Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Loss of internet when opening FireFox


  • Please log in to reply

#1
gopostal

gopostal

    Member

  • Member
  • PipPip
  • 11 posts
Just like it says in the title. When I open FF most times I lose internet connection for up to a half-minute. Once it goes through this cycle it calms down and things do pretty much ok. It will do it occasionally on opening a new page too though. AVG system scan as well as MalWareBytes scan are all clean.
I appreciate your guys time. Does anything seem to jump out? I have HotSpotShield installed but rarely use it and this happens when I am not using the program.
OTL log:

OTL logfile created on: 1/16/2012 5:12:39 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Home\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 5.32 Gb Available Physical Memory | 66.48% Memory free
16.00 Gb Paging File | 13.37 Gb Available in Paging File | 83.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1383.86 Gb Total Space | 1198.92 Gb Free Space | 86.64% Space Free | Partition Type: NTFS
Drive D: | 13.31 Gb Total Space | 1.64 Gb Free Space | 12.31% Space Free | Partition Type: NTFS
Drive E: | 4.38 Gb Total Space | 0.02 Gb Free Space | 0.42% Space Free | Partition Type: UDF
Drive F: | 298.09 Gb Total Space | 245.17 Gb Free Space | 82.25% Space Free | Partition Type: NTFS

Computer Name: HOME-HP | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/16 05:11:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Downloads\OTL.exe
PRC - [2012/01/06 22:22:21 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/12/16 17:44:38 | 000,331,096 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2011/12/16 13:28:20 | 000,141,640 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
PRC - [2011/12/16 13:16:36 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2011/12/16 13:16:34 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011/10/06 03:58:34 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/09/22 11:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/09/10 05:28:50 | 002,338,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2011/08/18 00:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/03/07 06:15:04 | 001,549,824 | ---- | M] (GlobalSCAPE Texas, LP.) -- C:\Program Files (x86)\GlobalSCAPE\CuteFTP 8 Professional\ftpte.exe
PRC - [2011/03/07 06:15:03 | 002,482,176 | ---- | M] (GlobalSCAPE Texas, LP.) -- C:\Program Files (x86)\GlobalSCAPE\CuteFTP 8 Professional\cuteftppro.exe
PRC - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/10 04:14:56 | 001,380,352 | ---- | M] () -- C:\UnrealTournament\System\UnrealEd.exe
PRC - [2010/09/28 08:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/08/15 22:24:26 | 003,371,872 | ---- | M] (ConTEXT Project Ltd) -- C:\Program Files (x86)\ConTEXT\ConTEXT.exe
PRC - [2009/04/25 16:37:46 | 000,061,440 | ---- | M] (jz-productions) -- C:\Users\Home\Desktop\UccComp v2.exe
PRC - [2008/04/26 09:17:42 | 001,143,808 | ---- | M] (medium) -- C:\utServerMonitor271\utServerMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/06 22:22:21 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/12/16 13:28:30 | 000,009,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\lang\gui-eng.dll
MOD - [2011/12/16 13:28:20 | 000,141,640 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
MOD - [2011/09/22 11:29:36 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/08/17 03:07:27 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010/10/10 04:14:56 | 001,380,352 | ---- | M] () -- C:\UnrealTournament\System\UnrealEd.exe
MOD - [2010/10/10 04:14:56 | 000,483,328 | ---- | M] () -- C:\UnrealTournament\System\Window.dll
MOD - [2010/10/10 04:14:56 | 000,389,120 | ---- | M] () -- C:\UnrealTournament\System\SoftDrv.dll
MOD - [2010/10/10 04:14:56 | 000,339,968 | ---- | M] () -- C:\UnrealTournament\System\Galaxy.dll
MOD - [2010/10/10 04:14:56 | 000,237,568 | ---- | M] () -- C:\UnrealTournament\System\Render.dll
MOD - [2010/10/10 04:14:56 | 000,233,472 | ---- | M] () -- C:\UnrealTournament\System\IpDrv.dll
MOD - [2010/10/10 04:14:56 | 000,122,880 | ---- | M] () -- C:\UnrealTournament\System\WinDrv.dll
MOD - [2010/10/10 04:14:56 | 000,045,056 | ---- | M] () -- C:\UnrealTournament\System\UWeb.dll
MOD - [2010/10/10 04:14:54 | 001,789,952 | ---- | M] () -- C:\UnrealTournament\System\Engine.dll
MOD - [2010/10/10 04:14:54 | 001,257,472 | ---- | M] () -- C:\UnrealTournament\System\Editor.dll
MOD - [2010/10/10 04:14:54 | 000,786,432 | ---- | M] () -- C:\UnrealTournament\System\Core.dll
MOD - [2010/10/10 04:14:54 | 000,106,496 | ---- | M] () -- C:\UnrealTournament\System\Fire.dll
MOD - [2006/03/16 16:16:50 | 000,536,576 | ---- | M] () -- C:\Program Files (x86)\GlobalSCAPE\CuteFTP 8 Professional\FileCryptIK.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/23 09:21:52 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/08/05 19:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/12/16 17:44:38 | 000,331,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2011/12/16 13:29:30 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2011/12/16 13:16:36 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011/12/16 13:16:34 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011/11/14 16:52:51 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/10/06 03:58:34 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/09/22 11:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/08/18 00:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/28 08:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/09/11 01:02:22 | 000,399,344 | ---- | M] (Roxio) [Disabled | Stopped] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/16 13:16:34 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2011/12/16 13:16:32 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/05/27 18:05:26 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/04/04 23:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/03/16 15:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/01 13:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/22 07:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/02/10 06:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/01/15 08:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2011/01/07 05:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/11/23 09:53:44 | 007,886,848 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/11/23 08:46:42 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/24 07:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/02 22:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/08/13 05:35:36 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010/08/13 05:35:36 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/07/21 19:57:22 | 001,002,848 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/03/10 07:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/12/22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/08 11:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Program Files (x86)\Roblox\Versions\version-7b3d65c79aa445d1\\NPRobloxProxy.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011/12/22 09:26:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/06 22:22:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/12 21:08:59 | 000,000,000 | ---D | M]

[2011/03/05 08:58:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Extensions
[2012/01/05 07:06:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\8k1x2s55.default\extensions
[2011/12/22 20:00:05 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\8k1x2s55.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011/12/24 01:05:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\8k1x2s55.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/01/12 21:09:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/29 05:30:58 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/01/06 22:22:21 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 00:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/09 06:47:04 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.116.46.115 24.205.192.61 24.205.224.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72FE20F2-D41B-4944-B5AD-86E29B8C574A}: DhcpNameServer = 68.116.46.115 24.205.192.61 24.205.224.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B512CCA8-3A85-44B5-B6D6-79A712A177E7}: DhcpNameServer = 10.2.40.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a601485c-13e0-11e1-954b-6431503ef9de}\Shell - "" = AutoRun
O33 - MountPoints2\{a601485c-13e0-11e1-954b-6431503ef9de}\Shell\AutoRun\command - "" = K:\INSTALL.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/16 05:07:13 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{32CCC455-502D-4CFA-B394-105270E131C6}
[2012/01/16 05:06:48 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{63983058-B7AB-4DD0-A2D0-F28255B1CE13}
[2012/01/16 04:44:55 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\UKBan
[2012/01/16 04:01:51 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\DM-GangOfFrontCity
[2012/01/16 04:00:32 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/15 18:18:53 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Survival
[2012/01/15 14:11:17 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{9B63BBC9-404E-4243-92EB-5E7616CDDCE3}
[2012/01/15 14:10:55 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{75762C07-BACB-4A86-A652-41A034566F45}
[2012/01/14 07:05:49 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\jets redirect
[2012/01/14 05:56:05 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\JetsServer
[2012/01/13 04:45:01 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{38BADA2D-173C-41A0-A2D9-334133E2F5E1}
[2012/01/13 04:44:39 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{48B0BC9C-DF77-40CA-BF41-8F06BB0BECD1}
[2012/01/10 21:41:20 | 000,000,000 | ---D | C] -- C:\Users\Home\New folder (2)
[2012/01/10 21:41:16 | 000,000,000 | ---D | C] -- C:\Users\Home\New folder
[2012/01/10 08:06:28 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Ventrilo
[2012/01/10 08:00:04 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
[2012/01/10 08:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2012/01/10 07:59:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/01/08 14:40:00 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{E0D3FFDA-9E52-4245-B6A4-B580A11FAD64}
[2012/01/08 14:39:38 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{D0921277-EA2B-4775-834D-97D21CBBBCD1}
[2012/01/07 22:58:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/01/06 04:52:29 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{043FDC2E-8F69-465E-8A9B-3FE5E34999AB}
[2012/01/06 04:52:18 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{A8BDA625-C958-428B-A707-FD8ECE0062B6}
[2012/01/01 06:50:45 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{9C093148-0419-434C-A165-AD5C4002172C}
[2012/01/01 06:50:22 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{475FE84B-D648-4D74-B01C-CE311CF3708C}
[2012/01/01 06:47:55 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Gamma
[2012/01/01 06:10:01 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\1workin
[2011/12/29 05:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\hssff
[2011/12/29 05:31:00 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2011/12/29 05:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2011/12/29 05:30:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield
[2011/12/27 06:24:42 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acorp Game Manager v3
[2011/12/27 06:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acorp Game Manager v3
[2011/12/26 14:01:46 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Tor Browser
[2011/12/26 12:14:44 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\server setup
[2011/12/23 23:11:09 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\a1
[2011/12/23 21:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/12/23 03:29:14 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\metroguide8
[2011/12/22 19:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\GARMIN
[2011/12/22 19:49:40 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin
[2011/12/22 19:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/12/22 19:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2011/12/22 19:43:19 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\My Garmin
[2011/12/22 19:43:18 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\GARMIN
[2011/12/22 19:43:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2011/12/22 19:42:38 | 000,000,000 | ---D | C] -- C:\WebUpdater
[2011/12/22 19:41:44 | 000,000,000 | ---D | C] -- C:\Garmin
[2011/12/21 18:44:14 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\rip
[2011/12/20 04:12:54 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{FED7AA47-B612-4E28-AE3C-8F2E04F145D6}
[2011/12/20 04:12:31 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{447F5F3F-F951-45BB-AE26-31BBF641C7CF}
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/16 04:47:12 | 000,061,351 | ---- | M] () -- C:\Users\Home\Desktop\UKBan.zip
[2012/01/16 04:18:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/16 04:02:39 | 035,762,098 | ---- | M] () -- C:\Users\Home\Desktop\DM-GangOfFrontCity.zip
[2012/01/15 19:44:47 | 000,000,132 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012/01/15 18:22:54 | 143,092,720 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/01/15 11:18:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/14 19:08:44 | 000,793,662 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/14 19:08:44 | 000,669,642 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/14 19:08:44 | 000,125,724 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/14 18:22:38 | 000,416,208 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/01/14 04:57:18 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/14 04:57:18 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/14 04:49:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/14 04:49:40 | 2146,914,303 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/13 22:36:39 | 000,001,209 | ---- | M] () -- C:\Users\Home\Desktop\Play Roblox.lnk
[2012/01/10 08:00:06 | 000,000,262 | ---- | M] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012/01/10 08:00:04 | 000,000,919 | ---- | M] () -- C:\Users\Home\Desktop\Ventrilo.lnk
[2012/01/09 14:12:16 | 000,320,090 | ---- | M] () -- C:\Users\Home\Desktop\utrusted_utp.sql
[2012/01/06 22:22:40 | 000,002,058 | ---- | M] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/01/04 20:38:22 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHOME-HP$.job
[2012/01/04 19:14:35 | 000,012,555 | ---- | M] () -- C:\Users\Home\Desktop\UTPv4Source.zip
[2011/12/29 05:33:00 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2011/12/22 02:35:00 | 000,056,910 | ---- | M] () -- C:\Users\Home\UnrealTournament.ini
[2011/12/21 18:59:18 | 000,386,095 | ---- | M] () -- C:\Users\Home\Documents\leo.wrc
[2011/12/20 06:33:09 | 000,010,752 | ---- | M] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/19 06:26:36 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/16 04:47:12 | 000,061,351 | ---- | C] () -- C:\Users\Home\Desktop\UKBan.zip
[2012/01/16 04:02:25 | 035,762,098 | ---- | C] () -- C:\Users\Home\Desktop\DM-GangOfFrontCity.zip
[2012/01/15 03:50:13 | 003,667,817 | ---- | C] () -- C:\Users\Home\Desktop\MH-Toon3D.zip
[2012/01/15 03:45:41 | 002,451,411 | ---- | C] () -- C:\Users\Home\Desktop\DM-MarioUT_Stage1-1.unr
[2012/01/15 03:44:36 | 016,414,125 | ---- | C] () -- C:\Users\Home\Desktop\MH-Lego-VS-Mario-2D&3D.zip
[2012/01/10 08:00:04 | 000,000,919 | ---- | C] () -- C:\Users\Home\Desktop\Ventrilo.lnk
[2012/01/10 08:00:00 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012/01/09 14:12:16 | 000,320,090 | ---- | C] () -- C:\Users\Home\Desktop\utrusted_utp.sql
[2012/01/04 19:14:34 | 000,012,555 | ---- | C] () -- C:\Users\Home\Desktop\UTPv4Source.zip
[2011/12/29 05:33:00 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2011/12/22 02:35:00 | 000,056,910 | ---- | C] () -- C:\Users\Home\UnrealTournament.ini
[2011/12/21 18:44:18 | 000,386,095 | ---- | C] () -- C:\Users\Home\Documents\leo.wrc
[2011/11/20 17:31:34 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\tt_online.dll
[2011/11/20 17:31:34 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\SMIXER.DLL
[2011/11/20 17:31:34 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\tt_aglobal.dll
[2011/11/20 17:31:34 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\SPECTRUM.DLL
[2011/10/20 11:57:34 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\fs_di002.dll
[2011/10/02 06:21:56 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/02 06:21:55 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/22 11:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/19 02:06:15 | 000,004,350 | ---- | C] () -- C:\Users\Home\AppData\Roaming\8198.520
[2011/09/01 15:51:08 | 000,000,416 | ---- | C] () -- C:\Users\Home\AppData\Roaming\.backup.dm
[2011/07/11 06:26:44 | 000,010,752 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/30 03:01:21 | 006,904,040 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/05/28 13:40:35 | 000,000,036 | ---- | C] () -- C:\Users\Home\AppData\Local\housecall.guid.cache
[2011/05/24 05:56:47 | 000,007,608 | ---- | C] () -- C:\Users\Home\AppData\Local\Resmon.ResmonCfg
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/29 18:15:38 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/03/29 18:07:00 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/03/22 06:44:55 | 000,788,252 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/21 18:22:45 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2010/12/15 10:11:17 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/15 09:32:32 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2010/12/15 09:15:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/21 10:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2005/07/12 13:44:42 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\InsDrvZD64.DLL
[2004/03/23 15:38:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\InsDrvZD.dll
[2003/03/14 11:24:00 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ZyDelReg.exe

========== LOP Check ==========

[2012/01/06 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.minecraft
[2011/03/05 09:07:15 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\AVG10
[2011/10/04 20:35:36 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Azureus
[2011/07/19 16:00:40 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Canneverbe Limited
[2011/03/23 05:42:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/10/21 16:57:30 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\cYo
[2011/06/30 03:02:24 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\dBpoweramp
[2011/08/03 11:32:30 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Dropbox
[2011/11/24 00:24:16 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoft
[2011/07/03 22:19:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\FreeFLVConverter
[2012/01/04 03:51:14 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GARMIN
[2011/11/11 06:52:26 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GetRightToGo
[2011/03/07 06:17:32 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GlobalSCAPE
[2011/07/03 22:10:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GrabPro
[2011/04/04 06:31:10 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Helios
[2011/06/23 06:38:55 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\HLSW
[2011/07/19 20:21:33 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\JPEGsnoop
[2011/11/27 14:17:53 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\KompoZer
[2011/06/26 08:19:05 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Miranda
[2011/05/19 04:27:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OpenMPT
[2011/07/03 22:12:17 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Orbit
[2011/07/03 22:10:31 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ProgSense
[2011/09/28 05:13:04 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\QuickScan
[2011/11/22 04:22:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SoftGrid Client
[2011/03/21 18:20:09 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/06/26 05:58:55 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Subversion
[2011/10/02 06:25:19 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SystemRequirementsLab
[2011/03/23 06:57:57 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TP
[2011/12/19 21:47:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TS3Client
[2012/01/12 11:44:20 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\uTorrent
[2011/11/03 11:19:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Web Page Maker
[2011/03/26 15:05:23 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Windows Live Writer
[2009/07/13 21:08:49 | 000,024,130 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:EF6E4E62
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:C40C2DC4
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:76650B61

< End of report >


  • 0

Advertisements


#2
Gammo

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0

#3
gopostal

gopostal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Thanks for replying. I was about to give up but it's cool. I know how much work it can be and I appreciate your time.

I only get one log, and I follow your information exactly:

OTL logfile created on: 1/20/2012 4:44:11 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Home\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 4.67 Gb Available Physical Memory | 58.41% Memory free
16.00 Gb Paging File | 12.75 Gb Available in Paging File | 79.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1383.86 Gb Total Space | 1195.20 Gb Free Space | 86.37% Space Free | Partition Type: NTFS
Drive D: | 13.31 Gb Total Space | 1.64 Gb Free Space | 12.31% Space Free | Partition Type: NTFS
Drive E: | 4.38 Gb Total Space | 0.02 Gb Free Space | 0.42% Space Free | Partition Type: UDF
Drive F: | 298.09 Gb Total Space | 245.11 Gb Free Space | 82.23% Space Free | Partition Type: NTFS
Drive G: | 952.17 Mb Total Space | 952.09 Mb Free Space | 99.99% Space Free | Partition Type: FAT
Drive K: | 7.46 Gb Total Space | 1.66 Gb Free Space | 22.29% Space Free | Partition Type: FAT32

Computer Name: HOME-HP | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/16 05:11:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Downloads\OTL.exe
PRC - [2012/01/06 22:22:21 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/12/16 17:44:38 | 000,331,096 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2011/12/16 13:28:20 | 000,141,640 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
PRC - [2011/12/16 13:16:36 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2011/12/16 13:16:34 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011/10/06 03:58:34 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/09/22 11:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/09/10 05:28:50 | 002,338,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2011/08/18 00:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/28 08:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/08/15 22:24:26 | 003,371,872 | ---- | M] (ConTEXT Project Ltd) -- C:\Program Files (x86)\ConTEXT\ConTEXT.exe
PRC - [2009/04/25 16:37:46 | 000,061,440 | ---- | M] (jz-productions) -- C:\Users\Home\Desktop\UccComp v2.exe
PRC - [2008/04/26 09:17:42 | 001,143,808 | ---- | M] (medium) -- C:\utServerMonitor271\utServerMonitor.exe
PRC - [2007/03/30 15:37:40 | 003,274,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Movie Maker 2.6\MOVIEMK.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/06 22:22:21 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/12/16 13:28:30 | 000,009,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\lang\gui-eng.dll
MOD - [2011/12/16 13:28:20 | 000,141,640 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
MOD - [2011/09/22 11:29:36 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/08/17 03:07:27 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/23 09:21:52 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/08/05 19:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/12/16 17:44:38 | 000,331,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2011/12/16 13:29:30 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2011/12/16 13:16:36 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011/12/16 13:16:34 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011/11/14 16:52:51 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/10/06 03:58:34 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/09/22 11:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/08/18 00:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/28 08:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/09/11 01:02:22 | 000,399,344 | ---- | M] (Roxio) [Disabled | Stopped] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/16 13:16:34 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2011/12/16 13:16:32 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/05/27 18:05:26 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/04/04 23:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/03/16 15:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/01 13:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/22 07:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/02/10 06:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/01/15 08:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2011/01/07 05:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/11/23 09:53:44 | 007,886,848 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/11/23 08:46:42 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/24 07:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/02 22:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/08/13 05:35:36 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010/08/13 05:35:36 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/07/21 19:57:22 | 001,002,848 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/03/10 07:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/12/22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/08 11:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3213102928-3512760173-2800184843-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3213102928-3512760173-2800184843-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3213102928-3512760173-2800184843-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3213102928-3512760173-2800184843-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Program Files (x86)\Roblox\Versions\version-7b3d65c79aa445d1\\NPRobloxProxy.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011/12/22 09:26:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/06 22:22:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/12 21:08:59 | 000,000,000 | ---D | M]

[2011/03/05 08:58:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Extensions
[2012/01/05 07:06:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\8k1x2s55.default\extensions
[2011/12/22 20:00:05 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\8k1x2s55.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011/12/24 01:05:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\8k1x2s55.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/01/12 21:09:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/29 05:30:58 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/01/06 22:22:21 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 00:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/09 06:47:04 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKU\S-1-5-21-3213102928-3512760173-2800184843-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-21-3213102928-3512760173-2800184843-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3213102928-3512760173-2800184843-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.116.46.115 24.205.192.61 24.205.224.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72FE20F2-D41B-4944-B5AD-86E29B8C574A}: DhcpNameServer = 68.116.46.115 24.205.192.61 24.205.224.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B512CCA8-3A85-44B5-B6D6-79A712A177E7}: DhcpNameServer = 10.2.40.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a601485c-13e0-11e1-954b-6431503ef9de}\Shell - "" = AutoRun
O33 - MountPoints2\{a601485c-13e0-11e1-954b-6431503ef9de}\Shell\AutoRun\command - "" = K:\INSTALL.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/19 07:22:30 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{75D74F4A-2B50-4DA2-A22F-4485C446515D}
[2012/01/19 07:22:08 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{5B1037DF-5B7F-43B5-9190-066AAC140527}
[2012/01/19 06:12:03 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\aa
[2012/01/18 22:02:26 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{92665FDB-555A-42F7-BDBD-1163720F190A}
[2012/01/18 22:02:03 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{18FB3D2E-D2BC-4995-BD0E-50ABA8DABCDC}
[2012/01/18 16:43:39 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\sort
[2012/01/18 10:02:27 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{985330B9-5E88-4A89-8557-B07CFDF1385D}
[2012/01/18 10:02:03 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{714B95FA-538F-4A28-B6E2-BD34E68D99B7}
[2012/01/17 19:28:44 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{F2C23C80-D690-489E-A3BD-F75F2A598350}
[2012/01/17 19:28:22 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{469DF624-0A0D-4AD3-AEEF-311790CD2CC2}
[2012/01/17 05:40:12 | 000,000,000 | ---D | C] -- C:\Users\Home\Abbeyskins.u
[2012/01/16 05:07:13 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{32CCC455-502D-4CFA-B394-105270E131C6}
[2012/01/16 05:06:48 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{63983058-B7AB-4DD0-A2D0-F28255B1CE13}
[2012/01/16 04:44:55 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\UKBan
[2012/01/16 04:01:51 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\DM-GangOfFrontCity
[2012/01/16 04:00:32 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/15 18:18:53 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Survival
[2012/01/15 14:11:17 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{9B63BBC9-404E-4243-92EB-5E7616CDDCE3}
[2012/01/15 14:10:55 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{75762C07-BACB-4A86-A652-41A034566F45}
[2012/01/14 07:05:49 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\jets redirect
[2012/01/14 05:56:05 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\JetsServer
[2012/01/13 04:45:01 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{38BADA2D-173C-41A0-A2D9-334133E2F5E1}
[2012/01/13 04:44:39 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{48B0BC9C-DF77-40CA-BF41-8F06BB0BECD1}
[2012/01/10 21:41:20 | 000,000,000 | ---D | C] -- C:\Users\Home\New folder (2)
[2012/01/10 21:41:16 | 000,000,000 | ---D | C] -- C:\Users\Home\New folder
[2012/01/10 08:06:28 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Ventrilo
[2012/01/10 08:00:04 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
[2012/01/10 08:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2012/01/10 07:59:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/01/08 14:40:00 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{E0D3FFDA-9E52-4245-B6A4-B580A11FAD64}
[2012/01/08 14:39:38 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{D0921277-EA2B-4775-834D-97D21CBBBCD1}
[2012/01/07 22:58:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/01/06 04:52:29 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{043FDC2E-8F69-465E-8A9B-3FE5E34999AB}
[2012/01/06 04:52:18 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{A8BDA625-C958-428B-A707-FD8ECE0062B6}
[2012/01/01 06:50:45 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{9C093148-0419-434C-A165-AD5C4002172C}
[2012/01/01 06:50:22 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{475FE84B-D648-4D74-B01C-CE311CF3708C}
[2012/01/01 06:47:55 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Gamma
[2012/01/01 06:10:01 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\1workin
[2011/12/29 05:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\hssff
[2011/12/29 05:31:00 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2011/12/29 05:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2011/12/29 05:30:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield
[2011/12/27 06:24:42 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acorp Game Manager v3
[2011/12/27 06:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acorp Game Manager v3
[2011/12/26 14:01:46 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Tor Browser
[2011/12/26 12:14:44 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\server setup
[2011/12/23 23:11:09 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\a1
[2011/12/23 21:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/12/23 03:29:14 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\metroguide8
[2011/12/22 19:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\GARMIN
[2011/12/22 19:49:40 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin
[2011/12/22 19:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/12/22 19:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2011/12/22 19:43:19 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\My Garmin
[2011/12/22 19:43:18 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\GARMIN
[2011/12/22 19:43:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2011/12/22 19:42:38 | 000,000,000 | ---D | C] -- C:\WebUpdater
[2011/12/22 19:41:44 | 000,000,000 | ---D | C] -- C:\Garmin
[2011/12/21 18:44:14 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\rip
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/20 04:26:51 | 019,116,187 | ---- | M] () -- C:\Users\Home\Desktop\Bludger.wmv
[2012/01/20 04:18:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/20 04:17:17 | 000,011,264 | ---- | M] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/19 18:16:49 | 087,064,782 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/01/19 11:18:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/19 05:16:33 | 000,793,662 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/19 05:16:33 | 000,669,642 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/19 05:16:33 | 000,125,724 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/18 18:16:28 | 000,423,732 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/01/18 17:38:25 | 003,757,592 | ---- | M] () -- C:\Users\Home\Desktop\SpooneyMod.zip
[2012/01/18 16:49:25 | 023,776,709 | ---- | M] () -- C:\Users\Home\Desktop\CapeArago.wmv
[2012/01/18 09:54:09 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 09:54:09 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 09:46:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/18 09:46:40 | 2146,914,303 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/18 05:46:34 | 000,000,126 | ---- | M] () -- C:\Users\Home\Desktop\SS_18v3.ini
[2012/01/18 05:41:51 | 000,008,551 | ---- | M] () -- C:\Users\Home\Desktop\SS_18v3_MapsDB.ini
[2012/01/17 16:37:56 | 000,001,060 | ---- | M] () -- C:\Users\Home\Desktop\localhost.crt
[2012/01/17 06:15:50 | 001,052,204 | ---- | M] () -- C:\Users\Home\Desktop\DM-Quidditchv2.zip
[2012/01/17 06:07:45 | 003,764,627 | ---- | M] () -- C:\Users\Home\Desktop\SS_18v3_DM_DB.ini
[2012/01/16 17:12:17 | 000,278,869 | ---- | M] () -- C:\Users\Home\Desktop\Untitled.wma
[2012/01/16 16:23:12 | 000,028,220 | ---- | M] () -- C:\Users\Home\Desktop\globalstats.u
[2012/01/16 14:57:03 | 004,053,491 | ---- | M] () -- C:\Users\Home\Desktop\spooney.zip
[2012/01/16 13:59:03 | 000,000,132 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012/01/16 13:53:45 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/16 04:47:12 | 000,061,351 | ---- | M] () -- C:\Users\Home\Desktop\UKBan.zip
[2012/01/16 04:02:39 | 035,762,098 | ---- | M] () -- C:\Users\Home\Desktop\DM-GangOfFrontCity.zip
[2012/01/15 09:54:50 | 037,285,680 | ---- | M] () -- C:\Users\Home\Desktop\DSCN1245.AVI
[2012/01/13 22:36:39 | 000,001,209 | ---- | M] () -- C:\Users\Home\Desktop\Play Roblox.lnk
[2012/01/10 08:00:06 | 000,000,262 | ---- | M] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012/01/10 08:00:04 | 000,000,919 | ---- | M] () -- C:\Users\Home\Desktop\Ventrilo.lnk
[2012/01/09 14:12:16 | 000,320,090 | ---- | M] () -- C:\Users\Home\Desktop\utrusted_utp.sql
[2012/01/06 22:22:40 | 000,002,058 | ---- | M] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/01/04 20:38:22 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHOME-HP$.job
[2012/01/04 19:14:35 | 000,012,555 | ---- | M] () -- C:\Users\Home\Desktop\UTPv4Source.zip
[2011/12/29 05:33:00 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2011/12/28 14:48:28 | 001,297,595 | ---- | M] () -- C:\Users\Home\Desktop\SPN_RifleV1.u
[2011/12/22 02:35:00 | 000,056,910 | ---- | M] () -- C:\Users\Home\UnrealTournament.ini
[2011/12/21 18:59:18 | 000,386,095 | ---- | M] () -- C:\Users\Home\Documents\leo.wrc
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/20 04:24:48 | 019,116,187 | ---- | C] () -- C:\Users\Home\Desktop\Bludger.wmv
[2012/01/18 17:38:24 | 003,757,592 | ---- | C] () -- C:\Users\Home\Desktop\SpooneyMod.zip
[2012/01/18 16:49:07 | 023,776,709 | ---- | C] () -- C:\Users\Home\Desktop\CapeArago.wmv
[2012/01/18 16:43:54 | 037,285,680 | ---- | C] () -- C:\Users\Home\Desktop\DSCN1245.AVI
[2012/01/17 16:37:56 | 000,001,060 | ---- | C] () -- C:\Users\Home\Desktop\localhost.crt
[2012/01/17 06:15:50 | 001,052,204 | ---- | C] () -- C:\Users\Home\Desktop\DM-Quidditchv2.zip
[2012/01/16 17:12:17 | 000,278,869 | ---- | C] () -- C:\Users\Home\Desktop\Untitled.wma
[2012/01/16 16:23:12 | 000,028,220 | ---- | C] () -- C:\Users\Home\Desktop\globalstats.u
[2012/01/16 14:57:03 | 004,053,491 | ---- | C] () -- C:\Users\Home\Desktop\spooney.zip
[2012/01/16 04:47:12 | 000,061,351 | ---- | C] () -- C:\Users\Home\Desktop\UKBan.zip
[2012/01/16 04:02:25 | 035,762,098 | ---- | C] () -- C:\Users\Home\Desktop\DM-GangOfFrontCity.zip
[2012/01/15 03:45:41 | 002,451,411 | ---- | C] () -- C:\Users\Home\Desktop\DM-MarioUT_Stage1-1.unr
[2012/01/10 08:00:04 | 000,000,919 | ---- | C] () -- C:\Users\Home\Desktop\Ventrilo.lnk
[2012/01/10 08:00:00 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012/01/09 14:12:16 | 000,320,090 | ---- | C] () -- C:\Users\Home\Desktop\utrusted_utp.sql
[2012/01/06 20:12:17 | 001,297,595 | ---- | C] () -- C:\Users\Home\Desktop\SPN_RifleV1.u
[2012/01/04 19:14:34 | 000,012,555 | ---- | C] () -- C:\Users\Home\Desktop\UTPv4Source.zip
[2011/12/29 05:33:00 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2011/12/22 02:35:00 | 000,056,910 | ---- | C] () -- C:\Users\Home\UnrealTournament.ini
[2011/12/21 18:44:18 | 000,386,095 | ---- | C] () -- C:\Users\Home\Documents\leo.wrc
[2011/11/20 17:31:34 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\tt_online.dll
[2011/11/20 17:31:34 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\SMIXER.DLL
[2011/11/20 17:31:34 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\tt_aglobal.dll
[2011/11/20 17:31:34 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\SPECTRUM.DLL
[2011/10/20 11:57:34 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\fs_di002.dll
[2011/10/02 06:21:56 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/02 06:21:55 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/22 11:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/19 02:06:15 | 000,004,350 | ---- | C] () -- C:\Users\Home\AppData\Roaming\8198.520
[2011/09/01 15:51:08 | 000,000,416 | ---- | C] () -- C:\Users\Home\AppData\Roaming\.backup.dm
[2011/07/11 06:26:44 | 000,011,264 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/30 03:01:21 | 006,904,040 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/05/28 13:40:35 | 000,000,036 | ---- | C] () -- C:\Users\Home\AppData\Local\housecall.guid.cache
[2011/05/24 05:56:47 | 000,007,608 | ---- | C] () -- C:\Users\Home\AppData\Local\Resmon.ResmonCfg
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/29 18:15:38 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/03/29 18:07:00 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/03/22 06:44:55 | 000,788,252 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/21 18:22:45 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2010/12/15 10:11:17 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/15 09:32:32 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2010/12/15 09:15:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/21 10:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2005/07/12 13:44:42 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\InsDrvZD64.DLL
[2004/03/23 15:38:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\InsDrvZD.dll
[2003/03/14 11:24:00 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ZyDelReg.exe

========== LOP Check ==========

[2012/01/06 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.minecraft
[2011/03/05 09:07:15 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\AVG10
[2011/10/04 20:35:36 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Azureus
[2011/07/19 16:00:40 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Canneverbe Limited
[2011/03/23 05:42:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/10/21 16:57:30 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\cYo
[2011/06/30 03:02:24 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\dBpoweramp
[2011/08/03 11:32:30 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Dropbox
[2011/11/24 00:24:16 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoft
[2011/07/03 22:19:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\FreeFLVConverter
[2012/01/04 03:51:14 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GARMIN
[2011/11/11 06:52:26 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GetRightToGo
[2011/03/07 06:17:32 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GlobalSCAPE
[2011/07/03 22:10:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GrabPro
[2011/04/04 06:31:10 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Helios
[2011/06/23 06:38:55 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\HLSW
[2011/07/19 20:21:33 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\JPEGsnoop
[2011/11/27 14:17:53 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\KompoZer
[2011/06/26 08:19:05 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Miranda
[2011/05/19 04:27:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OpenMPT
[2011/07/03 22:12:17 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Orbit
[2011/07/03 22:10:31 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ProgSense
[2011/09/28 05:13:04 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\QuickScan
[2011/11/22 04:22:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SoftGrid Client
[2011/03/21 18:20:09 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/06/26 05:58:55 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Subversion
[2011/10/02 06:25:19 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SystemRequirementsLab
[2011/03/23 06:57:57 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TP
[2011/12/19 21:47:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TS3Client
[2012/01/12 11:44:20 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\uTorrent
[2011/11/03 11:19:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Web Page Maker
[2011/03/26 15:05:23 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Windows Live Writer
[2009/07/13 21:08:49 | 000,024,380 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:EF6E4E62
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:C40C2DC4
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:76650B61

< End of report >
  • 0

#4
Gammo

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
I don't see any malicious items in your log, but let's dig a little bit deeper just to be sure.

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the ComboFix log in your next reply as well as describe how your computer is running now





Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

If you're asked whether you want to download the latest Avast virus definitions, choose "Yes".

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP