Limited windows functionality

**swordstone** · 2011-04-27, 21:46

The OTL file opened on it's own but Extras one didn't and the only extras log I found was the old one dated 15th April.. the same one I posted before

OTL logfile created on: 4/27/2011 11:38:33 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Mohammad\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.91 Gb Total Space | 170.97 Gb Free Space | 59.38% Space Free | Partition Type: NTFS

Computer Name: MOHAMMAD-PC | User Name: Mohammad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Mohammad\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe ()
PRC - C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe ()
PRC - C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe ()
PRC - C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe (Sony Electronics, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\Sony\VAIO Care\listener.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)

========== Modules (SafeList) ==========

MOD - C:\Users\Mohammad\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (dgdersvc) -- C:\Windows\SysNative\dgdersvc.exe ()
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (dgdersvc) -- C:\Windows\SysWOW64\dgdersvc.exe (Devguru Co., Ltd.)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)

========== Driver Services (SafeList) ==========

DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys ()
DRV:64bit: - (HssDrv) -- C:\Windows\SysNative\DRIVERS\HssDrv.sys ()
DRV:64bit: - (taphss) -- C:\Windows\SysNative\DRIVERS\taphss.sys ()
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\Drivers\TFsExDisk.sys ()
DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys ()
DRV:64bit: - (ss_mdm) -- C:\Windows\SysNative\DRIVERS\ss_mdm.sys ()
DRV:64bit: - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\SysNative\DRIVERS\ss_bus.sys ()
DRV:64bit: - (ss_mdfl) -- C:\Windows\SysNative\DRIVERS\ss_mdfl.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys ()
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys ()
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\DRIVERS\SFEP.sys ()
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\DRIVERS\rimssn64.sys ()
DRV:64bit: - (risdptsk) -- C:\Windows\SysNative\DRIVERS\risdsn64.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\DRIVERS\athrx.sys ()
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys ()
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\DRIVERS\wimfltr.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys ()
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys ()
DRV:64bit: - (s0016mdm) -- C:\Windows\SysNative\DRIVERS\s0016mdm.sys ()
DRV:64bit: - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\SysNative\DRIVERS\s0016unic.sys ()
DRV:64bit: - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\s0016mgmt.sys ()
DRV:64bit: - (s0016obex) -- C:\Windows\SysNative\DRIVERS\s0016obex.sys ()
DRV:64bit: - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\SysNative\DRIVERS\s0016nd5.sys ()
DRV:64bit: - (s0016mdfl) -- C:\Windows\SysNative\DRIVERS\s0016mdfl.sys ()
DRV:64bit: - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\SysNative\DRIVERS\s0016bus.sys ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys ()
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys ()
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys ()
DRV:64bit: - (HSF_DPV) -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys ()
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys ()
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys ()
DRV:64bit: - (CAXHWAZL) -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys ()
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\DRIVERS\ArcSoftKsUFilter.sys ()
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\Drivers\RootMdm.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (HSFHWAZL) -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS ()
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys ()
DRV:64bit: - (seehcri) -- C:\Windows\SysNative\DRIVERS\seehcri.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (Normandy) -- C:\Windows\SysWow64\drivers\Normandy.sys ()
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (dgderdrv) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (DMICall) -- C:\Windows\SysWOW64\drivers\DMICall.sys (Sony Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...SNNT&bmod=SNNT
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...SNNT&bmod=SNNT
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdom...SNNT&bmod=SNNT
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2874463723-3708051865-952906006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdom...SNNT&bmod=SNNT
IE - HKU\S-1-5-21-2874463723-3708051865-952906006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdom...SNNT&bmod=SNNT
IE - HKU\S-1-5-21-2874463723-3708051865-952906006-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2874463723-3708051865-952906006-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2874463723-3708051865-952906006-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2874463723-3708051865-952906006-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
IE - HKU\S-1-5-21-2874463723-3708051865-952906006-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.lums.edu.pk:80

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "ooVoo Chat Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1572363&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT1572363&SearchSource=13"
FF - prefs.js..extensions.enabledItems: zotero@chnm.gmu.edu:2.0.9
FF - prefs.js..extensions.enabledItems: zoteroWinWordIntegration@zotero.org:3.0b1
FF - prefs.js..extensions.enabledItems: {6d677280-ddfe-11dc-95ff-0800200c9a66}:0.4
FF - prefs.js..extensions.enabledItems: {48e23fba-bb14-4745-b768-382150cd83fb}:1.0.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/27 20:53:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/27 20:53:19 | 000,000,000 | ---D | M]

[2010/02/18 20:54:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Extensions
[2010/02/18 20:54:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011/04/27 21:03:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions
[2009/10/29 20:56:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/30 20:33:53 | 000,000,000 | ---D | M] ("Metal3D") -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\{48e23fba-bb14-4745-b768-382150cd83fb}
[2010/04/30 20:32:28 | 000,000,000 | ---D | M] (Orthodox) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\{6d677280-ddfe-11dc-95ff-0800200c9a66}
[2010/05/23 00:06:17 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/03/12 00:57:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/11/10 23:15:55 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\zotero@chnm.gmu.edu
[2010/11/22 21:16:21 | 000,000,000 | ---D | M] (Zotero WinWord Integration) -- C:\Users\Mohammad\AppData\Roaming\mozilla\Firefox\Profiles\wzzo97kb.default\extensions\zoteroWinWordIntegration@zotero.org
[2009/10/06 18:07:30 | 000,000,882 | ---- | M] () -- C:\Users\Mohammad\AppData\Roaming\Mozilla\Firefox\Profiles\wzzo97kb.default\searchplugins\conduit.xml
[2011/04/13 14:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2006/09/19 02:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll ()
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-2874463723-3708051865-952906006-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-2874463723-3708051865-952906006-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [RegistrationReminder] C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VAIORegistration] C:\Program Files\Sony\First Experience\WelcomeLauncher.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2874463723-3708051865-952906006-1000..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe ()
O4 - Startup: C:\Users\Mohammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Mohammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XPS2OneNote.lnk = C:\Users\Mohammad\AppData\Roaming\Microsoft\Installer\{6DD7A9DA-6732-47D2-8362-6A12BD0EA053}\_FBB2488C0F33C1DFE6AC1F.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2874463723-3708051865-952906006-1000\..Trusted Domains: intuit.com ([community] https in Trusted sites)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messen.../GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/dev...e/AxLoader.cab (RIM AxLoader)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll ()
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{807975c6-d75c-11de-9ae1-001dbaf06e9b}\Shell - "" = AutoRun
O33 - MountPoints2\{807975c6-d75c-11de-9ae1-001dbaf06e9b}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/27 18:44:22 | 000,000,000 | ---D | C] -- C:\Users\Mohammad\Desktop\mrs khalid
[2011/04/19 00:11:12 | 000,000,000 | ---D | C] -- C:\Users\Mohammad\.Get Organized
[2011/04/15 00:04:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Mohammad\Desktop\OTL.exe
[2011/04/14 01:28:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/04/13 23:59:34 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Mohammad\Desktop\esetsmartinstaller_enu.exe
[2011/04/13 22:54:40 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Mohammad\Desktop\ATF-Cleaner.exe
[2011/04/11 13:27:35 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/04/11 13:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/04/11 13:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/04/11 12:50:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/04/11 12:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/10 14:22:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/04/10 14:21:08 | 000,040,648 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/04/10 14:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/04/10 14:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/04/02 03:39:33 | 000,000,000 | ---D | C] -- C:\Users\Mohammad\AppData\Roaming\.Get Organized
[2011/04/02 03:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Get Organized
[2011/04/02 03:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Get Organized
[1 C:\Users\Mohammad\Documents\*.tmp files -> C:\Users\Mohammad\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/27 22:51:04 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/27 21:55:36 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/27 21:55:36 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/27 21:51:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/27 19:57:05 | 000,002,619 | ---- | M] () -- C:\Users\Mohammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XPS2OneNote.lnk
[2011/04/27 19:55:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/27 19:55:30 | 3081,801,728 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/27 18:47:01 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/04/27 18:47:01 | 000,595,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/04/27 18:47:01 | 000,101,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/04/24 19:34:04 | 000,004,162 | ---- | M] () -- C:\Users\Mohammad\Get Organized Backup.gbak
[2011/04/19 00:11:07 | 000,001,782 | ---- | M] () -- C:\Users\Public\Desktop\Get Organized.lnk
[2011/04/17 02:20:35 | 000,034,560 | ---- | M] () -- C:\Windows\SysWow64\drivers\Normandy.sys
[2011/04/15 00:04:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Mohammad\Desktop\OTL.exe
[2011/04/14 23:59:02 | 000,124,980 | ---- | M] () -- C:\Users\Mohammad\Desktop\RKUnhookerLE.zip
[2011/04/14 23:57:18 | 000,133,632 | ---- | M] () -- C:\Users\Mohammad\Desktop\RKUnhookerLE.EXE
[2011/04/14 12:49:08 | 000,453,632 | ---- | M] () -- C:\Users\Mohammad\Desktop\CKScanner.exe
[2011/04/14 00:00:20 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Mohammad\Desktop\esetsmartinstaller_enu.exe
[2011/04/13 22:54:41 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Mohammad\Desktop\ATF-Cleaner.exe
[2011/04/11 21:10:13 | 000,002,422 | ---- | M] () -- C:\Users\Mohammad\Desktop\Attach.zip
[2011/04/11 13:27:05 | 000,000,943 | ---- | M] () -- C:\Users\Mohammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/04/11 13:26:47 | 000,000,744 | ---- | M] () -- C:\Users\Mohammad\Desktop\ERUNT.lnk
[2011/04/11 12:50:42 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/10 15:25:08 | 014,022,085 | ---- | M] () -- C:\Users\Mohammad\Documents\LoaderBackup-(2011-04-10).ipd
[2011/04/10 14:22:14 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/04/10 14:22:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/04/03 18:00:17 | 000,003,597 | ---- | M] () -- C:\Users\Mohammad\Documents\Get Organized Backup.gbak
[1 C:\Users\Mohammad\Documents\*.tmp files -> C:\Users\Mohammad\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/14 23:58:58 | 000,124,980 | ---- | C] () -- C:\Users\Mohammad\Desktop\RKUnhookerLE.zip
[2011/04/14 23:58:18 | 000,034,560 | ---- | C] () -- C:\Windows\SysWow64\drivers\Normandy.sys
[2011/04/14 23:57:13 | 000,133,632 | ---- | C] () -- C:\Users\Mohammad\Desktop\RKUnhookerLE.EXE
[2011/04/14 12:49:05 | 000,453,632 | ---- | C] () -- C:\Users\Mohammad\Desktop\CKScanner.exe
[2011/04/11 21:10:13 | 000,002,422 | ---- | C] () -- C:\Users\Mohammad\Desktop\Attach.zip
[2011/04/11 13:27:05 | 000,000,943 | ---- | C] () -- C:\Users\Mohammad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/04/11 13:26:47 | 000,000,744 | ---- | C] () -- C:\Users\Mohammad\Desktop\ERUNT.lnk
[2011/04/11 12:50:42 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/10 15:25:08 | 014,022,085 | ---- | C] () -- C:\Users\Mohammad\Documents\LoaderBackup-(2011-04-10).ipd
[2011/04/10 14:22:14 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/04/10 14:22:12 | 000,505,176 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/04/10 14:22:11 | 000,238,968 | ---- | C] () -- C:\Windows\SysNative\aswBoot.exe
[2011/04/05 04:06:32 | 000,004,162 | ---- | C] () -- C:\Users\Mohammad\Get Organized Backup.gbak
[2011/04/03 18:00:17 | 000,003,597 | ---- | C] () -- C:\Users\Mohammad\Documents\Get Organized Backup.gbak
[2011/04/02 03:39:14 | 000,001,782 | ---- | C] () -- C:\Users\Public\Desktop\Get Organized.lnk
[2010/11/12 18:59:25 | 000,000,236 | ---- | C] () -- C:\Users\Mohammad\AppData\Roaming\wklnhst.dat
[2010/01/19 21:03:09 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2010/01/01 19:28:07 | 000,000,680 | ---- | C] () -- C:\Users\Mohammad\AppData\Local\d3d9caps.dat
[2009/11/09 07:08:10 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2009/11/09 07:08:10 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2009/11/09 07:08:10 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2009/11/09 07:08:10 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2009/10/20 22:21:52 | 000,157,629 | ---- | C] () -- C:\Windows\hpoins27.dat
[2009/10/16 23:31:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/12 10:16:29 | 000,097,792 | ---- | C] () -- C:\Users\Mohammad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/08 15:22:22 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009/06/08 14:34:06 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2009/04/10 08:00:57 | 002,192,024 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/04/10 08:00:56 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2009/04/10 08:00:54 | 000,492,496 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/04/10 07:32:10 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/04/10 07:32:10 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/21 07:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/21 07:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/01/18 20:56:22 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl27.dat
[2006/11/02 20:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 17:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 17:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 17:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 14:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2011/04/19 00:11:14 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\.Get Organized
[2010/02/15 21:59:05 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Auslogics
[2010/12/22 20:45:47 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Azureus
[2010/08/27 18:30:16 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Barnes & Noble
[2010/02/15 23:17:08 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Blackberry Desktop
[2010/06/05 19:55:38 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\GameRanger
[2010/02/18 20:53:54 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\InterVideo
[2010/11/06 13:06:45 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\LimeWire
[2009/11/21 23:01:32 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Moyea
[2009/12/22 15:34:34 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\ooVoo Details
[2010/05/16 01:07:00 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Orangeline Interactive
[2010/11/06 20:32:44 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\PC Suite
[2010/01/19 23:08:04 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Research In Motion
[2010/11/06 20:14:25 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Samsung
[2010/11/12 18:59:28 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\Template
[2011/03/13 23:29:52 | 000,000,000 | ---D | M] -- C:\Users\Mohammad\AppData\Roaming\uTorrent
[2011/04/27 19:21:37 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

**ken545** · 2011-04-27, 21:49

http://www.lums.edu.pk/

Does this computer belong to the university ? Your using a proxy server for the university

**swordstone** · 2011-04-27, 23:45

Nope it's my personal computer. But I logged into the university network today.

**ken545** · 2011-04-28, 00:07

Log looks ok, how are things running now ?

**swordstone** · 2011-04-28, 00:16

I haven't been getting that error message since the last few days.. so I'd say they're good

**ken545** · 2011-04-28, 01:23

Doing a windows update may fix that, if not post here for windows problems and I am sure they can help you. From what I have been reading you may have a few corrupted files
http://forums.whatthetech.com/index.php?showforum=119

Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups

How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
WhattheTech
Grinler BleepingComputer
GeeksTo Go
Dslreports

Safe Surfn
Ken

**swordstone** · 2011-04-29, 01:01

Thanks a lot Ken!
But OTL didn't remove ERUNT, ESET and ATF cleaner... do I remove them manually? I rebooted my computer and ERUNT was still trying to create registry backups
Sabreena

**ken545** · 2011-04-29, 01:36

You can just drag ERUNT to the trash and as far as ESET, it may be in Add Remove Programs. Malwarebytes is the free version and yours to keep as is ATF Cleaner, I run ATF on all my systems about once a week to get rid of all the garbage

**ken545** · 2011-05-03, 13:09

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

Thread: Limited windows functionality

Thread Tools

Display

Posting Permissions