Find your solution!

miller330i · 24-Oct-2009, 12:08 AM **#31**

OTL logfile created on: 10/23/2009 9:01:32 PM - Run 6
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Users\Desktop\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 43.25% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 156.06 Gb Free Space | 55.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 279.45 Gb Total Space | 10.30 Gb Free Space | 3.69% Space Free | Partition Type: NTFS
Drive F: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DESKTOP1
Current User Name: Desktop
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe ()
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files (x86)\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com))
PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. )
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Users\Desktop\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\DAODx.exe ()
PRC - C:\Windows\runservice.exe ()
PRC - C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()

========== Win32 Services (SafeList) ==========

SRV - (Adobe Version Cue CS4 [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (AODService [Disabled | Stopped]) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Bonjour Service [Disabled | Stopped]) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService [Disabled | Stopped]) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1ca148920d17d96 [Disabled | Stopped]) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LicCtrlService [Auto | Running]) -- C:\Windows\runservice.exe ()
SRV - (LightScribeService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (MSDTC [Unknown | Stopped]) -- C:\Windows\SysWow64\Msdtc [2006/11/02 06:34:14 | 00,000,000 | ---D | M]
SRV - (Nero BackItUp Scheduler 3 [Disabled | Stopped]) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NMIndexingService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PLFlash DeviceIoControl Service [Disabled | Stopped]) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
SRV - (PnkBstrA [Auto | Running]) -- C:\Windows\SysWow64\PnkBstrA.exe ()
SRV - (SBSDWSCService [Auto | Running]) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Sound Blaster X-Fi MB Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)
SRV - (vds [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vds.mof ()
SRV - (VSS [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vss.mof ()
SRV - (WebrootSpySweeperService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com))
SRV - (WRConsumerService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. )
SRV:64bit: - (AEADIFilters [Disabled | Stopped]) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation)
SRV:64bit: - (AMD External Events Utility [Auto | Running]) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt [On_Demand | Stopped]) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (CscService [Auto | Running]) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (Fax [On_Demand | Stopped]) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation)
SRV:64bit: - (FLEXnet Licensing Service 64 [Disabled | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV:64bit: - (LVPrcS64 [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:64bit: - (MsMpSvc [Auto | Running]) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (UmRdpService [On_Demand | Stopped]) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (wbengine [On_Demand | Stopped]) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (adfs [Auto | Running]) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (AsIO [System | Running]) -- C:\Windows\SysWow64\drivers\AsIO.sys ()
DRV - (atillk64 [On_Demand | Stopped]) -- C:\Program Files (x86)\ATI Technologies\AMD GPU Clock Tool\atillk64.sys (ATI Technologies Inc.)
DRV - (CSC [System | Running]) -- C:\Windows\CSC [2009/08/02 17:24:44 | 00,000,000 | ---D | M]
DRV - (is-US5VGdrv [System | Stopped]) -- C:\Windows\SysWow64\DRIVERS\34972332.sys (Kaspersky Lab)
DRV - (mcdbus [On_Demand | Running]) -- C:\Windows\SysWow64\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (mpsdrv [On_Demand | Running]) -- C:\Windows\SysWow64\Wbem\mpsdrv.mof ()
DRV - (Partizan [Boot | Stopped]) -- C:\Windows\SysWow64\Partizan.RRI ()
DRV - (pwipf6 [System | Running]) -- C:\Windows\SysWow64\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.)
DRV - (RegGuard [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\regguard.sys (Greatis Software)
DRV - (RivaTuner64 [On_Demand | Stopped]) -- C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys ()
DRV - (Tcpip [Boot | Running]) -- C:\Windows\SysWow64\Wbem\tcpip.mof ()
DRV - (utm3mzg3 [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\utm3mzg3.sys ()
DRV:64bit: - (adfs [Auto | Running]) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (ADIHdAudAddService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV:64bit: - (AmdLLD64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys (Advanced Micro Devices)
DRV:64bit: - (AmdTools [System | Stopped]) -- C:\Windows\SysNative\DRIVERS\AmdTools64.sys (AMD, Inc.)
DRV:64bit: - (AtiHdmiService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (atikmdag [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (AtiPcie [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV:64bit: - (CSC [System | Running]) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (fvevol [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (Lbd [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\Lbd.sys (Lavasoft AB)
DRV:64bit: - (LVPr2M64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (LVPr2Mon [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (mcdbus [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV:64bit: - (MpFilter [System | Running]) -- C:\Windows\SysNative\DRIVERS\MpFilter.sys (Microsoft Corporation)
DRV:64bit: - (MpNWMon [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\MpNWMon.sys (Microsoft Corporation)
DRV:64bit: - (MTsensor [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV:64bit: - (pavboot [Boot | Running]) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.)
DRV:64bit: - (PID_0928 [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LV561V64.SYS (Logitech Inc.)
DRV:64bit: - (pwipf6 [System | Running]) -- C:\Windows\SysNative\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.)
DRV:64bit: - (PxHlpa64 [Boot | Running]) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (RTL8169 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek )
DRV:64bit: - (sptd [Boot | Running]) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (ssfs0bbc [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys (Webroot Software, Inc. (www.webroot.com))
DRV:64bit: - (ssidrv [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssidrv.sys (Webroot Software, Inc. (www.webroot.com))
DRV:64bit: - (StarPortLite [System | Running]) -- C:\Windows\SysNative\DRIVERS\StarPortLite.sys (Rocket Division Software)
DRV:64bit: - (WpdUsb [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Users\Desktop\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

