Jump to content

XLR8

Honorary Members
  • Posts

    25
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Very quick in responding and even though things looked like they weren't going to be resolved, it worked in the end! Thanks!

  2. Strangely enough the message hasn't appeared since I've done the update. So that's good news! I guess you can close the topic. Appreciate your help. But from the scans, everything else seemed okay, right?
  3. Yeah I tried to look for info regarding it and that's all I found. I did as that website said. You've helped me a lot, so thanks. But are you sure there's nothing malicious there at all? I have a certain gaming account which was hacked just today and everything was gone. My password was extemely obscure so I doubt someone would've guessed that. And Bitdefender and Malwarebytes detect nothing when I use them. I'm just a tad worried that there's an undetectable keylogger there — it baffles me. I'll let ya know if the message keeps appearing.
  4. Here ya go. ListParts by Farbar Version: 12-03-2012 03 Ran by XLR8 (administrator) on 04-05-2012 at 12:22:23 Windows Vista (X64) Running From: C:\Users\XLR8\Downloads Language: 0409 ************************************************************ ========================= Memory info ====================== Percentage of memory in use: 66% Total physical RAM: 4091.44 MB Available physical RAM: 1385.87 MB Total Pagefile: 8376.13 MB Available Pagefile: 5180.34 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ======================= Partitions ========================= 1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:313.25 GB) NTFS ==>[Drive with boot components (obtanied from BCD)] 2 Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.62 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ---------- ------- ------- --- --- Disk 0 Online 466 GB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 OEM 39 MB 32 KB Partition 2 Primary 15 GB 40 MB Partition 3 Primary 451 GB 15 GB ====================================================================================================== Disk: 0 Partition 1 Type : DE Hidden: Yes Active: No There is no volume associated with this partition. ====================================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 E RECOVERY NTFS Partition 15 GB Healthy ====================================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C OS NTFS Partition 451 GB Healthy System (partition with boot components) ====================================================================================================== ****** End Of Log ******
  5. Unfortunately, it doesn't appear to have worked. Restored it and the message still pops up. Even when using other browsers the message appears.
  6. The program is always firefox.exe. It was avgnsa.exe but I removed that. Regarding Steam, I haven't found a way to disable it fully without uninstalling it. All processes killed ========== OTL ========== Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Public User: XLR8 ->Java cache emptied: 4753882 bytes Total Java Files Cleaned = 5.00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes User: XLR8 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 51231602 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 211427783 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 8390 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 229055405 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 469.00 mb OTL by OldTimer - Version 3.2.42.2 log created on 05012012_113217 Files\Folders moved on Reboot... File\Folder C:\Windows\temp\TMP000000290686E8C59B5ECC05 not found! Registry entries deleted on Reboot...
  7. Thanks - Extras.txt didn't open up for some reason - there's only OTL.txt OTL logfile created on: 30/04/2012 10:39:52 - Run 2 OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\XLR8\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 4.00 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 48.92% Memory free 8.18 Gb Paging File | 5.58 Gb Available in Paging File | 68.21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.07 Gb Total Space | 312.43 Gb Free Space | 69.26% Space Free | Partition Type: NTFS Drive E: | 14.65 Gb Total Space | 6.62 Gb Free Space | 45.20% Space Free | Partition Type: NTFS Computer Name: XYZ-XTREMESPEED | User Name: XLR8 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/04/30 10:39:28 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\XLR8\Desktop\OTL.exe PRC - [2012/04/25 23:14:34 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012/04/20 17:08:13 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/03/23 19:39:53 | 003,715,072 | ---- | M] (Bluelight Developments) -- C:\Program Files\SwiftKit-RS.exe PRC - [2012/03/13 06:37:52 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\XLR8\AppData\Local\Akamai\netsession_win.exe PRC - [2012/01/23 20:28:06 | 000,016,624 | ---- | M] (Bitdefender) -- C:\Program Files\BitDefender\Bitdefender 2012\Antispam32\bdimguiaux.exe PRC - [2012/01/15 16:58:54 | 001,660,232 | ---- | M] (Bootstrap Software Development) -- C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe PRC - [2011/09/04 16:19:56 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe PRC - [2009/02/05 03:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe PRC - [2008/12/18 20:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe PRC - [2008/06/15 12:12:20 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008/06/15 12:12:18 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe ========== Modules (No Company Name) ========== MOD - [2012/04/27 18:59:07 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll MOD - [2012/04/25 23:14:34 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012/04/20 17:08:10 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2012/04/20 17:07:55 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll MOD - [2012/04/20 17:07:55 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll MOD - [2012/04/20 17:07:55 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll MOD - [2012/04/20 17:07:55 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll MOD - [2012/04/13 13:54:20 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll MOD - [2012/04/13 13:54:12 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll MOD - [2012/02/17 23:36:58 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll MOD - [2012/02/17 23:18:11 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1a5853155c4e5ab3f91cd37da331e89b\System.Web.Services.ni.dll MOD - [2012/02/17 23:03:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll MOD - [2012/02/17 22:53:41 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll MOD - [2012/02/17 22:50:35 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll MOD - [2012/01/23 20:14:56 | 000,110,880 | ---- | M] () -- C:\Program Files\BitDefender\Bitdefender 2012\Antispam32\connector.dll MOD - [2012/01/23 20:13:40 | 000,154,152 | ---- | M] () -- C:\Program Files\BitDefender\Bitdefender 2012\Antispam32\framework.dll MOD - [2012/01/06 16:27:28 | 000,202,032 | ---- | M] () -- C:\Program Files\BitDefender\Bitdefender 2012\Antispam32\txmlutil.dll MOD - [2011/10/13 21:22:47 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe MOD - [2009/11/13 17:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll MOD - [2009/11/13 17:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll MOD - [2009/11/13 17:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll MOD - [2009/11/13 17:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll MOD - [2009/07/07 16:23:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/04/24 18:51:57 | 000,075,384 | ---- | M] (Bitdefender) [On_Demand | Stopped] -- C:\Program Files\BitDefender\Bitdefender Safebox\safeboxservice.exe -- (SafeBox) SRV:64bit: - [2012/04/24 18:51:51 | 001,957,152 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (VSSERV) SRV:64bit: - [2012/03/13 18:26:10 | 000,066,096 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV) SRV:64bit: - [2011/10/14 23:57:26 | 000,466,736 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server) SRV:64bit: - [2009/05/12 14:20:28 | 000,382,464 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\SysNative\ykx64mpcoinst.dll -- (yksvc) SRV:64bit: - [2009/05/11 20:21:42 | 000,268,288 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe -- (STacSV) SRV:64bit: - [2009/05/11 20:21:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe -- (AESTFilters) SRV:64bit: - [2009/03/12 16:24:10 | 000,949,760 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility) SRV:64bit: - [2008/12/21 19:35:16 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc) SRV:64bit: - [2008/12/18 20:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV:64bit: - [2008/01/21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/04/27 18:59:07 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/04/25 23:14:35 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/04/20 17:08:13 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/03/28 15:19:16 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll -- (Akamai) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/03/30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/06/15 12:12:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/10 20:04:32 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/20 20:22:46 | 000,691,896 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avc3.sys -- (avc3) DRV:64bit: - [2012/02/29 14:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/17 16:45:56 | 000,545,064 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\avckf.sys -- (avckf) DRV:64bit: - [2011/11/25 15:00:36 | 000,258,736 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\avchv.sys -- (avchv) DRV:64bit: - [2011/11/17 17:38:34 | 000,079,952 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (bdsandbox) DRV:64bit: - [2011/11/14 20:16:42 | 000,090,192 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\BitDefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf) DRV:64bit: - [2011/11/14 20:16:36 | 000,119,888 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\Bitdefender Firewall\bdftdif.sys -- (bdftdif) DRV:64bit: - [2011/10/27 15:07:05 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\trufos.sys -- (trufos) DRV:64bit: - [2011/08/16 14:59:12 | 000,442,088 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\bdfsfltr.sys -- (bdfsfltr) DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010/03/31 02:58:04 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2010/01/19 19:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\bdvedisk.sys -- (BDVEDISK) DRV:64bit: - [2009/12/01 16:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:64bit: - [2009/10/01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/12 14:20:28 | 000,406,016 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64) DRV:64bit: - [2009/05/11 20:22:00 | 000,477,696 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA) DRV:64bit: - [2009/05/08 01:39:36 | 000,266,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP) DRV:64bit: - [2009/05/08 01:28:02 | 000,069,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR) DRV:64bit: - [2009/03/12 18:25:56 | 005,265,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300) DRV:64bit: - [2009/03/12 18:25:56 | 005,265,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009/03/09 17:00:00 | 000,311,456 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA013Vid.sys -- (OA013Vid) DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA013Ufd.sys -- (OA013Ufd) DRV:64bit: - [2009/03/04 17:30:24 | 000,933,376 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rt2870.sys -- (rt2870) DRV:64bit: - [2008/12/31 03:00:22 | 000,172,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2008/12/26 13:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM) DRV:64bit: - [2008/12/21 19:34:48 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY) DRV:64bit: - [2008/12/16 17:56:52 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX) DRV:64bit: - [2008/06/14 23:12:08 | 000,395,800 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor) DRV:64bit: - [2008/01/21 03:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel® DRV:64bit: - [2007/02/08 14:48:04 | 000,051,600 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dsiarhwprog_x64.sys -- (usbio) DRV:64bit: - [2007/02/08 14:48:04 | 000,051,600 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ActionReplayDS_x64.sys -- (ActionReplayDS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 65 B8 80 40 6D CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=&rlz=1I7ADRA_en IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local;127.0.0.1:9421; ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29 FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.87 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313 FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0 FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:3.6 FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B1b650dc5-1bb6-434d-b15a-03d8a2e77959%7D&mid=85c0193d7cd9b3d8d52964610ed4c1d8-93cd5f6c99ff30966b8fcfa185b37fd07afaf0b6&ds=AVG&v=9.0.0.18.3〈=us&pr=&d=2012-02-23%2010%3A36%3A05&sap=ku&q=" FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\XLR8\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( ) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\XLR8\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\XLR8\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2012/04/21 18:46:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2012/04/21 17:21:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/25 23:14:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/28 14:59:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2012/04/21 18:46:41 | 000,000,000 | ---D | M] [2010/02/16 12:45:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XLR8\AppData\Roaming\Mozilla\Extensions [2010/02/16 12:45:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XLR8\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2012/04/28 14:21:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XLR8\AppData\Roaming\Mozilla\Firefox\Profiles\hfw5513s.default\extensions [2010/06/13 16:43:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\XLR8\AppData\Roaming\Mozilla\Firefox\Profiles\hfw5513s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012/04/08 12:06:10 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\XLR8\AppData\Roaming\Mozilla\Firefox\Profiles\hfw5513s.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2012/01/25 22:09:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\XLR8\AppData\Roaming\Mozilla\Firefox\Profiles\hfw5513s.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012/04/28 14:21:47 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\XLR8\AppData\Roaming\Mozilla\Firefox\Profiles\hfw5513s.default\extensions\info@djzig.com [2012/04/28 14:59:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/12/07 21:04:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/04/28 14:59:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [2012/04/25 23:14:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/04/25 23:14:33 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml [2012/03/12 19:57:49 | 000,003,764 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012/01/06 15:16:09 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/04/25 23:14:33 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml [2012/04/25 23:14:33 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml [2012/04/25 23:14:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml [2012/04/25 23:14:33 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml ========== Chrome ========== CHR - default_search_provider: AVG Secure Search (Enabled) CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={F5E26185-54BF-447F-81B1-CA3B7039575A}&mid=85c0193d7cd9b3d8d52964610ed4c1d8-93cd5f6c99ff30966b8fcfa185b37fd07afaf0b6〈=us&ds=AVG&pr=&d=2012-02-23 10:36:05&v=10.0.0.7&sap=dsp&q={searchTerms} CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\XLR8\AppData\Local\Google\Chrome\Application\18.0.1025.152\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\XLR8\AppData\Local\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\XLR8\AppData\Local\Google\Chrome\Application\18.0.1025.152\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Facebook Plugin (Enabled) = C:\Users\XLR8\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\XLR8\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Google Search = C:\Users\XLR8\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Skype Click to Call = C:\Users\XLR8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\ CHR - Extension: Gmail = C:\Users\XLR8\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2012/04/24 19:36:10 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [bDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender) O4:64bit: - HKLM..\Run: [broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.) O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [bSDAppUpdater] C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe (Bootstrap Software Development) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe () O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [startCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\XLR8\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Download Video on This Page - C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll (Tomato) O8:64bit: - Extra context menu item: Download Video This Links To - C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll (Tomato) O8 - Extra context menu item: Download Video on This Page - C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll (Tomato) O8 - Extra context menu item: Download Video This Links To - C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll (Tomato) O9 - Extra Button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll (Tomato) O9 - Extra 'Tools' menuitem : Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files (x86)\Tomato\YouTube Video Downloader\MDIEEx.dll (Tomato) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab () O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12BE45FF-D7C4-47ED-BA6C-EF3E7037FA4F}: DhcpNameServer = 172.168.1.161 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2CBE3C9-DCCC-4EA3-B6B9-C40CDB4AA8A6}: DhcpNameServer = 192.168.1.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img4.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img4.jpg O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/04/30 00:22:22 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{FA71065B-B097-4DB3-82B0-86C5D524E3D9} [2012/04/30 00:22:12 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{C71A260E-5DFB-40F2-8D4A-F1E0B7C962A7} [2012/04/29 12:21:42 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{2EB36685-EAA1-45C2-8AC9-4EECFA7480E0} [2012/04/29 12:21:31 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{A3A88C0D-2457-403C-9316-AE435BBD1982} [2012/04/29 00:20:57 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{A824C3DC-0DCB-4C8F-820C-F73EE09A0F84} [2012/04/29 00:20:46 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{CF9CAE83-2A08-4E4A-988E-1032CA1158C2} [2012/04/28 12:19:49 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{146632D3-8254-4260-AD99-03E35F3E38DD} [2012/04/28 12:19:33 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{F89BF489-6808-4E50-A465-BA75E9C52B07} [2012/04/28 02:00:20 | 000,000,000 | ---D | C] -- C:\1607f00309258d690cab1db32127fe [2012/04/27 18:31:06 | 000,000,000 | ---D | C] -- C:\_OTL [2012/04/27 18:25:40 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{9B4712AE-8938-4016-8D8A-69FC396A19F8} [2012/04/27 18:24:56 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{041AB36B-172A-48F1-83E7-10468A4C78B1} [2012/04/26 23:52:34 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\XLR8\Desktop\OTL.exe [2012/04/26 18:15:22 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{E0F76C9A-D705-4C09-A615-5D44F718A16C} [2012/04/26 18:15:05 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{CB9957F1-F223-48B9-B54E-AF6769E87BE2} [2012/04/25 23:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012/04/25 23:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/04/25 23:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012/04/25 20:20:55 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{CE2D5800-29E9-48B1-9E7E-F8CE97D4B86D} [2012/04/25 20:20:42 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{2BCAB330-1D0C-4483-BCEE-EC98436607D6} [2012/04/25 14:05:33 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/04/24 19:40:35 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\temp [2012/04/24 18:58:05 | 004,474,448 | R--- | C] (Swearware) -- C:\Users\XLR8\Desktop\ComboFix.exe [2012/04/24 18:25:25 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{78B82910-4276-4BF7-B54B-FBACD1B059E8} [2012/04/24 18:24:29 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{CAE0D4D4-B445-4741-A998-472075663663} [2012/04/23 19:59:10 | 000,000,000 | ---D | C] -- C:\Users\XLR8\Desktop\RK_Quarantine [2012/04/23 18:07:52 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{A9501E60-C0F8-479B-B790-E54B397E0B51} [2012/04/23 18:07:35 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{ED8A066E-838F-45A1-9C32-A84D2D0D1412} [2012/04/22 13:49:05 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{0C27F962-3924-4660-B86B-449BFE6BD37B} [2012/04/22 13:48:55 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{171A3347-E734-4CEA-8441-4DF6E9FDDE28} [2012/04/22 13:10:08 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012/04/22 01:48:27 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{6AE04C79-BF71-402C-9D6F-255EAF43C321} [2012/04/22 01:48:16 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{31C4D78B-CD92-4DB7-92DB-8DC0D1AABDF5} [2012/04/21 23:50:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/04/21 23:50:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/04/21 23:50:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/04/21 23:50:07 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012/04/21 23:49:43 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/04/21 18:46:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2012 [2012/04/21 18:46:47 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Roaming\Bitdefender [2012/04/21 18:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender [2012/04/21 18:42:41 | 000,442,088 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdfsfltr.sys [2012/04/21 18:42:40 | 000,329,800 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys [2012/04/21 18:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging [2012/04/21 17:36:51 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Roaming\QuickScan [2012/04/21 13:47:48 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{A9098E9F-B018-46FE-B911-4DEE784E64C6} [2012/04/21 13:47:36 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{876608F2-18A5-4309-B83F-F148C4588308} [2012/04/20 23:50:15 | 000,000,000 | ---D | C] -- C:\Users\XLR8\Desktop\Documents\lolsy pics [2012/04/20 23:41:43 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{E4ACDA7A-CB67-4E14-AFC9-6B828898A9A5} [2012/04/20 23:41:32 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{E6A037D7-3D68-4C23-A503-87844A0D2B52} [2012/04/20 11:41:00 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{07B16678-BDE3-4F00-BBD0-F22D02DAA4CA} [2012/04/20 11:40:38 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{7F80CD39-2244-465E-8774-C246410E0889} [2012/04/19 14:44:03 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{122A47FD-5DB3-4AC4-9521-346D695F07B2} [2012/04/19 14:43:49 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{A5BDCF36-AD9B-4DDC-9506-0F131ED8471B} [2012/04/19 02:43:11 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{71307137-CF16-4A81-9E95-61395A53BE8E} [2012/04/19 02:42:58 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{F0966A4D-A583-4EB3-985C-3DDE39BCD16B} [2012/04/18 15:17:37 | 000,000,000 | ---D | C] -- C:\Users\XLR8\vocab n questions [2012/04/18 14:42:23 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{063E9E7C-C099-47DA-A779-70F0105ABA79} [2012/04/18 14:42:11 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{F0070B79-FA3A-4454-8504-A17A2C0CC713} [2012/04/18 12:40:58 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center [2012/04/18 12:29:17 | 000,000,000 | ---D | C] -- C:\Users\XLR8\jagexcache1 [2012/04/18 00:43:02 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{E4B30CC0-D11A-4252-85E7-E67EF3802197} [2012/04/17 12:42:22 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{8CC01C42-F8CA-4E65-9EA0-26A0E2527673} [2012/04/17 12:41:30 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{BFE854A0-1F82-4846-A819-E0AC1404A3C0} [2012/04/17 00:34:57 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{91DB3918-A206-4E12-A01C-A2B6363FD15F} [2012/04/17 00:34:45 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{ACA2F2C7-D0DC-4DA5-8278-39670763693D} [2012/04/17 00:32:03 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{9B22DC68-6506-4F1E-B742-A2326836245D} [2012/04/17 00:30:17 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{79A0D392-7BE1-444C-B2F0-FA05F8478CE5} [2012/04/16 13:20:41 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Roaming\Malwarebytes [2012/04/16 13:20:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/04/16 13:20:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/04/16 13:20:34 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/04/16 13:20:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/04/16 12:29:33 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{E0C0A9B5-2EB6-4570-9CB7-18AF3B34C650} [2012/04/16 12:29:18 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{7B54AA2C-D645-4FEF-8F93-F96840C8D8BD} [2012/04/15 16:33:47 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{9C6C72AD-9715-4344-BC0D-6AF3F0F54A3A} [2012/04/15 16:33:35 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{C1BCF9BA-5B91-40E6-89A2-96672F58A148} [2012/04/15 16:32:45 | 000,000,000 | ---D | C] -- C:\Windows\en [2012/04/15 16:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2012/04/15 12:45:15 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{6DF2B946-7FAF-427D-A226-629E1CFB6562} [2012/04/15 12:44:54 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{8E0CF3F8-49C3-4DCD-86B6-0F23C68C2F15} [2012/04/14 13:57:41 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{5CDC5E71-4FB1-463D-BD60-F29306D64C83} [2012/04/14 13:57:12 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{3B0278AF-16C2-4D77-8382-0EDD92171973} [2012/04/14 00:03:45 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{6C3F4F2E-F458-4F10-9904-1335693C1BC9} [2012/04/14 00:02:35 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{64C124C1-7D6C-4670-A582-9A633CB09EF5} [2012/04/13 13:58:09 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{0DF598DA-EA66-4ACE-B255-97C2BE4617D6} [2012/04/13 13:57:49 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{4D20BF6D-B6E7-4826-A4D2-85658BE2D1E0} [2012/04/13 13:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/04/13 12:31:05 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{72814770-D4DC-4E22-9EDE-09337A36A8FA} [2012/04/13 00:30:29 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{A968B1CD-8998-4DED-B704-ADCCDA895D08} [2012/04/12 12:30:04 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{1CF5C446-9AAB-434E-8532-5F3232ED5E9C} [2012/04/11 13:08:54 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{350B7571-7CA2-4D9F-A258-906082DB2B07} [2012/04/11 01:06:25 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{AFB84F7B-D515-4FE4-AB2B-E105914B9133} [2012/04/10 13:05:56 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{70555140-E934-428E-B381-5A2628896CC7} [2012/04/10 01:05:31 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{953DF9F5-0B7D-4859-A43F-B69CD461C21D} [2012/04/09 13:05:20 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{7EB9368C-34D1-4A1F-AA78-C7C1553E6AE4} [2012/04/09 01:02:57 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{E281B1E8-3437-4E08-9FC8-3284D21199CA} [2012/04/08 13:02:33 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{3084543A-C53B-42B1-9E99-F71D9058ED96} [2012/04/08 01:01:34 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{1108E181-43A9-4FBE-B394-28AC88DA2EBD} [2012/04/07 13:01:07 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{F1FC0606-B3F8-4487-BF40-697E1D504325} [2012/04/06 11:13:09 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{CBF30B67-49F8-4053-A1FA-8625ACB565B9} [2012/04/05 11:12:35 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{0EEA8435-E304-4B55-8033-3C2F8E2CE7F8} [2012/04/04 23:12:11 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{E10A0064-A31F-42E8-8DD4-7EDE2789B5C5} [2012/04/04 11:11:59 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{779CBA27-6ED6-4BD2-9110-CF8196358537} [2012/04/03 10:00:14 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{C9E2F281-401C-4915-9128-FE3BA3D0F713} [2012/04/02 23:33:15 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{116F18CB-3EE9-4570-9598-4A2AECC16903} [2012/04/02 15:21:13 | 000,000,000 | ---D | C] -- C:\Users\XLR8\Biology Exams [2012/04/02 11:32:51 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{5509FA4D-DEAE-4A6A-AD3F-6419703856CE} [2012/04/01 11:08:17 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{4BBB8838-EA5F-4945-8639-1070D6AB322D} [2012/03/31 22:49:54 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{3646BAFF-7C20-41D7-80A7-D849E1C5735A} [2012/03/31 10:49:29 | 000,000,000 | ---D | C] -- C:\Users\XLR8\AppData\Local\{43CF4385-EF04-4AC3-AD1C-6768EC40C6D2} [2011/07/21 15:10:32 | 003,715,072 | ---- | C] (Bluelight Developments) -- C:\Program Files\SwiftKit-RS.exe [2010/11/21 08:20:38 | 000,585,728 | ---- | C] (LaVolpe) -- C:\Program Files\LaVolpeAlphaImg.ocx ========== Files - Modified Within 30 Days ========== [2012/04/30 10:44:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/04/30 10:39:28 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\XLR8\Desktop\OTL.exe [2012/04/30 10:35:03 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2493765699-2932754121-1517478223-1000UA.job [2012/04/30 10:21:23 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics [2012/04/30 10:21:20 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/04/30 10:21:01 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/04/30 10:21:00 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/04/30 10:20:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/04/30 10:20:28 | 4291,145,728 | -HS- | M] () -- C:\hiberfil.sys [2012/04/30 01:01:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/04/29 23:35:02 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2493765699-2932754121-1517478223-1000Core.job [2012/04/29 21:32:14 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2012/04/29 18:32:49 | 000,000,496 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for XLR8.job [2012/04/29 12:23:47 | 000,000,032 | ---- | M] () -- C:\Users\XLR8\jagex_cl_runescape_LIVE.dat [2012/04/28 14:55:50 | 000,600,072 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/04/28 14:55:50 | 000,106,546 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/04/28 14:54:06 | 000,775,934 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/04/28 02:03:58 | 000,799,352 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/04/28 00:05:51 | 000,960,025 | ---- | M] () -- C:\Users\XLR8\Desktop\Tlm3P.gif [2012/04/26 18:42:53 | 000,000,106 | ---- | M] () -- C:\Windows\SysNative\checkdnsid.xml [2012/04/26 18:22:31 | 000,000,680 | ---- | M] () -- C:\Users\XLR8\AppData\Local\d3d9caps.dat [2012/04/25 21:04:33 | 000,000,512 | ---- | M] () -- C:\Users\XLR8\Desktop\Documents\MBR.dat [2012/04/25 19:54:18 | 589,916,735 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012/04/24 19:36:10 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/04/24 18:58:34 | 004,474,448 | R--- | M] (Swearware) -- C:\Users\XLR8\Desktop\ComboFix.exe [2012/04/24 18:56:55 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/04/22 01:04:15 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/04/21 18:53:04 | 000,245,113 | ---- | M] () -- C:\ProgramData\1335030144.bdinstall.bin [2012/04/21 18:51:45 | 000,000,270 | -H-- | M] () -- C:\bdr-conf [2012/04/21 18:46:49 | 000,002,005 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2012.lnk [2012/04/21 18:36:29 | 000,022,638 | ---- | M] () -- C:\ProgramData\1335029787.bdinstall.bin [2012/04/21 18:35:54 | 000,104,594 | ---- | M] () -- C:\ProgramData\1335029638.bdinstall.bin [2012/04/21 18:17:50 | 000,178,583 | ---- | M] () -- C:\ProgramData\1335027244.bdinstall.bin [2012/04/21 18:01:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2012/04/21 18:01:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2012/04/21 17:44:11 | 000,022,632 | ---- | M] () -- C:\ProgramData\1335026645.bdinstall.bin [2012/04/21 17:43:39 | 000,217,745 | ---- | M] () -- C:\ProgramData\1335025918.bdinstall.bin [2012/04/21 17:20:32 | 000,000,052 | ---- | M] () -- C:\Windows\SysNative\ashttpstats.csv [2012/04/18 15:17:11 | 000,415,956 | ---- | M] () -- C:\Users\XLR8\vocab n questions.zip [2012/04/18 14:51:59 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2012/04/18 12:29:50 | 000,000,129 | ---- | M] () -- C:\Users\XLR8\jagex_runescape_preferences2.dat [2012/04/18 12:29:18 | 000,000,046 | ---- | M] () -- C:\Users\XLR8\jagex_runescape_preferences.dat [2012/04/18 12:29:17 | 000,000,044 | ---- | M] () -- C:\Users\XLR8\jagex_cl_runescape_LIVE1.dat [2012/04/13 22:39:53 | 000,002,039 | ---- | M] () -- C:\Users\XLR8\Desktop\Google Chrome.lnk [2012/04/13 22:39:53 | 000,002,001 | ---- | M] () -- C:\Users\XLR8\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/04/13 13:15:54 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/04/04 11:16:42 | 000,633,982 | ---- | M] () -- C:\Users\XLR8\kris-gethins-full-diet-plan.pdf [2012/04/02 14:28:41 | 000,131,072 | ---- | M] () -- C:\Users\XLR8\Pokemon Platinum.sav ========== Files Created - No Company Name ========== [2012/04/28 00:05:48 | 000,960,025 | ---- | C] () -- C:\Users\XLR8\Desktop\Tlm3P.gif [2012/04/26 18:42:53 | 000,000,106 | ---- | C] () -- C:\Windows\SysNative\checkdnsid.xml [2012/04/25 21:04:33 | 000,000,512 | ---- | C] () -- C:\Users\XLR8\Desktop\Documents\MBR.dat [2012/04/25 19:54:18 | 589,916,735 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012/04/24 18:55:54 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012/04/24 18:55:54 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/04/22 01:37:57 | 016,777,216 | ---- | C] () -- C:\Users\XLR8\Pokemon Platinum_20120227_172845.bak [2012/04/22 01:37:57 | 016,777,216 | ---- | C] () -- C:\Users\XLR8\Pokemon Platinum.gba [2012/04/22 01:37:57 | 000,131,072 | ---- | C] () -- C:\Users\XLR8\Pokemon Platinum.sav [2012/04/22 01:37:56 | 016,777,216 | ---- | C] () -- C:\Users\XLR8\Pokemon Platinum.bak [2012/04/21 23:50:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/04/21 23:50:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/04/21 23:50:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/04/21 23:50:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/04/21 23:50:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/04/21 18:53:04 | 000,245,113 | ---- | C] () -- C:\ProgramData\1335030144.bdinstall.bin [2012/04/21 18:51:45 | 036,942,680 | -H-- | C] () -- C:\bdrescue.gz [2012/04/21 18:51:45 | 002,510,608 | -H-- | C] () -- C:\bdrescue.vm [2012/04/21 18:51:45 | 000,217,769 | -H-- | C] () -- C:\bdrescue [2012/04/21 18:51:45 | 000,009,216 | -H-- | C] () -- C:\bdrescue.mbr [2012/04/21 18:51:45 | 000,000,270 | -H-- | C] () -- C:\bdr-conf [2012/04/21 18:46:49 | 000,002,005 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2012.lnk [2012/04/21 18:36:29 | 000,022,638 | ---- | C] () -- C:\ProgramData\1335029787.bdinstall.bin [2012/04/21 18:35:54 | 000,104,594 | ---- | C] () -- C:\ProgramData\1335029638.bdinstall.bin [2012/04/21 18:17:50 | 000,178,583 | ---- | C] () -- C:\ProgramData\1335027244.bdinstall.bin [2012/04/21 18:01:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2012/04/21 18:01:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2012/04/21 18:00:33 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf [2012/04/21 17:44:11 | 000,022,632 | ---- | C] () -- C:\ProgramData\1335026645.bdinstall.bin [2012/04/21 17:43:39 | 000,217,745 | ---- | C] () -- C:\ProgramData\1335025918.bdinstall.bin [2012/04/21 13:55:31 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/04/18 15:17:10 | 000,415,956 | ---- | C] () -- C:\Users\XLR8\vocab n questions.zip [2012/04/18 12:41:29 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2012/04/18 12:41:26 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2012/04/18 12:29:17 | 000,000,044 | ---- | C] () -- C:\Users\XLR8\jagex_cl_runescape_LIVE1.dat [2012/04/16 13:20:36 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/04/04 11:16:42 | 000,633,982 | ---- | C] () -- C:\Users\XLR8\kris-gethins-full-diet-plan.pdf [2012/03/25 20:36:59 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\gswin32c.exe [2012/02/04 18:51:12 | 000,187,904 | ---- | C] () -- C:\Windows\SysWow64\imsispd.exe [2012/02/04 18:51:12 | 000,070,656 | ---- | C] () -- C:\Windows\SysWow64\imsfchk.dll [2011/08/16 20:46:53 | 000,195,072 | ---- | C] () -- C:\Windows\SysWow64\imsispd64.exe [2011/08/16 20:14:21 | 000,087,552 | ---- | C] () -- C:\Windows\SysWow64\imsispd.dll [2011/08/05 20:32:36 | 000,034,304 | ---- | C] () -- C:\Windows\SysWow64\imslevel.dll [2011/08/05 20:22:00 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\imsaiff.dll [2011/08/05 20:21:39 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\DGRip.dll [2011/07/21 15:10:36 | 000,130,850 | ---- | C] () -- C:\Program Files\Help.chm [2011/07/21 14:48:57 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011/05/28 21:07:38 | 000,013,931 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat [2010/06/26 22:01:09 | 000,000,882 | ---- | C] () -- C:\Users\XLR8\AppData\Roaming\wklnhst.dat ========== LOP Check ========== [2012/02/04 18:35:10 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Audacity [2012/04/21 18:46:47 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Bitdefender [2012/02/14 22:40:31 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\BSD [2010/12/27 17:35:16 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012/02/14 22:22:51 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\DiskAid [2011/03/27 19:58:46 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\eBookPro6 [2010/03/29 00:14:36 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Facebook [2011/02/10 14:26:26 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\FreeAudioPack [2010/03/17 09:34:10 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Merscom [2010/01/23 23:26:56 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\MessengerDiscovery 2 [2011/02/10 14:28:51 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\NCH Swift Sound [2012/02/27 00:57:41 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Notepad++ [2011/07/23 13:04:34 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\PCDr [2012/04/21 17:36:51 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\QuickScan [2010/03/02 16:02:38 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Screaming Bee [2012/03/21 17:31:51 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Synthesia [2010/06/26 22:01:18 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Template [2009/12/06 00:36:12 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Thinstall [2012/01/14 00:52:00 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Tomato [2009/12/05 21:30:29 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Uniblue [2011/02/27 14:06:29 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Windows Live Writer [2011/02/24 14:31:42 | 000,000,000 | ---D | M] -- C:\Users\XLR8\AppData\Roaming\Xilisoft [2012/04/18 14:51:59 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [2012/04/29 02:14:15 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/04/29 21:32:14 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job ========== Purity Check ========== ========== Files - Unicode (All) ========== [2011/02/24 21:30:00 | 006,060,649 | ---- | M] ()(C:\Users\XLR8\DYNASTY WARRIORS 7 BGM - Wu Battle ?·???.mp3) -- C:\Users\XLR8\DYNASTY WARRIORS 7 BGM - Wu Battle 吳・戦闘曲.mp3 ========== Alternate Data Streams ========== @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:91CF76E3 < End of report >
  8. Thanks, I tried that but it still freezes - and it looks like the message has returned. Honestly, this laptop hasn't been as good as it was when I first got it, and I was thinking of getting a new soon one anyways, so if the problem persists I'll get a new one. Is there anything else I can do? Because it seems you've given me almost every single tool out there!
  9. None have appeared so far! Although it does when I visit a certain site - which has never been reported as malicious in the past. In other news, the computer froze again and I had to restart it manually. Would you recommend going back to the restore point? Thanks.
  10. Ah okay. It's okay now anyways - I managed to manually install it and it's back on track. Thanks.
  11. After running that it appears Adobe Flash Player has somehow been removed - and it fails to update each time.
  12. All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1BF6143E-9DAF-419D-8F1D-17E4EBA4643D}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BF6143E-9DAF-419D-8F1D-17E4EBA4643D}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F92C50C-1C17-4331-B71D-8E7B3A4DB606}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F92C50C-1C17-4331-B71D-8E7B3A4DB606}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{73945261-8DAA-437C-A4F4-802EF9099121}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73945261-8DAA-437C-A4F4-802EF9099121}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. File move failed. C:\Users\XLR8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk scheduled to be moved on reboot. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Public User: XLR8 ->Java cache emptied: 0 bytes Total Java Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes User: XLR8 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 4589329 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 22824 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 458305493 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 326 bytes RecycleBin emptied: 595968 bytes Total Files Cleaned = 442.00 mb OTL by OldTimer - Version 3.2.42.1 log created on 04272012_183619 Files\Folders moved on Reboot... File\Folder C:\Users\XLR8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk not found! Registry entries deleted on Reboot...
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.