resolved

Greetings jkusano

Things are looking a lot better from this end. How is your pc behaving now? Are there any problems that we may have missed?

Next
  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
  • We only need the OTL.txt file
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.
 
Bill: OK, I ran OTL and here's the OTLg.txt file:

OTL logfile created on: 8/27/2011 8:44:42 PM - Run 2
OTL by OldTimer - Version 3.2.26.6 Folder = C:\Documents and Settings\jkusano\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 67.66% Memory free
3.35 Gb Paging File | 2.94 Gb Available in Paging File | 87.69% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 99.91 Gb Free Space | 21.45% Space Free | Partition Type: NTFS
Drive E: | 114.49 Gb Total Space | 101.50 Gb Free Space | 88.65% Space Free | Partition Type: NTFS
Drive F: | 298.08 Gb Total Space | 41.49 Gb Free Space | 13.92% Space Free | Partition Type: NTFS

Computer Name: DAD-NEW | User Name: jkusano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\jkusano\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe ()
PRC - C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe (Memeo)
PRC - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
PRC - C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe (Axentra Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
PRC - C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
PRC - C:\WINDOWS\system32\Brmfrmps.exe (Brother Industries, Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\11082701\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\11082701\aswRep.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\11082700\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\11082700\aswRep.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
MOD - C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe ()
MOD - C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll ()
MOD - C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll ()
MOD - C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll ()
MOD - C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\WINDOWS\system32\ac3filter.acm ()
MOD - C:\WINDOWS\system32\mmfinfo.dll ()
MOD - C:\WINDOWS\system32\mkunicode.dll ()
MOD - C:\WINDOWS\system32\cpwmon2k.dll ()


========== Win32 Services (SafeList) ==========

SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (IHA_MessageCenter) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe ()
SRV - (SeagateDashboardService) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (ABBYY.Licensing.FineReader.Professional.9.0) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (brmfrmps) -- C:\WINDOWS\System32\Brmfrmps.exe (Brother Industries, Ltd.)


========== Driver Services (SafeList) ==========

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (VX3000) -- C:\WINDOWS\system32\drivers\VX3000.sys (Microsoft Corporation)
DRV - (ISODisk) -- C:\WINDOWS\System32\drivers\ISODisk.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 38 A7 1F 02 59 3F 1B 49 88 92 43 7A F6 E3 DB E7 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/aolcom/search?invocationType=tbff50ie7&query="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ver"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ver"
FF - prefs.js..browser.search.param.yahoo-type: ""
FF - prefs.js..browser.search.selectedEngineURL: "http://flvtubesearch.co/?tmp=toolbar_FLVTube_results&prt=flvtubetb&clid=6423e0fea157460b93368a6e185c32e7&subid=1970&Keywords={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://us.mg4.mail.yahoo.com/dc/launch?.gx=1&.rand=f4sbqg7rr3qop|http://groups.yahoo.com/group/HerndonRestonVAFreecycle/messages?o=1|http://washingtondc.craigslist.org/nva/zip/|http://www.google.com/ig?hl=en"
FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.9.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {566D6332-1439-43bf-857E-7AD5F137AD0C}:1.10
FF - prefs.js..extensions.enabledItems: rikaichan-jpen@polarcloud.com:2.01.110527
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1203
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=421&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 53677
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\jkusano\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\jkusano\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\jkusano\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\jkusano\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\jkusano\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/06 14:53:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/17 10:25:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/21 15:15:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\jkusano\Application Data\Move Networks [2010/02/27 21:01:05 | 000,000,000 | ---D | M]

[2011/07/31 10:46:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Extensions
[2011/08/26 20:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions
[2011/06/25 14:14:06 | 000,000,000 | ---D | M] (Rikaichan) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}
[2010/04/27 18:05:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/05/01 20:51:24 | 000,000,000 | ---D | M] (Names Dictionary for rikaichan) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\{566D6332-1439-43bf-857E-7AD5F137AD0C}
[2009/12/05 19:05:43 | 000,000,000 | ---D | M] (Japanese-English Dictionary for rikaichan) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\{6D898772-AD34-4c16-86BB-9DE787A5DEA0}
[2010/01/29 11:40:22 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}
[2011/05/30 07:21:54 | 000,000,000 | ---D | M] (Rikaichan Japanese-English Dictionary File) -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\extensions\rikaichan-jpen@polarcloud.com
[2011/07/31 08:52:49 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\jkusano\Application Data\Mozilla\Firefox\Profiles\koivs1g4.default\searchplugins\SearchResults.xml
[2011/08/26 20:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/07 08:13:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2010/02/27 21:01:05 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\JKUSANO\APPLICATION DATA\MOVE NETWORKS
[2011/08/06 14:53:21 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/08/07 08:12:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2008/11/06 19:44:40 | 000,027,976 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\atgpcdec.dll
[2008/11/06 19:44:46 | 000,126,360 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\atgpcext.dll
[2008/11/06 19:46:28 | 000,046,408 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\atmccli.dll
[2008/08/16 18:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2008/08/16 18:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2008/08/16 18:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2009/01/26 14:23:08 | 000,098,712 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\ieatgpc.dll
[2008/05/21 09:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2008/05/21 09:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2008/05/21 09:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2008/11/06 19:44:58 | 000,060,824 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll
[2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/08/07 08:12:54 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/08/16 18:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2008/08/16 18:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2010/10/10 15:33:16 | 000,001,175 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\FLVTube.xml.bak
[2011/07/31 08:52:49 | 000,002,497 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

O1 HOSTS File: ([2011/08/26 10:29:03 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\jkusano\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\jkusano\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\jkusano\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/10 16:12:30 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/01/05 20:26:36 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/27 16:03:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/08/26 10:11:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/08/26 10:11:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/08/26 10:11:50 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/08/26 10:11:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/08/26 10:10:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/24 15:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\HJThis
[2011/08/24 15:39:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Start Menu\Programs\HiJackThis
[2011/08/21 15:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/08/20 14:07:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Monkey's Audio
[2011/08/20 14:07:41 | 000,446,464 | ---- | C] (Matthew T. Ashland) -- C:\WINDOWS\System32\MACDll.dll
[2011/08/20 14:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Monkey's Audio
[2011/08/20 10:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/08/19 18:03:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/16 21:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Desktop\Antivirus-Tools
[2011/08/13 16:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\My Documents\My Library
[2011/08/13 16:32:24 | 000,057,436 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\DASShp.dll
[2011/08/13 16:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Reader
[2011/08/12 16:42:59 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/08/12 16:42:40 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/08/12 16:23:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Application Data\SUPERAntiSpyware.com
[2011/08/12 16:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/08/12 16:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/08/12 16:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/08/07 08:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/08/07 08:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/08/07 08:13:05 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/08/07 08:13:05 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/08/07 08:13:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/08/07 08:13:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/08/07 08:13:05 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/08/06 14:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/08/06 14:53:37 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/08/06 14:53:37 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/08/06 14:53:34 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/08/06 14:53:34 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/08/06 14:53:33 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/08/06 14:53:32 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/08/06 14:53:32 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/08/06 14:53:32 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/08/06 14:53:20 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/08/06 14:53:19 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/08/06 14:53:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/08/06 14:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/08/06 11:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/08/06 11:30:12 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/08/04 20:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Start Menu\Programs\Google Chrome
[2011/08/03 19:25:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/07/31 11:03:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate
[2011/07/31 11:02:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/07/31 10:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/07/31 08:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Application Data\FreeBurner
[2011/07/31 08:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Free Easy CD DVD Burner
[2011/07/30 14:53:35 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/07/30 14:47:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/07/30 10:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\My Documents\My Drivers
[2011/07/30 10:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jkusano\Local Settings\Application Data\Innovative Solutions
[2011/07/30 10:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2011/07/30 10:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DriverMax
[2011/07/30 10:14:47 | 000,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions

========== Files - Modified Within 30 Days ==========

[2049/12/31 16:00:00 | 002,179,807 | ---- | M] () -- C:\Documents and Settings\jkusano\My Documents\Engagement_pictures.zip
[2049/12/31 16:00:00 | 002,115,837 | ---- | M] () -- C:\Documents and Settings\jkusano\My Documents\card.jpg
[2011/08/27 20:47:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/27 20:11:01 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-2111687655-725345543-1003UA.job
[2011/08/27 20:11:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-2111687655-725345543-1003Core.job
[2011/08/27 14:32:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/27 14:31:43 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/27 14:31:43 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/08/27 14:31:09 | 000,206,824 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/08/27 14:30:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/27 14:30:42 | 2145,964,032 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/27 11:33:14 | 000,245,248 | ---- | M] () -- C:\Documents and Settings\jkusano\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/27 08:56:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/08/26 10:29:03 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/08/25 19:32:17 | 000,002,288 | ---- | M] () -- C:\Documents and Settings\jkusano\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/08/25 19:32:16 | 000,002,310 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\Google Chrome.lnk
[2011/08/21 15:15:49 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/08/20 13:16:57 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/08/20 13:16:04 | 000,071,396 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/08/20 10:11:23 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\Shortcut to winamp.lnk
[2011/08/20 10:07:39 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/08/20 10:03:49 | 021,073,936 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\vlc-1.1.11-win32.exe
[2011/08/20 05:56:49 | 000,002,317 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\OverDrive Media Console.lnk
[2011/08/14 07:48:05 | 000,309,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/13 16:32:27 | 000,001,562 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Reader.lnk
[2011/08/13 14:18:48 | 012,081,326 | ---- | M] () -- C:\Documents and Settings\jkusano\My Documents\bikemap_side2.pdf
[2011/08/13 09:25:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/13 08:42:22 | 011,796,480 | -H-- | M] () -- C:\Documents and Settings\jkusano\NTUSER.bak
[2011/08/12 18:41:05 | 000,435,682 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/12 18:41:05 | 000,068,578 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/07 08:12:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/08/07 08:12:54 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/08/07 08:12:54 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/08/07 08:12:54 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/08/07 08:12:54 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/08/06 14:53:38 | 000,001,699 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/08/06 14:53:33 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/08/06 14:33:43 | 000,005,000 | ---- | M] () -- C:\Documents and Settings\jkusano\My Documents\attach.zip
[2011/08/06 11:30:24 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\jkusano\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/07/31 17:25:38 | 000,000,362 | RHS- | M] () -- C:\boot.ini
[2011/07/31 11:03:03 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SeaTools for Windows.lnk
[2011/07/31 08:53:06 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\Free Easy Burner.lnk
[2011/07/30 15:00:34 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\jkusano\Desktop\Shortcut to ComboFix.exe.lnk

========== Files Created - No Company Name ==========

[2011/08/26 10:11:50 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/08/26 10:11:50 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/08/26 10:11:50 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/08/26 10:11:50 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/08/26 10:11:50 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/08/21 15:15:49 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/08/21 15:15:49 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/08/20 13:16:56 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/08/20 13:11:47 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/08/20 10:11:23 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\jkusano\Desktop\Shortcut to winamp.lnk
[2011/08/20 10:07:39 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/08/20 10:03:38 | 021,073,936 | ---- | C] () -- C:\Documents and Settings\jkusano\Desktop\vlc-1.1.11-win32.exe
[2011/08/13 16:32:27 | 000,001,562 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Reader.lnk
[2011/08/13 16:32:24 | 000,000,567 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Reader.lnk
[2011/08/13 14:18:47 | 012,081,326 | ---- | C] () -- C:\Documents and Settings\jkusano\My Documents\bikemap_side2.pdf
[2011/08/06 14:53:38 | 000,001,699 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/08/06 14:33:43 | 000,005,000 | ---- | C] () -- C:\Documents and Settings\jkusano\My Documents\attach.zip
[2011/08/06 11:30:24 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\jkusano\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/08/04 20:06:59 | 000,002,310 | ---- | C] () -- C:\Documents and Settings\jkusano\Desktop\Google Chrome.lnk
[2011/08/04 20:06:59 | 000,002,288 | ---- | C] () -- C:\Documents and Settings\jkusano\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/08/04 20:06:29 | 000,000,986 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-2111687655-725345543-1003UA.job
[2011/08/04 20:06:29 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-2111687655-725345543-1003Core.job
[2011/07/31 11:03:03 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SeaTools for Windows.lnk
[2011/07/30 15:00:34 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\jkusano\Desktop\Shortcut to ComboFix.exe.lnk
[2011/07/30 14:53:42 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2011/07/30 14:53:39 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/06/12 13:55:46 | 000,000,285 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/02/18 21:17:22 | 000,071,396 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/13 15:45:16 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2011/02/13 15:45:00 | 000,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2011/01/22 13:13:08 | 000,881,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/12/27 13:38:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2010/11/25 10:26:00 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/11/06 23:06:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2010/11/06 21:49:03 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2010/11/06 21:48:34 | 000,000,841 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2010/11/06 21:48:34 | 000,000,462 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2010/11/06 21:48:34 | 000,000,147 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2010/11/06 21:48:34 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010/11/06 21:48:34 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2010/11/06 21:47:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2010/11/06 21:45:06 | 000,027,513 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/12/12 09:24:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2009/10/19 14:25:08 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/08/23 07:17:30 | 000,025,713 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2009/08/17 15:30:23 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\ISODisk.sys
[2009/08/15 20:06:36 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT3.DAT
[2009/08/09 19:53:42 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/08/01 17:21:33 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/08/01 16:55:55 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX3000.ini
[2009/05/28 17:53:13 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009/05/28 17:52:28 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/03/07 16:28:46 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2009/02/08 17:43:57 | 000,008,179 | ---- | C] () -- C:\WINDOWS\lviewp.ini
[2009/01/19 14:08:36 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/01/19 14:08:36 | 000,686,085 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
[2009/01/19 14:08:36 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2009/01/19 14:08:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2009/01/19 14:08:36 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2009/01/19 14:08:36 | 000,054,919 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2009/01/11 16:09:47 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/01/10 22:02:34 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009/01/10 21:37:15 | 000,245,248 | ---- | C] () -- C:\Documents and Settings\jkusano\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/10 18:10:43 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/10 18:10:43 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2009/01/10 18:10:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2009/01/10 16:18:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/01/10 16:14:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/10 16:09:29 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/10 10:45:09 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/10 10:36:29 | 000,309,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/28 12:59:44 | 003,190,784 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/28 11:51:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/28 11:50:50 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2008/12/28 11:49:08 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/12/26 01:08:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/12/26 01:08:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/12/26 01:08:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/12/26 01:08:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/12/26 01:08:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/12/26 01:08:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/12/26 01:08:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/12/26 01:08:00 | 000,432,672 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/12/12 12:57:38 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2008/12/09 14:57:26 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2008/12/09 14:57:18 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2008/12/09 14:57:02 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2008/12/09 14:56:34 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2008/12/08 09:37:04 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/08 08:53:40 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/08 08:53:32 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/11/26 15:55:22 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2008/11/26 14:49:10 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2008/11/15 14:02:26 | 001,866,670 | ---- | C] () -- C:\WINDOWS\System32\libfftw3f-3.dll
[2008/07/09 04:05:24 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2008/04/05 13:53:24 | 000,140,288 | ---- | C] () -- C:\WINDOWS\System32\avsfilter.dll
[2008/03/29 11:42:22 | 000,245,248 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2008/03/29 11:42:20 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008/03/29 11:42:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2008/03/29 11:42:08 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2008/03/29 11:42:04 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2008/03/29 11:42:04 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2008/03/29 11:42:02 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2008/03/29 11:42:02 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2008/03/29 11:42:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2008/03/29 11:42:00 | 000,103,424 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2008/03/29 11:41:54 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2008/03/29 11:41:54 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2008/03/29 11:41:52 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2008/03/29 11:41:52 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2007/10/13 05:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2005/11/07 18:32:46 | 003,088,384 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-4.dll
[2005/11/04 22:57:14 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2005/10/14 17:09:48 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2005/09/12 23:09:34 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\AvsRecursion.dll
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,435,682 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,068,578 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/01/30 00:44:56 | 001,627,136 | ---- | C] () -- C:\WINDOWS\System32\fftw3.dll
[2004/01/23 22:35:44 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\avisynth_c.dll
[2003/08/07 15:01:50 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002/03/04 10:16:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll

========== LOP Check ==========

[2010/02/03 20:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/08/06 14:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/01/10 17:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2011/07/31 10:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/07/30 10:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2009/06/21 11:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2011/04/05 19:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/01/17 16:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/11/06 21:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/09/04 09:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2009/08/15 11:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2009/02/14 17:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{27ED786F-D773-47F8-93EB-8A249414AD30}
[2011/02/12 13:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/22 07:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/03/18 22:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\.minecraft
[2011/08/27 17:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Azureus
[2011/05/30 09:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Canon
[2011/07/31 08:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\FreeBurner
[2009/11/27 17:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\GARMIN
[2009/02/14 18:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\ICAClient
[2011/02/15 21:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\InfraRecorder
[2010/11/26 07:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Leadertech
[2009/05/28 17:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\MAGIX
[2009/08/08 16:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Megaupload
[2009/11/22 07:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\OverDrive
[2011/01/22 11:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Research In Motion
[2009/08/15 11:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\ScanSoft
[2010/11/26 07:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Seagate
[2009/02/14 17:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Seven Zip
[2009/08/02 15:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Sony
[2009/08/02 15:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\Sony Setup
[2010/12/27 13:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\TechWizard
[2009/01/26 14:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jkusano\Application Data\webex
[2011/08/27 14:31:43 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

========== Purity Check ==========



< End of report >
 
Greetings jkusano

Next
Run OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
Code: 
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 38 A7 1F 02 59 3F 1B 49 88 92 43 7A F6 E3 DB E7 [binary data]
:Services
:Reg
:Files
:Commands
[purity]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post a new OTL log (don't check the boxes beside LOP Check or Purity this time)

Next
Open FireFox
Click on Tools on the Menu bar
Click on Options
Click on Advanced tool
Click on Network Tab
Click on Settings in the Connections box at the top
Click the top button No Proxy

Logs to post
  • OTL.txt
    [*]How is your PC running now.
 
Bill: It's running very well, thanks you. Thanks for all your help. One quick question, how do I use the windows recovery option that I loaded prior to running combofix? This whole thing started when by windows boot script was corrupted by a virus. I was able to repair that after several days without a computer. I'm thinking that this windows recovery option that comes up prior to windows booting up will help me if that ever happens again. Thanks again.

Here's the OTL.txt file:

All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\XMLHTTP_UUID_Default| /E : value set successfully!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: jkusano
->Temp folder emptied: 3726146 bytes
->Temporary Internet Files folder emptied: 2580232 bytes
->Java cache emptied: 11513 bytes
->FireFox cache emptied: 94459179 bytes
->Google Chrome cache emptied: 343898580 bytes
->Flash cache emptied: 17595 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98866 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 56157923 bytes

Total Files Cleaned = 478.00 mb


OTL by OldTimer - Version 3.2.26.6 log created on 08282011_155805

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_830.dat moved successfully.

Registry entries deleted on Reboot...
 
Greetings jkusano
Before you go just a couple of details to take care of.

Recovery Conole is installed by Combofix as a backup measure in the event your pc become unbootable. Here is a good article by MS on the installation and use of Recovery Console.

Next
Your Java appears to be down level.
Navigate to Control Panel then open Add Remove Programs.
Highlight each Java item listed then Remove or Uninstall.
Visit this site to down load and install the latest Java.

Now to clean up our tools a bit.
The following will implement some cleanup procedures as well as reset System Restore points:
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • See this Link for programs that need to be disabled and instruction on how to disable them.
  • Remember to re-enable them when we're done.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall

Clean up with OTL:
  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

On your desktop right click on aswMBR.exe and click delete. Do the same for aswMBR.txt

You should keep Malwarebytes and ESET scanner. Update and run these on a regular basis to keep your system running clean.

From the look of your logs are finally, All Clean and the machine seems to be performing as it should. You know how much work and effort you've had to put into getting it back into working order, so hopefully you can impress upon the others who use this machine, to be more careful.

For the future safety of this machine and your data, try to ensure they sit down and read the following threads: (it won't take them very long)

Cracked/Illegal Software

Perils of P2P File Sharing

Think Prevention

If there aren't any more problems, we have some final housekeeping to tend to now.

To help protect your computer in the future I recommend that you follow these steps and look into the following free programs:

* Microsoft Windows Update - http://www.windowsupdate.com
Visit regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

* SpywareBlaster to help prevent spyware from installing in the first place. Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items.
o SpywareBlaster is a preventative program. It sets flags in the registry to prevent the running of a specific list of bad spyware related ActiveX controls. It will block any bad ActiveX from running in Internet Explorer and Firefox if it's listed in their database (which you should update frequently). To view their database and list of restricted sites, launch the program and click on each of the tabs on the main display page.

* WOT, Web of Trust, As 'Googling' is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
o Green to go
o Yellow for caution
o Red to stop
WOT has an addon available for both Firefox and IE.


* Scan here http://secunia.com/software_inspector/ for out of date & vulnerable common applications on your computer

Thanks for your patience and hard work.:thanks: :greeting:
Please post any questions, concerns or issues now as this thread will close in a few days.
 
You must log in or register to reply here.
Back
Top