Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I Claro Search Engine Redirect

Started by Sceptical , Aug 14 2012 09:07 PM

  • Please log in to reply

#1
Sceptical
Posted 14 August 2012 - 09:07 PM

Sceptical

    New Member

  • Member
  • Pip
  • 1 posts
I wish to know if anyone could help me with my current malware problem. I have limited knowledge with these things but I do know the two items which caused this problem are called "I Claro search" and "babylon bar". I got the infection after I downloaded a suspiscious program. It keeps popping up no matter the fixes I try on the internet with anti spyware and virus programs such as malwarebytes,stopzilla and an anvisoft program. I found a post on another site with a fix that required olt and tried it but realised it didnt fix the problem entirely as it is still coming back for internet explorer in particular. ANy help is appreciated and sorry if my english was not proper as its not my original language. If anymore information is required please request and I shall provide more.

OTL logfile created on: 15/08/2012 12:57:30 - Run 3
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Bradley\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

7.91 Gb Total Physical Memory | 4.64 Gb Available Physical Memory | 58.61% Memory free
15.82 Gb Paging File | 11.75 Gb Available in Paging File | 74.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 631.41 Gb Total Space | 381.86 Gb Free Space | 60.48% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 580.84 Gb Free Space | 62.35% Space Free | Partition Type: NTFS
Drive E: | 300.00 Gb Total Space | 299.89 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
Drive F: | 1.87 Gb Total Space | 1.64 Gb Free Space | 88.02% Space Free | Partition Type: FAT

Computer Name: BRADLEY-PC | User Name: Bradley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/15 12:51:59 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Bradley\Desktop\OTL.exe
PRC - [2012/08/15 10:02:32 | 001,697,312 | ---- | M] () -- C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012/08/07 08:28:52 | 000,067,448 | R--- | M] (iS3, Inc.) -- C:\Program Files (x86)\STOPzilla!\SZServer.exe
PRC - [2012/08/07 08:28:44 | 000,194,424 | R--- | M] (iS3, Inc.) -- C:\Program Files (x86)\STOPzilla!\STOPzilla.exe
PRC - [2012/08/04 12:49:19 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/07/20 18:11:38 | 000,686,408 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
PRC - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/27 08:45:50 | 002,077,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2012/01/18 16:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2012/01/03 23:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/03 22:53:08 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/11/15 23:13:22 | 003,990,528 | ---- | M] (WhatPulse.org) -- C:\Program Files (x86)\WhatPulse\WhatPulse.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/10/15 18:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/08/24 19:08:41 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2011/08/24 19:08:40 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/08/24 19:08:40 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe
PRC - [2011/08/24 19:08:40 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2011/08/24 19:08:40 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2011/08/24 19:08:40 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/08/24 19:08:39 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgam.exe
PRC - [2011/08/22 16:13:02 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/08/22 16:12:52 | 003,507,088 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010/10/29 15:43:54 | 001,167,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
PRC - [2010/04/16 16:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
PRC - [2009/08/29 16:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Bradley\Local Settings\Apps\F.lux\flux.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/15 11:55:50 | 000,115,137 | ---- | M] () -- C:\Users\Bradley\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
MOD - [2012/08/15 10:02:32 | 002,049,056 | ---- | M] () -- c:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2012/08/14 14:30:59 | 000,442,392 | ---- | M] () -- C:\Users\Bradley\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppgooglenaclpluginchrome.dll
MOD - [2012/08/14 14:30:58 | 012,235,288 | ---- | M] () -- C:\Users\Bradley\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
MOD - [2012/08/14 14:30:57 | 003,997,720 | ---- | M] () -- C:\Users\Bradley\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
MOD - [2012/08/14 14:29:28 | 000,144,424 | ---- | M] () -- C:\Users\Bradley\AppData\Local\Google\Chrome\Application\21.0.1180.79\avutil-51.dll
MOD - [2012/08/14 14:29:27 | 000,266,792 | ---- | M] () -- C:\Users\Bradley\AppData\Local\Google\Chrome\Application\21.0.1180.79\avformat-54.dll
MOD - [2012/08/14 14:29:26 | 002,480,680 | ---- | M] () -- C:\Users\Bradley\AppData\Local\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll
MOD - [2012/08/02 19:31:17 | 020,316,496 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/08/02 19:31:15 | 000,900,944 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/08/02 19:31:13 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/08/02 19:31:11 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/08/02 19:31:09 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/11 10:07:36 | 001,159,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\848c4005079e434e04096d683fab1ded\System.Management.ni.dll
MOD - [2011/09/11 10:06:27 | 000,767,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\9a7bb1e3cbae28550d7e796e9162dc58\System.Runtime.Remoting.ni.dll
MOD - [2011/09/11 10:06:08 | 001,776,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d85a3d6ed5bb77f5603e098cccf60bfa\System.Xaml.ni.dll
MOD - [2011/09/10 23:40:08 | 013,006,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f3cdd09fc0acc85c7febbd2e2ef9c4e5\System.Windows.Forms.ni.dll
MOD - [2011/09/10 23:40:03 | 001,651,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\2fe09cc54a8390b20e380239db34228f\System.Drawing.ni.dll
MOD - [2011/09/10 23:39:53 | 000,450,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b4e58d1a3e0ee75b6b107585c92c68e8\PresentationFramework.Aero.ni.dll
MOD - [2011/09/10 23:39:52 | 017,629,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\8357ade60159c25ee88db0aab8686e6d\PresentationFramework.ni.dll
MOD - [2011/09/10 23:39:43 | 011,057,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7a1eeb425f9318f432afead4b2da965a\PresentationCore.ni.dll
MOD - [2011/09/10 23:39:38 | 003,779,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\f1f3a74eb37b27b7d05b8ffa941f8473\WindowsBase.ni.dll
MOD - [2011/09/10 23:39:33 | 005,571,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\2d7c29ad77c15abfa6a8fe6d24840a91\System.Xml.ni.dll
MOD - [2011/09/10 23:39:29 | 007,025,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\85693dfd9ba4905b0fd947fdb51446d5\System.Core.ni.dll
MOD - [2011/09/10 23:39:23 | 009,000,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\161c6f80ad93b0505054d244f1c6243c\System.ni.dll
MOD - [2011/09/10 23:39:19 | 014,415,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4ff1f12a08d455f195ba996fe77497c6\mscorlib.ni.dll
MOD - [2011/08/24 17:07:56 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\boost_log-vc71-mt-1_32.dll
MOD - [2011/08/24 17:07:56 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\boost_thread-vc71-mt-1_32.dll
MOD - [2011/08/22 16:13:02 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/03/01 23:15:28 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/03/01 23:15:28 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/03/01 23:15:04 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/03/01 23:14:42 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/03/01 23:14:30 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/08/29 16:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Bradley\Local Settings\Apps\F.lux\flux.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/28 05:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/09/10 23:55:06 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009/07/14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 11:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/15 10:02:32 | 001,697,312 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2012/08/07 08:28:52 | 000,067,448 | R--- | M] (iS3, Inc.) [Auto | Running] -- C:\Program Files (x86)\STOPzilla!\SZServer.exe -- (szserver)
SRV - [2012/08/03 12:04:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/20 18:11:38 | 000,686,408 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe -- (asdsrv)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/26 15:35:20 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/01/18 16:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2012/01/03 23:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/03 22:53:08 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/11/22 20:18:53 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/10/15 18:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/08/24 19:08:41 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2011/08/24 19:08:40 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/24 19:08:40 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2011/08/24 19:08:40 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2011/08/02 19:47:14 | 000,159,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe -- (CDMA Device Service)
SRV - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010/04/16 16:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nCU)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/13 15:49:48 | 000,023,376 | ---- | M] (Anvisoft) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\asdrs.sys -- (asdrs)
DRV:64bit: - [2012/07/13 15:49:48 | 000,017,232 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\asdws.sys -- (asdws)
DRV:64bit: - [2012/07/13 15:49:46 | 000,018,768 | ---- | M] (Anvisoft) [File_System | System | Running] -- C:\Windows\SysNative\drivers\asdrm.sys -- (asdrm)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/01/18 16:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 16:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/09/13 09:52:11 | 000,035,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2011/09/02 16:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 16:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 16:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/08/25 01:47:58 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2011/08/24 19:08:41 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSwa.sys -- (AVGIDSErHrw7a)
DRV:64bit: - [2011/08/24 19:08:40 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2011/08/24 19:08:39 | 000,056,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (AvgRkx64)
DRV:64bit: - [2011/08/24 17:07:46 | 000,029,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2011/07/18 14:24:52 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscemdm.sys -- (sscemdm)
DRV:64bit: - [2011/07/18 14:24:52 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscebus.sys -- (sscebus)
DRV:64bit: - [2011/07/18 14:24:52 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscemdfl.sys -- (sscemdfl)
DRV:64bit: - [2011/07/18 14:24:46 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2011/07/18 14:24:46 | 000,095,416 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2011/07/08 09:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/06/09 14:48:02 | 000,066,144 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2011/04/22 02:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/15 11:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/02/08 13:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/02/08 13:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011/01/16 02:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/11/10 18:46:00 | 000,832,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/06/11 14:37:14 | 000,015,368 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 11:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 11:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 11:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 10:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/14 10:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/18 15:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2011/08/24 19:08:41 | 000,132,688 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSDriver.sys -- (AVGIDSDriverw7a)
DRV - [2011/08/24 19:08:41 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSFilter.sys -- (AVGIDSFilterw7a)
DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 4C 8E B4 74 4B CD 01 [binary data]
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.claro...00000e04c001e85
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Bradley\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bradley\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bradley\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2012/01/20 17:30:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2012/01/20 17:30:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/08/15 10:02:32 | 000,000,000 | ---D | M]

[2012/08/15 12:01:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/18 13:49:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/08/15 10:02:05 | 000,006,546 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bradley\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bradley\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Bradley\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bradley\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Bradley\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Bradley\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Bradley\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Skype Click to Call = C:\Users\Bradley\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\

O1 HOSTS File: ([2012/08/15 11:51:12 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VIRTU] C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe ()
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe (Anvisoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [ASRockXTU] File not found
O4 - HKCU..\Run: [F.lux] C:\Users\Bradley\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WhatPulse] C:\Program Files (x86)\WhatPulse\WhatPulse.exe (WhatPulse.org)
O4 - Startup: C:\Users\Bradley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 211.29.152.116 198.142.0.51 211.29.132.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C84516E-DDE4-49F6-B2A5-4B5EACD630F2}: DhcpNameServer = 211.29.152.116 198.142.0.51 211.29.132.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD792FAF-1D84-42D5-B1DC-230CBCC6782B}: DhcpNameServer = 211.29.152.116 198.142.0.51 211.29.132.12
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\APPINI~1.DLL) - C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22565~1.25\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{86ea144b-ce17-11e0-911d-002522cf85e7}\Shell - "" = AutoRun
O33 - MountPoints2\{86ea144b-ce17-11e0-911d-002522cf85e7}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{86ea188c-ce17-11e0-911d-002522cf85e7}\Shell - "" = AutoRun
O33 - MountPoints2\{86ea188c-ce17-11e0-911d-002522cf85e7}\Shell\AutoRun\command - "" = J:\SETUP.EXE /adminfile IU.MSP
O33 - MountPoints2\{86ea188c-ce17-11e0-911d-002522cf85e7}\Shell\configure\command - "" = J:\SETUP.EXE
O33 - MountPoints2\{86ea188c-ce17-11e0-911d-002522cf85e7}\Shell\install\command - "" = J:\SETUP.EXE
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/15 12:52:51 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Bradley\Desktop\OTL (1).exe
[2012/08/15 12:51:59 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Bradley\Desktop\OTL.exe
[2012/08/15 12:24:32 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/08/15 12:14:39 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{AEDF8F7E-C3CF-4D79-AB2B-586476E764F0}
[2012/08/15 12:14:16 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{5E04367B-0AE2-468A-9F40-406F502BD540}
[2012/08/15 11:56:44 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{FCE63F1E-A0A5-461E-997D-32518D1840D9}
[2012/08/15 11:55:54 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{9F988D79-55B2-4333-B8CA-1311DC594144}
[2012/08/15 11:51:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/15 11:10:21 | 000,074,872 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbapifs.sys
[2012/08/15 11:10:21 | 000,045,936 | ---- | C] (GFI Software) -- C:\Windows\SysNative\SBBD.EXE
[2012/08/15 11:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
[2012/08/15 11:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2012/08/15 11:09:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STOPzilla!
[2012/08/15 10:54:55 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Roaming\Anvisoft
[2012/08/15 10:54:48 | 000,023,376 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\asdrs.sys
[2012/08/15 10:54:48 | 000,018,768 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\asdrm.sys
[2012/08/15 10:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2012/08/15 10:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2012/08/15 10:54:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2012/08/15 10:30:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012/08/15 10:30:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012/08/15 10:11:49 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{17F9D707-8B74-47AA-978D-4CF4E084BBFA}
[2012/08/15 10:11:25 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{AAA2E6DF-8089-40D1-8F34-01E2FE488888}
[2012/08/15 10:02:36 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012/08/15 10:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012/08/15 10:01:47 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Roaming\ExpressFiles
[2012/08/15 10:01:47 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Roaming\Babylon
[2012/08/11 20:18:49 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\Macromedia
[2012/08/11 10:37:11 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{781BD5F0-B739-464C-BE4B-7FB51CE8C42B}
[2012/08/11 10:36:50 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{EAC76F29-7D36-4038-ADC0-74E8A75CC7BA}
[2012/08/10 14:38:25 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{245A8041-187D-4C02-82E4-81850ECBA26E}
[2012/08/10 14:37:53 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{E58053CC-CD1B-47C0-BB38-2DBC962D2326}
[2012/08/07 08:29:12 | 000,023,416 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
[2012/08/07 08:29:02 | 000,546,680 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
[2012/08/07 08:28:56 | 000,497,528 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
[2012/08/06 22:00:55 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{FE12F9DB-706F-4FE5-9F5D-44EA69079626}
[2012/08/06 22:00:30 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{9D14FBB6-E806-46F9-A3C2-821837FF2B48}
[2012/08/06 21:10:00 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\Apple
[2012/08/06 00:01:14 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{B46E9B0E-E62D-46AD-B60E-850512D9C967}
[2012/08/06 00:00:50 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{E14BC5D9-AB09-4D8F-9912-08B9A4FD3740}
[2012/08/05 20:31:59 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\Adobe
[2012/08/04 13:34:02 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{5E26CB04-8A22-4396-93D6-6DD8898631CB}
[2012/08/04 13:33:33 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{50A46006-8BB6-44C1-A975-34E29F5725D9}
[2012/08/04 12:50:07 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{3B23A15B-228A-4EA6-A589-736BE37DE94D}
[2012/08/04 12:49:43 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{6D31F3A7-8A68-41E1-9572-124CF6BA68C6}
[2012/08/04 11:23:10 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Roaming\Malwarebytes
[2012/08/04 11:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/04 11:22:59 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/04 11:22:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/04 11:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/27 21:02:52 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{4912D246-29F0-4A9C-AA44-B65DD336033C}
[2012/07/27 21:02:28 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{78DCA61F-97A2-4C6A-BEE4-B33196661FF7}
[2012/07/26 22:40:12 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{A3193331-EE68-489E-9A09-FC96E97B36AD}
[2012/07/26 22:39:44 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{131166FA-760D-4A68-9681-5568A96ECF2E}
[2012/07/26 10:51:44 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{44543B5F-4741-4491-BC6A-C811AF8F1C7C}
[2012/07/26 10:51:03 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{9E0BA856-F757-421D-9C1F-D4E6DB4698B4}
[2012/07/18 19:12:14 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{0ED4E981-822B-4DCB-96CC-7EB8430203EF}
[2012/07/18 19:11:56 | 000,000,000 | ---D | C] -- C:\Users\Bradley\AppData\Local\{3EC14E2C-3F5D-4232-936D-5ACF4005ED4F}
[2012/07/17 08:36:16 | 000,231,288 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Win325.dll
[2012/07/17 08:36:16 | 000,029,048 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3XDat5.dll
[2012/07/17 08:36:14 | 000,391,032 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3UI5.dll
[2012/07/17 08:36:12 | 000,100,216 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Svc5.dll
[2012/07/17 08:36:06 | 000,132,984 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3HTUI5.dll
[2012/07/17 08:36:06 | 000,104,312 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Inet5.dll
[2012/07/17 08:36:04 | 000,456,568 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3DBA5.dll
[2012/07/17 08:36:04 | 000,067,448 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Hks5.dll
[2012/07/17 08:36:02 | 000,812,920 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Base5.dll
[2 C:\Users\Bradley\Desktop\*.tmp files -> C:\Users\Bradley\Desktop\*.tmp -> ]
[1 C:\Users\Bradley\Documents\*.tmp files -> C:\Users\Bradley\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/15 12:52:55 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Bradley\Desktop\OTL (1).exe
[2012/08/15 12:51:59 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Bradley\Desktop\OTL.exe
[2012/08/15 12:33:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1316392306-1648453092-3702248542-1000UA.job
[2012/08/15 12:33:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1316392306-1648453092-3702248542-1000Core.job
[2012/08/15 12:24:34 | 000,002,380 | ---- | M] () -- C:\Users\Bradley\Desktop\Google Chrome.lnk
[2012/08/15 12:23:58 | 000,000,816 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2012/08/15 12:19:39 | 000,782,218 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/15 12:19:39 | 000,666,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/15 12:19:39 | 000,125,540 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/15 12:13:46 | 000,001,441 | ---- | M] () -- C:\Users\Bradley\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/15 12:12:08 | 000,000,204 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012/08/15 12:11:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/15 12:11:26 | 2077,048,831 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/15 12:09:27 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/08/15 12:09:26 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/08/15 12:04:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/15 11:51:12 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/08/15 10:54:48 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Anvi Smart Defender.lnk
[2012/08/15 10:02:15 | 000,000,098 | ---- | M] () -- C:\user.js
[2012/08/15 09:01:15 | 103,813,755 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2012/08/15 08:54:55 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1316392306-1648453092-3702248542-1000UA.job
[2012/08/15 08:54:48 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 08:54:48 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/14 23:09:00 | 000,000,204 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2012/08/14 11:13:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1316392306-1648453092-3702248542-1000Core.job
[2012/08/07 08:29:12 | 000,023,416 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
[2012/08/07 08:29:02 | 000,546,680 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
[2012/08/07 08:28:56 | 000,497,528 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
[2012/08/04 12:51:06 | 000,001,112 | ---- | M] () -- C:\Users\Bradley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2012/08/04 11:23:00 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/17 08:36:16 | 000,231,288 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Win325.dll
[2012/07/17 08:36:16 | 000,029,048 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3XDat5.dll
[2012/07/17 08:36:14 | 000,391,032 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3UI5.dll
[2012/07/17 08:36:12 | 000,100,216 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Svc5.dll
[2012/07/17 08:36:06 | 000,132,984 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3HTUI5.dll
[2012/07/17 08:36:06 | 000,104,312 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Inet5.dll
[2012/07/17 08:36:04 | 000,456,568 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3DBA5.dll
[2012/07/17 08:36:04 | 000,067,448 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Hks5.dll
[2012/07/17 08:36:02 | 000,812,920 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Base5.dll
[2 C:\Users\Bradley\Desktop\*.tmp files -> C:\Users\Bradley\Desktop\*.tmp -> ]
[1 C:\Users\Bradley\Documents\*.tmp files -> C:\Users\Bradley\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/15 12:24:34 | 000,002,380 | ---- | C] () -- C:\Users\Bradley\Desktop\Google Chrome.lnk
[2012/08/15 12:23:47 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1316392306-1648453092-3702248542-1000UA.job
[2012/08/15 12:23:46 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1316392306-1648453092-3702248542-1000Core.job
[2012/08/15 12:14:35 | 000,000,816 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2012/08/15 12:09:27 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/08/15 12:09:26 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/08/15 10:54:48 | 000,017,232 | ---- | C] () -- C:\Windows\SysNative\drivers\asdws.sys
[2012/08/15 10:54:48 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Anvi Smart Defender.lnk
[2012/08/15 10:02:15 | 000,000,098 | ---- | C] () -- C:\user.js
[2012/08/05 23:53:26 | 000,319,872 | ---- | C] () -- C:\Windows6.1-KB977178-v2-x64.msu
[2012/08/04 12:51:06 | 000,001,112 | ---- | C] () -- C:\Users\Bradley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2012/08/04 11:23:00 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/27 18:54:45 | 002,052,085 | ---- | C] () -- C:\Users\Bradley\Desktop\VBA(1) - Copy.swf
[2012/04/28 18:32:17 | 000,000,104 | ---- | C] () -- C:\Users\Bradley\.Xauthority
[2012/03/28 22:07:43 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012/03/28 22:06:11 | 000,078,848 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2012/01/18 16:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 16:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 16:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/11/25 13:51:34 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/11/25 13:51:31 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/11/25 13:51:30 | 000,837,192 | ---- | C] () -- C:\Windows\SysWow64\pbsvc (1).exe
[2011/10/16 13:20:12 | 000,000,151 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2011/10/16 13:20:12 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\brlmw03a.ini
[2011/10/16 13:20:12 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2011/10/16 13:20:11 | 000,009,030 | ---- | C] () -- C:\Windows\HL-2040.INI
[2011/10/16 13:15:05 | 000,000,238 | ---- | C] () -- C:\Windows\Brownie.ini
[2011/10/14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/10 15:59:57 | 000,786,644 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/04 18:28:33 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/09/04 18:28:33 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\BD2040.DAT
[2011/09/03 12:33:34 | 000,007,605 | ---- | C] () -- C:\Users\Bradley\AppData\Local\Resmon.ResmonCfg
[2011/08/28 21:07:38 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/08/27 14:39:52 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011/08/25 00:02:11 | 000,000,050 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/07/26 17:26:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/07/26 17:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/07/26 17:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/07/26 17:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/07/26 17:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/04/15 11:05:50 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/04/15 11:05:50 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/04/15 11:05:48 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/04/15 10:59:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/04/15 10:33:40 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

========== LOP Check ==========

[2012/01/17 17:24:45 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\.minecraft
[2012/08/15 10:54:55 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Anvisoft
[2011/09/13 20:29:20 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Autodesk
[2011/08/24 17:32:39 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\AVG9
[2012/08/15 10:01:47 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Babylon
[2012/07/26 14:37:54 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Bioshock
[2012/03/19 17:59:19 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\EndNote
[2012/08/15 10:01:56 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\ExpressFiles
[2012/03/26 17:56:02 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\[email protected]
[2012/02/15 23:56:31 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\[email protected]
[2011/08/24 23:54:35 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\ImgBurn
[2011/08/29 19:38:57 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Leadertech
[2012/02/18 00:18:59 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Notepad++
[2011/11/01 19:45:31 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Origin
[2012/02/04 12:51:09 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Publish Providers
[2011/11/14 13:59:08 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Runiter
[2011/09/12 20:47:02 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Samsung
[2012/02/04 12:54:59 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\Sony
[2012/08/04 11:17:29 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\uTorrent
[2012/07/02 12:27:28 | 000,000,000 | ---D | M] -- C:\Users\Bradley\AppData\Roaming\WhatPulse
[2012/08/15 12:12:08 | 000,000,204 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012/08/14 23:09:00 | 000,000,204 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2012/08/14 11:13:00 | 000,000,912 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1316392306-1648453092-3702248542-1000Core.job
[2012/08/15 08:54:55 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1316392306-1648453092-3702248542-1000UA.job
[2009/07/14 15:08:49 | 000,030,374 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Gammo
Posted 18 August 2012 - 11:45 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP