538 | ---- | M] () -- C:\Users\henry\Desktop\SkyrimDance-2658-1.7z
[2011/12/17 22:54:17 | 000,155,848 | ---- | M] () -- C:\Users\henry\Desktop\DragonBorn_Shuffle-2658-1.7z
[2011/12/17 17:07:55 | 000,907,073 | ---- | M] () -- C:\Users\henry\Desktop\IMG_2836.JPG
[2011/12/17 17:07:53 | 001,008,311 | ---- | M] () -- C:\Users\henry\Desktop\IMG_2841.JPG
[2011/12/17 17:07:53 | 000,866,135 | ---- | M] () -- C:\Users\henry\Desktop\IMG_2839.JPG
[2011/12/17 17:07:53 | 000,820,874 | ---- | M] () -- C:\Users\henry\Desktop\IMG_2840.JPG
[2011/12/17 17:07:47 | 000,953,069 | ---- | M] () -- C:\Users\henry\Desktop\IMG_2838.JPG
[2011/12/17 07:58:52 | 009,330,207 | ---- | M] () -- C:\Users\henry\Desktop\page 1.jpg
[2011/12/17 06:59:42 | 259,862,759 | ---- | M] () -- C:\Users\henry\Desktop\page2.psd
[2011/12/17 04:40:49 | 400,328,363 | ---- | M] () -- C:\Users\henry\Desktop\page 1.psd
[2011/12/16 22:12:51 | 000,912,809 | ---- | M] () -- C:\Users\henry\Desktop\number 16.jpg
[2011/12/14 13:03:19 | 004,836,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/12 04:22:18 | 038,855,475 | ---- | M] () -- C:\Users\henry\Desktop\new guy.psd
[2011/12/11 15:37:38 | 000,095,484 | ---- | M] () -- C:\Users\henry\Desktop\painted-stucco-texture-600x400.jpg
[2011/12/11 15:37:16 | 000,000,000 | ---- | M] () -- C:\Users\henry\Desktop\Rough_Stucco_Texture_by_GrungeTextures.jpg
[2011/12/11 13:38:36 | 334,445,123 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/12/09 18:50:11 | 005,429,372 | ---- | M] (Phyxion.net ) -- C:\Users\henry\Desktop\DriverSweeper_3.2.0.exe
[2011/12/08 02:36:11 | 020,873,251 | ---- | M] () -- C:\Users\henry\Desktop\thumb2-1.psd
[2011/12/04 20:20:42 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2011/12/03 19:42:42 | 000,792,704 | ---- | M] (AMD) -- C:\Users\henry\Desktop\amddriverdownloader.exe
[2011/12/03 03:03:30 | 064,368,378 | ---- | M] () -- C:\Users\henry\Desktop\final 1.psd
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/01 19:52:44 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/12/31 15:44:44 | 000,000,145 | ---- | C] () -- C:\Users\henry\Desktop\Continue iMesh installation.url
[2011/12/30 15:28:17 | 001,558,406 | ---- | C] () -- C:\Users\henry\Desktop\tdsskiller.zip
[2011/12/29 21:21:13 | 000,001,580 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS3.lnk
[2011/12/29 03:22:45 | 000,029,989 | ---- | C] () -- C:\Users\henry\Desktop\32110_445388931123_692166123_5882715_6949756_n.jpg
[2011/12/29 01:54:28 | 003,869,000 | ---- | C] () -- C:\Users\henry\Desktop\raz.jpg
[2011/12/28 13:07:19 | 001,916,843 | ---- | C] () -- C:\Users\henry\Desktop\imahes.jpg
[2011/12/25 18:59:42 | 000,010,752 | ---- | C] () -- C:\Users\henry\Desktop\exefix_xp.com
[2011/12/25 17:58:18 | 000,000,242 | ---- | C] () -- C:\Windows\wininit.ini
[2011/12/24 12:44:23 | 000,112,857 | ---- | C] () -- C:\Users\henry\Desktop\SFXT-Box-Art-Reveal.jpg
[2011/12/24 11:12:24 | 000,033,280 | -HS- | C] () -- C:\Users\henry\AppData\Local\dplayx.dll
[2011/12/24 02:24:43 | 000,265,382 | ---- | C] () -- C:\Users\henry\Desktop\Untitled-1.jpg
[2011/12/22 13:16:54 | 000,054,110 | ---- | C] () -- C:\Users\henry\Desktop\Tekken_6_BR_Nina.jpg
[2011/12/21 02:11:54 | 000,183,544 | ---- | C] () -- C:\Users\henry\Desktop\ryu.jpg
[2011/12/18 03:52:18 | 003,735,257 | ---- | C] () -- C:\Users\henry\Desktop\Henry_Ong_Resume_kabam.pdf
[2011/12/18 01:01:14 | 013,748,889 | ---- | C] () -- C:\Users\henry\Desktop\1_-_More_Revealing_Redesigns-759-1-2.zip
[2011/12/18 00:59:53 | 017,089,678 | ---- | C] () -- C:\Users\henry\Desktop\4_-_Amazing_Nocturnal_Robes_Pack-759-1-2.zip
[2011/12/18 00:15:05 | 000,836,939 | ---- | C] () -- C:\Users\henry\Desktop\Fire_Dog-3487-1.rar
[2011/12/17 23:21:05 | 000,000,648 | ---- | C] () -- C:\Users\henry\Desktop\Hroki_Wife_Companion-3983--8.rar
[2011/12/17 22:54:50 | 000,475,538 | ---- | C] () -- C:\Users\henry\Desktop\SkyrimDance-2658-1.7z
[2011/12/17 22:54:15 | 000,155,848 | ---- | C] () -- C:\Users\henry\Desktop\DragonBorn_Shuffle-2658-1.7z
[2011/12/17 17:07:55 | 000,907,073 | ---- | C] () -- C:\Users\henry\Desktop\IMG_2836.JPG
[2011/12/17 17:07:53 | 001,008,311 | ---- | C] () -- C:\Users\henry\Desktop\IMG_2841.JPG
[2011/12/17 17:07:53 | 000,866,135 | ---- | C] () -- C:\Users\henry\Desktop\IMG_2839.JPG
[2011/12/17 17:07:53 | 000,820,874 | ---- | C] () -- C:\Users\henry\Desktop\IMG_2840.JPG
[2011/12/17 17:07:47 | 000,953,069 | ---- | C] () -- C:\Users\henry\Desktop\IMG_2838.JPG
[2011/12/17 07:58:41 | 009,330,207 | ---- | C] () -- C:\Users\henry\Desktop\page 1.jpg
[2011/12/17 05:49:48 | 259,862,759 | ---- | C] () -- C:\Users\henry\Desktop\page2.psd
[2011/12/17 04:34:12 | 400,328,363 | ---- | C] () -- C:\Users\henry\Desktop\page 1.psd
[2011/12/14 04:17:14 | 000,912,809 | ---- | C] () -- C:\Users\henry\Desktop\number 16.jpg
[2011/12/11 21:35:42 | 038,855,475 | ---- | C] () -- C:\Users\henry\Desktop\new guy.psd
[2011/12/11 15:37:38 | 000,095,484 | ---- | C] () -- C:\Users\henry\Desktop\painted-stucco-texture-600x400.jpg
[2011/12/11 15:37:16 | 000,000,000 | ---- | C] () -- C:\Users\henry\Desktop\Rough_Stucco_Texture_by_GrungeTextures.jpg
[2011/12/03 19:22:35 | 334,445,123 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/12/03 03:03:29 | 064,368,378 | ---- | C] () -- C:\Users\henry\Desktop\final 1.psd
[2011/10/25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/25 17:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/10/25 17:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/09/12 14:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/03 21:33:50 | 000,110,592 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/08/12 22:33:35 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/08/12 22:33:35 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/05/24 22:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/04/02 17:09:32 | 000,000,026 | ---- | C] () -- C:\ProgramData\DigiCel.ini
[2011/04/01 23:00:54 | 000,000,246 | ---- | C] () -- C:\Windows\kaillera.ini
[2011/03/21 21:47:31 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/02/08 11:41:57 | 000,773,880 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/04 13:13:46 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/12/04 13:13:46 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/12/04 13:13:46 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/12/04 13:13:46 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/12/04 13:13:46 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/12/04 13:13:46 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/12/04 13:13:46 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/12/04 13:13:46 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/12/04 13:13:46 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/12/04 13:13:46 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/12/04 13:13:46 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/12/04 13:13:46 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/12/04 13:13:46 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/12/04 13:13:46 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/12/04 13:13:46 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/12/04 13:13:46 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/12/04 13:12:12 | 000,000,083 | ---- | C] () -- C:\Windows\EPSP1400.ini
[2010/12/01 19:17:19 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/10/04 22:12:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/10/04 21:57:51 | 000,031,042 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010/10/04 21:57:06 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2010/10/04 21:56:04 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/10/04 21:55:58 | 000,023,465 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/08 17:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 04:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

========== LOP Check ==========

[2010/12/01 19:18:36 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\acccore
[2011/01/10 14:30:02 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\Autodesk
[2011/12/30 03:13:47 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\BitComet
[2011/06/13 23:28:02 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\com.doubleperfect.ggpo
[2011/01/19 00:33:54 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\DAEMON Tools Lite
[2011/04/02 17:09:32 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\DigiCel
[2010/12/04 13:16:35 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\Leadertech
[2011/03/14 12:28:11 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\LolClient
[2011/12/09 17:58:23 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\OpenCandy
[2010/12/16 12:37:11 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\Opera
[2011/01/30 01:09:19 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\Sega
[2011/03/14 00:17:15 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\Smith Micro
[2011/12/22 03:42:29 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\SoftGrid Client
[2010/12/10 23:45:35 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/02/10 02:14:26 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\Supercade
[2011/02/08 11:42:40 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\TP
[2010/12/22 21:07:07 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\WindSolutions
[2011/06/01 13:42:12 | 000,000,000 | ---D | M] -- C:\Users\henry\AppData\Roaming\WTouch
[2012/01/01 20:08:13 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/12/03 20:29:36 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Edited by SweetTech, 03 January 2012 - 03:33 AM.
moved from Web Browsers and Email to Malware forum.--ST

  • 0

Advertisements


#2
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  • Push the Posted Image button.
  • A report will open, copy and paste it in a reply here:
    • OTL.txt <-- Will be opened

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti
  • 0

#3
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP