Page 3 of 3 FirstFirst 123
Results 21 to 25 of 25

Thread: resolved

  1. 2011-08-28, 02:20 #21
    redcar92
    redcar92 is offline
    Senior Member
    Join Date
    Aug 2010
    Location
    Near Atlanta, GA
    Posts
    189

    Default

    Greetings jkusano

    Things are looking a lot better from this end. How is your pc behaving now? Are there any problems that we may have missed?

    Next
    • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • We only need the OTL.txt file
    • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.
  2. 2011-08-28, 02:51 #22
    jkusano
    jkusano is offline
    Junior Member
    Join Date
    Aug 2011
    Location
    Washington, DC
    Posts
    14

    Default

    Bill: OK, I ran OTL and here's the OTLg.txt file:

    OTL logfile created on: 8/27/2011 8:44:42 PM - Run 2
    OTL by OldTimer - Version 3.2.26.6 Folder = C:\Documents and Settings\jkusano\My Documents\Downloads
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 67.66% Memory free
    3.35 Gb Paging File | 2.94 Gb Available in Paging File | 87.69% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 465.76 Gb Total Space | 99.91 Gb Free Space | 21.45% Space Free | Partition Type: NTFS
    Drive E: | 114.49 Gb Total Space | 101.50 Gb Free Space | 88.65% Space Free | Partition Type: NTFS
    Drive F: | 298.08 Gb Total Space | 41.49 Gb Free Space | 13.92% Space Free | Partition Type: NTFS

    Computer Name: DAD-NEW | User Name: jkusano | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\jkusano\My Documents\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
    PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    PRC - C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe ()
    PRC - C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe (Memeo)
    PRC - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
    PRC - C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe (Axentra Corporation)
    PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    PRC - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
    PRC - C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
    PRC - C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
    PRC - C:\WINDOWS\system32\Brmfrmps.exe (Brother Industries, Ltd.)


    ========== Modules (No Company Name) ==========

    MOD - C:\Program Files\AVAST Software\Avast\defs\11082701\algo.dll ()
    MOD - C:\Program Files\AVAST Software\Avast\defs\11082701\aswRep.dll ()
    MOD - C:\Program Files\AVAST Software\Avast\defs\11082700\algo.dll ()
    MOD - C:\Program Files\AVAST Software\Avast\defs\11082700\aswRep.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
    MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
    MOD - C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
    MOD - C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe ()
    MOD - C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll ()
    MOD - C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll ()
    MOD - C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll ()
    MOD - C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\WINDOWS\system32\ac3filter.acm ()
    MOD - C:\WINDOWS\system32\mmfinfo.dll ()
    MOD - C:\WINDOWS\system32\mkunicode.dll ()
    MOD - C:\WINDOWS\system32\cpwmon2k.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
    SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    SRV - (IHA_MessageCenter) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe ()
    SRV - (SeagateDashboardService) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
    SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    SRV - (ABBYY.Licensing.FineReader.Professional.9.0) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
    SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
    SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
    SRV - (brmfrmps) -- C:\WINDOWS\System32\Brmfrmps.exe (Brother Industries, Ltd.)


    ========== Driver Services (SafeList) ==========

    DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
    DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
    DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
    DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
    DRV - (VX3000) -- C:\WINDOWS\system32\drivers\VX3000.sys (Microsoft Corporation)
    DRV - (ISODisk) -- C:\WINDOWS\System32\drivers\ISODisk.sys ()


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 38 A7 1F 02 59 3F 1B 49 88 92 43 7A F6 E3 DB E7 [binary data]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultEngine: "Yahoo"
    FF - prefs.js..browser.search.defaultenginename: "Search Results"
    FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/aolcom/search?invocationType=tbff50ie7&query="
    FF - prefs.js..browser.search.order.1: "Search Results"
    FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ver"
    FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ver"
    FF - prefs.js..browser.search.param.yahoo-type: ""
    FF - prefs.js..browser.search.selectedEngineURL: "http://flvtubesearch.co/?tmp=toolbar_FLVTube_results&prt=flvtubetb&clid=6423e0fea157460b93368a6e185c32e7&subid=1970&Keywords={searchTerms}"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://us.mg4.mail.yahoo.com/dc/launch?.gx=1&.rand=f4sbqg7rr3qop|http://groups.yahoo.com/group/HerndonRestonVAFreecycle/messages?o=1|http://washingtondc.craigslist.org/nva/zip/|http://www.google.com/ig?hl=en"
    FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.9.1
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
    FF - prefs.js..extensions.enabledItems: {566D6332-1439-43bf-857E-7AD5F137AD0C}:1.10
    FF - prefs.js..extensions.enabledItems: rikaichan-jpen@polarcloud.com:2.01.110527
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
    FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1203
    FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=421&q="
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 53677
    FF - prefs.js..network.proxy.type: 0


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\jkusano\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\jkusano\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\jkusano\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\jkusano\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\jkusano\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
    FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/06 14:53:21 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/17 10:25:23 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/21 15:15:49 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\jkusano\Application Data\Move Networks [2010/02/27 21:01:05 | 000,000,000 | ---D | M]

    [2011/07/31 10:46:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Extensions
    [2011/08/26 20:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions
    [2011/06/25 14:14:06 | 000,000,000 | ---D | M] (Rikaichan) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}
    [2010/04/27 18:05:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2009/05/01 20:51:24 | 000,000,000 | ---D | M] (Names Dictionary for rikaichan) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\{566D6332-1439-43bf-857E-7AD5F137AD0C}
    [2009/12/05 19:05:43 | 000,000,000 | ---D | M] (Japanese-English Dictionary for rikaichan) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\{6D898772-AD34-4c16-86BB-9DE787A5DEA0}
    [2010/01/29 11:40:22 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}
    [2011/05/30 07:21:54 | 000,000,000 | ---D | M] (Rikaichan Japanese-English Dictionary File) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\rikaichan-jpen@polarcloud.com
    [2011/07/31 08:52:49 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\searchplugins\SearchResults.xml
    [2011/08/26 20:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011/08/07 08:13:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    [2010/02/27 21:01:05 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\JKUSANO\APPLICATION DATA\MOVE NETWORKS
    [2011/08/06 14:53:21 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
    [2011/08/07 08:12:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2008/11/06 19:44:40 | 000,027,976 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\atgpcdec.dll
    [2008/11/06 19:44:46 | 000,126,360 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\atgpcext.dll
    [2008/11/06 19:46:28 | 000,046,408 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\atmccli.dll
    [2008/08/16 18:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
    [2008/08/16 18:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
    [2008/08/16 18:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
    [2009/01/26 14:23:08 | 000,098,712 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\ieatgpc.dll
    [2008/05/21 09:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
    [2008/05/21 09:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
    [2008/05/21 09:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
    [2008/11/06 19:44:58 | 000,060,824 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll
    [2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
    [2011/08/07 08:12:54 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2008/08/16 18:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
    [2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
    [2008/08/16 18:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
    [2010/10/10 15:33:16 | 000,001,175 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\FLVTube.xml.bak
    [2011/07/31 08:52:49 | 000,002,497 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

    O1 HOSTS File: ([2011/08/26 10:29:03 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
    O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe (Brother Industories, Ltd.)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
    O4 - Startup: C:\Documents and Settings\jkusano\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/actives.../as2stubie.cab (ActiveScan 2.0 Installer Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O24 - Desktop WallPaper: C:\Documents and Settings\jkusano\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\jkusano\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/01/10 16:12:30 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2008/01/05 20:26:36 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O35 - HKCU\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKCU\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/08/27 16:03:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2011/08/26 10:11:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2011/08/26 10:11:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2011/08/26 10:11:50 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2011/08/26 10:11:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2011/08/26 10:10:32 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2011/08/24 15:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\HJThis
    [2011/08/24 15:39:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Start Menu\Programs\HiJackThis
    [2011/08/21 15:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2011/08/20 14:07:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Monkey's Audio
    [2011/08/20 14:07:41 | 000,446,464 | ---- | C] (Matthew T. Ashland) -- C:\WINDOWS\System32\MACDll.dll
    [2011/08/20 14:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Monkey's Audio
    [2011/08/20 10:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
    [2011/08/19 18:03:05 | 000,000,000 | ---D | C] -- C:\_OTL
    [2011/08/16 21:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Desktop\Antivirus-Tools
    [2011/08/13 16:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\My Documents\My Library
    [2011/08/13 16:32:24 | 000,057,436 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\DASShp.dll
    [2011/08/13 16:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Reader
    [2011/08/12 16:42:59 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
    [2011/08/12 16:42:40 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
    [2011/08/12 16:23:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Application Data\SUPERAntiSpyware.com
    [2011/08/12 16:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
    [2011/08/12 16:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    [2011/08/12 16:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2011/08/07 08:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
    [2011/08/07 08:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2011/08/07 08:13:05 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
    [2011/08/07 08:13:05 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011/08/07 08:13:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011/08/07 08:13:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011/08/07 08:13:05 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
    [2011/08/06 14:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
    [2011/08/06 14:53:37 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
    [2011/08/06 14:53:37 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
    [2011/08/06 14:53:34 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
    [2011/08/06 14:53:34 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
    [2011/08/06 14:53:33 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
    [2011/08/06 14:53:32 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
    [2011/08/06 14:53:32 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
    [2011/08/06 14:53:32 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
    [2011/08/06 14:53:20 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2011/08/06 14:53:19 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
    [2011/08/06 14:53:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
    [2011/08/06 14:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2011/08/06 11:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
    [2011/08/06 11:30:12 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
    [2011/08/04 20:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Start Menu\Programs\Google Chrome
    [2011/08/03 19:25:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
    [2011/07/31 11:03:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate
    [2011/07/31 11:02:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
    [2011/07/31 10:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
    [2011/07/31 08:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Application Data\FreeBurner
    [2011/07/31 08:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Free Easy CD DVD Burner
    [2011/07/30 14:53:35 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2011/07/30 14:47:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2011/07/30 10:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\My Documents\My Drivers
    [2011/07/30 10:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Local Settings\Application Data\Innovative Solutions
    [2011/07/30 10:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
    [2011/07/30 10:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DriverMax
    [2011/07/30 10:14:47 | 000,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions

    ========== Files - Modified Within 30 Days ==========

    [2049/12/31 16:00:00 | 002,179,807 | ---- | M] () -- C:\Documents and Settings\jkusano\My Documents\Engagement_pictures.zip
    [2049/12/31 16:00:00 | 002,115,837 | ---- | M] () -- C:\Documents and Settings\jkusano\My Documents\card.jpg
    [2011/08/27 20:47:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2011/08/27 20:11:01 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-2111687655-725345543-1003UA.job
    [2011/08/27 20:11:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-2111687655-725345543-1003Core.job
    [2011/08/27 14:32:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/08/27 14:31:43 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2011/08/27 14:31:43 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
    [2011/08/27 14:31:09 | 000,206,824 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2011/08/27 14:30:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/08/27 14:30:42 | 2145,964,032 | -HS- | M] () -- C:\hiberfil.sys
    [2011/08/27 11:33:14 | 000,245,248 | ---- | M] () -- C:\Documents and Settings\jkusano\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/08/27 08:56:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2011/08/26 10:29:03 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2011/08/25 19:32:17 | 000,002,288 | ---- | M] () -- C:\Documents and Settings\jkusano\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2011/08/25 19:32:16 | 000,002,310 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\Google Chrome.lnk
    [2011/08/21 15:15:49 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
    [2011/08/20 13:16:57 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2011/08/20 13:16:04 | 000,071,396 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
    [2011/08/20 10:11:23 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\Shortcut to winamp.lnk
    [2011/08/20 10:07:39 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
    [2011/08/20 10:03:49 | 021,073,936 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\vlc-1.1.11-win32.exe
    [2011/08/20 05:56:49 | 000,002,317 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\OverDrive Media Console.lnk
    [2011/08/14 07:48:05 | 000,309,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/08/13 16:32:27 | 000,001,562 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Reader.lnk
    [2011/08/13 14:18:48 | 012,081,326 | ---- | M] () -- C:\Documents and Settings\jkusano\My Documents\bikemap_side2.pdf
    [2011/08/13 09:25:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2011/08/13 08:42:22 | 011,796,480 | -H-- | M] () -- C:\Documents and Settings\jkusano\NTUSER.bak
    [2011/08/12 18:41:05 | 000,435,682 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2011/08/12 18:41:05 | 000,068,578 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2011/08/07 08:12:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
    [2011/08/07 08:12:54 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011/08/07 08:12:54 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011/08/07 08:12:54 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011/08/07 08:12:54 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
    [2011/08/06 14:53:38 | 000,001,699 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
    [2011/08/06 14:53:33 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2011/08/06 14:33:43 | 000,005,000 | ---- | M] () -- C:\Documents and Settings\jkusano\My Documents\attach.zip
    [2011/08/06 11:30:24 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\jkusano\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2011/07/31 17:25:38 | 000,000,362 | RHS- | M] () -- C:\boot.ini
    [2011/07/31 11:03:03 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SeaTools for Windows.lnk
    [2011/07/31 08:53:06 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\Free Easy Burner.lnk
    [2011/07/30 15:00:34 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\Shortcut to ComboFix.exe.lnk

    ========== Files Created - No Company Name ==========

    [2011/08/26 10:11:50 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2011/08/26 10:11:50 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2011/08/26 10:11:50 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2011/08/26 10:11:50 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2011/08/26 10:11:50 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2011/08/21 15:15:49 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
    [2011/08/21 15:15:49 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
    [2011/08/20 13:16:56 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
    [2011/08/20 13:11:47 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2011/08/20 10:11:23 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\jkusano\Desktop\Shortcut to winamp.lnk
    [2011/08/20 10:07:39 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
    [2011/08/20 10:03:38 | 021,073,936 | ---- | C] () -- C:\Documents and Settings\jkusano\Desktop\vlc-1.1.11-win32.exe
    [2011/08/13 16:32:27 | 000,001,562 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Reader.lnk
    [2011/08/13 16:32:24 | 000,000,567 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Reader.lnk
    [2011/08/13 14:18:47 | 012,081,326 | ---- | C] () -- C:\Documents and Settings\jkusano\My Documents\bikemap_side2.pdf
    [2011/08/06 14:53:38 | 000,001,699 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
    [2011/08/06 14:33:43 | 000,005,000 | ---- | C] () -- C:\Documents and Settings\jkusano\My Documents\attach.zip
    [2011/08/06 11:30:24 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\jkusano\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2011/08/04 20:06:59 | 000,002,310 | ---- | C] () -- C:\Documents and Settings\jkusano\Desktop\Google Chrome.lnk
    [2011/08/04 20:06:59 | 000,002,288 | ---- | C] () -- C:\Documents and Settings\jkusano\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2011/08/04 20:06:29 | 000,000,986 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-2111687655-725345543-1003UA.job
    [2011/08/04 20:06:29 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-2111687655-725345543-1003Core.job
    [2011/07/31 11:03:03 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SeaTools for Windows.lnk
    [2011/07/30 15:00:34 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\jkusano\Desktop\Shortcut to ComboFix.exe.lnk
    [2011/07/30 14:53:42 | 000,000,245 | ---- | C] () -- C:\Boot.bak
    [2011/07/30 14:53:39 | 000,260,272 | RHS- | C] () -- C:\cmldr
    [2011/06/12 13:55:46 | 000,000,285 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2011/02/18 21:17:22 | 000,071,396 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
    [2011/02/13 15:45:16 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
    [2011/02/13 15:45:00 | 000,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
    [2011/01/22 13:13:08 | 000,881,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2010/12/27 13:38:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
    [2010/11/25 10:26:00 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2010/11/06 23:06:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
    [2010/11/06 21:49:03 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
    [2010/11/06 21:48:34 | 000,000,841 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
    [2010/11/06 21:48:34 | 000,000,462 | ---- | C] () -- C:\WINDOWS\brwmark.ini
    [2010/11/06 21:48:34 | 000,000,147 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
    [2010/11/06 21:48:34 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
    [2010/11/06 21:48:34 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
    [2010/11/06 21:47:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
    [2010/11/06 21:45:06 | 000,027,513 | ---- | C] () -- C:\WINDOWS\maxlink.ini
    [2009/12/12 09:24:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
    [2009/10/19 14:25:08 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
    [2009/08/23 07:17:30 | 000,025,713 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
    [2009/08/17 15:30:23 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\ISODisk.sys
    [2009/08/15 20:06:36 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT3.DAT
    [2009/08/09 19:53:42 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
    [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
    [2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
    [2009/08/01 17:21:33 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
    [2009/08/01 16:55:55 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX3000.ini
    [2009/05/28 17:53:13 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
    [2009/05/28 17:52:28 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
    [2009/03/07 16:28:46 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
    [2009/02/08 17:43:57 | 000,008,179 | ---- | C] () -- C:\WINDOWS\lviewp.ini
    [2009/01/19 14:08:36 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2009/01/19 14:08:36 | 000,686,085 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
    [2009/01/19 14:08:36 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
    [2009/01/19 14:08:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
    [2009/01/19 14:08:36 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
    [2009/01/19 14:08:36 | 000,054,919 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
    [2009/01/11 16:09:47 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
    [2009/01/10 22:02:34 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
    [2009/01/10 21:37:15 | 000,245,248 | ---- | C] () -- C:\Documents and Settings\jkusano\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/01/10 18:10:43 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2009/01/10 18:10:43 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
    [2009/01/10 18:10:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
    [2009/01/10 16:18:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2009/01/10 16:14:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2009/01/10 16:09:29 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2009/01/10 10:45:09 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2009/01/10 10:36:29 | 000,309,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2008/12/28 12:59:44 | 003,190,784 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
    [2008/12/28 11:51:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
    [2008/12/28 11:50:50 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
    [2008/12/28 11:49:08 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
    [2008/12/26 01:08:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2008/12/26 01:08:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
    [2008/12/26 01:08:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2008/12/26 01:08:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
    [2008/12/26 01:08:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2008/12/26 01:08:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2008/12/26 01:08:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
    [2008/12/26 01:08:00 | 000,432,672 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
    [2008/12/12 12:57:38 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
    [2008/12/09 14:57:26 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
    [2008/12/09 14:57:18 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
    [2008/12/09 14:57:02 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
    [2008/12/09 14:56:34 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
    [2008/12/08 09:37:04 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
    [2008/12/08 08:53:40 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
    [2008/12/08 08:53:32 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2008/11/26 15:55:22 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
    [2008/11/26 14:49:10 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
    [2008/11/15 14:02:26 | 001,866,670 | ---- | C] () -- C:\WINDOWS\System32\libfftw3f-3.dll
    [2008/07/09 04:05:24 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
    [2008/04/05 13:53:24 | 000,140,288 | ---- | C] () -- C:\WINDOWS\System32\avsfilter.dll
    [2008/03/29 11:42:22 | 000,245,248 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
    [2008/03/29 11:42:20 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
    [2008/03/29 11:42:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
    [2008/03/29 11:42:08 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
    [2008/03/29 11:42:04 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
    [2008/03/29 11:42:04 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
    [2008/03/29 11:42:02 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
    [2008/03/29 11:42:02 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
    [2008/03/29 11:42:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
    [2008/03/29 11:42:00 | 000,103,424 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
    [2008/03/29 11:41:54 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
    [2008/03/29 11:41:54 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
    [2008/03/29 11:41:52 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
    [2008/03/29 11:41:52 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
    [2007/10/13 05:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
    [2005/11/07 18:32:46 | 003,088,384 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-4.dll
    [2005/11/04 22:57:14 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
    [2005/10/14 17:09:48 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
    [2005/09/12 23:09:34 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\AvsRecursion.dll
    [2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2004/08/04 08:00:00 | 000,435,682 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2004/08/04 08:00:00 | 000,068,578 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2004/08/04 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
    [2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2004/01/30 00:44:56 | 001,627,136 | ---- | C] () -- C:\WINDOWS\System32\fftw3.dll
    [2004/01/23 22:35:44 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\avisynth_c.dll
    [2003/08/07 15:01:50 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
    [2002/03/04 10:16:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
    [1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
    [1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll

    ========== LOP Check ==========

    [2010/02/03 20:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2011/08/06 14:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2009/01/10 17:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
    [2011/07/31 10:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
    [2011/07/30 10:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
    [2009/06/21 11:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
    [2011/04/05 19:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
    [2011/01/17 16:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
    [2010/11/06 21:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
    [2009/09/04 09:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
    [2009/08/15 11:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
    [2009/02/14 17:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{27ED786F-D773-47F8-93EB-8A249414AD30}
    [2011/02/12 13:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2009/11/22 07:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
    [2011/03/18 22:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\.minecraft
    [2011/08/27 17:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Azureus
    [2011/05/30 09:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Canon
    [2011/07/31 08:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\FreeBurner
    [2009/11/27 17:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\GARMIN
    [2009/02/14 18:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\ICAClient
    [2011/02/15 21:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\InfraRecorder
    [2010/11/26 07:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Leadertech
    [2009/05/28 17:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\MAGIX
    [2009/08/08 16:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Megaupload
    [2009/11/22 07:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\OverDrive
    [2011/01/22 11:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Research In Motion
    [2009/08/15 11:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\ScanSoft
    [2010/11/26 07:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Seagate
    [2009/02/14 17:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Seven Zip
    [2009/08/02 15:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Sony
    [2009/08/02 15:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Sony Setup
    [2010/12/27 13:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\TechWizard
    [2009/01/26 14:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\webex
    [2011/08/27 14:31:43 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

    ========== Purity Check ==========



    < End of report >
  3. 2011-08-28, 04:44 #23
    redcar92
    redcar92 is offline
    Senior Member
    Join Date
    Aug 2010
    Location
    Near Atlanta, GA
    Posts
    189

    Default

    Greetings jkusano

    Next
    Run OTL.exe
    Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
    Code:
    :OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 38 A7 1F 02 59 3F 1B 49 88 92 43 7A F6 E3 DB E7 [binary data]
:Services
:Reg
:Files
:Commands
[purity]
[emptytemp]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot when it is done
    • Then post a new OTL log (don't check the boxes beside LOP Check or Purity this time)


    Next
    Open FireFox
    Click on Tools on the Menu bar
    Click on Options
    Click on Advanced tool
    Click on Network Tab
    Click on Settings in the Connections box at the top
    Click the top button No Proxy

    Logs to post
    • OTL.txt
    • How is your PC running now.
  4. 2011-08-28, 22:09 #24
    jkusano
    jkusano is offline
    Junior Member
    Join Date
    Aug 2011
    Location
    Washington, DC
    Posts
    14

    Default

    Bill: It's running very well, thanks you. Thanks for all your help. One quick question, how do I use the windows recovery option that I loaded prior to running combofix? This whole thing started when by windows boot script was corrupted by a virus. I was able to repair that after several days without a computer. I'm thinking that this windows recovery option that comes up prior to windows booting up will help me if that ever happens again. Thanks again.

    Here's the OTL.txt file:

    All processes killed
    ========== OTL ==========
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\XMLHTTP_UUID_Default| /E : value set successfully!
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->FireFox cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Guest
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: jkusano
    ->Temp folder emptied: 3726146 bytes
    ->Temporary Internet Files folder emptied: 2580232 bytes
    ->Java cache emptied: 11513 bytes
    ->FireFox cache emptied: 94459179 bytes
    ->Google Chrome cache emptied: 343898580 bytes
    ->Flash cache emptied: 17595 bytes

    User: LocalService
    ->Temp folder emptied: 65748 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 98866 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 56157923 bytes

    Total Files Cleaned = 478.00 mb


    OTL by OldTimer - Version 3.2.26.6 log created on 08282011_155805

    Files\Folders moved on Reboot...
    File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!
    C:\WINDOWS\temp\Perflib_Perfdata_830.dat moved successfully.

    Registry entries deleted on Reboot...
  5. 2011-08-28, 23:59 #25
    redcar92
    redcar92 is offline
    Senior Member
    Join Date
    Aug 2010
    Location
    Near Atlanta, GA
    Posts
    189

    Default

    Greetings jkusano
    Before you go just a couple of details to take care of.

    Recovery Conole is installed by Combofix as a backup measure in the event your pc become unbootable. Here is a good article by MS on the installation and use of Recovery Console.

    Next
    Your Java appears to be down level.
    Navigate to Control Panel then open Add Remove Programs.
    Highlight each Java item listed then Remove or Uninstall.
    Visit this site to down load and install the latest Java.

    Now to clean up our tools a bit.
    The following will implement some cleanup procedures as well as reset System Restore points:
    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    • See this Link for programs that need to be disabled and instruction on how to disable them.
    • Remember to re-enable them when we're done.


    Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

    ComboFix /Uninstall

    Clean up with OTL:
    • Double-click OTL.exe to start the program.
    • Close all other programs apart from OTL as this step will require a reboot
    • On the OTL main screen, press the CLEANUP button
    • Say Yes to the prompt and then allow the program to reboot your computer.


    On your desktop right click on aswMBR.exe and click delete. Do the same for aswMBR.txt

    You should keep Malwarebytes and ESET scanner. Update and run these on a regular basis to keep your system running clean.

    From the look of your logs are finally, All Clean and the machine seems to be performing as it should. You know how much work and effort you've had to put into getting it back into working order, so hopefully you can impress upon the others who use this machine, to be more careful.

    For the future safety of this machine and your data, try to ensure they sit down and read the following threads: (it won't take them very long)

    Cracked/Illegal Software

    Perils of P2P File Sharing

    Think Prevention

    If there aren't any more problems, we have some final housekeeping to tend to now.

    To help protect your computer in the future I recommend that you follow these steps and look into the following free programs:

    * Microsoft Windows Update - http://www.windowsupdate.com
    Visit regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

    * SpywareBlaster to help prevent spyware from installing in the first place. Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items.
    o SpywareBlaster is a preventative program. It sets flags in the registry to prevent the running of a specific list of bad spyware related ActiveX controls. It will block any bad ActiveX from running in Internet Explorer and Firefox if it's listed in their database (which you should update frequently). To view their database and list of restricted sites, launch the program and click on each of the tabs on the main display page.

    * WOT, Web of Trust, As 'Googling' is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    o Green to go
    o Yellow for caution
    o Red to stop
    WOT has an addon available for both Firefox and IE.


    * Scan here http://secunia.com/software_inspector/ for out of date & vulnerable common applications on your computer

    Thanks for your patience and hard work.
    Please post any questions, concerns or issues now as this thread will close in a few days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules