Solved Rootkit taking over my system, atapi.sys BSOD virus

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
.
==== Disk Partitions =========================
.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
.
7-Zip 4.65
Adobe AIR
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
AIM 7
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
CCleaner
CDDRV_Installer
Click to DVD 2.0.03 Menu Data
Click to DVD 2.5.30
Click to DVD Tutorial
COMODO Internet Security
CPUID CPU-Z 1.54
CPUID HWMonitor 1.18
DivX Setup
DVgate Plus
Easy File Locker 1.3
ESET Online Scanner v3
Eusing Free Registry Cleaner
Eusing Free Registry Defrag
FileZilla Server (remove only)
Google Chrome
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
GoToMeeting 4.5.0.457
GunboundIS
HDD Health v3.3 Beta
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB942288-v3)
HP PrecisionScan
IE Privacy Keeper
Image Converter 2 Plus
ImageStation
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless WiFi Software
InterVideo WinDVD for VAIO
ISScript
iTunes
Java Auto Updater
Java(TM) 6 Update 31
KhalSetup
LAN Setting Utility
Last.fm 1.5.4.27091
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Malwarebytes Anti-Malware version 1.61.0.1400
Memory Stick Formatter
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Automated Troubleshooting Services Shim
Microsoft Choice Guard
Microsoft Data Access Components KB870669
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft VC9 runtime libraries
Microsoft Visual C Runtime
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MobileMe Control Panel
Mozilla Firefox 5.0 (x86 en-US)
mProSafe
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
Napster
Napster Burn Engine
Octoshape add-in for Adobe Flash Player
Office 2003 Trial Assistant
ooVoo
OpenMG AAC Add-on Module 1.0.00
OpenMG Limited Patch 4.5-06-05-12-01
OpenMG Metadata Extractor for Windows Media Player
OpenMG Secure Module 4.5.01
OpenOffice.org 3.4
Paint.NET v3.36
Pharos
Quicken 2006
QuickTime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.0
Recuva
Respondus LockDown Browser
Revo Uninstaller 1.94
Roxio DigitalMedia Audio
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Segoe UI
Setting Utility Series
Shipping Assistant 3.7
Soft Data Fax Modem with SmartCP
Sonic Encoders
SonicStage 4.0
Sony Certificate PCH
Sony MP4 Shared Library
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Spotify
Spybot - Search & Destroy
SUPERAntiSpyware
swMSM
System Requirements Lab
System Requirements Lab for Intel
Trend Micro Anti-Spyware
TuneUp Utilities Language Pack (en-US)
Uniblue DriverScanner
Unlocker 1.9.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
UPS Thermal Printer Plugin - Version 8.10
VAIO Backup Utility
VAIO Breeze Wallpaper
VAIO Central
VAIO Entertainment Platform
VAIO Event Service
VAIO Hardware Diagnostics
VAIO Light Flo Wallpaper
VAIO Media 5.0
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 5.0
VAIO Media Redistribution 5.0
VAIO Media Registration Tool 5.0
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
VAIO Power Management
VAIO Registration
VAIO Support Central
VAIO Update 3
VAIOSurveySA
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.4053
Viewpoint Media Player
WD Drive Manager (x86)
WebFldrs XP
WinDirStat 1.1.2
Windows Driver Package - Intel Corporation (ialm) Display (03/23/2006 6.14.10.4543)
Windows Driver Package - Marvell (yukonwxp) Net (05/23/2006 8.56.1.3)
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows PowerShell(TM) 1.0
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
WinX DVD Player 3.0
Wireless Switch Setting Utility
.
==== End Of File ===========================
 
Does your COMODO Internet Security include an AV and firewall?

Are you experiencing any current issues?

========================================

Unless you installed Viewpoint Manager knowledgeably...
Go Start>Control Panel>Add\Remove (Programs and Features in Vista), and...
Uninstall any of the following programs associated with Viewpoint:
* Viewpoint Manager
* Viewpoint Media Player
* Viewpoint Toolbar
This program does not do anything bad such as deliver ads or spy on you, but it is considered foistware ("drive-by-install") as it is installed without your consent through programs like AOl, AIM, Compuserve, etc.

========================================

Uninstall:
Eusing Free Registry Cleaner
Eusing Free Registry Defrag
Registry cleaners/optimizers are not recommended for several reasons:

  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

    The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.


===========================================

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\tasks\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /I " " /c
dir /b "%systemroot%\*.exe" | find /I " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\LastSuccessTime /rs
/md5start
atapi.sys
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
The dont see the EXTRA. txt.

Attach is the OTL log... it would let me load due to max cap.
 

Attachments

  • OTLt.Txt
    151.4 KB · Views: 0
1. You didn't answer my questions.

p4494882.gif


2. Observe forum rules:
All required logs have to be PASTED. Attached logs will NOT be reviewed.

If a log or logs exceed the limit for one reply, you may use more than one reply. The above rule will be strictly enforced.

Pasted logs can be handled easier and faster by malware helper.
Click to expand...
 
OTL logfile created on: 7/2/2012 7:58:55 PM - Run 8
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\BC\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 42.71% Memory free
3.33 Gb Paging File | 2.28 Gb Available in Paging File | 68.48% Paging File free
Paging file location(s): C:\pagefile.sys 1521 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.79 Gb Total Space | 34.54 Gb Free Space | 32.96% Space Free | Partition Type: NTFS

Computer Name: DB7526D4182044F | User Name: BC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\BC\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\AIM\aim.exe (AOL Inc.)
PRC - C:\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe (UnH Solutions)
PRC - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe (Sony Corporation)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav ()
MOD - C:\WINDOWS\system32\quartz.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\AIM\nssckbi.dll ()
MOD - C:\WINDOWS\system32\sbe.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll ()


========== Win32 Services (SafeList) ==========

SRV - (WinDefend) -- %ProgramFiles%\Windows Defender\mpsvc.dll File not found
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe File not found
SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV - (helpsvc) -- %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll File not found
SRV - (DWRZ) -- File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (CronService) -- C:\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
SRV - (FileZilla Server) -- C:\Program Files\FileZilla Server\FileZilla server.exe (FileZilla Project)
SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)
SRV - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (npggsvc) -- C:\WINDOWS\system32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (WDBtnMgrSvc.exe) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe (WDC)
SRV - (Pharos Systems ComTaskMaster) -- C:\Program Files\PharosSystems\Core\CTskMstr.exe (Pharos Systems International)
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)
SRV - (SonicStageMonitoring) -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe (Sony Corporation)
 
========== Driver Services (SafeList) ==========

DRV - (WinRing0_1_2_0) -- File not found
DRV - (windrvNT) -- File not found
DRV - (WDICA) -- File not found
DRV - (TSP) -- File not found
DRV - (TfSysMon) -- File not found
DRV - (TfFsMon) -- File not found
DRV - (srescan) -- system32\ZoneLabs\srescan.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (MREMP50a64) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (HSXHWAZL) -- system32\DRIVERS\HSXHWAZL.sys File not found
DRV - (FileDisk) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\BC30998B\catchme.sys File not found
DRV - (AVGIDSShim) -- system32\DRIVERS\AVGIDSShim.Sys File not found
DRV - (AVGIDSFilter) -- system32\DRIVERS\AVGIDSFilter.Sys File not found
DRV - (AVGIDSEH) -- system32\DRIVERS\AVGIDSEH.Sys File not found
DRV - (AVGIDSDriver) -- system32\DRIVERS\AVGIDSDriver.Sys File not found
DRV - (AegisP) AEGIS Protocol (IEEE 802.1x) -- File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Inspect) -- C:\WINDOWS\system32\drivers\inspect.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\system32\drivers\cmdGuard.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO)
DRV - (Amps2prt) -- C:\WINDOWS\system32\drivers\Amps2prt.sys (A4Tech Co.,Ltd.)
DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (xlkfs) -- C:\WINDOWS\system32\drivers\xlkfs.sys (XOSLAB.COM)
DRV - (DwProt) -- C:\WINDOWS\system32\drivers\dwprot.sys (Doctor Web, Ltd.)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (apf001) -- C:\Game\SoftnyxGame\GunboundIS\apf001.sys ()
DRV - (SCT_SKMScan) -- C:\WINDOWS\system32\drivers\sct_skmscan.sys (Sophos Plc)
DRV - (cpuz135) -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys (CPUID)
DRV - (NETwLx32) Intel(R) -- C:\WINDOWS\system32\drivers\NETwLx32.sys (Intel Corporation)
DRV - (cpuz133) -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys (Windows (R) Win 7 DDK provider)
DRV - (NETw5x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logicool, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logicool, Inc.)
DRV - (symlcbrd) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (Tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (TosRfSnd) Bluetooth Audio Device (WDM) -- C:\WINDOWS\system32\drivers\tosrfsnd.sys (TOSHIBA Corporation)
DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (ti21sony) -- C:\WINDOWS\system32\drivers\ti21sony.sys (Texas Instruments)
DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\tosrfhid.sys (TOSHIBA Corporation.)
DRV - (toshidpt) -- C:\WINDOWS\system32\drivers\toshidpt.sys (TOSHIBA Corporation.)
DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)
DRV - (epstwnt) -- C:\WINDOWS\system32\drivers\epstwnt.mpd (Shuttle Technology. )
DRV - (SHARSHTL) -- C:\WINDOWS\system32\drivers\Sharshtl.sys (Shuttle Technology)
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.speedbit.com/?aff=115
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\SearchScopes\{049A0ADA-ACC5-4408-9A66-947D3E7B289C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MS8TDF&pc=MS8TDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?c...pn_sauid=D2A6F12B-6A33-4B8F-9D3C-D1CD08088910
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\SearchScopes\{2510E9FB-608E-4BD9-AB31-C9F4D43A239B}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...={outputEncoding}&sourceid=ie7&rlz=1I7GGLJ_en
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://home.speedbit.com/search.aspx?aff=115&q={searchTerms}
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\SearchScopes\{A2B74FAD-E339-43D0-B488-63E4A7569DFA}: "URL" = http://search.aol.com/aolcom/search...ocationType=tb50-ie-ieak8aol-chromesbox-en-us
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3015261
IE - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.8
FF - prefs.js..extensions.enabledItems: {b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}:0.87
FF - prefs.js..extensions.enabledItems: firefox@adhacker.com:0.7
FF - prefs.js..extensions.enabledItems: autoproxy@autoproxy.org:0.3b4.0+.2009110800
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: support@easy-hide-ip.com:1.0
FF - prefs.js..extensions.enabledItems: support@real-hide-ip.com:1.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\BC\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\BC\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\BC\Local Settings\Application Data\Google\Update\1.3.21.67\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\BC\Local Settings\Application Data\Google\Update\1.3.21.67\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/01 22:28:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/01 22:33:01 | 000,000,000 | ---D | M]

[2010/04/30 09:34:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BC\Application Data\Mozilla\Extensions
[2010/04/30 09:34:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BC\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/06/30 02:22:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Profiles\csqtffdt.default\extensions
[2010/04/27 18:29:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Profiles\csqtffdt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/11 16:01:37 | 000,000,000 | ---D | M] (FirefoxAdKiller) -- C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Profiles\csqtffdt.default\extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}
[2010/07/03 11:27:32 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Profiles\csqtffdt.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/04/11 16:01:34 | 000,000,000 | ---D | M] (Ad Hacker) -- C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Profiles\csqtffdt.default\extensions\firefox@adhacker.com
[2011/03/20 02:50:27 | 000,000,000 | ---D | M] (Real Hide IP) -- C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Profiles\csqtffdt.default\extensions\support@real-hide-ip.com
[2011/03/20 02:50:36 | 000,002,567 | ---- | M] () -- C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Profiles\csqtffdt.default\searchplugins\askcom.xml
[2012/07/01 23:32:54 | 000,002,534 | ---- | M] () -- C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Profiles\csqtffdt.default\searchplugins\speedbit.xml
[2012/07/01 22:17:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/10 16:34:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/12/02 15:09:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2012/03/10 11:27:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/06/07 10:01:42 | 000,061,219 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\BC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\CSQTFFDT.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2011/04/15 18:29:09 | 000,191,192 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\BC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\CSQTFFDT.DEFAULT\EXTENSIONS\AUTOPROXY@AUTOPROXY.ORG.XPI
[2012/03/31 13:57:48 | 000,006,021 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\BC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\CSQTFFDT.DEFAULT\EXTENSIONS\STAFF@HIDE-MY-IP.COM.XPI
[2012/03/10 11:26:52 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/06/16 20:48:48 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2010/04/30 10:43:49 | 000,442,368 | ---- | M] (Invenda Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol308.dll
[2012/03/10 11:26:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/07/28 13:07:36 | 000,069,632 | ---- | M] (UPS) -- C:\Program Files\mozilla firefox\plugins\NPEltr32.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/05 10:22:13 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011/11/09 00:07:41 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Documents and Settings\BC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

O1 HOSTS File: ([2012/07/02 17:36:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006..\Run: [ccleaner] C:\Program Files\CCleaner\ccleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006..\Run: [IE Privacy Keeper] C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe (UnH Solutions)
O4 - Startup: C:\Documents and Settings\Administrator!\Start Menu\Programs\Startup\Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe (Trend Micro Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html File not found
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1340929817375 (MUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab (SysInfo Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6377F684-66ED-4823-80C6-6EFC377CE550}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6377F684-66ED-4823-80C6-6EFC377CE550}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB18AA9E-BC68-4BBF-B6C3-F9DABA1B4627}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB18AA9E-BC68-4BBF-B6C3-F9DABA1B4627}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D235450A-0B05-44DE-8082-E4FA1172A4AC}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {03A80B1D-5C6A-42c2-9DFB-81B6005D8023} - C:\Program Files\Trend Micro\Tmas\sshook.dll (Trend Micro Incorporated)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/10 00:51:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (smrgdf C:\Program Files\iolo\System Mechanic Professional 6\)
O34 - HKLM BootExecute: (iolobtdfg C:\WINDOWS\system32)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSACM.LHACM - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.TR20 - C:\WINDOWS\System32\tr2032.dll (The Duck Corporation)
Drivers32: VIDC.VDOM - C:\WINDOWS\System32\vdowave.drv (VDOnet LTD..)
Drivers32: vidc.vivo - C:\WINDOWS\System32\ivvideo.dll (Vivo Software)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/02 19:56:15 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\BC\Desktop\OTL(1).exe
[2012/07/02 18:46:34 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\BC\Desktop\dds(1).scr
[2012/07/02 17:59:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\BC\Recent
[2012/07/02 17:47:25 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2012/07/02 17:46:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/07/02 17:37:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/07/02 05:18:44 | 000,000,000 | ---D | C] -- C:\BC
[2012/07/01 23:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2012/07/01 23:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedBit
[2012/07/01 23:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\WinDirStat
[2012/07/01 23:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BC\Start Menu\Programs\WinDirStat
[2012/07/01 17:25:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BC\Desktop\tdsskiller
[2012/07/01 16:20:55 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\BC\Desktop\aswMBR.exe
[2012/07/01 03:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BC\Desktop\RK_Quarantine
[2012/06/30 19:23:04 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/06/30 19:23:04 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/06/30 19:23:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/06/30 19:23:04 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/06/30 19:20:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/30 17:35:58 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/06/30 14:16:03 | 000,000,000 | ---D | C] -- C:\VritualRoot
[2012/06/30 14:12:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2012/06/30 14:11:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\COMODO
[2012/06/30 14:05:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\COMODO
[2012/06/30 14:05:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2012/06/30 14:05:11 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012/06/23 11:46:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/21 16:51:10 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\BC\Desktop\OTL.exe
[2012/06/20 22:11:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BC\Application Data\OpenOffice.org
[2012/06/20 22:09:01 | 000,000,000 | --SD | C] -- C:\Documents and Settings\BC\Start Menu\Programs\OpenOffice.org 3.4
[2012/06/20 22:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012/06/19 02:46:12 | 000,033,568 | ---- | C] (Sophos Plc) -- C:\WINDOWS\System32\drivers\sct_skmscan.sys
[2012/06/19 01:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2012/06/19 01:05:51 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2012/06/19 00:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Defrag
[2012/06/19 00:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2012/06/18 22:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BC\Doctor Web
[2012/06/18 17:41:33 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\BC\Desktop\dds.scr
[2012/06/16 21:38:31 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012/06/04 21:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/02 20:21:41 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2012/07/02 19:56:17 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BC\Desktop\OTL(1).exe
[2012/07/02 18:46:38 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\BC\Desktop\dds(1).scr
[2012/07/02 17:56:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/02 17:56:34 | 2137,182,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/02 17:36:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/07/01 23:26:28 | 000,109,256 | ---- | M] () -- C:\WINDOWS\System32\EasyHook64.dll
[2012/07/01 23:26:28 | 000,090,824 | ---- | M] () -- C:\WINDOWS\System32\EasyHook32.dll
[2012/07/01 17:24:42 | 002,114,838 | ---- | M] () -- C:\Documents and Settings\BC\Desktop\tdsskiller.zip
[2012/07/01 16:21:09 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\BC\Desktop\aswMBR.exe
[2012/07/01 03:30:27 | 1594,884,096 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2012/06/30 22:49:39 | 001,548,288 | ---- | M] () -- C:\Documents and Settings\BC\Desktop\RogueKiller.exe
[2012/06/30 20:26:50 | 001,012,656 | ---- | M] () -- C:\Documents and Settings\BC\Desktop\rkill.exe
[2012/06/30 17:50:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/06/30 15:11:49 | 000,000,029 | ---- | M] () -- C:\WINDOWS\System32\TempWmicBatchFile.bat
[2012/06/30 14:05:58 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk
[2012/06/29 21:14:49 | 000,001,230 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/28 17:26:12 | 000,403,231 | ---- | M] () -- C:\Documents and Settings\BC\Desktop\MiniToolBox.exe
[2012/06/26 22:21:33 | 000,000,369 | -HS- | M] () -- C:\boot.ini
[2012/06/24 17:12:15 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/06/24 02:30:01 | 000,005,536 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/22 01:59:45 | 000,304,416 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/21 16:51:14 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BC\Desktop\OTL.exe
[2012/06/19 21:51:17 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/18 17:41:50 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\BC\Desktop\dds.scr
[2012/06/17 02:11:41 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1210614011-2585739803-2429135735-1006.job
[2012/06/17 02:11:41 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1210614011-2585739803-2429135735-1006.job
[2012/06/16 20:30:17 | 000,058,488 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/06/16 20:25:33 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2012/06/16 19:42:27 | 000,445,044 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/16 19:42:27 | 000,072,754 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/12 18:41:42 | 000,004,496 | -H-- | M] () -- C:\IPH.PH
[2012/06/09 18:05:20 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\BC\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/02 17:10:22 | 2137,182,208 | -HS- | C] () -- C:\hiberfil.sys
[2012/07/01 23:27:19 | 000,109,256 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll
[2012/07/01 23:27:19 | 000,090,824 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2012/07/01 17:24:35 | 002,114,838 | ---- | C] () -- C:\Documents and Settings\BC\Desktop\tdsskiller.zip
[2012/06/30 22:49:33 | 001,548,288 | ---- | C] () -- C:\Documents and Settings\BC\Desktop\RogueKiller.exe
[2012/06/30 20:26:49 | 001,012,656 | ---- | C] () -- C:\Documents and Settings\BC\Desktop\rkill.exe
[2012/06/30 19:23:04 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/06/30 19:23:04 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/06/30 19:23:04 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/06/30 19:23:04 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/06/30 19:23:04 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/06/30 14:09:20 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2012/06/30 14:05:58 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk
[2012/06/28 17:26:06 | 000,403,231 | ---- | C] () -- C:\Documents and Settings\BC\Desktop\MiniToolBox.exe
[2012/05/15 00:57:35 | 000,005,536 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/30 22:26:14 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\BC\Local Settings\Application Data\spdlfa.ccr
[2012/03/30 22:26:14 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\BC\Local Settings\Application Data\NDFFS.DAT
[2011/09/24 18:51:54 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011/09/24 14:55:50 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2011/09/14 02:17:31 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\BC\Local Settings\Application Data\d3d9caps.dat
[2011/08/10 00:10:01 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/08/05 01:41:53 | 000,257,548 | ---- | C] () -- C:\Documents and Settings\BC\Local Settings\Application Data\census.cache
[2011/08/05 01:41:23 | 000,225,571 | ---- | C] () -- C:\Documents and Settings\BC\Local Settings\Application Data\ars.cache
[2011/08/05 01:08:44 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\BC\Local Settings\Application Data\housecall.guid.cache
[2011/08/01 02:33:20 | 000,058,488 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/07/28 11:52:14 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\lkfl.dat
[2011/07/28 11:52:14 | 000,000,128 | ---- | C] () -- C:\WINDOWS\System32\pdfl.dat
[2011/07/28 11:52:14 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\ibfl.dat
[2011/07/16 13:29:12 | 000,000,843 | ---- | C] () -- C:\WINDOWS\System32\bash.exe.stackdump
[2011/07/01 02:54:47 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\IYVU9_32.DLL
[2011/01/14 04:16:56 | 000,012,920 | ---- | C] () -- C:\WINDOWS\System32\apl001.sys
[2011/01/14 04:16:56 | 000,010,872 | ---- | C] () -- C:\WINDOWS\System32\apf001.sys
[2011/01/05 15:45:30 | 000,000,036 | ---- | C] () -- C:\WINDOWS\System32\f9t.dat
[2010/12/14 01:54:17 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2010/04/12 01:45:29 | 000,000,990 | -HS- | C] () -- C:\Documents and Settings\BC\Application Data\systemfl.$dk
[2009/01/24 12:19:33 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2007/12/27 18:54:20 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2006/12/04 19:09:22 | 000,039,936 | ---- | C] () -- C:\Documents and Settings\BC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/04 19:09:22 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\BC\Local Settings\Application Data\fusioncache.dat
 
========== LOP Check ==========

[2006/12/07 03:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\acccore
[2011/08/26 09:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\AVG10
[2009/07/26 09:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\AVGTOOLBAR
[2011/08/26 09:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\CheckPoint
[2006/12/07 02:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\iolo
[2009/07/15 17:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\MailFrontier
[2012/03/26 00:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\TuneUp Software
[2006/12/07 01:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\UnH Solutions
[2008/07/12 18:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/11/23 20:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2012/05/17 14:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 03:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012/05/17 14:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2010/04/01 22:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\com.comcast.access
[2011/05/07 18:10:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/06/30 14:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2006/09/14 13:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2011/06/20 02:49:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/07/19 22:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2006/12/07 02:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2009/11/07 20:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK
[2011/08/13 13:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2009/10/17 10:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2011/09/03 03:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2006/08/22 12:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2011/06/29 03:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/05/24 17:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2012/06/04 21:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2008/05/24 17:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2010/12/14 01:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel
[2010/09/18 11:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2012/06/19 01:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2012/07/01 23:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2010/12/14 01:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SPSS
[2011/03/21 13:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tenebril
[2012/02/02 13:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/06/29 03:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2012/07/02 19:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/01/21 00:15:50 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2012/02/02 13:34:01 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010/07/20 23:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/12 14:52:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2010/03/31 00:39:31 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2006/12/08 02:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\acccore
[2012/05/30 21:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Anonymizer
[2010/08/23 01:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\AnvSoft
[2011/09/03 03:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\AVG10
[2011/09/13 09:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\BatteryCare
[2011/06/29 02:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Carambis
[2011/07/28 11:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\CheckPoint
[2010/04/01 22:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\com.comcast.access.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
[2012/06/16 21:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\ElevatedDiagnostics
[2010/06/18 00:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Elluminate
[2011/09/21 19:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\FixCleaner
[2010/04/13 19:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\GetRightToGo
[2009/07/29 15:55:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\BC\Application Data\ijjigame
[2006/12/19 09:30:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\InterVideo
[2010/02/07 17:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\MailFrontier
[2009/10/18 03:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\MioNetApplet
[2011/10/11 14:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\ooVoo Details
[2012/06/20 22:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\OpenOffice.org
[2011/09/24 15:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Sammsoft
[2010/09/18 11:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Simply Super Software
[2011/09/25 16:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Spotify
[2012/05/30 21:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Stamps.com Internet Postage
[2012/03/27 10:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\SystemRequirementsLab
[2011/10/09 01:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Systweak
[2010/04/30 09:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Thunderbird
[2012/02/02 13:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\TuneUp Software
[2006/12/07 12:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\UnH Solutions
[2011/09/24 12:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Uniblue
[2009/07/29 16:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Windows Desktop Search
[2009/07/29 16:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\Windows Search
[2012/02/09 14:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2012/07/02 17:56:56 | 000,032,536 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

========== Purity Check ==========
 
========== Custom Scans ==========

< >

< %SYSTEMDRIVE%\*.* >
[2006/08/10 00:51:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/04/11 17:59:59 | 000,000,189 | -HS- | M] () -- C:\Boot.bak
[2012/06/26 22:21:33 | 000,000,369 | -HS- | M] () -- C:\boot.ini
[2011/09/10 15:40:19 | 000,029,374 | ---- | M] () -- C:\bootex.log
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2012/07/02 17:46:14 | 000,032,825 | ---- | M] () -- C:\ComboFix.txt
[2006/08/10 00:51:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/04/11 10:07:18 | 000,003,820 | ---- | M] () -- C:\eula.1028.txt
[2008/04/11 10:07:18 | 000,015,428 | ---- | M] () -- C:\eula.1031.txt
[2008/04/11 10:07:18 | 000,010,058 | ---- | M] () -- C:\eula.1033.txt
[2008/04/11 10:07:18 | 000,012,246 | ---- | M] () -- C:\eula.1036.txt
[2008/04/11 10:07:18 | 000,013,912 | ---- | M] () -- C:\eula.1040.txt
[2008/04/11 10:07:18 | 000,005,868 | ---- | M] () -- C:\eula.1041.txt
[2008/04/11 10:07:18 | 000,005,970 | ---- | M] () -- C:\eula.1042.txt
[2008/04/11 10:07:18 | 000,010,134 | ---- | M] () -- C:\eula.1049.txt
[2008/04/11 10:07:18 | 000,003,814 | ---- | M] () -- C:\eula.2052.txt
[2008/04/11 10:07:18 | 000,012,936 | ---- | M] () -- C:\eula.3082.txt
[2008/04/11 10:07:18 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012/07/02 17:56:34 | 2137,182,208 | -HS- | M] () -- C:\hiberfil.sys
[2008/04/11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2008/04/11 10:07:18 | 000,000,843 | ---- | M] () -- C:\install.ini
[2008/04/11 08:03:48 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2008/04/11 08:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2008/04/11 08:03:48 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2008/04/11 08:03:48 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2008/04/11 08:03:48 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2008/04/11 08:03:48 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2008/04/11 08:03:48 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2008/04/11 10:09:24 | 000,093,200 | ---- | M] (Microsoft Corporation) -- C:\install.res.1049.dll
[2008/04/11 08:03:48 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2008/04/11 08:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2006/08/10 00:51:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/06/12 18:41:42 | 000,004,496 | -H-- | M] () -- C:\IPH.PH
[2006/08/10 00:51:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/03/15 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/05/24 18:43:04 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/07/02 17:56:31 | 1594,884,096 | -HS- | M] () -- C:\pagefile.sys
[2012/07/02 18:01:52 | 000,000,359 | ---- | M] () -- C:\rkill.log
[2012/07/01 17:35:17 | 000,100,270 | ---- | M] () -- C:\TDSSKiller.2.7.43.0_01.07.2012_17.25.11_log.txt
[2008/04/11 10:07:18 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2008/04/11 10:09:38 | 003,797,292 | ---- | M] () -- C:\VC_RED.cab
[2008/04/11 10:11:40 | 000,233,472 | ---- | M] () -- C:\VC_RED.MSI
[2012/05/24 18:13:48 | 000,000,362 | ---- | M] () -- C:\WSC_PROFILE.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/08/10 00:50:39 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2005/03/24 22:00:00 | 000,020,992 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD75.DLL
[2010/11/09 09:30:12 | 000,058,368 | ---- | M] (Lexmark International Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LMAATC4C.DLL
[2004/03/22 15:17:08 | 000,025,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2012/03/06 16:15:19 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2007/11/18 11:03:13 | 000,001,762 | ---- | M] () -- C:\Documents and Settings\BC\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/08/09 17:39:03 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006/08/09 17:39:03 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006/08/09 17:39:03 | 000,901,120 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/05/24 18:51:02 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/05/23 22:42:52 | 000,000,170 | -HS- | M] () -- C:\Documents and Settings\BC\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2012/05/11 23:57:00 | 009,989,040 | ---- | M] (OPSWAT, Inc.) -- C:\Documents and Settings\BC\Desktop\AppRemover.exe
[2012/07/01 16:21:09 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\BC\Desktop\aswMBR.exe
[2012/06/28 17:26:12 | 000,403,231 | ---- | M] () -- C:\Documents and Settings\BC\Desktop\MiniToolBox.exe
[2012/07/02 19:56:17 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BC\Desktop\OTL(1).exe
[2012/06/21 16:51:14 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BC\Desktop\OTL.exe
[2009/07/25 16:03:55 | 000,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BC\Desktop\OTS.exe
[2011/06/24 03:11:30 | 000,065,232 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\BC\Desktop\RegASSASSIN.exe
[2012/06/30 20:26:50 | 001,012,656 | ---- | M] () -- C:\Documents and Settings\BC\Desktop\rkill.exe
[2012/06/30 22:49:39 | 001,548,288 | ---- | M] () -- C:\Documents and Settings\BC\Desktop\RogueKiller.exe
[2011/06/24 03:11:54 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\BC\Desktop\StartUpLite.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\tasks\*.* >
[2012/06/19 21:51:17 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2011/06/25 15:19:25 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2006/03/15 05:00:00 | 000,000,065 | R--- | M] () -- C:\WINDOWS\tasks\desktop.ini
[2012/03/20 13:18:27 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd06d69c0c3a6c.job
[2011/09/04 12:27:35 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1210614011-2585739803-2429135735-1006Core1cc6b38b3021320.job
[2012/06/17 02:11:41 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1210614011-2585739803-2429135735-1006.job
[2012/06/17 02:11:41 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1210614011-2585739803-2429135735-1006.job
[2012/07/02 17:56:56 | 000,000,006 | ---- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012/07/02 17:56:56 | 000,032,536 | ---- | M] () -- C:\WINDOWS\tasks\SCHEDLGU.TXT

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >
[2012/02/15 20:41:38 | 000,000,786 | ---- | M] () -- C:\WINDOWS\AppPatch\Custom\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/05/23 22:42:52 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\BC\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /I " " /c >

< dir /b "%systemroot%\*.exe" | find /I " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2012/07/02 19:43:11 | 000,147,456 | -HS- | M] () -- C:\Documents and Settings\BC\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2005/08/01 13:24:00 | 001,003,215 | ---- | M] () -- C:\WINDOWS\Installer\ms_office_trial.exe
[12 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 17:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 01:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 01:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 07:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 10:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 17:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 01:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 01:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 01:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 01:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 01:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >
[1997/12/22 17:23:36 | 000,004,672 | ---- | M] (Adaptec) -- C:\WINDOWS\system\wowpost.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\LastSuccessTime /rs >

< MD5 for: ATAPI.SYS >
[2006/03/15 05:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/05/24 18:38:32 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2006/03/15 05:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/05/24 18:38:32 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0033\DriverFiles\i386\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0042\DriverFiles\i386\atapi.sys
[2006/03/15 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< End of report >
 
It's not that hard to simply scroll up and re-read couple of my posts:
Does your COMODO Internet Security include an AV and firewall?

Are you experiencing any current issues?
Click to expand...
 
I recently uninstalled McAfee Antivirus paid version and installed COMOBO Internet Security as one of your post suggested. Yes, the program has AV and firewall with it. The current issue are unable to complete full scan of the pc because it freezes up during half way point.

How are my logs looking?
 
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe File not found
SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV - (helpsvc) -- %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll File not found
SRV - (DWRZ) -- File not found
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation)
DRV - (TfSysMon) -- File not found
DRV - (TfFsMon) -- File not found
DRV - (srescan) -- system32\ZoneLabs\srescan.sys File not found
DRV - (AVGIDSShim) -- system32\DRIVERS\AVGIDSShim.Sys File not found
DRV - (AVGIDSFilter) -- system32\DRIVERS\AVGIDSFilter.Sys File not found
DRV - (AVGIDSEH) -- system32\DRIVERS\AVGIDSEH.Sys File not found
DRV - (AVGIDSDriver) -- system32\DRIVERS\AVGIDSDriver.Sys File not found
DRV - (symlcbrd) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
[2011/03/20 02:50:36 | 000,002,567 | ---- | M] () -- C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Profiles\csqtffdt.default\searchplugins\askcom.xml
[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - Startup: C:\Documents and Settings\Administrator!\Start Menu\Programs\Startup\Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe (Trend Micro Incorporated)
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html File not found
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - Reg Error: Key error. File not found
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-1210614011-2585739803-2429135735-1006\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab (Reg Error: Key error.)
[2011/08/26 09:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\AVG10
[2009/07/26 09:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\AVGTOOLBAR
[2006/12/07 02:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator!\Application Data\iolo
[2012/05/17 14:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/03 03:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2009/07/19 22:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2012/07/02 19:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/09/03 03:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BC\Application Data\AVG10

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

====================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


3. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


4. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
All processes killed
========== OTL ==========
Service McODS stopped successfully!
Service McODS deleted successfully!
File C:\Program Files\McAfee\VirusScan\mcods.exe File not found not found.
Service McNaiAnn stopped successfully!
Service McNaiAnn deleted successfully!
File C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found not found.
Error: No service named McMPFSvc was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McMPFSvc deleted successfully.
File C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found not found.
Service McAfee SiteAdvisor Service stopped successfully!
Service McAfee SiteAdvisor Service deleted successfully!
File C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found not found.
Service helpsvc stopped successfully!
Service helpsvc deleted successfully!
File %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll File not found not found.
Service DWRZ stopped successfully!
Service DWRZ deleted successfully!
File File not found not found.
Service Symantec Core LC stopped successfully!
Service Symantec Core LC deleted successfully!
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe moved successfully.
Service TfSysMon stopped successfully!
Service TfSysMon deleted successfully!
File File not found not found.
Service TfFsMon stopped successfully!
Service TfFsMon deleted successfully!
File File not found not found.
Service srescan stopped successfully!
Service srescan deleted successfully!
File system32\ZoneLabs\srescan.sys File not found not found.
Service AVGIDSShim stopped successfully!
Service AVGIDSShim deleted successfully!
File system32\DRIVERS\AVGIDSShim.Sys File not found not found.
Service AVGIDSFilter stopped successfully!
Service AVGIDSFilter deleted successfully!
File system32\DRIVERS\AVGIDSFilter.Sys File not found not found.
Service AVGIDSEH stopped successfully!
Service AVGIDSEH deleted successfully!
File system32\DRIVERS\AVGIDSEH.Sys File not found not found.
Service AVGIDSDriver stopped successfully!
Service AVGIDSDriver deleted successfully!
File system32\DRIVERS\AVGIDSDriver.Sys File not found not found.
Service symlcbrd stopped successfully!
Service symlcbrd deleted successfully!
C:\WINDOWS\system32\drivers\symlcbrd.sys moved successfully.
C:\Program Files\Mozilla Firefox\components\Scriptff.dll moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
C:\Documents and Settings\BC\Application Data\Mozilla\Firefox\Profiles\csqtffdt.default\searchplugins\askcom.xml moved successfully.
File C:\Program Files\mozilla firefox\components\Scriptff.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ not found.
Registry value HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ not found.
Registry value HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
C:\Documents and Settings\Administrator!\Start Menu\Programs\Startup\Trend Micro Anti-Spyware.lnk moved successfully.
C:\Program Files\Trend Micro\Tmas\Tmas.exe moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&AOL Toolbar Search\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Append Link Target to Existing PDF\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Append to Existing PDF\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Convert Link Target to Adobe PDF\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Convert to Adobe PDF\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3369AF0D-62E9-4bda-8103-B4C75499B578}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3369AF0D-62E9-4bda-8103-B4C75499B578}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\trymedia.com\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\trymedia.com\ not found.
Registry key HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ not found.
Registry key HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\*.update\ deleted successfully.
Invalid CLSID key: *.update
Registry key HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\*.update\ not found.
Invalid CLSID key: *.update
Registry key HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\update\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\update\ not found.
Registry key HKEY_USERS\S-1-5-21-1210614011-2585739803-2429135735-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windowsupdate.com\download\ deleted successfully.
Starting removal of ActiveX control {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}\ not found.
Starting removal of ActiveX control {5F5F9FB8-878E-4455-95E0-F64B2314288A}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5F5F9FB8-878E-4455-95E0-F64B2314288A}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5F5F9FB8-878E-4455-95E0-F64B2314288A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F5F9FB8-878E-4455-95E0-F64B2314288A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5F5F9FB8-878E-4455-95E0-F64B2314288A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F5F9FB8-878E-4455-95E0-F64B2314288A}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CD995117-98E5-4169-9920-6C12D4C0B548}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CD995117-98E5-4169-9920-6C12D4C0B548}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CD995117-98E5-4169-9920-6C12D4C0B548}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD995117-98E5-4169-9920-6C12D4C0B548}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CD995117-98E5-4169-9920-6C12D4C0B548}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD995117-98E5-4169-9920-6C12D4C0B548}\ not found.
C:\Documents and Settings\Administrator!\Application Data\AVG10\cfgall folder moved successfully.
C:\Documents and Settings\Administrator!\Application Data\AVG10 folder moved successfully.
C:\Documents and Settings\Administrator!\Application Data\AVGTOOLBAR folder moved successfully.
C:\Documents and Settings\Administrator!\Application Data\iolo folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\Spamconf folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\sounds\1033 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\sounds folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\report folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\moved folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\log folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\journal folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\integ folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\HtmlData folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\fw folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\chest folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\backup folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\arpot\TEMP folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\arpot folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10\log\IDP folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10\log folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10\cfgall folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Stats folder moved successfully.
C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus folder moved successfully.
C:\Documents and Settings\All Users\Application Data\ESET folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\AxMetaStream_Win folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint folder moved successfully.
C:\Documents and Settings\BC\Application Data\AVG10 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 0 bytes

User: Administrator!
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 338590 bytes
->FireFox cache emptied: 9198563 bytes
->Flash cache emptied: 485 bytes

User: All Users

User: BC
->Temp folder emptied: 424795 bytes
->Temporary Internet Files folder emptied: 1343890 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 67135394 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 351578 bytes

User: bc
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 179090122 bytes
->Temporary Internet Files folder emptied: 110690 bytes
->Flash cache emptied: 56468 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 9724 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 6975147 bytes

Total Files Cleaned = 253.00 mb


[EMPTYJAVA]

User: Administrator

User: Administrator!

User: All Users

User: BC
->Java cache emptied: 0 bytes

User: bc

User: Default User

User: Guest

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: Administrator!
->Flash cache emptied: 0 bytes

User: All Users

User: BC
->Flash cache emptied: 0 bytes

User: bc
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest

User: LocalService

User: NetworkService
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.53.1 log created on 07042012_171457

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 
Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
ESET Online Scanner v3
COMODO Internet Security
Trend Micro Anti-Spyware
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
Trend Micro Anti-Spyware
Spybot - Search & Destroy
SUPERAntiSpyware
HijackThis 2.0.2
TuneUp Utilities Language Pack (en-US)
CCleaner
Java(TM) 6 Update 31
Out of date Java installed!
Adobe Flash Player 11.3.300.262
Adobe Reader X (10.1.3)
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````
 
Farbar Service Scanner Version: 02-07-2012
Ran by BC (administrator) on 04-07-2012 at 17:27:54
Running from "C:\Documents and Settings\BC\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(10) cmdHlp(92) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x11000000040000000100000002000000030000005C0000000F0000000E0000005A0000000D00000005000000060000000700000008000000090000000A0000000B0000000C000000
IpSec Tag value is correct.

**** End of log ****
 
Which browser did you use to try Eset scan?
You have three browsers installed IE, Firefox and Chrome.
 
You must log in or register to reply here.

Similar threads

P
  • Locked
BSOD stop error 0x000000BE on loading Windows XP
Replies
1
Views
10K
Archean
Archean
B
  • Locked
Multiple BSOD after virus
Replies
21
Views
5K
brodie
B
Velexia
  • Locked
Problem Starting Windows - Epic Virus Battle
Replies
24
Views
7K
Bobbye
Bobbye

Latest posts

Back