Jump to content

Malwarebytes keeps closing


Recommended Posts

Yesterday I was doing my routine weekly scam using Malwarebytes and for some reason it keeps shutting down halfway and i get a windows error saying the program stopped working unexpectedly. Currently I'am not having any other issue with my computer at all, just frustrated and alarmed why my scan isn't going through. I repeated the process over a few more times, and it seems to be terminating while scanning pku2u.dll.

Please help, I can't really make heads or tail on what to do or if i should be worried.

Link to post
Share on other sites

Yesterday I was doing my routine weekly scam using Malwarebytes and for some reason it keeps shutting down halfway and i get a windows error saying the program stopped working unexpectedly. Currently I'am not having any other issue with my computer at all, just frustrated and alarmed why my scan isn't going through. I repeated the process over a few more times, and it seems to be terminating while scanning pku2u.dll.

Please help, I can't really make heads or tail on what to do or if i should be worried.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:05:32 PM, on 8/10/2010

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

C:\Program Files (x86)\n52te\razerhid.exe

C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe

C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe

C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

O4 - HKLM\..\Run: [Jomantha] "C:\Program Files (x86)\n52te\razerhid.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup

O4 - HKLM\..\Run: [AML] C:\Program Files (x86)\Sony\VAIO Launcher\AML.exe InitApp

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\axcmd.exe" /automount

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: Bluetooth.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O13 - Gopher Prefix:

O15 - ESC Trusted Zone: http://*.update.microsoft.com

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FlipShare Service - Unknown owner - C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe

O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

O23 - Service: Intel® Sample Collector (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\collsvc.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe

O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--

End of file - 13673 bytes

Link to post
Share on other sites

Hi,

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%|bak;true;false;false /fp
    %systemroot%\system32|bak;true;false;false /fp
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time

Link to post
Share on other sites

OTL logfile created on: 8/13/2010 5:43:42 AM - Run 1

OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Owner\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 73.00% Memory free

12.00 Gb Paging File | 10.00 Gb Available in Paging File | 84.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 362.24 Gb Total Space | 17.83 Gb Free Space | 4.92% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: OWNER-PC

Current User Name: Owner

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Include 64bit Scans

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/13 05:41:11 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe

PRC - [2010/07/14 15:51:02 | 000,198,608 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

PRC - [2010/06/28 10:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2010/06/28 10:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/05/14 12:59:44 | 000,455,944 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

PRC - [2009/08/26 17:11:50 | 000,173,368 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe

PRC - [2009/08/26 17:11:50 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe

PRC - [2009/08/26 17:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe

PRC - [2009/08/26 17:11:48 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe

PRC - [2009/07/23 10:39:38 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

PRC - [2009/07/23 10:39:36 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

PRC - [2009/07/22 15:03:04 | 000,642,920 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

PRC - [2009/07/14 11:15:12 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

PRC - [2009/07/14 11:15:12 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

PRC - [2009/07/01 18:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

PRC - [2009/06/17 01:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

PRC - [2009/05/26 09:23:14 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

PRC - [2008/09/18 07:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

PRC - [2007/12/12 11:58:30 | 000,163,840 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\n52te\razerhid.exe

PRC - [2007/05/28 06:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

PRC - [2007/01/04 16:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

========== Modules (SafeList) ==========

MOD - [2010/08/13 05:41:11 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe

MOD - [2009/07/13 15:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx

MOD - [2009/07/13 15:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/06/28 10:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV:64bit: - [2010/06/28 10:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV:64bit: - [2010/06/28 10:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2009/09/16 23:28:42 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)

SRV:64bit: - [2009/09/03 16:15:38 | 000,189,984 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)

SRV:64bit: - [2009/09/01 10:15:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV:64bit: - [2009/07/13 15:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/01 18:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:64bit: - [2009/06/26 14:35:04 | 000,468,264 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)

SRV:64bit: - [2009/05/21 16:11:20 | 001,462,544 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV:64bit: - [2009/05/21 14:31:30 | 000,830,224 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV:64bit: - [2009/01/16 18:59:12 | 000,110,376 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)

SRV:64bit: - [2008/04/27 14:00:38 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.exe -- (XAudioService)

SRV - [2010/07/19 13:25:08 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2010/07/14 15:51:02 | 000,198,608 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)

SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/05/14 12:59:44 | 000,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)

SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService)

SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)

SRV - [2009/07/23 10:39:38 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)

SRV - [2009/07/23 10:39:38 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)

SRV - [2009/07/23 10:39:36 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)

SRV - [2009/07/22 15:03:04 | 000,642,920 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)

SRV - [2009/07/17 11:31:28 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)

SRV - [2009/07/17 11:31:28 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)

SRV - [2009/07/17 11:31:28 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)

SRV - [2009/07/17 11:31:26 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)

SRV - [2009/07/17 11:31:26 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)

SRV - [2009/07/14 11:15:12 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)

SRV - [2009/06/26 11:25:36 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)

SRV - [2009/06/26 11:25:24 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)

SRV - [2009/01/07 21:10:32 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)

SRV - [2008/09/18 07:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)

SRV - [2007/05/28 06:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

SRV - [2007/01/04 16:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/06/28 10:33:00 | 000,061,008 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2010/03/29 10:06:06 | 000,233,488 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)

DRV:64bit: - [2009/12/17 12:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)

DRV:64bit: - [2009/11/03 02:11:46 | 000,867,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2009/09/03 15:43:36 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2009/09/01 12:27:40 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2009/09/01 12:27:40 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009/09/01 12:27:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2009/09/01 12:27:32 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2009/09/01 10:15:16 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009/08/09 11:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)

DRV:64bit: - [2009/07/13 15:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/13 15:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/13 15:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 15:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 15:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/13 15:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 10:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 10:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/06/10 10:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 10:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 10:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 10:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/28 22:52:38 | 005,437,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel®

DRV:64bit: - [2009/05/20 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2008/11/18 14:08:46 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)

DRV:64bit: - [2008/10/22 14:02:17 | 000,085,504 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rimssn64.sys -- (rimsptsk)

DRV:64bit: - [2008/10/22 14:02:08 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)

DRV:64bit: - [2008/07/17 14:05:52 | 000,193,072 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)

DRV:64bit: - [2008/05/28 00:23:40 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV:64bit: - [2008/04/29 14:03:13 | 000,388,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2008/04/27 14:00:38 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)

DRV:64bit: - [2008/04/27 14:00:35 | 001,511,936 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)

DRV:64bit: - [2008/04/27 14:00:35 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)

DRV:64bit: - [2008/04/27 14:00:33 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)

DRV:64bit: - [2008/04/27 14:00:33 | 000,300,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)

DRV:64bit: - [2008/04/24 11:06:42 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)

DRV:64bit: - [2007/04/16 17:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?br...T&bmod=SNNT

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?br...T&bmod=SNNT

IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?br...T&bmod=SNNT

IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/12/05 17:50:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\Spyware Doctor\BDT\FireFox\ [2010/07/03 20:33:04 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/24 09:41:15 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/24 09:41:15 | 000,000,000 | ---D | M]

[2010/03/28 08:28:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions

[2010/08/12 08:24:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\k8p5rdh1.default\extensions

[2010/04/27 05:00:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\k8p5rdh1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/07/17 05:46:41 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\k8p5rdh1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2010/07/15 12:49:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/07/15 12:49:39 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

O1 HOSTS File: ([2006/09/18 11:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AML] C:\Program Files (x86)\Sony\VAIO Launcher\AML.exe (Sony)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [Jomantha] C:\Program Files (x86)\n52te\razerhid.exe (Razer USA Ltd.)

O4 - HKLM..\Run: [smartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-343239981-1420640739-2261984077-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\axcmd.exe (Alcohol Soft Development Team)

O4 - HKU\S-1-5-21-343239981-1420640739-2261984077-1000..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1

O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/08/13 05:41:09 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe

[2010/08/10 21:05:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2010/08/10 20:59:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010/08/10 20:59:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010/08/10 07:30:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\(???) [?????] ?????????

[2010/08/10 01:57:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Sexy_Beach_3

[2010/08/10 01:21:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\lilith

[2010/08/09 06:16:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\G6_0807

[2010/08/09 05:17:32 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2010/08/09 05:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes

[2010/08/08 05:50:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Doujin

[2010/08/08 05:50:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Furry

[2010/08/08 05:48:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Fake

[2010/08/08 05:46:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Real

[2010/08/07 06:50:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\merchant.mvc_files

[2010/08/06 08:31:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\SC USB

[2010/08/03 13:13:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\InterviewPDF

[2010/07/30 12:35:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Chakushin ari (aka One Missed Call) KLAXXON

[2010/07/28 10:01:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TinkleBell

[2010/07/27 08:24:49 | 003,208,180 | ---- | C] (Blizzard Entertainment) -- C:\Users\Owner\Desktop\StarCraft_2_NA_en-US.exe.part

[2010/07/27 08:22:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\StarCraft II

[2010/07/27 08:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II

[2010/07/23 08:31:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Music

[2010/07/23 06:56:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE

[2010/07/23 06:55:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2010/07/23 06:55:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iPod

[2010/07/23 06:55:31 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

[2010/07/23 06:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2010/07/23 06:52:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2010/07/23 06:52:23 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2010/07/23 06:52:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour

[2010/07/21 06:11:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Broadcom

[2010/07/19 17:31:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Programs

[2010/07/15 12:44:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2010/07/14 21:00:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\EscapeTheMuseum2

[2010/07/14 20:59:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Games

[2010/07/14 11:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\EscapeTheMuseum

[2010/07/14 11:12:36 | 000,000,000 | ---D | C] -- C:\Windows\Escape the Museum

[2010/07/14 11:12:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Escape the Museum

[2010/07/14 11:04:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Escape the Museum

[2010/07/14 11:04:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\BigFish - Escape the Museum 2 - New HOG Adventure - Wendy99

[2010/07/11 05:02:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Plants vs Zombies

[2010/07/01 16:44:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Ventrilo

[2010/07/01 16:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ventrilo

[2010/06/28 17:52:58 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr

[2010/06/27 06:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\????

[2010/06/25 11:04:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\LolClient

[2010/06/25 06:31:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR

[2010/06/25 06:28:50 | 000,000,000 | ---D | C] -- C:\Riot Games

[2010/06/10 05:44:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\dcim

[2010/06/08 05:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip

[2010/06/08 05:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip

[2010/06/06 16:02:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Threat Expert

[2010/06/04 10:38:53 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll

[2010/06/04 10:38:52 | 001,652,664 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old

[2010/06/04 10:38:52 | 001,435,600 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll

[2010/06/04 10:38:52 | 000,264,144 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll

[2010/06/04 10:36:45 | 000,306,648 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys

[2010/06/04 10:36:45 | 000,133,072 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys

[2010/06/04 10:36:43 | 000,233,488 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys

[2010/06/04 10:36:41 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys

[2010/06/04 10:36:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Doctor

[2010/06/04 10:36:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\PC Tools

[2010/06/04 10:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools

[2010/06/04 10:36:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools

[2010/06/04 10:16:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\oueclqerq

[2010/05/31 08:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flip Video

[2010/05/29 09:22:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel

[2010/05/29 09:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel

[2010/05/29 09:22:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco

[2010/05/27 21:45:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\dungeons and dragons

[2010/05/22 20:22:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ElevatedDiagnostics

[2010/05/22 07:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\SHARLY

[2010/05/18 07:22:45 | 000,136,704 | ---- | C] (Ligos Corporation) -- C:\Windows\SysWow64\iacenc.dll

[2010/05/18 07:22:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ligos

[2010/05/18 07:17:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\GRETECH

[2010/05/18 07:17:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH

[2010/05/16 20:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StepMania

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/13 05:45:12 | 011,534,336 | ---- | M] () -- C:\Users\Owner\NTUSER.DAT

[2010/08/13 05:41:11 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe

[2010/08/12 11:45:47 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/08/12 11:45:47 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/08/12 11:38:32 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/08/12 11:38:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/08/12 11:38:01 | 510,935,039 | -HS- | M] () -- C:\hiberfil.sys

[2010/08/12 10:41:11 | 005,902,273 | -H-- | M] () -- C:\Users\Owner\AppData\Local\IconCache.db

[2010/08/11 06:03:18 | 000,246,377 | ---- | M] () -- C:\test.xml

[2010/08/11 03:19:06 | 000,453,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010/08/10 21:05:21 | 000,002,093 | ---- | M] () -- C:\Users\Owner\Desktop\HijackThis.lnk

[2010/08/10 20:59:14 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/08/10 02:38:41 | 169,687,268 | ---- | M] () -- C:\Users\Owner\Desktop\Sexy_Beach_3_Plus.part3.rar.part

[2010/08/09 05:17:25 | 001,531,593 | ---- | M] () -- C:\Users\Owner\Desktop\winrar-x64-393.exe

[2010/08/09 05:14:34 | 000,939,956 | ---- | M] () -- C:\Users\Owner\Desktop\7z465.exe

[2010/08/09 05:07:16 | 000,001,250 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk

[2010/08/08 13:53:14 | 000,076,012 | ---- | M] () -- C:\Users\Owner\Desktop\35113_622442089100_19908108_35427957_127712_n.jpg

[2010/08/08 09:02:42 | 000,204,570 | ---- | M] () -- C:\Users\Owner\Desktop\keithnude2.jpg

[2010/08/07 06:50:23 | 000,011,969 | ---- | M] () -- C:\Users\Owner\Desktop\merchant.mvc.htm

[2010/08/06 08:33:14 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/08/06 08:33:14 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/08/06 08:33:14 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/08/03 20:24:15 | 000,057,498 | ---- | M] () -- C:\Users\Owner\Desktop\image (5113).jpg

[2010/07/30 11:43:10 | 000,000,221 | ---- | M] () -- C:\Users\Owner\Desktop\Audiosurf.url

[2010/07/28 10:01:45 | 000,002,083 | ---- | M] () -- C:\Users\Owner\Desktop\??????????????.lnk

[2010/07/27 08:48:18 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk

[2010/07/27 08:24:53 | 003,208,180 | ---- | M] (Blizzard Entertainment) -- C:\Users\Owner\Desktop\StarCraft_2_NA_en-US.exe.part

[2010/07/23 06:56:19 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2010/07/23 06:53:39 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010/07/21 06:28:52 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

[2010/07/19 19:40:44 | 000,000,219 | ---- | M] () -- C:\Users\Owner\Desktop\Alien Swarm.url

[2010/07/19 15:16:01 | 000,767,928 | ---- | M] () -- C:\Windows\BDTSupport.dll

[2010/07/14 20:59:46 | 000,002,095 | ---- | M] () -- C:\Users\Owner\Desktop\Escape the Museum 2.lnk

[2010/07/14 15:51:11 | 000,149,456 | ---- | M] (PC Tools) -- C:\Windows\SGDetectionTool.dll

[2010/07/14 15:51:10 | 000,264,144 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll

[2010/07/14 15:51:09 | 001,435,600 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll

[2010/07/14 11:13:08 | 000,001,950 | ---- | M] () -- C:\Users\Owner\Desktop\Escape the Museum.lnk

[2010/07/05 10:58:38 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010/07/04 05:42:22 | 001,269,220 | ---- | M] () -- C:\Users\Owner\AppData\Local\gpets3sv.bin

[2010/07/01 16:44:08 | 000,000,268 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini

[2010/07/01 16:44:06 | 000,000,889 | ---- | M] () -- C:\Users\Owner\Desktop\Ventrilo.lnk

[2010/07/01 16:44:06 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\Ventrilo.lnk

[2010/06/28 17:52:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2010/06/28 10:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr

[2010/06/28 10:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2010/06/28 10:37:56 | 000,051,280 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2010/06/28 10:37:36 | 000,121,936 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2010/06/28 10:33:17 | 000,028,752 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswRdr.sys

[2010/06/28 10:33:00 | 000,061,008 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2010/06/28 10:32:36 | 000,020,048 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2010/06/25 06:31:26 | 000,001,720 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk

[2010/06/22 18:01:10 | 000,000,192 | ---- | M] () -- C:\Windows\UDB.zip

[2010/06/22 18:01:08 | 000,767,952 | ---- | M] () -- C:\Windows\BDTSupport.dll.old

[2010/06/12 08:11:03 | 000,026,580 | ---- | M] () -- C:\Users\Owner\Documents\Data_061210_071057.roxio

[2010/06/08 05:50:29 | 000,002,247 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk

[2010/06/07 14:21:02 | 001,652,664 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old

[2010/05/31 08:00:23 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\FlipShare.lnk

[2010/05/18 07:17:29 | 000,001,133 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk

[2010/05/18 07:17:29 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk

[2010/05/16 21:09:24 | 000,001,608 | ---- | M] () -- C:\Users\Owner\Desktop\StepMania - Shortcut.lnk

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/10 21:05:21 | 000,002,093 | ---- | C] () -- C:\Users\Owner\Desktop\HijackThis.lnk

[2010/08/10 20:59:14 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/08/10 01:16:20 | 169,687,268 | ---- | C] () -- C:\Users\Owner\Desktop\Sexy_Beach_3_Plus.part3.rar.part

[2010/08/09 05:17:22 | 001,531,593 | ---- | C] () -- C:\Users\Owner\Desktop\winrar-x64-393.exe

[2010/08/09 05:14:33 | 000,939,956 | ---- | C] () -- C:\Users\Owner\Desktop\7z465.exe

[2010/08/09 05:07:16 | 000,001,250 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk

[2010/08/08 13:53:03 | 000,076,012 | ---- | C] () -- C:\Users\Owner\Desktop\35113_622442089100_19908108_35427957_127712_n.jpg

[2010/08/08 09:02:39 | 000,204,570 | ---- | C] () -- C:\Users\Owner\Desktop\keithnude2.jpg

[2010/08/07 06:50:23 | 000,011,969 | ---- | C] () -- C:\Users\Owner\Desktop\merchant.mvc.htm

[2010/08/03 20:24:13 | 000,057,498 | ---- | C] () -- C:\Users\Owner\Desktop\image (5113).jpg

[2010/08/03 07:33:22 | 000,000,056 | ---- | C] () -- C:\Users\Owner\AppData\Local\DVDPATH.TXT

[2010/07/30 11:43:10 | 000,000,221 | ---- | C] () -- C:\Users\Owner\Desktop\Audiosurf.url

[2010/07/28 10:01:44 | 000,002,083 | ---- | C] () -- C:\Users\Owner\Desktop\??????????????.lnk

[2010/07/27 08:22:58 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk

[2010/07/23 06:56:19 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2010/07/23 06:53:39 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010/07/21 06:05:57 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

[2010/07/19 20:16:02 | 000,767,928 | ---- | C] () -- C:\Windows\BDTSupport.dll

[2010/07/19 19:40:44 | 000,000,219 | ---- | C] () -- C:\Users\Owner\Desktop\Alien Swarm.url

[2010/07/14 20:59:46 | 000,002,095 | ---- | C] () -- C:\Users\Owner\Desktop\Escape the Museum 2.lnk

[2010/07/14 11:13:08 | 000,001,950 | ---- | C] () -- C:\Users\Owner\Desktop\Escape the Museum.lnk

[2010/07/01 16:44:06 | 000,000,889 | ---- | C] () -- C:\Users\Owner\Desktop\Ventrilo.lnk

[2010/07/01 16:44:06 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\Ventrilo.lnk

[2010/07/01 16:44:03 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini

[2010/06/27 06:02:12 | 001,269,220 | ---- | C] () -- C:\Users\Owner\AppData\Local\gpets3sv.bin

[2010/06/25 06:31:26 | 000,001,720 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk

[2010/06/12 08:11:03 | 000,026,580 | ---- | C] () -- C:\Users\Owner\Documents\Data_061210_071057.roxio

[2010/06/08 05:50:29 | 000,002,247 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk

[2010/06/04 10:38:53 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old

[2010/06/04 10:38:53 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml

[2010/06/04 10:38:53 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml

[2010/06/04 10:38:53 | 000,000,192 | ---- | C] () -- C:\Windows\UDB.zip

[2010/06/04 10:38:53 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip

[2010/06/04 10:36:45 | 000,007,357 | ---- | C] () -- C:\Windows\SysNative\drivers\pctgntdi64.cat

[2010/06/04 10:36:43 | 000,007,353 | ---- | C] () -- C:\Windows\SysNative\drivers\pctcore64.cat

[2010/06/04 10:36:41 | 000,007,353 | ---- | C] () -- C:\Windows\SysNative\drivers\pctplsg64.cat

[2010/05/31 08:00:23 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\FlipShare.lnk

[2010/05/18 07:22:45 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

[2010/05/18 07:17:29 | 000,001,133 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk

[2010/05/18 07:17:29 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk

[2010/05/16 21:09:24 | 000,001,608 | ---- | C] () -- C:\Users\Owner\Desktop\StepMania - Shortcut.lnk

[2009/12/05 22:24:25 | 000,000,033 | ---- | C] () -- C:\Windows\WININIT.INI

[2009/11/06 19:15:18 | 000,000,110 | ---- | C] () -- C:\Windows\GSdx9_SSE2.INI

[2009/08/26 12:45:49 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll

[2009/07/13 13:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 11:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/05/08 04:41:50 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI

[2009/05/08 03:52:22 | 000,000,091 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini

[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[2008/02/18 20:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll

========== LOP Check ==========

[2009/12/05 18:14:43 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.BitTornado

[2009/12/05 18:14:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\acccore

[2009/12/05 18:14:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Auslogics

[2010/01/01 17:52:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\COWON

[2009/12/05 18:14:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite

[2010/07/14 21:00:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EscapeTheMuseum2

[2009/12/05 18:14:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\fltk.org

[2010/01/11 12:09:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\InterVideo

[2010/06/25 11:04:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LolClient

[2009/12/05 18:15:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Secret of the Solstice

[2010/04/13 10:24:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SSH

[2009/12/05 18:15:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Stellarium

[2009/12/05 18:15:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template

[2009/12/14 12:11:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\XnView

[2010/05/09 12:48:46 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< %SYSTEMDRIVE%\*.* >

[2009/07/13 15:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr

[2009/12/05 15:40:45 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2010/08/12 11:38:01 | 510,935,039 | -HS- | M] () -- C:\hiberfil.sys

[2009/12/05 22:43:27 | 000,000,187 | ---- | M] () -- C:\Installer_Setup.log

[2009/11/14 17:59:31 | 000,000,365 | -H-- | M] () -- C:\IPH.PH

[2010/05/30 05:51:52 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt

[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll

[2010/08/12 11:38:13 | 2112,905,215 | -HS- | M] () -- C:\pagefile.sys

[2009/12/05 22:20:57 | 000,002,809 | ---- | M] () -- C:\RHDSetup.log

[2009/08/21 16:57:04 | 000,559,616 | ---- | M] () -- C:\seatoolsforwindowssetup.msi

[2010/08/11 06:03:18 | 000,246,377 | ---- | M] () -- C:\test.xml

[2009/08/20 18:28:03 | 000,000,000 | ---- | M] () -- C:\Updates.txt

[2009/05/08 04:20:58 | 000,389,254 | ---- | M] () -- C:\vcredist_x86.log

< %systemroot%\Fonts\*.com >

[2009/07/13 19:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont

[2009/07/13 19:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont

[2009/07/13 19:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont

[2009/07/13 19:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >

[2009/06/10 10:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

[2010/06/28 10:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr

[2009/07/10 12:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

[2009/07/13 18:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%|bak;true;false;false /fp >

[2010/04/29 15:04:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\StepMania\Songs\Anime 3rd Mix\Sobakasu

< %systemroot%\system32|bak;true;false;false /fp >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Files - Unicode (All) ==========

[2010/03/15 19:15:48 | 000,002,086 | ---- | M] ()(C:\Users\Public\Desktop\The Sims? 3.lnk) -- C:\Users\Public\Desktop\The Sims

Link to post
Share on other sites

OTL Extras logfile created on: 8/13/2010 5:43:42 AM - Run 1

OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Owner\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 73.00% Memory free

12.00 Gb Paging File | 10.00 Gb Available in Paging File | 84.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 362.24 Gb Total Space | 17.83 Gb Free Space | 4.92% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: OWNER-PC

Current User Name: Owner

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Include 64bit Scans

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-343239981-1420640739-2261984077-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{23B45E10-0CA5-43E9-BD6D-C2BD6CBE11AC}" = iTunes

"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support

"{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi

"{72EEB695-388B-4835-8EA6-0C04545B06B9}" = Intel® PROSet/Wireless WiFi Software

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{9301985B-D116-4A93-A93D-94580084FF86}" = 64 Bit HP CIO Components Installer

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant

"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO

"{A4BC24CB-F8C7-27FB-41D5-47A405031A41}" = ATI Catalyst Install Manager

"{A9513BBC-73B4-4856-BF83-0166523ABF09}" = 64 Bit HP CIO Components Installer

"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour

"{BCE67697-A70A-E020-8ABA-310E95D09812}" = ccc-utility64

"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center

"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP

"HP Smart Web Printing" = HP Smart Web Printing

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"ProInst" = Intel PROSet Wireless

"Shop for HP Supplies" = Shop for HP Supplies

"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8

"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data

"{0A5F02E5-1A52-4F85-892C-A35227641C75}" = VAIO Content Metadata Intelligent Analyzing Manager

"{0AC8162B-5175-41D7-B963-8307A40BD456}" = n52te Editor

"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6

"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo

"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{183372B8-A3C2-063B-5C9E-B5C3E09F7158}" = CCC Help Norwegian

"{19B683DF-B562-4C0B-8AAA-2A92409D190A}" = Sony Home Network Library

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3

"{1D2DF848-BA1C-6D29-8DC6-A8EBC85B2128}" = CCC Help Thai

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools

"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{2176C142-DEE5-8AF0-9257-CA2E65368A52}" = CCC Help Finnish

"{223A0070-C924-48E3-AEB6-2E06CC835CC0}" = VAIO Care

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 17

"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2

"{27EA389E-B0D3-E606-A801-C397BC417B00}" = Catalyst Control Center Graphics Previews Common

"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply

"{2BE51320-174A-44EC-8041-50E35E091283}" = VAIO Content Metadata Intelligent Analyzing Manager

"{2E8631C2-72E6-4A95-A86E-CB912D8D1537}" = Sony Home Network Library

"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6

"{32DD0B80-68A4-2BAD-6D43-D2A6A7732AA2}" = CCC Help Hungarian

"{33F55462-96AF-0D67-AAF3-5ACBDE186FF7}" = CCC Help Dutch

"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey

"{359391F9-1A4D-A988-D62D-0F33C59AFDF6}" = CCC Help English

"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care

"{36FBD8D7-CEFC-2BFD-9E50-CDEA040D5F47}" = CCC Help Swedish

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3C0619B4-4A2C-4244-8077-488E420DF907}" = FINAL FANTASY XI: Chains of Promathia

"{3C7C4990-D713-E889-63E7-214D35B55B18}" = Catalyst Control Center Graphics Previews Vista

"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker

"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime

"{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer & Tetra Master

"{484D0DD1-57D3-4AE5-8B5A-40232C83B674}" = VAIO Entertainment Platform

"{48E91AD2-2A80-4E70-98E6-450A189F6048}" = VAIO Movie Story

"{4C5FC19D-AE05-3F78-4336-90116C43400E}" = CCC Help French

"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor

"{4E64FCCA-AE91-609C-6646-3BA7B2542C17}" = CCC Help Russian

"{4F29AF49-2F30-4E33-416B-E373ACE30B03}" = Catalyst Control Center Core Implementation

"{51CBB909-7A5D-1B81-2F79-219231F0C7A6}" = Catalyst Control Center InstallProxy

"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands

"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ

"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI

"{547FD64B-98D9-1D8F-9001-BE027E3A7BD8}" = Catalyst Control Center InstallProxy

"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager

"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool

"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic

"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service

"{5B037ED7-0755-48D4-9554-808E5AF50F17}" = FINAL FANTASY XI: Wings of the Goddess

"{5CCB5E3A-8FA6-E1B8-082E-507493C836CD}" = Catalyst Control Center Localization All

"{5D9F5605-4B95-A700-B10E-FC5DBE052D18}" = CCC Help Italian

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{653C3AFC-E8BB-E745-DEE8-A9EA8ED5D432}" = CCC Help Greek

"{678F6475-D227-432A-94FF-806178A34520}" = FINAL FANTASY XI

"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works

"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6AC4E434-8126-4840-BBD3-6B1EB78BBFF5}" = Solstice

"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform

"{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie

"{6CCAF3C8-8B77-3601-6E9C-E85E9444B0E6}" = CCC Help Chinese Traditional

"{6FC76C41-8C1D-4B43-85E7-0BAA2002F1BE}" = FINAL FANTASY XI: Rise of the Zilart

"{70991E0A-1108-437E-BA7D-085702C670C0}" =

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{72B5983C-80C7-4225-BA72-E92AE1D59C62}" = VAIO My Memory Center

"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio

"{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}" = SSH Secure Shell

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{78780A45-B180-4297-AE6D-12C45EC5AD35}" = VAIO Content Metadata Manager Setting

"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client

"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2

"{7C8744A5-DED2-028E-C0B7-42AAA764E806}" = CCC Help Korean

"{7CF4115F-8947-2E35-718E-9AE7907FDD34}" = Catalyst Control Center Graphics Full New

"{7E8DE539-B044-48B3-BC76-4F0A089ABE2F}" = VAIO Content Metadata Intelligent Analyzing Manager

"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials

"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B1CF7D7-9D45-6FB7-8B8A-72E804B74ACD}" = CCC Help Danish

"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus

"{8F47B673-8D71-49E3-98B6-BCF547C82F57}" = Click to Disc

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90303A86-8EED-490A-8675-50A6B2159D7A}" = ?????????????DL?

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{96AE9B73-23A5-3781-07EE-D873CDF1935A}" = CCC Help Polish

"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =

"{97F52122-E41C-C805-3981-E8686E073978}" = CCC Help Chinese Standard

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music

"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2

"{99804FF5-11AC-4FC9-B66B-72E9A6B386BC}" = ccc-core-static

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility

"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A606C6FF-12E7-40BE-B777-D8F360FF00CD}" = FINAL FANTASY XI: Treasures of Aht Urhgan

"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Settings

"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series

"{A82C622C-22E2-409E-7113-EB749DEBC9F7}" = CCC Help Portuguese

"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger

"{AA66EAEF-E6F9-BB8A-1463-72BE38F70856}" = CCC Help Japanese

"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3

"{AEF0D6B2-1087-3D96-624F-B83A5EBD175D}" = Catalyst Control Center Graphics Full Existing

"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR

"{B1C0D829-FE30-059E-E93F-CDC7A48235C0}" = FlipShare

"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story

"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support

"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy

"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX

"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims

Link to post
Share on other sites

Hi,

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
    IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
    [2010/06/04 10:16:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\oueclqerq
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    :Services

    :Reg

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start Malwarebytes' Anti-Malware

  • Once the program has loaded, click the "Update" tab and click the "Check For updates" button.
  • Once the updates were downloaded, click the "Scanner" tab, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the esetOnline.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.

    3. Check esetAcceptTerms.png
    4. Click the esetStart.png button.
    5. Accept any security warnings from your browser.
    6. Check esetScanArchives.png
    7. Push the Start button.
    8. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    9. When the scan completes, push esetListThreats.png
    10. Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    11. Push the esetBack.png button.
    12. Push esetFinish.png

Link to post
Share on other sites

Hi,

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
    IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
    [2010/06/04 10:16:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\oueclqerq
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    :Services

    :Reg

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start Malwarebytes' Anti-Malware

  • Once the program has loaded, click the "Update" tab and click the "Check For updates" button.
  • Once the updates were downloaded, click the "Scanner" tab, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the esetOnline.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.

    3. Check esetAcceptTerms.png
    4. Click the esetStart.png button.
    5. Accept any security warnings from your browser.
    6. Check esetScanArchives.png
    7. Push the Start button.
    8. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    9. When the scan completes, push esetListThreats.png
    10. Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    11. Push the esetBack.png button.
    12. Push esetFinish.png


      fixed with OTL, but I still cannot complete the Malwarebytes scan because it terminates at the same spot.
Link to post
Share on other sites

Hi,

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
    IE - HKU\S-1-5-21-343239981-1420640739-2261984077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
    [2010/06/04 10:16:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\oueclqerq
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    :Services

    :Reg

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start Malwarebytes' Anti-Malware

  • Once the program has loaded, click the "Update" tab and click the "Check For updates" button.
  • Once the updates were downloaded, click the "Scanner" tab, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the esetOnline.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.

    3. Check esetAcceptTerms.png
    4. Click the esetStart.png button.
    5. Accept any security warnings from your browser.
    6. Check esetScanArchives.png
    7. Push the Start button.
    8. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    9. When the scan completes, push esetListThreats.png
    10. Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    11. Push the esetBack.png button.
    12. Push esetFinish.png


      Okay did the scan, there were no threats found.
Link to post
Share on other sites

Hi,

Your logs appears to be clean now. There is only a bit of cleanup that we will deal with in this post, as well as prevention from future infections. :thumbsup:

You said you still cannot complete the MBAM scan. This is not malware related. Please start a new topic here for that issue.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Open OTL

  • Under the Custom Scans/Fixes box at the bottom, paste the following:
    :Commands
    [clearallrestorepoints]


  • Click the Run Fix button at the top
  • It might ask you to reboot, if so click YES

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • Download OTC to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please download JavaRa to your desktop and unzip it to its own folder

  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep a backup of your important files

Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Make proper use of your anti-virus and firewall

You should keep your anti-virus and firewall guard enabled at all times, don't shut them off unless there's a specific reason to do so.

Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure nothing has slipped through your protection. Once every two weeks works well for many people. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Keep in mind that anti-virus programs are far from perfect. They don't protect you against every piece of malware that's out there, so don't trust them blindly. If an anti-virus reports a file as 'clean' then it's doesn't necessarily has to mean it is.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep all your software updated

It is important to keep up on system updates from Microsoft by regularly checking their website at: http://windowsupdate.microsoft.com/, as these patch critical security vulnerabilities and help to keep you safe.

It's also important to keep programs up to date so that malware doesn't exploit any old security flaws. FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Java and Adobe Reader are two of the main security vulnerabilities. You can find the latest version of Java here, you will want the Java SE Runtime Environment (JRE) one. You can find the latest version of Adobe Reader here.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Use a safer web browser

Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a couple good free alternatives: Firefox and Opera. Both are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these. If you wish to continue using Internet Explorer, it would be a good idea to follow the tutorial here which will help you to make IE much safer.

If you decide to use the Firefox browser, the McAfee SiteAdvisor add-on will nicely help to enhance your security. This add-on tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Some other security programs

It is wise these days to have a few security programs installed and running on your machine except from just an anti-virus and a firewall. I will list some of them.

  • A good anti-spyware program installed on your pc is very important to help remove any spyware that may have gotten on your computer. I highly recommend Malwarebytes' Anti-Malware.
  • SpywareBlaster to help prevent spyware from installing in the first place.
  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites in the future.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be careful

Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to exercise common sense. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully to make sure that you know what you're getting.

Using peer-to-peer programs (eg: LimeWire, BitTorrent, uTorrent, Kazaa) or downloading cracks and keygens is something else to avoid. These are the most common way to get infected. Malware writers use these programs to spread infections as it is the easiest way for them. The majority of infections we see in the Malware Removal forum are due to people using p2p programs to download cracks/keygens/warez. These are not only illegal, but will always contain some form of malware. You have no way of verifying that the things you download are legitimate or that they don't contain malware. Even with an up to date anti-virus and firewall, some of these things will still infect you. It is highly recommend that you uninstall all peer-to-peer programs. It just isn't worth it.

Other common ways of getting infected are dis-reputable sites forcing you to download and install a codec. Or viruses using Instant Messaging programs (Windows Live Messenger, MSN Messenger, AIM) to send a file claiming it to be "photos" from a friend, only for it to turn out to be a virus.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Slow computer?

If your computer begins to slow down in the future for no particular reason, your first step should not be to come to the malware forum. As your computer ages and is used, it's parts wear, files and programs accumulate, and its performance can decrease. To restore your computer's performance to its best possible level, follow the steps in this page written by malware expert Miekiemoes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'll leave this thread open for a couple days in case you come across any lingering problems that need fixing, then I'll close it up. If you need it reopened for any reason just shoot me a PM. It's been a pleasure working with you, now best of luck!

Cheers,

Gammo :cool:

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.