Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

computer stuck on FBI moneypak virus screen [Solved]

Started by Maya_k , Jul 30 2012 08:02 PM

  • This topic is locked This topic is locked

#151
Essexboy
Posted 07 September 2012 - 12:27 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Installer means that the copy is installed on your system, so if you need to use it again it is there for you
Portable means it will not install and is standalone so once you are finished just delete it from the desktop

So once this is done we can then send you away happy :)

The part I am trying to fix at the moment is windows firewall, just for info
  • 0

Advertisements

#152
Maya_k
Posted 07 September 2012 - 12:28 PM

Maya_k

    Member

  • Topic Starter
  • Member
  • PipPip
  • 85 posts
Oh got it. Thanks!
Here is the log from the quick scan:
OTL logfile created on: 9/7/2012 1:15:22 PM - Run 2
OTL by OldTimer - Version 3.2.61.0 Folder = C:\Users\AFSHEEN KHAN\Documents\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.93 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 48.60% Memory free
6.07 Gb Paging File | 4.18 Gb Available in Paging File | 68.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 291.70 Gb Total Space | 61.12 Gb Free Space | 20.95% Space Free | Partition Type: NTFS
Drive E: | 3.74 Gb Total Space | 1.07 Gb Free Space | 28.76% Space Free | Partition Type: FAT32

