Inactive Random CPU usage spikes, horrible FPS lag in-game

Status
Not open for further replies.
Oh most definitely muchhhhh better. The "laggy" feel is gone and its feels like its running a lot smoother. I'm pretty sure the random cpu spikes are also gone.. Obviously thanks to your very helpful step-by-step process!

MBAM log(finally a good one!):

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4497

Windows 6.0.6000
Internet Explorer 7.0.6000.16982

28/08/2010 9:12:00 PM
mbam-log-2010-08-28 (21-12-00).txt

Scan type: Quick scan
Objects scanned: 152148
Time elapsed: 6 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 

OTL log:

OTL logfile created on: 28/08/2010 9:17:01 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Felix\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 174.77 Gb Free Space | 37.52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FELIX-PC
Current User Name: Felix
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/28 21:12:39 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Felix\Desktop\OTL.exe
PRC - [2010/07/26 20:00:06 | 000,247,808 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe
PRC - [2010/07/26 18:41:12 | 000,107,568 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpntray.exe
PRC - [2010/06/22 22:48:08 | 000,322,608 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe
PRC - [2010/06/22 22:48:00 | 000,348,208 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2010/04/01 13:33:20 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2010/03/02 11:28:32 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:10 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/02/09 17:14:53 | 002,937,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010/01/12 21:49:36 | 000,689,392 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe
PRC - [2009/12/03 20:28:05 | 000,737,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2009/11/29 15:42:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/12 13:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\stacsv.exe
PRC - [2006/11/02 05:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe


========== Modules (SafeList) ==========

MOD - [2010/08/28 21:12:39 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Felix\Desktop\OTL.exe
MOD - [2006/11/02 05:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/07/26 20:00:06 | 000,247,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - [2010/07/26 18:41:20 | 000,057,640 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2010/06/22 22:48:08 | 000,322,608 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2010/06/22 22:48:00 | 000,348,208 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2010/04/01 13:33:20 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/08 13:33:00 | 003,290,184 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/02/24 10:28:10 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/12 21:49:36 | 000,689,392 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe -- (ServicepointService)
SRV - [2009/11/29 16:10:41 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/07/16 18:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/03/12 13:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\Felix\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/06/22 22:48:00 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2010/06/16 16:33:40 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2010/03/01 10:05:26 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:02 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/02/07 22:34:29 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/01/19 11:06:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/01/19 11:06:38 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/01/12 00:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/11/08 23:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/06/17 12:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 12:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 12:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 12:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 12:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2009/06/17 12:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009/05/11 10:12:50 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/12 13:53:46 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/02/11 20:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/01/14 06:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/08/28 05:05:12 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2006/11/02 05:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 05:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 05:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 05:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 05:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 05:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 05:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 05:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 05:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 05:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 05:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 05:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 05:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 05:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 05:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 04:55:04 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 03:41:50 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (VST_DPV)
DRV - [2006/11/02 03:41:48 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2002/10/01 16:43:32 | 000,119,798 | ---- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SPCA561.SYS -- (CA561)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14196&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/31 19:28:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/27 17:47:13 | 000,000,000 | ---D | M]

[2009/11/29 19:52:28 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Mozilla\Extensions
[2010/08/28 07:36:40 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\extensions
[2009/12/01 09:01:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/10 12:02:51 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\extensions\firefox@tvunetworks.com
[2010/01/30 02:36:47 | 000,002,425 | ---- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\searchplugins\askcom.xml
[2010/04/12 01:37:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/09 17:14:51 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2010/08/28 20:30:31 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Shareware.Pro-EN Toolbar) - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Shareware.Pro-EN Toolbar) - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Shareware.Pro-EN Toolbar) - {DA21BD13-CA22-42E3-A071-98F08F1CA1E7} - C:\Program Files\Peer2Peer-EN\tbPee1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BISA.exe] C:\Program Files\Bell\Internet Service Advisor\BISA.exe (Bell)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Felix\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Felix\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - MSH263.DRV File not found
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/08/28 21:12:38 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Felix\Desktop\OTL.exe
[2010/08/28 20:36:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/08/28 20:36:44 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/08/28 20:36:44 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\temp
[2010/08/28 20:21:10 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/08/28 20:20:48 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/08/25 17:14:46 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\LolClient
[2010/08/25 16:56:01 | 000,000,000 | ---D | C] -- C:\Riot Games
[2010/08/24 11:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Hotspot Shield
[2010/08/22 17:42:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/22 17:42:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/08/22 17:42:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/08/22 17:42:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/08/22 17:42:02 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/22 17:36:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/22 12:15:16 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Avira
[2010/08/21 15:19:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/08/21 15:19:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/08/21 14:56:56 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/08/21 14:56:52 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/08/21 14:56:52 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/08/21 14:56:52 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/08/21 14:56:51 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/08/21 14:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/08/21 14:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/08/13 18:26:18 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\StarCraft II
[2010/08/13 18:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010/08/13 18:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2010/08/07 01:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2010/08/04 16:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/08/04 16:57:47 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\Simply Super Software
[2010/08/04 16:57:26 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/08/04 16:57:26 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Simply Super Software
[2010/08/04 16:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/08/02 19:04:33 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Malwarebytes
[2010/08/02 18:57:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/02 18:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/07/30 18:14:30 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\2K Sports
[2010/07/30 17:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\2K Sports
[2010/07/30 14:31:37 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\KONAMI
[2010/07/30 14:20:34 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI
[2010/07/30 14:20:34 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI
[2010/07/29 17:37:55 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Softplicity
[2010/07/29 17:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\TotalAudioConverter
[2010/07/29 00:42:50 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\My pics
[2010/07/27 18:32:41 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\ManyCam
[2010/07/26 15:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\MediaInfo
[2010/07/19 16:17:51 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Ubisoft
[2010/07/19 16:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010/07/19 15:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010/07/19 15:46:24 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\Gamessss
[2010/07/19 15:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter
[2010/07/19 15:27:10 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\Movies
[2010/07/17 20:12:49 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\WinRAR
[2010/07/17 14:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2010/07/12 13:54:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\_tmp
[2010/07/02 15:02:48 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2010/06/22 22:48:00 | 000,037,376 | ---- | C] (AnchorFree Inc.) -- C:\Windows\System32\drivers\HssDrv.sys
[2010/06/17 17:58:45 | 000,000,000 | ---D | C] -- C:\Windows\.jagex_cache_32
[2010/06/16 16:33:40 | 000,032,768 | ---- | C] (AnchorFree Inc) -- C:\Windows\System32\drivers\taphss.sys
[2010/06/09 16:09:54 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\D2LOD-1.12A-enUS
[2010/06/09 11:37:42 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\D2-1.12A-enUS
[2010/06/09 11:37:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010/06/07 12:45:41 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\Blizzard Entertainment
[2010/06/07 12:42:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2010/06/04 11:19:27 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\HLSW
 
========== Files - Modified Within 90 Days ==========

[2010/08/28 21:17:16 | 004,980,736 | -HS- | M] () -- C:\Users\Felix\ntuser.dat
[2010/08/28 21:12:39 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Felix\Desktop\OTL.exe
[2010/08/28 21:07:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1746604758-1044917362-344122428-1000UA.job
[2010/08/28 21:05:22 | 000,005,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/28 21:05:22 | 000,005,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/28 20:30:40 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/08/28 20:30:31 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/28 19:59:24 | 000,000,474 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Felix.job
[2010/08/28 19:13:14 | 003,830,469 | R--- | M] () -- C:\Users\Felix\Desktop\ComboFix.exe
[2010/08/28 16:11:50 | 000,034,895 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/28 16:11:45 | 000,034,895 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/28 08:07:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1746604758-1044917362-344122428-1000Core.job
[2010/08/28 00:25:45 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/08/28 00:13:20 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1AAA177D-1F84-4B11-9163-6DDC448CB382}.job
[2010/08/25 17:01:00 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2010/08/24 11:50:48 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2010/08/24 11:50:01 | 000,720,952 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/24 11:50:01 | 000,625,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/24 11:50:01 | 000,108,966 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/24 11:44:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/24 11:44:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/24 11:44:50 | 2144,350,208 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/24 11:42:38 | 005,540,368 | ---- | M] () -- C:\Users\Felix\Desktop\HSS-1.49-install-anchorfree-243-ask3.exe
[2010/08/22 18:04:22 | 002,666,522 | -H-- | M] () -- C:\Users\Felix\AppData\Local\IconCache.db
[2010/08/22 17:41:22 | 157,829,830 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/21 23:01:24 | 000,001,394 | ---- | M] () -- C:\Users\Felix\Desktop\DivX Movies (2).lnk
[2010/08/21 23:01:24 | 000,000,890 | ---- | M] () -- C:\Users\Felix\Desktop\StarCraft II.lnk
[2010/08/21 23:01:24 | 000,000,837 | ---- | M] () -- C:\Users\Felix\Desktop\AudioConverter (2).lnk
[2010/08/21 23:01:24 | 000,000,457 | ---- | M] () -- C:\Users\Felix\Desktop\todo equipo 3 - Shortcut.lnk
[2010/08/21 18:02:56 | 000,012,055 | ---- | M] () -- C:\Users\Felix\Documents\Coverletter.docx
[2010/08/21 15:19:31 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/21 14:57:16 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/08/21 06:07:49 | 000,002,042 | ---- | M] () -- C:\Users\Felix\Desktop\Google Chrome.lnk
[2010/08/15 10:23:36 | 000,007,680 | ---- | M] () -- C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/13 18:54:52 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010/08/07 14:21:39 | 000,103,139 | ---- | M] () -- C:\Users\Felix\theboys.jpg
[2010/08/07 01:55:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01005.Wdf
[2010/08/04 16:57:30 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010/08/02 19:57:53 | 000,000,050 | ---- | M] () -- C:\Windows\wininit.ini
[2010/08/01 14:58:03 | 000,000,680 | ---- | M] () -- C:\Users\Felix\AppData\Local\d3d9caps.dat
[2010/07/30 18:12:55 | 000,000,951 | ---- | M] () -- C:\Users\Felix\Desktop\MLB 2K10.lnk
[2010/07/30 14:41:55 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\PESEdit.com 2010 Patch.lnk
[2010/07/29 17:37:46 | 000,000,837 | ---- | M] () -- C:\Users\Felix\Desktop\AudioConverter.lnk
[2010/07/27 18:32:48 | 000,117,552 | ---- | M] () -- C:\Users\Felix\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/27 00:07:33 | 000,025,367 | ---- | M] () -- C:\Users\Felix\Documents\Chapter 8,9,10,11.docx
[2010/07/26 15:06:43 | 000,001,394 | ---- | M] () -- C:\Users\Felix\Desktop\DivX Movies.lnk
[2010/07/26 15:06:14 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/07/26 15:06:05 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/07/21 08:29:18 | 001,048,576 | -HS- | M] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.2.regtrans-ms
[2010/07/21 08:29:18 | 001,048,576 | -HS- | M] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.1.regtrans-ms
[2010/07/21 08:29:17 | 001,048,576 | -HS- | M] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.0.regtrans-ms
[2010/07/21 08:29:17 | 000,065,536 | -HS- | M] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.blf
[2010/07/21 08:02:21 | 000,012,092 | ---- | M] () -- C:\Users\Felix\Documents\Bibliography.docx
[2010/07/20 19:03:59 | 000,001,059 | ---- | M] () -- C:\Users\Felix\Desktop\AssassinsCreed II.lnk
[2010/07/20 16:37:56 | 000,016,164 | ---- | M] () -- C:\Users\Felix\Documents\Gay marriage.docx
[2010/07/17 14:47:50 | 000,000,830 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010/07/17 12:42:07 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/07/16 07:46:57 | 000,024,621 | ---- | M] () -- C:\Users\Felix\Documents\Chapter 6 and 7.docx
[2010/07/15 23:22:41 | 000,011,961 | ---- | M] () -- C:\Users\Felix\Documents\Killing Ground.docx
[2010/07/15 22:32:34 | 000,012,370 | ---- | M] () -- C:\Users\Felix\Documents\Cinderella Man.docx
[2010/07/12 23:09:46 | 000,014,826 | ---- | M] () -- C:\Users\Felix\Documents\Chapter 3.docx
[2010/07/11 01:59:59 | 000,014,229 | ---- | M] () -- C:\Users\Felix\Documents\Belen Echegaray resume.docx
[2010/06/28 10:25:06 | 000,000,804 | ---- | M] () -- C:\Users\Felix\Desktop\Steam.lnk
[2010/06/27 23:15:33 | 000,000,256 | ---- | M] () -- C:\Windows\System32\pool.bin
[2010/06/27 23:14:27 | 001,099,180 | ---- | M] () -- C:\Users\Felix\Desktop\todo equipo 3.jpg
[2010/06/27 23:13:32 | 000,941,463 | ---- | M] () -- C:\Users\Felix\Desktop\todo equipo 2.jpg
[2010/06/27 21:29:12 | 001,764,681 | ---- | M] () -- C:\Users\Felix\Desktop\todo equipo.jpg
[2010/06/22 22:48:00 | 000,037,376 | ---- | M] (AnchorFree Inc.) -- C:\Windows\System32\drivers\HssDrv.sys
[2010/06/16 16:33:40 | 000,032,768 | ---- | M] (AnchorFree Inc) -- C:\Windows\System32\drivers\taphss.sys
[2010/06/16 01:59:29 | 000,853,499 | ---- | M] () -- C:\Users\Felix\Documents\english thinnggggg pics.docx
[2010/06/16 01:59:15 | 000,011,606 | ---- | M] () -- C:\Users\Felix\Documents\Depression.docx
[2010/06/16 01:34:01 | 000,015,376 | ---- | M] () -- C:\Users\Felix\Documents\Role Scoring.docx
[2010/06/15 21:42:10 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\Desktop Manager.lnk
[2010/06/14 13:13:15 | 000,036,864 | ---- | M] () -- C:\Users\Felix\Documents\FelixAlbertoResume..doc
[2010/06/09 10:20:10 | 000,241,778 | ---- | M] () -- C:\Users\Felix\Documents\law cpt.docx
[2010/06/04 12:04:36 | 000,000,782 | ---- | M] () -- C:\Users\Felix\Application Data\Microsoft\Internet Explorer\Quick Launch\Ventrilo.lnk
[2010/06/04 00:52:00 | 004,975,311 | ---- | M] () -- C:\Users\Felix\Desktop\Por Amor (dirty).mp3
[2010/06/03 22:34:01 | 000,011,570 | ---- | M] () -- C:\Users\Felix\Documents\Letter to craig.docx
[2010/06/03 21:47:49 | 000,017,114 | ---- | M] () -- C:\Users\Felix\Documents\Religion CPT part 2.docx
[2010/05/31 21:38:10 | 000,000,932 | ---- | M] () -- C:\Users\Felix\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (4).lnk

========== Files Created - No Company Name ==========

[2010/08/28 19:13:05 | 003,830,469 | R--- | C] () -- C:\Users\Felix\Desktop\ComboFix.exe
[2010/08/25 17:01:00 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2010/08/24 11:50:48 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2010/08/24 11:42:24 | 005,540,368 | ---- | C] () -- C:\Users\Felix\Desktop\HSS-1.49-install-anchorfree-243-ask3.exe
[2010/08/22 17:42:18 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/08/22 17:42:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/08/22 17:42:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/08/22 17:42:18 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/08/22 17:42:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/21 23:01:24 | 000,001,394 | ---- | C] () -- C:\Users\Felix\Desktop\DivX Movies (2).lnk
[2010/08/21 23:01:24 | 000,000,890 | ---- | C] () -- C:\Users\Felix\Desktop\StarCraft II.lnk
[2010/08/21 23:01:24 | 000,000,837 | ---- | C] () -- C:\Users\Felix\Desktop\AudioConverter (2).lnk
[2010/08/21 23:01:24 | 000,000,457 | ---- | C] () -- C:\Users\Felix\Desktop\todo equipo 3 - Shortcut.lnk
[2010/08/21 18:02:55 | 000,012,055 | ---- | C] () -- C:\Users\Felix\Documents\Coverletter.docx
[2010/08/21 16:03:51 | 2144,350,208 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/21 15:19:31 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/21 14:57:16 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/08/13 18:26:18 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010/08/07 14:21:38 | 000,103,139 | ---- | C] () -- C:\Users\Felix\theboys.jpg
[2010/08/07 01:55:05 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01005.Wdf
[2010/08/04 16:57:30 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010/08/04 16:57:27 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/08/04 16:57:27 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010/08/04 16:57:27 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/08/04 16:57:27 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/08/02 18:39:36 | 000,000,050 | ---- | C] () -- C:\Windows\wininit.ini
[2010/08/01 15:04:40 | 000,034,895 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/08/01 15:04:40 | 000,034,895 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/08/01 14:57:25 | 000,000,680 | ---- | C] () -- C:\Users\Felix\AppData\Local\d3d9caps.dat
[2010/07/30 18:12:55 | 000,000,951 | ---- | C] () -- C:\Users\Felix\Desktop\MLB 2K10.lnk
[2010/07/30 14:41:55 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\PESEdit.com 2010 Patch.lnk
[2010/07/29 17:37:46 | 000,000,837 | ---- | C] () -- C:\Users\Felix\Desktop\AudioConverter.lnk
[2010/07/28 20:41:30 | 000,007,680 | ---- | C] () -- C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/26 15:17:02 | 000,497,664 | ---- | C] () -- C:\Windows\System32\ac3filter.acm
[2010/07/24 16:47:44 | 000,025,367 | ---- | C] () -- C:\Users\Felix\Documents\Chapter 8,9,10,11.docx
[2010/07/21 08:29:18 | 001,048,576 | -HS- | C] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.2.regtrans-ms
[2010/07/21 08:29:18 | 001,048,576 | -HS- | C] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.1.regtrans-ms
[2010/07/21 08:29:17 | 001,048,576 | -HS- | C] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.0.regtrans-ms
[2010/07/21 08:29:17 | 000,065,536 | -HS- | C] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.blf
[2010/07/21 08:02:20 | 000,012,092 | ---- | C] () -- C:\Users\Felix\Documents\Bibliography.docx
[2010/07/20 19:03:59 | 000,001,059 | ---- | C] () -- C:\Users\Felix\Desktop\AssassinsCreed II.lnk
[2010/07/17 14:47:50 | 000,000,830 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010/07/16 21:57:19 | 004,975,311 | ---- | C] () -- C:\Users\Felix\Desktop\Por Amor (dirty).mp3
[2010/07/16 07:49:31 | 000,016,164 | ---- | C] () -- C:\Users\Felix\Documents\Gay marriage.docx
[2010/07/16 07:46:57 | 000,024,621 | ---- | C] () -- C:\Users\Felix\Documents\Chapter 6 and 7.docx
[2010/07/15 23:22:40 | 000,011,961 | ---- | C] () -- C:\Users\Felix\Documents\Killing Ground.docx
[2010/07/15 22:32:33 | 000,012,370 | ---- | C] () -- C:\Users\Felix\Documents\Cinderella Man.docx
[2010/07/12 23:09:45 | 000,014,826 | ---- | C] () -- C:\Users\Felix\Documents\Chapter 3.docx
[2010/07/11 01:53:58 | 000,014,229 | ---- | C] () -- C:\Users\Felix\Documents\Belen Echegaray resume.docx
[2010/06/28 10:25:06 | 000,000,804 | ---- | C] () -- C:\Users\Felix\Desktop\Steam.lnk
[2010/06/27 23:14:26 | 001,099,180 | ---- | C] () -- C:\Users\Felix\Desktop\todo equipo 3.jpg
[2010/06/27 23:13:31 | 000,941,463 | ---- | C] () -- C:\Users\Felix\Desktop\todo equipo 2.jpg
[2010/06/27 21:29:11 | 001,764,681 | ---- | C] () -- C:\Users\Felix\Desktop\todo equipo.jpg
[2010/06/16 01:59:15 | 000,011,606 | ---- | C] () -- C:\Users\Felix\Documents\Depression.docx
[2010/06/16 01:52:24 | 000,853,499 | ---- | C] () -- C:\Users\Felix\Documents\english thinnggggg pics.docx
[2010/06/16 01:33:59 | 000,015,376 | ---- | C] () -- C:\Users\Felix\Documents\Role Scoring.docx
[2010/06/15 21:42:10 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\Desktop Manager.lnk
[2010/06/08 17:09:24 | 000,241,778 | ---- | C] () -- C:\Users\Felix\Documents\law cpt.docx
[2010/06/03 22:34:00 | 000,011,570 | ---- | C] () -- C:\Users\Felix\Documents\Letter to craig.docx
[2010/06/03 21:36:07 | 000,017,114 | ---- | C] () -- C:\Users\Felix\Documents\Religion CPT part 2.docx
[2010/05/31 21:38:10 | 000,000,932 | ---- | C] () -- C:\Users\Felix\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (4).lnk
[2010/04/17 13:01:04 | 000,000,969 | ---- | C] () -- C:\Users\Felix\AppData\Roaming\BBMS_EXCEPTION.txt
[2009/11/30 22:24:11 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/11/30 18:48:27 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/11/29 18:29:10 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/02/11 20:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/07/30 18:14:30 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\2K Sports
[2010/08/11 14:17:07 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Azureus
[2010/07/27 18:27:26 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Bell
[2010/02/12 23:20:40 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\DAEMON Tools Lite
[2010/08/28 19:48:46 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\foobar2000
[2010/08/22 15:37:39 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\FrostWire
[2010/07/20 17:57:41 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\HLSW
[2010/02/25 13:05:51 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Leadertech
[2010/08/25 17:14:46 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\LolClient
[2010/02/15 01:32:58 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010/07/27 18:32:41 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\ManyCam
[2010/04/17 12:57:21 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Research In Motion
[2010/08/04 16:57:26 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Simply Super Software
[2010/07/29 17:37:55 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Softplicity
[2010/05/28 15:17:30 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\SystemRequirementsLab
[2010/07/19 16:17:51 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Ubisoft
[2010/08/22 18:13:56 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/28 00:13:20 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1AAA177D-1F84-4B11-9163-6DDC448CB382}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/06/09 17:12:11 | 000,000,000 | ---- | M] () -- C:\BnetLog.txt
[2006/11/02 05:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2009/11/28 22:20:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/08/28 20:36:42 | 000,033,999 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/03/10 21:20:52 | 000,799,352 | ---- | M] () -- C:\D2XP_IX86_112a_113c.mpq
[2010/08/24 11:44:50 | 2144,350,208 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/30 18:00:06 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/12/30 18:00:06 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/08/24 11:44:48 | 2458,341,376 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >
 
< %systemroot%\Fonts\*.com >
[2006/11/02 08:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 08:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >


< %systemroot%\system32\*.dll /lockedfiles >
[2006/11/02 05:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/11/30 04:24:58 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 06:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009/11/29 15:04:10 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2006/11/02 05:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2006/11/02 05:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Felix\Documents\FelixAlbertoResume..doc:Roxio EMC Stream
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >


Extras log:

OTL Extras logfile created on: 28/08/2010 9:17:01 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Felix\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 174.77 Gb Free Space | 37.52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FELIX-PC
Current User Name: Felix
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome File not found
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 File not found
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome File not found
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 File not found
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1746604758-1044917362-344122428-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4669E9C5-AD75-46DB-AAF5-4E990486FD5F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{68F5D613-4DF4-442A-973C-9C91A9CC2AFB}" = lport=8375 | protocol=17 | dir=in | name=league of legends launcher |
"{9ABBB351-4F89-4231-BAC8-9D94D5AC3DFC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{AD6E82B0-7FC1-44D7-A9E0-93AD482E8ECE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C769CE51-FCFB-4BE8-99E0-4FDA0F33C5D3}" = lport=8375 | protocol=6 | dir=in | name=league of legends launcher |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F0B99B5-057D-4C98-8A4B-47EB954D62A9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{10B7A7A7-9AC2-4E07-9DF0-A6264F7185BA}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{120DEE6D-9107-4835-852E-967640276C81}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{137123F0-37DF-43F8-881B-5BB19310067F}" = protocol=17 | dir=in | app=c:\users\felix\desktop\zsnesw\crack\pes2010.exe |
"{1423D5AD-7B01-4F2D-8C89-51A3B7751F70}" = protocol=17 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{150FAA0C-2C71-431C-93E1-6CD77D8DCD59}" = protocol=17 | dir=in | app=c:\gpotato.com\allods online\bin\launcher.exe |
"{16F519F8-3735-4321-8610-E8D8BA7988BF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\day of defeat source\hl2.exe |
"{2800C5D4-B600-49D6-9158-3344A34C86D7}" = protocol=6 | dir=in | app=c:\gpotato.com\allods online\bin\aogame.exe |
"{296DD1E6-3068-4451-9443-EF40706CE1CB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2B8C9CF7-DE12-4DD2-9E50-D632C69DD87F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{40CD944E-0AF7-4814-9796-6F7DDD97C8D8}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{41DB3967-FFBC-42FC-A00C-9496D3AB1B22}" = protocol=17 | dir=in | app=c:\program files\bell\internet service advisor\servicepointservice.exe |
"{48DE015D-503A-4955-B94E-EE0C94CCA1E1}" = protocol=17 | dir=in | app=c:\users\felix\desktop\pes2010.exe |
"{4A53C985-0418-421C-9D6C-ADC62F6EC389}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{507AF79D-5C18-4CC3-AE8D-061235C68519}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{55593FDD-15EB-4AD3-A2FF-83A54757227E}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{587581A0-F45C-4701-AB47-9EAE57AAD4F8}" = protocol=6 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{5D994136-EDAC-4640-BFEF-ABDAF56F1C41}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6025797F-0A0C-4987-812B-23219067B926}" = protocol=6 | dir=in | app=c:\gpotato.com\allods online\bin\launcher.exe |
"{6E0869B2-AED9-46A6-969C-71076E5267D0}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{72E850B3-49DE-49E3-9522-6D2AFEF99A27}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{7A6A9571-54C8-4B61-9CFB-4FBCAFE07909}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{7E1AC1B2-311B-48DB-88F1-8E9748E8E7F5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\counter-strike\hl.exe |
"{83D0EC07-B785-43CD-9DBB-C56E1C80ACB1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{8686168B-1146-42A7-867E-36C788522124}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{87859A44-6E15-4C0A-89E8-27E0A6A54496}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{8D3EAADF-9832-40F1-973A-1D592F562441}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8DA4C7F7-78B5-4A1E-8A13-FF5B3FE28897}" = protocol=6 | dir=in | app=c:\program files\bell\internet service advisor\servicepointservice.exe |
"{9F89AB77-EFF0-4283-91DA-5BF52D55E1C3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\day of defeat source\hl2.exe |
"{A244CDAD-5506-438C-9AE2-52A18DFB8DD8}" = protocol=6 | dir=in | app=c:\users\felix\desktop\zsnesw\crack\pes2010.exe |
"{A9D8901C-2229-495F-8B80-E0B4C5F9C98C}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{ABE19D81-0F42-4F71-AE2C-91474F61157E}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{AC37425D-FDF1-4216-8D8C-A5507F02BB53}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C0DFA2BE-09B6-4E5A-8E43-F6DC94B3B1D7}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{C82C80BB-32CB-4BD7-9D09-8A5EEC70AD93}" = protocol=17 | dir=in | app=c:\users\felix\kitserver2010\pes2010.exe |
"{D20E433A-0445-437B-99B4-3B7B720B897B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\counter-strike\hl.exe |
"{D4D99F58-951F-43DC-8B6C-FF391D269C7D}" = protocol=6 | dir=in | app=c:\users\felix\desktop\pes2010.exe |
"{DB135F3E-BECC-4BB4-B295-DD04A3941C39}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\virtua tennis 2009\config.exe |
"{E441F1D7-819B-4B99-9A34-1DFA1012D1A3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EB6DCAE7-932F-47FA-BDF2-E4FE9C882973}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{EBF7D565-BEE6-4D45-8158-E4B3F7909A84}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\counter-strike source\hl2.exe |
"{F0A172BB-4A99-44F6-B85D-34ECB26596F5}" = protocol=17 | dir=in | app=c:\gpotato.com\allods online\bin\aogame.exe |
"{F1242F82-BB06-4301-9447-2570BA7FC92D}" = protocol=6 | dir=in | app=c:\users\felix\kitserver2010\pes2010.exe |
"{F1D07D06-4811-4944-AD08-3632BC0F717C}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{F26D769C-B3EF-4E04-B386-EC60C68EC295}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F8D1A4DB-FE90-498E-A0AC-A4973FFF9EAD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\virtua tennis 2009\virtua tennis 2009.exe |
"{FA8FF8B7-5A52-4C1E-A2B2-913F52531998}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\counter-strike source\hl2.exe |
"{FD4D90A7-2F4E-4A1C-B500-7DEE02955170}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\virtua tennis 2009\virtua tennis 2009.exe |
"{FD6693A1-C57D-42CD-859F-84C73CE3BE12}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\virtua tennis 2009\config.exe |
"{FEC78854-3C65-4E6E-9013-D3D421C928C8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{09337C7C-B347-4388-9971-75ECE0406C36}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{128EBA46-A061-4D3F-8855-8F29DA1B5E2E}C:\users\felix\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\felix\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{2E195B73-6775-4BE5-8A6A-DD96A72F803A}C:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\smashball\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\smashball\hl2.exe |
"TCP Query User{301EDF42-C96E-4A26-9499-09E98ED850B2}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{4A982C7F-27F2-4D2F-A297-77A9E71FE21D}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{533291AE-BA22-49F6-AE9B-E6195CF6745F}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{AC66040C-833F-47CC-A105-B68D2B63F0F3}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{B81931D8-24A2-4511-9AB2-873E14786006}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{D29FEE6F-AD02-4E75-987E-C746D49679BE}C:\users\felix\appdata\roaming\macromedia\flash player\" = protocol=6 | dir=in | app=c:\users\felix\appdata\roaming\macromedia\flash player\ |
"TCP Query User{D5EE5156-BAD8-4934-94A3-0BFA09B9E0A7}C:\program files\virtualdj\virtualdj.exe" = protocol=6 | dir=in | app=c:\program files\virtualdj\virtualdj.exe |
"TCP Query User{E1A699D1-8CF2-4566-9945-BD6C97EB08DF}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{EC2359D3-DDD4-4AFE-9AFC-B7D9FA50E25A}C:\users\felix\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\felix\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{EE885B51-0EA5-4BC8-97C3-396A25320ACE}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{FCDFD07B-3B23-4D20-9204-BC65A74DEB9B}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{1D1DB432-9A35-47DA-B2B8-0BC7CA4F1D70}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{1E1B5747-7138-4A90-B0F9-9F470B8EFF42}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{29F670CA-EBD0-4655-9C80-6C4E4C51FE11}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{3C739832-61A8-4277-BD3D-7E5B02F2ED83}C:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\smashball\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\smashball\hl2.exe |
"UDP Query User{55F61D4E-44CC-46E8-A11C-2CDA826D18D9}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{5DD955EB-9191-42B7-B6E8-F3B66B423700}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{6D1BA012-95B9-41C4-864B-1DD7F20EA348}C:\users\felix\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\felix\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{A8B82A22-5C84-47DC-B1CC-D199DBCD60FF}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{B117D9A5-8F47-4CC5-A3E2-32D1C0624822}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{B51EFE4C-EA75-4508-8489-ED076DD037A0}C:\users\felix\appdata\roaming\macromedia\flash player\" = protocol=17 | dir=in | app=c:\users\felix\appdata\roaming\macromedia\flash player\ |
"UDP Query User{B709D759-820B-43D2-BC3B-00DC7D9B3359}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{B8515A6A-9158-4F9E-A2DC-D8F9343D5B6B}C:\users\felix\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\felix\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{BD3C50B9-26DF-422F-9B8A-F21E977C0E8A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{E59639F3-E6B8-42E0-B49D-62CD8786EE64}C:\program files\virtualdj\virtualdj.exe" = protocol=17 | dir=in | app=c:\program files\virtualdj\virtualdj.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{09F4655B-C804-4AD0-B7DF-078E338F8F85}" = League of Legends
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03}" = MobileMe Control Panel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{40A594D0-1490-4979-9382-D2B764F949C6}" = BlackBerry® Media Sync
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{5211BF94-F97C-47E7-BC7C-BE804A79F8A2}" = MLB 2K10
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{66F0AC35-4805-44BC-A3D4-347D4196F9B3}" = Microsoft Xbox 360 Accessories 1.1
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}" = Microsoft Works 6.0
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B28B351F-1232-46EA-85EF-B8EA91641033}" = Nero 7 Essentials
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{B9CA59A0-3B70-48F8-9054-67595DE6E72B}" = League of Legends
"{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}" = Works Synchronization
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C3A439E4-7303-491F-A678-CEA36A87D517}" = Microsoft Works Suite Add-in for Microsoft Word
"{C9FF844C-02F5-4221-8AD4-0BD823533C6E}_is1" = Ares 3.1.5.3034
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DC19E750-988B-4005-A355-85EF66055EFE}" = Works Suite OS Pack
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ECC69E86-3B0E-4010-AA37-414C5D71B7B9}" = RPS CRT
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"8461-7759-5462-8226" = Vuze
"AC3Filter" = AC3Filter (remove only)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ares" = Ares 2.1.2
"AstrumNival Allods" = Allods Online 1.0.05.41
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Belarc Advisor" = Belarc Advisor 8.1
"BellCanada" = Bell Internet Check-up
"BlackBerry_{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"foobar2000" = foobar2000 v1.0.2.1
"FrostWire" = FrostWire 4.18.6
"gBurner" = gBurner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HotspotShield" = Hotspot Shield 1.49
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"MediaInfo" = MediaInfo 0.7.34
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NSS" = Norton Security Scan
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Peer2Peer-EN Toolbar" = Peer2Peer-EN Toolbar
"Picasa 3" = Picasa 3
"PokerStars" = PokerStars
"PowerISO" = PowerISO
"RadialpointClientGateway_is1" = Bell Internet Service Advisor 3.5.15
"SopCast" = SopCast 3.2.4
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 400" = Portal
"Steam App 550" = Left 4 Dead 2
"Steam App 564" = Left 4 Dead 2 Add-on Support
"SystemRequirementsLab" = System Requirements Lab
"Total Audio Converter_is1" = TotalAudioConverter
"Trojan Remover_is1" = Trojan Remover 6.8.2
"TVUPlayer" = TVUPlayer 2.5.2.2
"Veetle TV" = Veetle TV 0.9.17
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Works2002Setup" = Microsoft Works 2002 Setup Launcher

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24/08/2010 11:38:52 AM | Computer Name = Felix-PC | Source = HotspotShieldService | ID = 10116
Description =

Error - 24/08/2010 11:38:59 AM | Computer Name = Felix-PC | Source = HotspotShieldService | ID = 10116
Description =

Error - 24/08/2010 11:39:03 AM | Computer Name = Felix-PC | Source = HotspotShieldService | ID = 10116
Description =

Error - 24/08/2010 11:39:11 AM | Computer Name = Felix-PC | Source = HotspotShieldService | ID = 10116
Description =

Error - 24/08/2010 11:42:38 AM | Computer Name = Felix-PC | Source = Application Error | ID = 1000
Description = Faulting application DM-243.exe, version 0.0.0.0, time stamp 0x4aa7ac2e,
faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9, exception
code 0xc0000005, fault offset 0x0002294f, process id 0xee8, application start time
0x01cb43a2edcafcfb.

Error - 24/08/2010 11:47:20 AM | Computer Name = Felix-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 25/08/2010 5:00:59 PM | Computer Name = Felix-PC | Source = System Restore | ID = 8193
Description =

Error - 27/08/2010 12:16:06 PM | Computer Name = Felix-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4c354523,
faulting module client.dll, version 0.0.0.0, time stamp 0x4c76d0fd, exception code
0xc0000005, fault offset 0x0024cc04, process id 0x1180, application start time 0x01cb4601ad779d47.

Error - 28/08/2010 6:00:03 PM | Computer Name = Felix-PC | Source = Application Error | ID = 1000
Description = Faulting application TVUPlayer.exe, version 2.5.2.2, time stamp 0x4b8764a5,
faulting module AutoUpgrade.dll, version 2.5.2.2, time stamp 0x4b876441, exception
code 0xc0000005, fault offset 0x000140d6, process id 0x12c0, application start time
0x01cb46fc5d03fec7.

Error - 28/08/2010 8:47:54 PM | Computer Name = Felix-PC | Source = Application Hang | ID = 1002
Description = The program SC2.exe version 1.0.3.16291 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 1430 Start Time: 01cb47139122e738 Termination Time: 79

[ Media Center Events ]
Error - 29/12/2009 1:25:16 PM | Computer Name = Felix-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.SqmFlushSession failed; Win32 GetLastError
returned 0D Process: DefaultDomain Object Name: Media Center Guide

[ System Events ]
Error - 28/08/2010 9:17:33 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:17:33 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:17:33 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:17:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:18:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:19:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:20:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:21:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:22:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:23:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.


< End of report >
 
Good, good :)

Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

========================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
[2010/01/30 02:36:47 | 000,002,425 | ---- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\se archplugins\askcom.xml
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
@Alternate Data Stream - 76 bytes -> C:\Users\Felix\Documents\FelixAlbertoResume..doc:Roxio EMC Stream
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CB0AACC9

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

======================================================================

Last scans.....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Go to Kaspersky website and perform an online antivirus scan.

  • Disable your active antivirus program.
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
    • Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
 
OTL Log:

All processes killed
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
File C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\se archplugins\askcom.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
ADS C:\Users\Felix\Documents\FelixAlbertoResume..doc:Roxio EMC Stream deleted successfully.
ADS C:\ProgramData\TEMP:CB0AACC9 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Felix
->Temp folder emptied: 470230 bytes
->Temporary Internet Files folder emptied: 238799 bytes
->Java cache emptied: 65919 bytes
->FireFox cache emptied: 42501040 bytes
->Google Chrome cache emptied: 360526729 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 35534 bytes

User: pizzowned
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 385.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Felix
->Flash cache emptied: 0 bytes

User: pizzowned
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.11.0 log created on 08282010_220050

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

SecurityCheck log:

Results of screen317's Security Check version 0.99.5
Windows Vista (UAC is disabled!)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Avira AntiVir Personal - Free Antivirus
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 21
Adobe Flash Player 10.1.53.64
Adobe Reader 9
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````
 
Any particular reason, no Service Pack 1/2 is installed (do nothing about it at this point)?

Antivirus up to date! (On Access scanning disabled!)
Click to expand...
Make sure, your Avira is active, if you disabled it before.

=======================================================================

Update Adobe Reader

You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions.
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or other garbage.
 
No real reason..i tried doing a windows update once and i had some sort of a hard drive error or something. I will the kaspersky scan tonight as it seems to be quite lengthy.
 
ok we have a problem..funny that you mention the sp1 update because i am now able to recall what happened the first time it tried to update since it just happened again. Ntoskrnl.exe is corrupt and vista will not start in any mode..for some reason it did a windows update and after 1 of 3 it restarted and i got the black screen. I am unable to even start it up..what do i do? lol
 
for some reason it did a windows update
Click to expand...
Our instructions clearly say not to make any changes to the computer until it's declared clean!


If you have Vista DVD...

http://www.vistax64.com/tutorials/88236-repair-install-vista.html

If you don't have Vista DVD...

1. Create Vista Recovery Disc.

Option 1:
http://www.c4consulting.com.au/soluctions/vista/VISTA SOLUCTIONS.htm

Option 2:
Download Vista Recovery Disc iso image: http://neosmart.net/blog/2008/windows-vista-recovery-disc-download/
Burn it to CD, or DVD: http://neosmart.net/wiki/display/G/Burning+ISO+Images+to+a+CD+or+DVD

2. Boot from created disk.
At first screen click on Repair your computer:
setup-option.jpg

This will bring you to a new screen where the repair process will look for all Windows Vista installations on your computer. When done you will be presented with the System Recovery Options dialog box:
system-recovery-options.jpg

After this, it will present you with a list of options including startup repair, system restore and command prompt:
systemrecovery.jpg

Try System Restore, first.
If that doesn't work, try Startup Repair.
 
Status
Not open for further replies.

Similar threads

arsonfly
Hi all, I have a problem with random FPS lag from out of nowhere.
Replies
1
Views
1K
khadirajohn
K
orangeshadow
Games lag and freeze in 15-20 minute intervals.
Replies
0
Views
465
orangeshadow
orangeshadow
Daniel Sims
Nvidia acknowledges CPU usage spikes in GeForce driver 531.18
2
Replies
30
Views
2K
texasrattler
T

Latest posts

Back