miller330i · 24-Oct-2009, 12:09 AM **#32**

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Sky Web Search"
FF - prefs.js..browser.search.selectedEngine: "Sky Web Search"
FF - prefs.js..browser.startup.homepage: " "
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/03 12:48:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/09/30 22:19:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/10/14 12:40:10 | 00,000,000 | ---D | M]

[2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions
[2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/23 08:12:27 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions
[2009/09/23 13:54:59 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/23 08:12:27 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/09/30 22:19:50 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/21 12:10:23 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/08/24 13:15:25 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 13:15:26 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2009/07/13 17:16:26 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll
[2009/08/21 12:10:15 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009/07/13 17:15:48 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll
[2009/07/13 17:15:58 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/08/24 13:15:27 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2009/07/13 17:16:26 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll
[2009/08/24 11:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/24 11:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2009/08/24 11:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 11:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2009/08/24 11:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009/08/24 11:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/24 11:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (794 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg64.dll (Google Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk = C:\Users\Desktop\Desktop\Virus Removal Tool\is-US5VG\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll (Google Inc.)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos...ineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/actives.../as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {F552DDE6-2090-4bf4-B924-6141E87789A5} - Reg Error: Key error. File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/30 15:36:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/10/29 10:18:56 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/06/25 06:29:25 | 00,000,045 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell - "" = AutoRun
O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell\AutoRun\command - "" = F:\Startup.exe -- [2007/05/07 03:15:11 | 01,705,336 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\Windows\SysWow64\*.tmp files]
[1 C:\Windows\*.tmp files]
[2009/10/20 23:12:51 | 00,000,000 | -H-D | C] -- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/14 12:06:06 | 00,000,000 | ---D | C] -- C:\ProgramData\ATI
[2009/10/22 21:51:09 | 00,000,000 | ---D | C] -- C:\ProgramData\is-US5VG
[2009/10/21 11:18:11 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/10/03 10:29:12 | 00,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2009/10/18 11:00:30 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/13 09:13:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Games
[2009/10/20 23:38:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/10/17 22:46:01 | 00,000,000 | ---D | C] -- C:\ProgramData\Sunbelt
[2009/10/17 08:55:20 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2009/10/18 23:31:31 | 00,000,000 | ---D | C] -- C:\ProgramData\WebRoot
[2009/10/17 08:55:09 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Any DVD Converter Professional
[2009/10/07 20:09:00 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Canon
[2009/10/15 14:12:17 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\FastStone
[2009/10/16 08:48:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\ICQ
[2009/10/18 11:00:34 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Malwarebytes
[2009/10/13 09:12:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Microsoft Game Studios
[2009/10/17 22:46:11 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Sunbelt
[2009/10/11 21:54:08 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\vlc
[2009/10/19 00:28:44 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Webroot
[1 C:\Users\Desktop\AppData\Local\*.tmp files]
[2009/10/23 16:47:24 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Adobe
[2009/10/21 12:49:00 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Apple
[2009/10/03 10:29:33 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\LogiShrd
[2009/10/13 09:13:25 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Microsoft Game Studios
[2009/10/22 14:35:45 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Visual Business Cards
[1 C:\Users\Desktop\AppData\Local\*.tmp files]
[2009/10/19 19:25:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2009/10/13 23:26:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2009/10/17 08:55:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Any DVD Converter Professional
[2009/10/23 19:37:28 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2009/10/15 14:12:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Photo Resizer
[2009/10/16 08:48:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6.5
[2009/10/21 11:18:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2009/10/13 09:07:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc
[2009/10/18 11:00:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/10/13 23:32:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2009/10/01 16:26:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2009/10/01 23:16:39 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2009/10/13 09:13:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2009/10/13 23:03:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2009/10/02 10:49:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/10/19 19:25:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSSOAP
[2009/10/22 20:52:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2009/10/20 23:38:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2009/10/18 17:46:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2009/10/17 22:30:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Sunbelt Software
[2009/10/17 22:10:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/10/15 08:40:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2009/10/22 14:32:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Visual Business Cards
[2009/10/18 00:26:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Webroot
[2009/10/03 10:27:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2009/10/14 11:57:11 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2009/10/01 16:26:17 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2009/10/23 16:01:58 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Users\Desktop\Desktop\OTL.exe
[2009/10/22 21:49:19 | 00,200,720 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysWow64\drivers\34972332.sys
[2009/10/22 21:49:19 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Desktop\Virus Removal Tool
[2009/10/22 14:35:46 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Visual Business Cards
[2009/10/21 11:19:47 | 00,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2009/10/19 21:25:42 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/10/19 21:25:40 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/10/19 19:25:19 | 00,078,088 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\SysNative\drivers\pwipf6.sys
[2009/10/19 19:25:11 | 01,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\Windows\WRSetup.dll
[2009/10/19 19:22:24 | 00,078,088 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\SysWow64\drivers\pwipf6.sys
[2009/10/18 12:06:58 | 00,000,000 | --SD | C] -- C:\TheHammer3533T
[2009/10/18 12:06:26 | 00,000,000 | --SD | C] -- C:\TheHammer
[2009/10/18 12:06:26 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/10/17 22:21:11 | 00,000,000 | ---D | C] -- C:\sbtemp
[2009/10/17 10:17:17 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\OJOsoft Corporation
[2009/10/17 08:55:21 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Any DVD Converter Professional
[2009/10/13 23:32:20 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2009/10/13 23:03:07 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2009/10/13 22:58:55 | 05,690,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009/10/13 22:58:53 | 07,006,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2009/10/13 22:58:52 | 01,426,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2009/10/13 22:58:52 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2009/10/13 22:58:51 | 03,599,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/10/13 22:58:51 | 01,176,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/10/13 22:58:51 | 00,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/10/13 22:58:50 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/10/13 22:58:48 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/10/13 22:58:47 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieencode.dll
[2009/10/13 22:58:47 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2009/10/13 22:58:45 | 00,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2009/10/13 22:58:45 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2009/10/13 22:58:34 | 04,698,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2009/10/13 22:58:33 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2009/10/13 22:58:33 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2009/10/13 22:58:32 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009/10/13 22:58:32 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/10/13 22:57:46 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys
[2009/10/13 22:57:45 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2009/10/13 22:57:45 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll
[2009/10/13 16:59:22 | 02,146,304 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2009/10/13 09:52:53 | 00,000,000 | ---D | C] -- C:\Windows\pss
[2009/10/13 09:07:30 | 00,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2009/10/13 09:07:30 | 00,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2009/10/12 20:08:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Desktop\Halo.2.XP-TheBabeLover
[2009/10/03 12:38:47 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\SightSpeed Recordings
[2009/10/01 16:40:24 | 00,238,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe
[2009/08/09 23:14:51 | 00,082,816 | ---- | C] (VSO Software) -- C:\Users\Desktop\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

miller330i · 24-Oct-2009, 12:11 AM **#33**

[2 C:\Windows\SysWow64\*.tmp files]
[1 C:\Windows\*.tmp files]
[1 C:\Users\Desktop\AppData\Local\*.tmp files]
[2009/10/23 20:40:25 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/23 20:40:25 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/23 20:35:01 | 00,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/10/23 16:02:01 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Users\Desktop\Desktop\OTL.exe
[2009/10/23 15:35:00 | 00,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/10/23 12:48:48 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/10/23 12:48:48 | 00,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/10/23 12:48:48 | 00,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/10/23 12:40:39 | 00,001,377 | -HS- | M] () -- C:\Windows\SysWow64\mmf.sys
[2009/10/23 12:40:29 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/23 12:40:25 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/23 12:28:33 | 02,842,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/10/22 23:15:45 | 00,038,400 | ---- | M] () -- C:\Users\Desktop\Desktop\Polarity.doc
[2009/10/22 23:15:41 | 00,030,720 | ---- | M] () -- C:\Users\Desktop\Desktop\Geometry.doc
[2009/10/22 23:15:36 | 00,027,136 | ---- | M] () -- C:\Users\Desktop\Desktop\Calorimetry.doc
[2009/10/22 23:15:30 | 00,035,840 | ---- | M] () -- C:\Users\Desktop\Desktop\Thermo.doc
[2009/10/22 23:15:25 | 00,034,304 | ---- | M] () -- C:\Users\Desktop\Desktop\Lewis.doc
[2009/10/22 23:11:28 | 00,000,680 | ---- | M] () -- C:\Users\Desktop\AppData\Local\d3d9caps.dat
[2009/10/22 22:05:49 | 00,007,168 | ---- | M] () -- C:\Windows\SysWow64\drivers\utm3mzg3.sys
[2009/10/22 21:51:09 | 00,001,803 | ---- | M] () -- C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk
[2009/10/20 00:00:07 | 00,001,698 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job
[2009/10/19 22:52:14 | 00,001,684 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job
[2009/10/19 19:25:12 | 00,017,264 | ---- | M] () -- C:\Windows\SysNative\SsiEfr.exe
[2009/10/19 19:22:58 | 00,000,164 | ---- | M] () -- C:\Windows\install.dat
[2009/10/19 19:22:24 | 00,078,088 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Windows\SysWow64\drivers\pwipf6.sys
[2009/10/19 19:22:24 | 00,078,088 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Windows\SysNative\drivers\pwipf6.sys
[2009/10/19 19:05:56 | 00,000,732 | ---- | M] () -- C:\Users\Desktop\AppData\Local\d3d9caps64.dat
[2009/10/19 00:24:55 | 00,000,164 | ---- | M] () -- C:\install.dat
[2009/10/13 16:59:22 | 02,146,304 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2009/10/12 21:16:04 | 00,000,133 | ---- | M] () -- C:\Users\Desktop\AppData\Roaming\default.pls
[2009/10/12 17:13:49 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2009/10/12 17:13:49 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009/10/12 11:36:22 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/10/04 22:31:38 | 00,000,412 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2009/10/02 11:40:19 | 26,575,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt.exe
[2009/10/01 10:29:14 | 00,238,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe

========== Files - No Company Name ==========
[2009/10/22 23:15:45 | 00,038,400 | ---- | C] () -- C:\Users\Desktop\Desktop\Polarity.doc
[2009/10/22 23:15:41 | 00,030,720 | ---- | C] () -- C:\Users\Desktop\Desktop\Geometry.doc
[2009/10/22 23:15:36 | 00,027,136 | ---- | C] () -- C:\Users\Desktop\Desktop\Calorimetry.doc
[2009/10/22 23:15:30 | 00,035,840 | ---- | C] () -- C:\Users\Desktop\Desktop\Thermo.doc
[2009/10/22 23:15:24 | 00,034,304 | ---- | C] () -- C:\Users\Desktop\Desktop\Lewis.doc
[2009/10/22 22:05:49 | 00,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\utm3mzg3.sys
[2009/10/22 21:51:09 | 00,001,803 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk
[2009/10/21 17:14:19 | 00,015,688 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2009/10/20 23:20:09 | 00,001,840 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistMSI3C6B.txt
[2009/10/20 23:20:04 | 00,012,862 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistUI3C6B.txt
[2009/10/19 20:58:52 | 00,001,698 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job
[2009/10/19 20:58:51 | 00,001,684 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job
[2009/10/19 19:25:15 | 00,017,264 | ---- | C] () -- C:\Windows\SysNative\SsiEfr.exe
[2009/10/19 19:22:57 | 00,000,164 | ---- | C] () -- C:\Windows\install.dat
[2009/10/18 23:23:57 | 00,000,164 | ---- | C] () -- C:\install.dat
[2009/10/18 21:43:33 | 00,000,680 | ---- | C] () -- C:\Users\Desktop\AppData\Local\d3d9caps.dat
[2009/10/12 11:36:22 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/10/01 23:15:42 | 00,231,562 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL90SP1_KB973924MSI6C8A.txt
[2009/10/01 23:15:41 | 00,014,524 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL90SP1_KB973924UI6C8A.txt
[2009/10/01 23:15:11 | 00,557,508 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923MSI6C25.txt
[2009/10/01 23:15:10 | 00,014,540 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923UI6C25.txt
[2009/10/01 23:14:50 | 00,541,238 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923MSI6BD6.txt
[2009/10/01 23:14:46 | 00,014,492 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923UI6BD6.txt
[2009/09/23 12:09:15 | 00,704,282 | ---- | C] () -- C:\Program Files (x86)\unins000.exe
[2009/09/23 12:09:15 | 00,018,052 | ---- | C] () -- C:\Program Files (x86)\unins000.dat
[2009/09/18 12:18:50 | 00,000,612 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/08/15 09:27:07 | 00,016,384 | ---- | C] () -- C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/12 14:35:43 | 00,001,377 | -HS- | C] () -- C:\Windows\SysWow64\mmf.sys
[2009/08/12 14:35:41 | 00,048,640 | ---- | C] () -- C:\Windows\mmfs.dll
[2009/08/11 18:59:20 | 00,000,133 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\default.pls
[2009/08/10 09:22:01 | 00,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/08/09 23:15:35 | 00,000,034 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.log
[2009/08/09 23:14:51 | 00,099,384 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\inst.exe
[2009/08/09 23:14:51 | 00,007,859 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.cat
[2009/08/09 23:14:51 | 00,001,167 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.inf
[2009/08/07 19:51:34 | 00,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/08/06 13:06:48 | 00,059,904 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2009/08/06 13:02:40 | 00,286,720 | ---- | C] () -- C:\Windows\SysWow64\libcurl.dll
[2009/08/06 13:02:22 | 00,143,360 | ---- | C] () -- C:\Windows\SysWow64\libexpatw.dll
[2009/08/03 18:57:18 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/08/03 16:03:41 | 00,598,240 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistMSI2007.txt
[2009/08/03 16:03:39 | 00,020,488 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistUI2007.txt
[2009/08/03 15:22:47 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/08/03 15:22:28 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/03 14:50:59 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2009/08/03 14:39:34 | 00,000,327 | ---- | C] () -- C:\Windows\RefreshLock.ini
[2009/08/03 10:30:45 | 00,000,000 | ---- | C] () -- C:\Windows\LCDMedia.INI
[2009/08/02 22:36:17 | 00,040,960 | ---- | C] () -- C:\Windows\SysWow64\IPPCPUID.DLL
[2009/08/02 22:35:19 | 00,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll
[2009/08/02 22:33:44 | 00,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009/08/02 22:28:02 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009/08/02 22:28:02 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009/08/02 22:28:00 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/08/02 22:28:00 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/08/02 22:19:34 | 00,000,989 | ---- | C] () -- C:\Windows\FF08_not_Spk_Hp.ini
[2009/08/02 22:19:34 | 00,000,928 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2009/08/02 22:19:12 | 00,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/08/02 22:19:11 | 00,127,488 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009/08/02 21:03:00 | 00,041,125 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/08/02 21:02:40 | 00,034,721 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/08/02 21:02:40 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009/08/02 21:00:48 | 00,051,960 | ---- | C] () -- C:\Users\Desktop\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/02 21:00:30 | 00,000,732 | ---- | C] () -- C:\Users\Desktop\AppData\Local\d3d9caps64.dat
[2009/06/02 18:11:16 | 00,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/05/29 16:52:26 | 00,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 16:47:06 | 00,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/04/21 18:26:56 | 00,031,088 | ---- | C] () -- C:\Windows\SysWow64\wrLZMA.dll
[2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/09/12 16:21:02 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2007/09/04 12:56:10 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007/02/05 20:05:26 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 08:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 08:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2006/11/02 05:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 05:34:27 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini

========== Custom Scans ==========

< Code: >

< --------- >

<

rocesses >

< >

< :OTL >

< FF - prefs.js..browser.search.defaultenginename: "Sky Web Search" >

< FF - prefs.js..browser.search.selectedEngine: "Sky Web Search" >

< O4 - HKLM..\Run: [] File not found >

< O4 - HKCU..\Run: [AdobeBridge] File not found >

< O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell - "" = AutoRun >

< O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell\AutoRun\command - "" = F:\Startup.exe -- [2007/05/07 03:15:11 | 01,705,336 | R--- | M] (Microsoft Corporation) >

< >

< :Services >

< >

< :Reg >

< >

< :Files >

< C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini >
[2009/09/03 15:01:18 | 00,016,384 | ---- | M] () -- C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Users\Desktop\AppData\Local\*.tmp files]

< >

< :Commands >

< [emptytemp] >

< [Reboot] >

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FB1B13D8
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >

miller330i · 24-Oct-2009, 12:12 AM **#34**

Eset is 50% done 3 infected files so far. Thanks for the help!

emeraldnzl · 24-Oct-2009, 02:23 AM **#35**

Well we have a problem with the running of that script.

Let's leave it for now and wait for the Eset one.

After that, if still necessary, we will go through step by step with the instructions for the OTL scrip and see if we can manage to run it properly.

miller330i · 24-Oct-2009, 03:45 AM **#36**

Maybe I am copying the wrong things. I dont know as I havent done this earlier. ESET is still running, about 75% done now. Still showing 3 errors, (3 win32/autoit.gen). Thanks for the help! Jeffrey

emeraldnzl · 24-Oct-2009, 03:56 AM **#37**

Quote:

Maybe I am copying the wrong things.

Could be that or any of a number of other reasons. Let's not worry now.

We will fix it in good time

Night time where I am so this will be my last post to you for a few hours.

Look forward to the scan results when they come.

miller330i · 24-Oct-2009, 04:30 AM **#38**

C:\Program Files (x86)\VistaCodecPack\Tools\Settings32.exe Win32/Packed.Autoit.Gen application deleted - quarantined
C:\ProgramData\VistaCodecs\{824A49A1-1AB1-4A00-91E5-C3B2C299366D}\Vista Codec Package.msi Win32/Packed.Autoit.Gen application deleted - quarantined
E:\Nero-8.3.13.0_all_update.exe Win32/Toolbar.AskSBar application deleted - quarantined

emeraldnzl · 24-Oct-2009, 06:19 PM **#39**

Hello miller330i,

Download and scan with SUPERAntiSpyware Free for Home Users

Double-click SUPERAntiSpyware.exe and use the default settings for installation.
An icon will be created on your desktop. Double-click that icon to launch the program.
If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
Under "Configuration and Preferences", click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.
Click the "Close" button to leave the control center screen.
Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
On the left, make sure you check C:\Fixed Drive.
On the right, under "Complete Scan", choose Perform Complete Scan.
Click "Next" to start the scan. Please be patient while it scans your computer.
After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
Make sure everything has a checkmark next to it and click "Next".
A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
If asked if you want to reboot, click "Yes".
To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply, also tell me how your machine is now.
Click Close to exit the program.

miller330i · 25-Oct-2009, 04:06 AM **#40**

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/25/2009 at 00:14 AM
Application Version : 4.29.1004
Core Rules Database Version : 4188
Trace Rules Database Version: 2103
Scan type : Complete Scan
Total Scan Time : 04:39:28
Memory items scanned : 427
Memory threats detected : 0
Registry items scanned : 7296
Registry threats detected : 6
File items scanned : 1145198
File threats detected : 199
Trojan.Agent/Gen
HKLM\System\ControlSet002\Services\utm3mzg3
C:\WINDOWS\SYSTEM32\DRIVERS\UTM3MZG3.SYS
HKLM\System\ControlSet002\Enum\Root\LEGACY_utm3mzg3
HKLM\System\ControlSet004\Services\utm3mzg3
HKLM\System\ControlSet004\Enum\Root\LEGACY_utm3mzg3
HKLM\System\CurrentControlSet\Services\utm3mzg3
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_utm3mzg3
C:\WINDOWS\SYSWOW64\DRIVERS\UTM3MZG3.SYS
Adware.Tracking Cookie
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ad.yield manager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atdmt[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@advertis ing[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@at.atwol a[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@fastclic k[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.brid getrack[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@tacoda[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atwola[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yadro[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@collecti ve-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@apmebf[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@question market[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@mediaple x[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ar.atwol a[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@microsof tsto.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@www.goog leadservices[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@intercli ck[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@statse.w ebtrendslive[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yieldman ager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@pointrol l[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@cdn.at.a twola[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@doublecl ick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@2o7[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@a1.inter click[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@kontera[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@112. 2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@a1.i nterclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ad.y ieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adbr ite[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. pointroll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. techguy[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. undertone[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adse rver.adtechus[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adve rtising[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@apme bf[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@atdm t[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@bs.s erving-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@casa lemedia[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cdn4 .specificclick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@chit ika[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@citi .bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@coll ective-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@doub leclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wflicoajahp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wjnyalc5igp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@edge .ru4[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-eset.hitbox[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-futurepub.hitbox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@fast click[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@hitb ox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@insi ghtexpressai[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@inte rclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@invi temedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@kont era[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@leee nterprises.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi a6degrees[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi aplex[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msna ccountservices.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msnp ortal.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@over ture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ques tionmarket[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@revs ci[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@rich media.yahoo[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@serv ing-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificmedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@stat se.webtrendslive[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@tns-counter[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@traf ficmp[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yadr o[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yiel dmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@zedo[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@112.2o7[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@a1.interclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.vba[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad3.clickhype[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adecn[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adinterax[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adlegend[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.specificclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.adap[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.addesktop[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.associatedcontent[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.bridgetrack[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.clicksor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.lucidmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.mininova[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.torrentreactor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.undertone[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.widgetbucks[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.xapads[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adserver.adtechus[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adultfriendfinder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@apmebf[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@at.atwola[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atwola[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.adventory[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.bannersource[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.exitexchange[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cbs.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cdn4.specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cengagelearning.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@chitika[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cleanadulthost[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@collective-media[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@consumersmarine.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@content.yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@count.rbc[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dmtracker[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dynamic.media.adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wfkikpazwaq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wjnyegczeho.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wmliohdzseq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eas.apm.emediate[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ebay.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-reed.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-zvents.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@epocrates.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@euroclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eyewonder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@****edhard[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gatehousemedia.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gostats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstdigital.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstmagazines.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@imrworldwide[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@increaselowspermcount[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@insightexpressai[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@interclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@invitemedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@kontera[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@l1.qsstats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@leeenterprises.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@linksynergy[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media6degrees[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@microsoftwindows.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnservices.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@myroitracking[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@mystats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@network.realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@nextag[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ontarget.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@openx.realrussianmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@paypal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@qnsr[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@richmedia.yahoo[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.cpmstar[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[3].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sitestat.mayoclinic[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sixapart.adbureau[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@socialmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@stats.paypal[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tds.best-click-go[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tns-counter[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.feedperfect[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.foxnews[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.pulse360[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@usatoday1.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@vortexmediagroup[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@webstats.bhsi[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.rusteensex[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.worldlingomedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www4.addfreestats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yadro[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[2].txt

miller330i · 25-Oct-2009, 04:19 AM **#41**

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/25/2009 at 00:14 AM
Application Version : 4.29.1004
Core Rules Database Version : 4188
Trace Rules Database Version: 2103
Scan type : Complete Scan
Total Scan Time : 04:39:28
Memory items scanned : 427
Memory threats detected : 0
Registry items scanned : 7296
Registry threats detected : 6
File items scanned : 1145198
File threats detected : 199
Trojan.Agent/Gen
HKLM\System\ControlSet002\Services\utm3mzg3
C:\WINDOWS\SYSTEM32\DRIVERS\UTM3MZG3.SYS
HKLM\System\ControlSet002\Enum\Root\LEGACY_utm3mzg3
HKLM\System\ControlSet004\Services\utm3mzg3
HKLM\System\ControlSet004\Enum\Root\LEGACY_utm3mzg3
HKLM\System\CurrentControlSet\Services\utm3mzg3
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_utm3mzg3
C:\WINDOWS\SYSWOW64\DRIVERS\UTM3MZG3.SYS
Adware.Tracking Cookie
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ad.yield manager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atdmt[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@advertis ing[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@at.atwol a[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@fastclic k[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.brid getrack[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@tacoda[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atwola[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yadro[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@collecti ve-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@apmebf[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@question market[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@mediaple x[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ar.atwol a[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@microsof tsto.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@www.goog leadservices[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@intercli ck[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@statse.w ebtrendslive[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yieldman ager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@pointrol l[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@cdn.at.a twola[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@doublecl ick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@2o7[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@a1.inter click[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@kontera[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@112. 2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@a1.i nterclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ad.y ieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adbr ite[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. pointroll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. techguy[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. undertone[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adse rver.adtechus[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adve rtising[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@apme bf[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@atdm t[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@bs.s erving-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@casa lemedia[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cdn4 .specificclick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@chit ika[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@citi .bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@coll ective-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@doub leclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wflicoajahp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wjnyalc5igp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@edge .ru4[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-eset.hitbox[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-futurepub.hitbox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@fast click[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@hitb ox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@insi ghtexpressai[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@inte rclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@invi temedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@kont era[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@leee nterprises.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi a6degrees[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi aplex[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msna ccountservices.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msnp ortal.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@over ture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ques tionmarket[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@revs ci[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@rich media.yahoo[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@serv ing-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificmedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@stat se.webtrendslive[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@tns-counter[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@traf ficmp[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yadr o[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yiel dmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@zedo[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@112.2o7[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@a1.interclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.vba[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad3.clickhype[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adecn[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adinterax[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adlegend[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.specificclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.adap[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.addesktop[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.associatedcontent[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.bridgetrack[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.clicksor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.lucidmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.mininova[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.torrentreactor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.undertone[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.widgetbucks[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.xapads[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adserver.adtechus[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adultfriendfinder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@apmebf[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@at.atwola[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atwola[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.adventory[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.bannersource[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.exitexchange[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cbs.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cdn4.specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cengagelearning.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@chitika[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cleanadulthost[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@collective-media[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@consumersmarine.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@content.yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@count.rbc[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dmtracker[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dynamic.media.adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wfkikpazwaq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wjnyegczeho.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wmliohdzseq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eas.apm.emediate[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ebay.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-reed.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-zvents.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@epocrates.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@euroclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eyewonder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@****edhard[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gatehousemedia.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gostats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstdigital.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstmagazines.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@imrworldwide[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@increaselowspermcount[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@insightexpressai[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@interclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@invitemedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@kontera[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@l1.qsstats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@leeenterprises.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@linksynergy[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media6degrees[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@microsoftwindows.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnservices.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@myroitracking[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@mystats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@network.realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@nextag[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ontarget.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@openx.realrussianmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@paypal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@qnsr[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@richmedia.yahoo[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.cpmstar[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[3].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sitestat.mayoclinic[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sixapart.adbureau[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@socialmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@stats.paypal[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tds.best-click-go[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tns-counter[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.feedperfect[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.foxnews[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.pulse360[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@usatoday1.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@vortexmediagroup[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@webstats.bhsi[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.rusteensex[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.worldlingomedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www4.addfreestats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yadro[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[2].txt

emeraldnzl · 25-Oct-2009, 02:43 PM **#42**

Quote:

after reboot and cleaning. I am running another scan now.

I take it that this scan is still to come?

miller330i · 25-Oct-2009, 02:46 PM **#43**

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/25/2009 at 03:46 AM
Application Version : 4.29.1004
Core Rules Database Version : 4189
Trace Rules Database Version: 2103
Scan type : Complete Scan
Total Scan Time : 01:44:17
Memory items scanned : 229
Memory threats detected : 0
Registry items scanned : 7294
Registry threats detected : 0
File items scanned : 314008
File threats detected : 18
Adware.Tracking Cookie
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@advertis ing[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@at.atwol a[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@tacoda[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atwola[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ar.atwol a[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@cdn.at.a twola[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@a1.i nterclick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ad.y ieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. techguy[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adve rtising[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@apme bf[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@atdm t[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@coll ective-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@doub leclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi aplex[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@rich media.yahoo[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificmedia[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yadr o[1].txt

miller330i · 25-Oct-2009, 02:47 PM **#44**

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/25/2009 at 00:14 AM
Application Version : 4.29.1004
Core Rules Database Version : 4188
Trace Rules Database Version: 2103
Scan type : Complete Scan
Total Scan Time : 04:39:28
Memory items scanned : 427
Memory threats detected : 0
Registry items scanned : 7296
Registry threats detected : 6
File items scanned : 1145198
File threats detected : 199
Trojan.Agent/Gen
HKLM\System\ControlSet002\Services\utm3mzg3
C:\WINDOWS\SYSTEM32\DRIVERS\UTM3MZG3.SYS
HKLM\System\ControlSet002\Enum\Root\LEGACY_utm3mzg3
HKLM\System\ControlSet004\Services\utm3mzg3
HKLM\System\ControlSet004\Enum\Root\LEGACY_utm3mzg3
HKLM\System\CurrentControlSet\Services\utm3mzg3
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_utm3mzg3
C:\WINDOWS\SYSWOW64\DRIVERS\UTM3MZG3.SYS
Adware.Tracking Cookie
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ad.yield manager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atdmt[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@advertis ing[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@at.atwol a[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@fastclic k[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.brid getrack[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@tacoda[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atwola[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yadro[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@collecti ve-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@apmebf[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@question market[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@mediaple x[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ar.atwol a[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@microsof tsto.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@www.goog leadservices[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@intercli ck[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@statse.w ebtrendslive[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yieldman ager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@pointrol l[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@cdn.at.a twola[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@doublecl ick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@2o7[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@a1.inter click[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@kontera[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@112. 2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@a1.i nterclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ad.y ieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adbr ite[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. pointroll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. techguy[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. undertone[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adse rver.adtechus[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adve rtising[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@apme bf[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@atdm t[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@bs.s erving-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@casa lemedia[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cdn4 .specificclick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@chit ika[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@citi .bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@coll ective-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@doub leclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wflicoajahp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wjnyalc5igp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@edge .ru4[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-eset.hitbox[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-futurepub.hitbox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@fast click[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@hitb ox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@insi ghtexpressai[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@inte rclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@invi temedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@kont era[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@leee nterprises.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi a6degrees[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi aplex[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msna ccountservices.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msnp ortal.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@over ture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ques tionmarket[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@revs ci[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@rich media.yahoo[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@serv ing-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificmedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@stat se.webtrendslive[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@tns-counter[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@traf ficmp[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yadr o[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yiel dmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@zedo[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@112.2o7[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@a1.interclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.vba[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad3.clickhype[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adecn[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adinterax[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adlegend[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.specificclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.adap[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.addesktop[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.associatedcontent[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.bridgetrack[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.clicksor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.lucidmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.mininova[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.torrentreactor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.undertone[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.widgetbucks[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.xapads[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adserver.adtechus[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adultfriendfinder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@apmebf[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@at.atwola[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atwola[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.adventory[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.bannersource[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.exitexchange[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cbs.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cdn4.specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cengagelearning.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@chitika[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cleanadulthost[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@collective-media[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@consumersmarine.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@content.yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@count.rbc[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dmtracker[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dynamic.media.adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wfkikpazwaq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wjnyegczeho.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wmliohdzseq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eas.apm.emediate[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ebay.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-reed.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-zvents.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@epocrates.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@euroclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eyewonder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@****edhard[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gatehousemedia.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gostats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstdigital.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstmagazines.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@imrworldwide[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@increaselowspermcount[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@insightexpressai[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@interclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@invitemedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@kontera[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@l1.qsstats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@leeenterprises.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@linksynergy[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media6degrees[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@microsoftwindows.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnservices.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@myroitracking[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@mystats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@network.realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@nextag[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ontarget.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@openx.realrussianmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@paypal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@qnsr[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@richmedia.yahoo[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.cpmstar[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[3].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sitestat.mayoclinic[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sixapart.adbureau[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@socialmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@stats.paypal[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tds.best-click-go[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tns-counter[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.feedperfect[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.foxnews[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.pulse360[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@usatoday1.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@vortexmediagroup[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@webstats.bhsi[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.rusteensex[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.worldlingomedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www4.addfreestats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yadro[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[2].txt

emeraldnzl · 25-Oct-2009, 06:26 PM **#45**

Let's see if we can get that OTL script to run.

Double click OTL.exe

Then click the Run button:

Once OTL is opened you will be presented with a console looking like this:

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:processes

:OTL
FF - prefs.js..browser.search.defaultenginename: "Sky Web Search"
FF - prefs.js..browser.search.selectedEngine: "Sky Web Search"
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell - "" = AutoRun
O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell\AutoRun\command - "" = F:\Startup.exe -- [2007/05/07 03:15:11 | 01,705,336 | R--- | M] (Microsoft Corporation)

:Files
C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Commands
[purity]
[emptytemp]
[resethosts]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
It will produce a log for you on reboot, please post that log in your next reply.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)