Computer Name: AFSHEENKHAN-PC | User Name: AFSHEEN KHAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/07 10:42:33 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/09/06 10:54:02 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\AFSHEEN KHAN\Documents\Downloads\OTL.exe
PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/02 10:25:14 | 002,232,504 | ---- | M] (Giraffic) -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe
PRC - [2012/07/02 10:24:54 | 003,790,504 | ---- | M] (Giraffic) -- C:\Program Files\Giraffic\Veoh_Giraffic.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/11/29 21:58:56 | 000,021,392 | ---- | M] () -- C:\Program Files\SAMSUNG\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/11/29 21:58:46 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe
PRC - [2011/09/15 13:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011/08/12 20:32:39 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/07/19 17:42:16 | 000,866,576 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2010/07/19 17:23:28 | 000,477,456 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2010/03/27 08:35:32 | 001,146,880 | ---- | M] (www.IslamicFinder.org) -- C:\Program Files\Athan\Athan.exe
PRC - [2010/02/05 16:19:46 | 000,065,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
PRC - [2010/02/05 16:19:44 | 001,141,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\winss.exe
PRC - [2010/02/05 16:19:42 | 000,026,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/07/11 00:10:44 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008/07/11 00:10:44 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008/07/09 17:05:22 | 000,018,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
PRC - [2008/06/23 15:22:58 | 000,040,960 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
PRC - [2008/06/23 15:22:58 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
PRC - [2008/06/13 04:00:20 | 002,058,776 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
PRC - [2008/06/13 03:59:57 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\LMS.exe
PRC - [2008/06/02 15:37:52 | 000,094,208 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWi.exe
PRC - [2008/06/02 15:37:52 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
PRC - [2008/06/02 15:37:50 | 000,065,536 | ---- | M] (Sony Electronics, Inc.) -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
PRC - [2008/05/27 19:57:02 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2008/05/27 19:57:02 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe
PRC - [2008/04/03 22:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2008/04/03 15:59:12 | 000,045,056 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\upeksvr.exe
PRC - [2008/04/03 15:42:54 | 000,053,512 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\psqltray.exe
PRC - [2008/03/31 16:25:04 | 000,059,232 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\USB Access Restriction Setting\USB Access Restriction.exe
PRC - [2008/01/22 20:16:14 | 000,550,752 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2008/01/11 20:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/11/12 23:59:54 | 000,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2007/10/30 13:04:08 | 001,804,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007/10/30 13:04:08 | 000,748,072 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/07 10:42:32 | 002,242,528 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/09/06 14:02:41 | 000,115,137 | ---- | M] () -- C:\Users\AFSHEEN KHAN\AppData\Local\Temp\8aefdf3f-82dc-462e-be91-2ca1c43911cf\CliSecureRT.dll
MOD - [2012/06/13 03:37:41 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012/06/13 03:35:42 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/06/13 03:35:35 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/06/13 03:35:23 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll
MOD - [2012/06/13 03:34:57 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll
MOD - [2012/06/13 03:11:59 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/13 03:06:03 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012/06/13 03:05:50 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012/06/13 03:05:38 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012/06/13 03:05:36 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/05/13 01:35:37 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\75df548d77c2833a48c5da51424c93f1\System.IdentityModel.Selectors.ni.dll
MOD - [2012/05/13 01:35:36 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\32983e3f4c5c20053e6673f37a58a874\System.IdentityModel.ni.dll
MOD - [2012/05/13 01:35:34 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll
MOD - [2012/05/13 01:35:32 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\521fb04fdfbb0039a34cc91111d11804\SMDiagnostics.ni.dll
MOD - [2012/05/13 01:35:30 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1dac5ff29f483e19c77b23b00ba533f9\System.ServiceModel.ni.dll
MOD - [2012/05/12 13:11:30 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/12 13:11:12 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/05/12 13:11:07 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012/05/12 13:09:40 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/12 13:09:01 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll
MOD - [2012/05/12 13:08:37 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012/05/12 13:08:34 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/12 13:08:28 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/05/11 03:50:08 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
MOD - [2012/05/11 03:15:51 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 03:15:29 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/05/11 03:12:21 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
MOD - [2012/05/11 03:06:34 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/05/11 03:06:22 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/05/11 03:06:17 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/11 03:06:09 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/04/23 06:01:12 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/03/22 06:02:38 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/01/03 05:58:08 | 003,186,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/11/29 21:58:56 | 000,021,392 | ---- | M] () -- C:\Program Files\SAMSUNG\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/21 09:54:34 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010/03/08 14:08:28 | 000,282,697 | ---- | M] () -- C:\Program Files\Athan\vbp.dll
MOD - [2009/03/29 23:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2009/03/29 23:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2008/07/31 14:14:08 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.0.0.4140__1b3c579b6925895f\SPMDam.dll
MOD - [2008/07/31 14:14:07 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.0.0.4140__e3c7096ba83f9295\SPMCommon.dll
MOD - [2008/06/23 15:22:58 | 000,040,960 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
MOD - [2008/06/23 15:22:58 | 000,040,960 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
MOD - [2008/06/23 15:22:58 | 000,036,864 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
MOD - [2008/06/23 15:22:58 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
MOD - [2008/06/23 15:22:58 | 000,024,576 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
MOD - [2008/06/23 15:22:58 | 000,024,576 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
MOD - [2008/06/23 15:22:58 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
MOD - [2008/06/23 15:22:58 | 000,016,384 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
MOD - [2008/06/23 15:22:58 | 000,016,384 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
MOD - [2008/06/02 15:37:52 | 000,094,208 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWi.exe
MOD - [2008/06/02 15:37:52 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
MOD - [2008/06/02 15:37:50 | 000,024,576 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWBTH.dll
MOD - [2008/06/02 15:37:50 | 000,016,384 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWDEV.dll
MOD - [2008/06/02 15:37:48 | 000,053,248 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWLAN.dll
MOD - [2008/06/02 15:37:48 | 000,036,864 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWTSK.dll
MOD - [2008/06/02 15:37:48 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWSET.dll
MOD - [2008/06/02 15:37:42 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SharedInterfaces.dll
MOD - [2008/06/02 15:37:42 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWCommon.dll
MOD - [2008/06/02 15:37:42 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\DebugMsg.dll
MOD - [2008/06/02 15:37:42 | 000,016,384 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
MOD - [2008/06/02 15:37:40 | 000,118,784 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SonyCommonLib.dll
MOD - [2008/04/17 04:00:02 | 000,016,384 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWGadgetInterface.dll
MOD - [2008/04/17 03:59:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\MessageXML.dll
MOD - [2008/04/17 03:59:52 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Resources.dll
MOD - [2008/04/17 03:59:50 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\DictionaryLookup.dll
MOD - [2007/10/30 12:57:58 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007/10/30 12:44:52 | 000,393,216 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
MOD - [2004/12/25 05:37:22 | 000,258,121 | ---- | M] () -- C:\Program Files\Athan\vbh.dll
MOD - [2004/03/20 07:49:40 | 000,229,444 | ---- | M] () -- C:\Program Files\Athan\vbq.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - File not found [Auto | Stopped] -- C:\Windows\system32\FastUserSwitchingCompatibilityex.dll -- (FastUserSwitchingCompatibility)
SRV - [2012/09/07 10:42:32 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/05 17:43:01 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/07/02 10:25:14 | 002,232,504 | ---- | M] (Giraffic) [Auto | Running] -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)
SRV - [2011/09/15 13:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/07/19 17:42:16 | 000,866,576 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2010/07/19 17:23:28 | 000,477,456 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/05 16:19:44 | 001,141,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Windows OneCare Live\winss.exe -- (winss)
SRV - [2010/02/05 16:19:42 | 000,026,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe -- (OcHealthMon)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/07/11 00:10:44 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008/07/09 17:05:22 | 000,018,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe -- (OneCareMP)
SRV - [2008/06/13 04:00:20 | 002,058,776 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS)
SRV - [2008/06/13 03:59:57 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS)
SRV - [2008/05/27 19:57:02 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008/03/31 16:25:04 | 000,059,232 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\USB Access Restriction Setting\USB Access Restriction.exe -- (USB Access Restriction)
SRV - [2008/01/20 21:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/11 20:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/11/27 22:45:02 | 000,869,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe -- (msfwsvc)
SRV - [2007/11/12 23:59:54 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/24 10:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\NETw5v32.sys -- (NETw5v32)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\anvsoftf2v.sys -- (anvsoftf2v)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/11/29 17:38:04 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011/10/26 20:25:54 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2011/10/26 20:25:54 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2011/10/26 20:25:54 | 000,078,136 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/10/26 20:25:52 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011/10/26 20:25:52 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2011/10/26 20:25:52 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2011/10/26 20:25:52 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011/06/23 14:32:44 | 000,020,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV - [2010/07/14 04:34:16 | 006,680,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNv32.sys -- (NETwNv32)
DRV - [2010/06/23 11:23:46 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2009/12/18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/10/27 02:28:48 | 000,160,400 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTUMWVsp.sys -- (PTUMWVsp)
DRV - [2009/10/27 02:28:36 | 000,115,216 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTUMWNET.sys -- (PTUMWNET)
DRV - [2009/10/27 02:28:30 | 000,160,400 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTUMWMdm.sys -- (PTUMWMdm)
DRV - [2009/10/27 02:28:24 | 000,012,048 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTUMWFLT.sys -- (PTUMWFLT)
DRV - [2009/10/27 02:28:12 | 000,022,032 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTUMWCDF.sys -- (PTUMWCDF)
DRV - [2009/10/27 02:28:02 | 000,054,544 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTUMWBus.sys -- (PTUMWBus)
DRV - [2009/04/24 17:39:22 | 000,022,656 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2009/04/24 17:39:20 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/03/27 01:16:28 | 000,012,672 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz132_x32.sys -- (cpuz132)
DRV - [2009/01/24 02:37:20 | 000,103,424 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HtcVComV32.sys -- (HtcVCom32)
DRV - [2008/04/29 07:03:19 | 000,046,592 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008/04/28 07:08:38 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress)
DRV - [2008/04/22 17:43:36 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008/04/14 08:08:44 | 000,068,096 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/01/24 09:27:38 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/01/20 21:23:51 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007/12/16 21:45:48 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007/11/27 22:45:00 | 000,091,200 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\msfwdrv.sys -- (MSFWDrv)
DRV - [2007/11/27 22:44:54 | 000,037,440 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\msfwhlpr.sys -- (MSFWHLPR)
DRV - [2007/10/09 07:19:55 | 000,021,408 | ---- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\shpf.sys -- (shpf)
DRV - [2007/05/24 19:36:21 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/17 23:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\SearchScopes\{0B4B8EF6-1D53-446B-96E8-5D5E8B285225}: "URL" = http://slirsredirect...y={searchTerms}
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...2B-C596E238AD93
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADFA_en
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....pr&d=2012-07-26 00:36:47&v=12.1.0.21&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}:1.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.1
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\AFSHEEN KHAN\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\AFSHEEN KHAN\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\AFSHEEN KHAN\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\AFSHEEN KHAN\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Cricket Broadband Connect\Bytemobile\addon\ [2012/09/05 17:41:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012/09/05 17:39:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/09/05 17:42:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/09/05 17:41:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/07 10:42:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/05 16:22:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/07 10:42:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/05 16:22:14 | 000,000,000 | ---D | M]

[2010/07/11 22:58:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Mozilla\Extensions
[2012/07/04 12:37:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Mozilla\Firefox\Profiles\x3dpi6oh.default\extensions
[2012/09/05 17:42:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Mozilla\Firefox\Profiles\x3dpi6oh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/09/05 17:42:33 | 000,000,000 | ---D | M] (Veehd Plugin) -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Mozilla\Firefox\Profiles\x3dpi6oh.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}
[2012/04/27 23:12:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/05 17:41:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/07 10:42:34 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/03/27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npContribute.dll
[2012/04/06 12:58:56 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/07/26 00:36:12 | 000,003,750 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/09/07 10:42:31 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/07 10:42:31 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\AFSHEEN KHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Adobe Contribute CS5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npContribute.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\AFSHEEN KHAN\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\AFSHEEN KHAN\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\AFSHEEN KHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\AFSHEEN KHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: We-Care Reminder = C:\Users\AFSHEEN KHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.25_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\AFSHEEN KHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\AFSHEEN KHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: BitTorrentBar = C:\Users\AFSHEEN KHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.15.10_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\AFSHEEN KHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\AFSHEEN KHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/06 13:00:20 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (no name) - {11111111-1111-1111-1111-110011501160} - No CLSID value found.
O2 - BHO: (no name) - {21608B66-026F-4DCB-9244-0DACA328DCED} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (VideoFileDownload) - {47CEEE9C-3B9B-492C-95CA-1AC3A99D154C} - C:\Program Files\OApps\bho_project.dll (VideoFileDownload)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\Toolbar\WebBrowser: (no name) - {1921F97A-D9D4-418D-97CF-1F2CB1EE2CD6} - No CLSID value found.
O3 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Athan] C:\Program Files\Athan\Athan.exe (www.IslamicFinder.org)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OneCareUI] C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe (Microsoft Corporation)
O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VAIO Help and Support Demo] C:\Program Files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe ()
O4 - HKLM..\Run: [VWLASU] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe (Sony Electronics, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003..\Run: [KiesPDLR] C:\Program Files\SAMSUNG\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} Reg Error: Value error. (Microsoft Office Template and Media Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36F78B4E-AAF9-42E8-A0AB-AE99B8AE2D89}: DhcpNameServer = 192.168.43.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB107EE1-7DFA-4692-97C3-50198513D960}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD4BDE7C-15C0-41B5-A334-C999ABD104CD}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\psfus: DllName - (C:\Windows\system32\psqlpwd.dll) - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img4.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img4.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{004274da-c91f-11df-b594-001e3df2f74f}\Shell\AutoRun\command - "" = G:\setupSNK.exe
O33 - MountPoints2\{004274dd-c91f-11df-b594-001e3df2f74f}\Shell - "" = AutoRun
O33 - MountPoints2\{004274dd-c91f-11df-b594-001e3df2f74f}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{3e633ad9-b3ec-11df-86d9-001e3df2f74f}\Shell - "" = AutoRun
O33 - MountPoints2\{3e633ad9-b3ec-11df-86d9-001e3df2f74f}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{40fd63fd-9852-11df-97ed-001dbafc44e0}\Shell - "" = AutoRun
O33 - MountPoints2\{40fd63fd-9852-11df-97ed-001dbafc44e0}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{735f8dbe-a584-11df-9f9b-001e3df2f74f}\Shell - "" = AutoRun
O33 - MountPoints2\{735f8dbe-a584-11df-9f9b-001e3df2f74f}\Shell\AutoRun\command - "" = G:\Start.exe
O33 - MountPoints2\{735f8dbe-a584-11df-9f9b-001e3df2f74f}\Shell\menu1\command - "" = G:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/07 11:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/07 11:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/09/07 10:38:05 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{7EA35D0E-28A9-4A81-84B1-710924E86C35}
[2012/09/06 15:29:09 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/09/06 14:40:56 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\ImgBurn
[2012/09/06 14:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2012/09/06 14:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2012/09/06 13:00:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/06 10:44:58 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{9DA6C90C-EA4A-4242-9237-8FE182666D27}
[2012/09/05 16:15:40 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{266CE196-CC36-4A12-B8C9-D960A7D5E36E}
[2012/09/05 15:53:02 | 000,000,000 | -H-D | C] -- C:\Windows\Application Data
[2012/09/05 15:53:01 | 000,000,000 | ---D | C] -- C:\HTC
[2012/09/04 00:33:34 | 000,000,000 | ---D | C] -- C:\FRST
[2012/08/26 13:33:03 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{F8FB9F80-BCE1-4110-A67E-884F9C2A21D9}
[2012/08/26 11:55:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight(20166)
[2012/08/26 01:17:37 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{32BE119F-92C0-47B5-B108-7AF5E9B76A0D}
[2012/08/26 00:57:51 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\Documents\BatmanBeginsAllLanguages
[2012/08/26 00:54:14 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\Documents\A.Reham Sudais + Urdu Translation 2.1 GB
[2012/08/26 00:50:45 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\Documents\Batman.Begins.2005.720p.BluRay.DTS.x264-ESiR [PublicHD]
[2012/08/25 23:02:51 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{2CF69A43-AA04-49BF-88F9-776447113F55}
[2012/08/24 12:55:37 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{9EE67DB5-CB89-4725-998F-F1001F99E4F1}
[2012/08/24 00:23:45 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{67930A5B-DA90-13E6-12CD-D566F2A4AE3E}
[2012/08/23 15:24:33 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{78977124-8428-5D2A-0C81-D825EC4EB62D}
[2012/08/23 13:39:54 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{A84F220C-F631-0CC7-F8FF-2079D8D5A6B4}
[2012/08/23 13:11:39 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{66A564E9-DF55-407A-8DDB-4F35CEAB2DB3}
[2012/08/22 19:38:09 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{95503354-C031-4499-A3FF-95BB1AA199EF}
[2012/08/22 16:42:40 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{5728EEBD-5C83-41E5-8015-998F936082FA}
[2012/08/21 22:37:37 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{80E0AF51-BB4E-42D2-95F3-9892BAB2F1D5}
[2012/08/21 03:02:02 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{D2AD190F-5AC9-4C0C-8459-F79D227C6B4A}
[2012/08/17 18:56:46 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{77DB4F6D-96E2-43A5-AE15-066717451B1A}
[2012/08/17 18:56:11 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{2DF3CE21-19E1-4B5F-A1CB-35CF1A37D2EF}
[2012/08/16 12:09:59 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{115A89D5-FEB4-495B-8D29-1F870C6C388E}
[2012/08/16 12:09:21 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{A1A997FB-6B34-4113-AEE0-914619D53BB0}
[2012/08/14 12:03:31 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{ED060A17-67AC-4602-A0C4-1B3AE0C0D5F4}
[2012/08/14 12:02:55 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{8B1FD8BD-3958-4FFE-96F5-D98736C6F95F}
[2012/08/12 15:26:50 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{89F0B8D8-83A5-4406-A44D-E96095C75930}
[2012/08/12 15:26:11 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{3855079B-F2B0-4517-90B9-BF52FA29742D}
[2012/08/11 13:38:24 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{049966C3-A8A9-4216-85BF-103D45D87EB3}
[2012/08/11 13:37:26 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{3601E2C7-06F1-431E-B316-14DF225DE662}
[2012/08/10 02:29:33 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{DAF11C1E-ABBB-F52E-2427-D20D0408BB92}
[2012/08/10 01:07:28 | 000,000,000 | R--D | C] -- C:\Users\AFSHEEN KHAN\Dropbox
[2012/08/10 01:05:25 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/08/10 01:02:55 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Dropbox
[2012/08/09 17:50:30 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{076B2363-4C75-49F2-9A3D-195A6D0296E4}
[2012/08/09 17:49:56 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{6025605F-19CF-4C9E-B93F-A1235AAFB20B}
[2012/08/08 22:07:52 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{F17F1C53-F7AE-47CB-9D96-1815496BD1FA}
[2012/08/08 22:07:21 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{5ABB6E50-104F-4D77-A77C-CE4B55EE33A6}
[2012/08/08 15:04:18 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Local\{BBAB8E51-E2A3-40F1-8FBA-DF426F7D40EC}
[2010/08/13 22:59:47 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeAB79.dll
[1 C:\Users\AFSHEEN KHAN\Documents\*.tmp files -> C:\Users\AFSHEEN KHAN\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/07 13:22:26 | 000,346,950 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\SharedAccess.reg
[2012/09/07 13:22:08 | 000,006,336 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\WinDefend.reg
[2012/09/07 13:21:46 | 000,006,288 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\BITS.reg
[2012/09/07 13:21:26 | 000,006,176 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\wuauserv.reg
[2012/09/07 13:21:00 | 000,005,256 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\wscsvc.reg
[2012/09/07 13:20:40 | 000,158,116 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\BFE.reg
[2012/09/07 13:20:16 | 000,006,846 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\MpsSvc.reg
[2012/09/07 13:01:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/07 12:53:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1340476193-1627373412-1124528107-1003UA.job
[2012/09/07 12:48:48 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/07 12:46:52 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/07 12:46:52 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/07 12:46:39 | 003,753,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/09/07 12:45:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/07 12:44:16 | 3149,901,824 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/07 11:53:15 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/09/07 11:42:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/06 18:53:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1340476193-1627373412-1124528107-1003Core.job
[2012/09/06 14:40:37 | 000,001,674 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2012/09/06 14:40:37 | 000,001,650 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2012/09/06 13:00:20 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/09/06 10:46:07 | 000,667,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/06 10:46:06 | 000,127,622 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/05 15:50:46 | 000,137,216 | ---- | M] () -- C:\Users\AFSHEEN KHAN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/05 15:47:09 | 148,029,187 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/28 21:38:58 | 000,310,374 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Scr_sht_3.jpg
[2012/08/28 21:38:14 | 000,307,052 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Scr_sht_2.jpg
[2012/08/28 21:37:29 | 000,294,331 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Scr_sht_1.jpg
[2012/08/27 15:07:59 | 000,001,356 | ---- | M] () -- C:\Users\AFSHEEN KHAN\AppData\Local\d3d9caps.dat
[2012/08/26 13:40:26 | 007,805,548 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\FreeVector-Ants-Vector.zip
[2012/08/26 13:40:11 | 015,339,346 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\outdoor_travel_theme_icon_vector_153217.zip
[2012/08/21 03:53:02 | 000,065,835 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\mehndi-design-8.jpg
[2012/08/20 15:58:36 | 000,023,654 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\400549_10151035020968127_1726734149_n.jpg
[2012/08/20 15:01:05 | 000,129,392 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\Eid-mehndi-designs-2012.jpg
[2012/08/20 14:14:54 | 000,237,002 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\1341829880_412078242_1-Pictures-of--Mehndi-Designs-2012.jpg.gif
[2012/08/11 15:47:18 | 117,117,376 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\BBQ_Invitation_1.avi
[2012/08/10 03:43:14 | 036,556,435 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\Serenity-Podcast-Overcoming-Hardships.mp3
[2012/08/10 03:30:06 | 052,143,193 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\anger-management.mp3
[2012/08/09 23:42:27 | 000,055,790 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\56gRY.jpg
[2012/08/09 23:42:11 | 000,080,571 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\Kamdani-Collection-2010-8.jpg
[2012/08/09 19:53:07 | 000,481,252 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\Untitled.png
[2012/08/09 00:27:10 | 001,560,670 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\Tickets.ai
[2012/08/08 18:20:19 | 003,585,527 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\dinner flyer.ai
[2012/08/08 17:52:09 | 003,941,299 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\Final_Poster.jpg.dwg
[2012/08/08 15:27:39 | 000,120,943 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\label.jpg
[2012/08/08 15:27:31 | 001,422,193 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\label.ai
[1 C:\Users\AFSHEEN KHAN\Documents\*.tmp files -> C:\Users\AFSHEEN KHAN\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/07 10:29:50 | 000,346,950 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\SharedAccess.reg
[2012/09/07 10:29:50 | 000,158,116 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\BFE.reg
[2012/09/07 10:29:50 | 000,006,846 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\MpsSvc.reg
[2012/09/07 10:29:50 | 000,006,336 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\WinDefend.reg
[2012/09/07 10:29:50 | 000,006,288 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\BITS.reg
[2012/09/07 10:29:50 | 000,006,176 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\wuauserv.reg
[2012/09/07 10:29:50 | 000,005,256 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\wscsvc.reg
[2012/09/06 14:40:37 | 000,001,674 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2012/09/06 14:40:37 | 000,001,662 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2012/09/06 14:40:37 | 000,001,650 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2012/09/05 15:47:16 | 3149,901,824 | -HS- | C] () -- C:\hiberfil.sys
[2012/08/28 21:38:56 | 000,310,374 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Scr_sht_3.jpg
[2012/08/28 21:38:13 | 000,307,052 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Scr_sht_2.jpg
[2012/08/28 21:37:29 | 000,294,331 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Scr_sht_1.jpg
[2012/08/21 03:53:00 | 000,065,835 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\mehndi-design-8.jpg
[2012/08/20 15:58:33 | 000,023,654 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\400549_10151035020968127_1726734149_n.jpg
[2012/08/20 14:14:54 | 000,237,002 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\1341829880_412078242_1-Pictures-of--Mehndi-Designs-2012.jpg.gif
[2012/08/19 23:14:31 | 000,129,392 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\Eid-mehndi-designs-2012.jpg
[2012/08/10 03:41:48 | 036,556,435 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\Serenity-Podcast-Overcoming-Hardships.mp3
[2012/08/09 23:42:26 | 000,055,790 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\56gRY.jpg
[2012/08/09 23:42:11 | 000,080,571 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\Kamdani-Collection-2010-8.jpg
[2012/08/09 23:23:02 | 052,143,193 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\anger-management.mp3
[2012/08/09 19:53:04 | 000,481,252 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\Untitled.png
[2012/08/09 00:24:37 | 001,560,670 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\Tickets.ai
[2012/08/08 17:51:56 | 003,941,299 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Desktop\Final_Poster.jpg.dwg
[2012/08/06 03:53:50 | 003,629,820 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Untitled-1.ai
[2012/07/26 13:20:27 | 002,846,240 | ---- | C] () -- C:\Users\AFSHEEN KHAN\(001)alfatiha.mp3
[2012/07/26 13:20:27 | 000,000,987 | ---- | C] () -- C:\Users\AFSHEEN KHAN\systemlog
[2012/07/24 13:01:11 | 000,000,087 | -HS- | C] () -- C:\Users\AFSHEEN KHAN\AppData\Roaming\winset.ini
[2012/07/18 14:41:24 | 000,000,140 | ---- | C] () -- C:\Windows\winamp.ini
[2012/06/29 12:58:08 | 000,000,132 | ---- | C] () -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/06/26 00:04:42 | 000,000,038 | ---- | C] () -- C:\Windows\camcodec100.ini
[2012/06/25 23:31:10 | 000,000,067 | ---- | C] () -- C:\Windows\swf2avi.INI
[2012/05/16 20:58:56 | 000,000,132 | ---- | C] () -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2012/05/04 00:03:49 | 000,001,456 | ---- | C] () -- C:\Users\AFSHEEN KHAN\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/04/11 12:33:13 | 000,184,988 | ---- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/11/29 17:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/11/29 17:38:12 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/11/29 17:38:12 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/11/29 17:38:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/11/29 17:38:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/10/16 19:59:36 | 000,000,056 | ---- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/07/08 01:16:15 | 000,169,545 | ---- | C] () -- C:\Users\AFSHEEN KHAN\hm samreen.jpg
[2011/06/18 00:39:23 | 000,020,552 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/06/12 22:35:52 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/06/12 22:35:52 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/06/05 13:04:24 | 000,000,000 | ---- | C] () -- C:\Users\AFSHEEN KHAN\AppData\Local\{53F0DBB1-96B9-4FDF-BBDF-92CEC6E51544}
[2011/04/19 11:01:32 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2011/03/22 01:00:19 | 000,000,023 | ---- | C] () -- C:\Windows\System32\sysmwwod.dll
[2010/08/31 00:23:57 | 000,001,356 | ---- | C] () -- C:\Users\AFSHEEN KHAN\AppData\Local\d3d9caps.dat
[2010/08/10 14:01:51 | 000,002,734 | ---- | C] () -- C:\Users\AFSHEEN KHAN\.recently-used.xbel
[2010/08/04 03:42:13 | 000,137,216 | ---- | C] () -- C:\Users\AFSHEEN KHAN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2012/03/24 16:59:07 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Aiseesoft Studio
[2011/10/22 19:08:22 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\AnvSoft
[2012/09/05 17:42:26 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Audacity
[2012/09/05 17:42:26 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\BitTorrent
[2012/05/04 12:32:47 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Blender Foundation
[2010/08/15 15:26:34 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/05/31 22:00:33 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010/10/26 15:16:57 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\com.adobe.ExMan
[2011/09/01 22:27:14 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2011/10/11 00:59:09 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Digiarty
[2012/08/26 13:32:53 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Dropbox
[2011/05/28 23:35:58 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\DVDVideoSoft
[2010/12/13 20:47:58 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\FileZilla
[2011/09/12 22:45:17 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Fingerfox (SE)
[2012/09/05 17:42:32 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\FreeFLVConverter
[2012/09/05 17:42:32 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\FreeVideoConverter
[2012/09/05 17:42:32 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\gtk-2.0
[2012/06/25 17:27:26 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\HandBrake
[2012/02/20 13:09:22 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\HTC
[2012/02/20 13:09:40 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/09/06 14:54:17 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\ImgBurn
[2010/08/02 22:59:25 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\InterVideo
[2012/05/25 12:37:55 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\OfficeRecovery
[2012/02/02 00:07:32 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\OpenCandy
[2012/07/04 12:35:56 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\PerformerSoft
[2012/07/30 14:14:09 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Roaming
[2012/02/19 21:06:44 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Samsung
[2010/10/16 14:44:24 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/09/05 17:42:34 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\SystemRequirementsLab
[2012/09/05 17:42:34 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\W Photo Studio Viewer
[2010/08/10 13:45:42 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\WeatherBug
[2011/06/04 02:18:43 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\WhiteSmoke
[2011/04/19 11:16:17 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\WinAVI
[2011/04/27 16:24:17 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Windows Live Writer
[2012/06/25 14:10:44 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\Xilisoft
[2012/03/02 23:16:39 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\HTC
[2012/09/07 11:53:19 | 000,032,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/17 04:47:39 | 000,000,432 | ---- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{8B2A41AD-B2C7-4928-8E73-9E3A198035B5}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\AFSHEEN KHAN\Desktop\BBQ_Invitation_1.avi:TOC.WMV
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A66A990E

< End of report >
  • 0

#153
Maya_k
Posted 07 September 2012 - 12:47 PM

Maya_k

    Member

  • Topic Starter
  • Member
  • PipPip
  • 85 posts
When I clicked on start repairs, a message popped up:
"You haven't created a restore point or backed up the registry. It is HIGHLY recommended you create a backup before doing any repairs. Would you like to do both now?"
Should I click on yes or no?
  • 0

#154
Essexboy
Posted 07 September 2012 - 01:05 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes a system restore point is always a good thing to have
  • 0

#155
Maya_k
Posted 07 September 2012 - 02:25 PM

Maya_k

    Member

  • Topic Starter
  • Member
  • PipPip
  • 85 posts
Ok my laptop just restarted. I have a message from spybot:

"Category: System Startup user entry
Change: Value deleted
Etry: NoDesktop
Old data:0"

Should I allow that change?
  • 0

#156
Essexboy
Posted 07 September 2012 - 02:30 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes please, I will now remove some of my rubbish.. How is the computer ?
Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
O2 - BHO: (no name) - {11111111-1111-1111-1111-110011501160} - No CLSID value found.
O2 - BHO: (no name) - {21608B66-026F-4DCB-9244-0DACA328DCED} - No CLSID value found.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - No CLSID value found.
O3 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\Toolbar\WebBrowser: (no name) - {1921F97A-D9D4-418D-97CF-1F2CB1EE2CD6} - No CLSID value found.
O3 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1340476193-1627373412-1124528107-1003\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Reg Error: Value error. (Reg Error: Key error.)
[2012/09/06 15:29:09 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/09/06 14:40:56 | 000,000,000 | ---D | C] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\ImgBurn
[2012/09/06 14:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2012/09/06 14:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2012/09/07 13:22:26 | 000,346,950 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\SharedAccess.reg
[2012/09/07 13:22:08 | 000,006,336 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\WinDefend.reg
[2012/09/07 13:21:46 | 000,006,288 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\BITS.reg
[2012/09/07 13:21:26 | 000,006,176 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\wuauserv.reg
[2012/09/07 13:21:00 | 000,005,256 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\wscsvc.reg
[2012/09/07 13:20:40 | 000,158,116 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\BFE.reg
[2012/09/07 13:20:16 | 000,006,846 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Desktop\MpsSvc.reg
[2012/09/06 14:40:37 | 000,001,674 | ---- | M] () -- C:\Users\AFSHEEN KHAN\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2012/09/06 14:40:37 | 000,001,650 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2012/09/06 14:40:37 | 000,001,674 | ---- | C] () -- C:\Users\AFSHEEN KHAN\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2012/09/06 14:40:37 | 000,001,662 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2012/09/06 14:40:37 | 000,001,650 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2012/09/06 14:54:17 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\ImgBurn
[2012/02/02 00:07:32 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\OpenCandy
[2011/06/04 02:18:43 | 000,000,000 | ---D | M] -- C:\Users\AFSHEEN KHAN\AppData\Roaming\WhiteSmoke

:Files
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt  /c
ipconfig /release /c
ipconfig /renew /c

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

  • 0

#157
Maya_k
Posted 07 September 2012 - 03:05 PM

Maya_k

    Member

  • Topic Starter
  • Member
  • PipPip
  • 85 posts
OK it just restarted. spybot message:
"category: Session manager
change: value deleted
Entry: ExcludeFromKnowndlls"

Here is the log:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21608B66-026F-4DCB-9244-0DACA328DCED}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21608B66-026F-4DCB-9244-0DACA328DCED}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ not found.
Registry value HKEY_USERS\S-1-5-21-1340476193-1627373412-1124528107-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1921F97A-D9D4-418D-97CF-1F2CB1EE2CD6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1921F97A-D9D4-418D-97CF-1F2CB1EE2CD6}\ not found.
Registry value HKEY_USERS\S-1-5-21-1340476193-1627373412-1124528107-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
Registry value HKEY_USERS\S-1-5-21-1340476193-1627373412-1124528107-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1340476193-1627373412-1124528107-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ not found.
Starting removal of ActiveX control {5D6F45B3-9043-443D-A792-115447494D24}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D6F45B3-9043-443D-A792-115447494D24}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D6F45B3-9043-443D-A792-115447494D24}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D6F45B3-9043-443D-A792-115447494D24}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D6F45B3-9043-443D-A792-115447494D24}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D6F45B3-9043-443D-A792-115447494D24}\ not found.
Starting removal of ActiveX control {8100D56A-5661-482C-BEE8-AFECE305D968}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8100D56A-5661-482C-BEE8-AFECE305D968}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8100D56A-5661-482C-BEE8-AFECE305D968}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF84DAC5-A4F5-419E-A0BA-C01FFD71112F}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF84DAC5-A4F5-419E-A0BA-C01FFD71112F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF84DAC5-A4F5-419E-A0BA-C01FFD71112F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CF84DAC5-A4F5-419E-A0BA-C01FFD71112F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF84DAC5-A4F5-419E-A0BA-C01FFD71112F}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\TDSSKiller_Quarantine\06.09.2012_17.37.50\tdlfs0000 folder moved successfully.
C:\TDSSKiller_Quarantine\06.09.2012_17.37.50 folder moved successfully.
C:\TDSSKiller_Quarantine\06.09.2012_15.26.26\zasubsys0000\zafs0000 folder moved successfully.
C:\TDSSKiller_Quarantine\06.09.2012_15.26.26\zasubsys0000\file0000 folder moved successfully.
C:\TDSSKiller_Quarantine\06.09.2012_15.26.26\zasubsys0000 folder moved successfully.
C:\TDSSKiller_Quarantine\06.09.2012_15.26.26\rtkt0000\svc0000 folder moved successfully.
C:\TDSSKiller_Quarantine\06.09.2012_15.26.26\rtkt0000 folder moved successfully.
C:\TDSSKiller_Quarantine\06.09.2012_15.26.26 folder moved successfully.
C:\TDSSKiller_Quarantine folder moved successfully.
C:\Users\AFSHEEN KHAN\AppData\Roaming\ImgBurn\Log Files folder moved successfully.
C:\Users\AFSHEEN KHAN\AppData\Roaming\ImgBurn\Graph Data Files folder moved successfully.
C:\Users\AFSHEEN KHAN\AppData\Roaming\ImgBurn folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn folder moved successfully.
C:\Program Files\ImgBurn\Sounds folder moved successfully.
C:\Program Files\ImgBurn\Languages folder moved successfully.
C:\Program Files\ImgBurn folder moved successfully.
C:\Users\AFSHEEN KHAN\Desktop\SharedAccess.reg moved successfully.
C:\Users\AFSHEEN KHAN\Desktop\WinDefend.reg moved successfully.
C:\Users\AFSHEEN KHAN\Desktop\BITS.reg moved successfully.
C:\Users\AFSHEEN KHAN\Desktop\wuauserv.reg moved successfully.
C:\Users\AFSHEEN KHAN\Desktop\wscsvc.reg moved successfully.
C:\Users\AFSHEEN KHAN\Desktop\BFE.reg moved successfully.
C:\Users\AFSHEEN KHAN\Desktop\MpsSvc.reg moved successfully.
C:\Users\AFSHEEN KHAN\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk moved successfully.
C:\Users\Public\Desktop\ImgBurn.lnk moved successfully.
File C:\Users\AFSHEEN KHAN\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk moved successfully.
File C:\Users\Public\Desktop\ImgBurn.lnk not found.
Folder C:\Users\AFSHEEN KHAN\AppData\Roaming\ImgBurn\ not found.
C:\Users\AFSHEEN KHAN\AppData\Roaming\OpenCandy\OpenCandy_0F615FBC2C1F4271861FFA6279D890D4 folder moved successfully.
C:\Users\AFSHEEN KHAN\AppData\Roaming\OpenCandy\0F615FBC2C1F4271861FFA6279D890D4 folder moved successfully.
C:\Users\AFSHEEN KHAN\AppData\Roaming\OpenCandy folder moved successfully.
C:\Users\AFSHEEN KHAN\AppData\Roaming\WhiteSmoke folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\AFSHEEN KHAN\Documents\Downloads\cmd.bat deleted successfully.
C:\Users\AFSHEEN KHAN\Documents\Downloads\cmd.txt deleted successfully.
< netsh int ip reset c:\resetlog.txt /c >
Reseting Echo Request, failed.
Access is denied.
Reseting Interface, OK!
A reboot is required to complete this action.
C:\Users\AFSHEEN KHAN\Documents\Downloads\cmd.bat deleted successfully.
C:\Users\AFSHEEN KHAN\Documents\Downloads\cmd.txt deleted successfully.
< ipconfig /release /c >
Windows IP Configuration
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::f845:88c:8c52:32d7%11
Default Gateway . . . . . . . . . :
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 6:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 7:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 13:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 14:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 15:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
C:\Users\AFSHEEN KHAN\Documents\Downloads\cmd.bat deleted successfully.
C:\Users\AFSHEEN KHAN\Documents\Downloads\cmd.txt deleted successfully.
< ipconfig /renew /c >
Windows IP Configuration
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : gateway.2wire.net
Link-local IPv6 Address . . . . . : fe80::f845:88c:8c52:32d7%11
IPv4 Address. . . . . . . . . . . : 192.168.1.103
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 6:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 7:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 13:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 14:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 15:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
C:\Users\AFSHEEN KHAN\Documents\Downloads\cmd.bat deleted successfully.
C:\Users\AFSHEEN KHAN\Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: AFSHEEN KHAN
->Temp folder emptied: 949969 bytes
->Temporary Internet Files folder emptied: 891317 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 154034461 bytes
->Google Chrome cache emptied: 7763897 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 2031 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 35601307 bytes
->Java cache emptied: 12124 bytes
->FireFox cache emptied: 114383440 bytes
->Google Chrome cache emptied: 54963689 bytes
->Apple Safari cache emptied: 69010432 bytes
->Flash cache emptied: 80996 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36148 bytes
RecycleBin emptied: 118098127 bytes

Total Files Cleaned = 530.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.61.0 log created on 09072012_153254

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#158
Essexboy
Posted 07 September 2012 - 04:06 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ok the moment you have been waiting for ................. Ta Da :cheers:

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove ComboFix

  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#159
Maya_k
Posted 07 September 2012 - 11:30 PM

Maya_k

    Member

  • Topic Starter
  • Member
  • PipPip
  • 85 posts
Oh my goodness! Thank God, you, and Mike!! Couple things and I promise I will leave you alone lol. I am sorry to take up so much for your time.
My computer didn't find combofix so I am guessing it was deleted on its own... Second, thank you so much for telling me how to create a system restore point. I was going to ask you about that. I am trying to create a system restore point and there are two option for disks. One is recovery and the second one is Local Disk. I made a system restore point for the Local Disk, should I go ahead and make one for the recovery too? Thirdly, I read somewhere that if you have too many anti-virus programs, sometimes they interfere with one another. Currently, I have spybot, Windows Live OneCare, and Mcafee Security Scan plus. The last two just came with my laptop I believe. Oh, and I have the MBAM. Which ones can I delete? Thanks!
  • 0

#160
Essexboy
Posted 08 September 2012 - 03:59 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem, questions is what we are here for ..

OK :

Virus Protection

Yes, you should only have one. Windows Live OneCare is now defunct and has been replaced by MSES so lets sort that that out :

Download to your desktop MSES
Uninstall Windows Live OneCare via Control panel > Programs and features (a reboot will be required)
Download to your desktop the McAfee uninstall tool
Uninstall McAfee via Control panel > Programs and features (a reboot will be required)
Run the McAfee uninstall tool
Install Microsoft Security Essentials (MSES)

Malware Protection :

Uninstall Spybot and keep Malwarebytes

Restore

Just the Local disc as the recovery is a special partition on your computer for emergencies

If you have any further questions do not hesitate to ask :)
  • 0

Advertisements

#161
Essexboy
Posted 10 September 2012 - 04:29 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP