Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Virus & Other Malware Removal
Go to first new post "Congratulations, you won" &am ...
Go to first new post Black desktop, missing all shortcuts, fi ...
Go to first new post Microsoft Visual C++ Runtime Library Buf ...
Go to first new post Family Cyber Removal
Go to first new post System Check problem
Go to first new post hijack this log ......
Go to first new post Trojan virus
Go to first new post "svchost application error 0x6fe217 ...
Go to first new post Cannot access any google sites - youtube ...
Go to first new post My computer is slowly dying
Go to first new post Trojan Hider
Go to first new post We Got System Checked :-(
Go to first new post Extremely unresponsive, massive hang-ups ...
Go to first new post Incredibar Removal - Support Pls!
Go to first new post need help regarding malware/spyware
Tag Cloud
access acer asus bios bsod computer crash drive driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory monitor motherboard network printer problem ram registry router security slow software sound toshiba trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless xbox
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
Solved: Computer has been infected! Vista 64 W/logs

Page 3 of 5 12 3 45
Reply  
Thread Tools
miller330i's Avatar
Computer Specs
Member with 46 posts.
  
Join Date: Oct 2009
Location: People Republic of Kalifornia
Experience: Intermediate
24-Oct-2009, 01:08 AM #31
OTL logfile created on: 10/23/2009 9:01:32 PM - Run 6
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Users\Desktop\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 43.25% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 156.06 Gb Free Space | 55.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 279.45 Gb Total Space | 10.30 Gb Free Space | 3.69% Space Free | Partition Type: NTFS
Drive F: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DESKTOP1
Current User Name: Desktop
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe ()
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files (x86)\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com))
PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. )
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Users\Desktop\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\DAODx.exe ()
PRC - C:\Windows\runservice.exe ()
PRC - C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()

========== Win32 Services (SafeList) ==========

SRV - (Adobe Version Cue CS4 [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (AODService [Disabled | Stopped]) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Bonjour Service [Disabled | Stopped]) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService [Disabled | Stopped]) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1ca148920d17d96 [Disabled | Stopped]) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LicCtrlService [Auto | Running]) -- C:\Windows\runservice.exe ()
SRV - (LightScribeService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (MSDTC [Unknown | Stopped]) -- C:\Windows\SysWow64\Msdtc [2006/11/02 06:34:14 | 00,000,000 | ---D | M]
SRV - (Nero BackItUp Scheduler 3 [Disabled | Stopped]) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NMIndexingService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PLFlash DeviceIoControl Service [Disabled | Stopped]) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
SRV - (PnkBstrA [Auto | Running]) -- C:\Windows\SysWow64\PnkBstrA.exe ()
SRV - (SBSDWSCService [Auto | Running]) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Sound Blaster X-Fi MB Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)
SRV - (vds [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vds.mof ()
SRV - (VSS [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vss.mof ()
SRV - (WebrootSpySweeperService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com))
SRV - (WRConsumerService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. )
SRV:64bit: - (AEADIFilters [Disabled | Stopped]) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation)
SRV:64bit: - (AMD External Events Utility [Auto | Running]) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt [On_Demand | Stopped]) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (CscService [Auto | Running]) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (Fax [On_Demand | Stopped]) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation)
SRV:64bit: - (FLEXnet Licensing Service 64 [Disabled | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV:64bit: - (LVPrcS64 [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:64bit: - (MsMpSvc [Auto | Running]) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (UmRdpService [On_Demand | Stopped]) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (wbengine [On_Demand | Stopped]) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (adfs [Auto | Running]) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (AsIO [System | Running]) -- C:\Windows\SysWow64\drivers\AsIO.sys ()
DRV - (atillk64 [On_Demand | Stopped]) -- C:\Program Files (x86)\ATI Technologies\AMD GPU Clock Tool\atillk64.sys (ATI Technologies Inc.)
DRV - (CSC [System | Running]) -- C:\Windows\CSC [2009/08/02 17:24:44 | 00,000,000 | ---D | M]
DRV - (is-US5VGdrv [System | Stopped]) -- C:\Windows\SysWow64\DRIVERS\34972332.sys (Kaspersky Lab)
DRV - (mcdbus [On_Demand | Running]) -- C:\Windows\SysWow64\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (mpsdrv [On_Demand | Running]) -- C:\Windows\SysWow64\Wbem\mpsdrv.mof ()
DRV - (Partizan [Boot | Stopped]) -- C:\Windows\SysWow64\Partizan.RRI ()
DRV - (pwipf6 [System | Running]) -- C:\Windows\SysWow64\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.)
DRV - (RegGuard [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\regguard.sys (Greatis Software)
DRV - (RivaTuner64 [On_Demand | Stopped]) -- C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys ()
DRV - (Tcpip [Boot | Running]) -- C:\Windows\SysWow64\Wbem\tcpip.mof ()
DRV - (utm3mzg3 [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\utm3mzg3.sys ()
DRV:64bit: - (adfs [Auto | Running]) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (ADIHdAudAddService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV:64bit: - (AmdLLD64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys (Advanced Micro Devices)
DRV:64bit: - (AmdTools [System | Stopped]) -- C:\Windows\SysNative\DRIVERS\AmdTools64.sys (AMD, Inc.)
DRV:64bit: - (AtiHdmiService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (atikmdag [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (AtiPcie [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV:64bit: - (CSC [System | Running]) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (fvevol [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (Lbd [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\Lbd.sys (Lavasoft AB)
DRV:64bit: - (LVPr2M64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (LVPr2Mon [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (mcdbus [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV:64bit: - (MpFilter [System | Running]) -- C:\Windows\SysNative\DRIVERS\MpFilter.sys (Microsoft Corporation)
DRV:64bit: - (MpNWMon [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\MpNWMon.sys (Microsoft Corporation)
DRV:64bit: - (MTsensor [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV:64bit: - (pavboot [Boot | Running]) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.)
DRV:64bit: - (PID_0928 [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LV561V64.SYS (Logitech Inc.)
DRV:64bit: - (pwipf6 [System | Running]) -- C:\Windows\SysNative\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.)
DRV:64bit: - (PxHlpa64 [Boot | Running]) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (RTL8169 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek )
DRV:64bit: - (sptd [Boot | Running]) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (ssfs0bbc [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys (Webroot Software, Inc. (www.webroot.com))
DRV:64bit: - (ssidrv [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssidrv.sys (Webroot Software, Inc. (www.webroot.com))
DRV:64bit: - (StarPortLite [System | Running]) -- C:\Windows\SysNative\DRIVERS\StarPortLite.sys (Rocket Division Software)
DRV:64bit: - (WpdUsb [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Users\Desktop\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========
Register for free to hide this ad!
miller330i's Avatar
Computer Specs
Member with 46 posts.
  
Join Date: Oct 2009
Location: People Republic of Kalifornia
Experience: Intermediate
24-Oct-2009, 01:09 AM #32
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Sky Web Search"
FF - prefs.js..browser.search.selectedEngine: "Sky Web Search"
FF - prefs.js..browser.startup.homepage: " "
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/03 12:48:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/09/30 22:19:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/10/14 12:40:10 | 00,000,000 | ---D | M]

[2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions
[2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/23 08:12:27 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions
[2009/09/23 13:54:59 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/23 08:12:27 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/09/30 22:19:50 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/21 12:10:23 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/08/24 13:15:25 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 13:15:26 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2009/07/13 17:16:26 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll
[2009/08/21 12:10:15 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009/07/13 17:15:48 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll
[2009/07/13 17:15:58 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/08/24 13:15:27 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2009/07/13 17:16:26 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll
[2009/08/24 11:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/24 11:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2009/08/24 11:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 11:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2009/08/24 11:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009/08/24 11:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/24 11:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (794 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg64.dll (Google Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk = C:\Users\Desktop\Desktop\Virus Removal Tool\is-US5VG\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll (Google Inc.)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos...ineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/actives.../as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {F552DDE6-2090-4bf4-B924-6141E87789A5} - Reg Error: Key error. File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/30 15:36:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/10/29 10:18:56 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/06/25 06:29:25 | 00,000,045 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell - "" = AutoRun
O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell\AutoRun\command - "" = F:\Startup.exe -- [2007/05/07 03:15:11 | 01,705,336 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\Windows\SysWow64\*.tmp files]
[1 C:\Windows\*.tmp files]
[2009/10/20 23:12:51 | 00,000,000 | -H-D | C] -- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/14 12:06:06 | 00,000,000 | ---D | C] -- C:\ProgramData\ATI
[2009/10/22 21:51:09 | 00,000,000 | ---D | C] -- C:\ProgramData\is-US5VG
[2009/10/21 11:18:11 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/10/03 10:29:12 | 00,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2009/10/18 11:00:30 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/13 09:13:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Games
[2009/10/20 23:38:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/10/17 22:46:01 | 00,000,000 | ---D | C] -- C:\ProgramData\Sunbelt
[2009/10/17 08:55:20 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2009/10/18 23:31:31 | 00,000,000 | ---D | C] -- C:\ProgramData\WebRoot
[2009/10/17 08:55:09 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Any DVD Converter Professional
[2009/10/07 20:09:00 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Canon
[2009/10/15 14:12:17 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\FastStone
[2009/10/16 08:48:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\ICQ
[2009/10/18 11:00:34 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Malwarebytes
[2009/10/13 09:12:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Microsoft Game Studios
[2009/10/17 22:46:11 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Sunbelt
[2009/10/11 21:54:08 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\vlc
[2009/10/19 00:28:44 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Webroot
[1 C:\Users\Desktop\AppData\Local\*.tmp files]
[2009/10/23 16:47:24 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Adobe
[2009/10/21 12:49:00 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Apple
[2009/10/03 10:29:33 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\LogiShrd
[2009/10/13 09:13:25 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Microsoft Game Studios
[2009/10/22 14:35:45 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Visual Business Cards
[1 C:\Users\Desktop\AppData\Local\*.tmp files]
[2009/10/19 19:25:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2009/10/13 23:26:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2009/10/17 08:55:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Any DVD Converter Professional
[2009/10/23 19:37:28 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2009/10/15 14:12:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Photo Resizer
[2009/10/16 08:48:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6.5
[2009/10/21 11:18:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2009/10/13 09:07:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc
[2009/10/18 11:00:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/10/13 23:32:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2009/10/01 16:26:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2009/10/01 23:16:39 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2009/10/13 09:13:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2009/10/13 23:03:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2009/10/02 10:49:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/10/19 19:25:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSSOAP
[2009/10/22 20:52:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2009/10/20 23:38:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2009/10/18 17:46:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2009/10/17 22:30:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Sunbelt Software
[2009/10/17 22:10:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/10/15 08:40:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2009/10/22 14:32:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Visual Business Cards
[2009/10/18 00:26:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Webroot
[2009/10/03 10:27:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2009/10/14 11:57:11 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2009/10/01 16:26:17 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2009/10/23 16:01:58 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Users\Desktop\Desktop\OTL.exe
[2009/10/22 21:49:19 | 00,200,720 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysWow64\drivers\34972332.sys
[2009/10/22 21:49:19 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Desktop\Virus Removal Tool
[2009/10/22 14:35:46 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Visual Business Cards
[2009/10/21 11:19:47 | 00,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2009/10/19 21:25:42 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/10/19 21:25:40 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/10/19 19:25:19 | 00,078,088 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\SysNative\drivers\pwipf6.sys
[2009/10/19 19:25:11 | 01,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\Windows\WRSetup.dll
[2009/10/19 19:22:24 | 00,078,088 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\SysWow64\drivers\pwipf6.sys
[2009/10/18 12:06:58 | 00,000,000 | --SD | C] -- C:\TheHammer3533T
[2009/10/18 12:06:26 | 00,000,000 | --SD | C] -- C:\TheHammer
[2009/10/18 12:06:26 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/10/17 22:21:11 | 00,000,000 | ---D | C] -- C:\sbtemp
[2009/10/17 10:17:17 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\OJOsoft Corporation
[2009/10/17 08:55:21 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Any DVD Converter Professional
[2009/10/13 23:32:20 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2009/10/13 23:03:07 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2009/10/13 22:58:55 | 05,690,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009/10/13 22:58:53 | 07,006,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2009/10/13 22:58:52 | 01,426,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2009/10/13 22:58:52 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2009/10/13 22:58:51 | 03,599,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/10/13 22:58:51 | 01,176,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/10/13 22:58:51 | 00,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/10/13 22:58:50 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/10/13 22:58:48 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/10/13 22:58:47 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieencode.dll
[2009/10/13 22:58:47 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2009/10/13 22:58:45 | 00,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2009/10/13 22:58:45 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2009/10/13 22:58:34 | 04,698,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2009/10/13 22:58:33 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2009/10/13 22:58:33 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2009/10/13 22:58:32 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009/10/13 22:58:32 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/10/13 22:57:46 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys
[2009/10/13 22:57:45 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2009/10/13 22:57:45 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll
[2009/10/13 16:59:22 | 02,146,304 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2009/10/13 09:52:53 | 00,000,000 | ---D | C] -- C:\Windows\pss
[2009/10/13 09:07:30 | 00,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2009/10/13 09:07:30 | 00,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2009/10/12 20:08:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Desktop\Halo.2.XP-TheBabeLover
[2009/10/03 12:38:47 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\SightSpeed Recordings
[2009/10/01 16:40:24 | 00,238,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe
[2009/08/09 23:14:51 | 00,082,816 | ---- | C] (VSO Software) -- C:\Users\Desktop\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========
miller330i's Avatar
Computer Specs
Member with 46 posts.
  
Join Date: Oct 2009
Location: People Republic of Kalifornia
Experience: Intermediate
24-Oct-2009, 01:11 AM #33
[2 C:\Windows\SysWow64\*.tmp files]
[1 C:\Windows\*.tmp files]
[1 C:\Users\Desktop\AppData\Local\*.tmp files]
[2009/10/23 20:40:25 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/23 20:40:25 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/23 20:35:01 | 00,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/10/23 16:02:01 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Users\Desktop\Desktop\OTL.exe
[2009/10/23 15:35:00 | 00,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/10/23 12:48:48 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/10/23 12:48:48 | 00,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/10/23 12:48:48 | 00,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/10/23 12:40:39 | 00,001,377 | -HS- | M] () -- C:\Windows\SysWow64\mmf.sys
[2009/10/23 12:40:29 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/23 12:40:25 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/23 12:28:33 | 02,842,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/10/22 23:15:45 | 00,038,400 | ---- | M] () -- C:\Users\Desktop\Desktop\Polarity.doc
[2009/10/22 23:15:41 | 00,030,720 | ---- | M] () -- C:\Users\Desktop\Desktop\Geometry.doc
[2009/10/22 23:15:36 | 00,027,136 | ---- | M] () -- C:\Users\Desktop\Desktop\Calorimetry.doc
[2009/10/22 23:15:30 | 00,035,840 | ---- | M] () -- C:\Users\Desktop\Desktop\Thermo.doc
[2009/10/22 23:15:25 | 00,034,304 | ---- | M] () -- C:\Users\Desktop\Desktop\Lewis.doc
[2009/10/22 23:11:28 | 00,000,680 | ---- | M] () -- C:\Users\Desktop\AppData\Local\d3d9caps.dat
[2009/10/22 22:05:49 | 00,007,168 | ---- | M] () -- C:\Windows\SysWow64\drivers\utm3mzg3.sys
[2009/10/22 21:51:09 | 00,001,803 | ---- | M] () -- C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk
[2009/10/20 00:00:07 | 00,001,698 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job
[2009/10/19 22:52:14 | 00,001,684 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job
[2009/10/19 19:25:12 | 00,017,264 | ---- | M] () -- C:\Windows\SysNative\SsiEfr.exe
[2009/10/19 19:22:58 | 00,000,164 | ---- | M] () -- C:\Windows\install.dat
[2009/10/19 19:22:24 | 00,078,088 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Windows\SysWow64\drivers\pwipf6.sys
[2009/10/19 19:22:24 | 00,078,088 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Windows\SysNative\drivers\pwipf6.sys
[2009/10/19 19:05:56 | 00,000,732 | ---- | M] () -- C:\Users\Desktop\AppData\Local\d3d9caps64.dat
[2009/10/19 00:24:55 | 00,000,164 | ---- | M] () -- C:\install.dat
[2009/10/13 16:59:22 | 02,146,304 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2009/10/12 21:16:04 | 00,000,133 | ---- | M] () -- C:\Users\Desktop\AppData\Roaming\default.pls
[2009/10/12 17:13:49 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2009/10/12 17:13:49 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009/10/12 11:36:22 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/10/04 22:31:38 | 00,000,412 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2009/10/02 11:40:19 | 26,575,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt.exe
[2009/10/01 10:29:14 | 00,238,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe

========== Files - No Company Name ==========
[2009/10/22 23:15:45 | 00,038,400 | ---- | C] () -- C:\Users\Desktop\Desktop\Polarity.doc
[2009/10/22 23:15:41 | 00,030,720 | ---- | C] () -- C:\Users\Desktop\Desktop\Geometry.doc
[2009/10/22 23:15:36 | 00,027,136 | ---- | C] () -- C:\Users\Desktop\Desktop\Calorimetry.doc
[2009/10/22 23:15:30 | 00,035,840 | ---- | C] () -- C:\Users\Desktop\Desktop\Thermo.doc
[2009/10/22 23:15:24 | 00,034,304 | ---- | C] () -- C:\Users\Desktop\Desktop\Lewis.doc
[2009/10/22 22:05:49 | 00,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\utm3mzg3.sys
[2009/10/22 21:51:09 | 00,001,803 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-US5VG.lnk
[2009/10/21 17:14:19 | 00,015,688 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2009/10/20 23:20:09 | 00,001,840 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistMSI3C6B.txt
[2009/10/20 23:20:04 | 00,012,862 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistUI3C6B.txt
[2009/10/19 20:58:52 | 00,001,698 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job
[2009/10/19 20:58:51 | 00,001,684 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job
[2009/10/19 19:25:15 | 00,017,264 | ---- | C] () -- C:\Windows\SysNative\SsiEfr.exe
[2009/10/19 19:22:57 | 00,000,164 | ---- | C] () -- C:\Windows\install.dat
[2009/10/18 23:23:57 | 00,000,164 | ---- | C] () -- C:\install.dat
[2009/10/18 21:43:33 | 00,000,680 | ---- | C] () -- C:\Users\Desktop\AppData\Local\d3d9caps.dat
[2009/10/12 11:36:22 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/10/01 23:15:42 | 00,231,562 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL90SP1_KB973924MSI6C8A.txt
[2009/10/01 23:15:41 | 00,014,524 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL90SP1_KB973924UI6C8A.txt
[2009/10/01 23:15:11 | 00,557,508 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923MSI6C25.txt
[2009/10/01 23:15:10 | 00,014,540 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923UI6C25.txt
[2009/10/01 23:14:50 | 00,541,238 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923MSI6BD6.txt
[2009/10/01 23:14:46 | 00,014,492 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923UI6BD6.txt
[2009/09/23 12:09:15 | 00,704,282 | ---- | C] () -- C:\Program Files (x86)\unins000.exe
[2009/09/23 12:09:15 | 00,018,052 | ---- | C] () -- C:\Program Files (x86)\unins000.dat
[2009/09/18 12:18:50 | 00,000,612 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/08/15 09:27:07 | 00,016,384 | ---- | C] () -- C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/12 14:35:43 | 00,001,377 | -HS- | C] () -- C:\Windows\SysWow64\mmf.sys
[2009/08/12 14:35:41 | 00,048,640 | ---- | C] () -- C:\Windows\mmfs.dll
[2009/08/11 18:59:20 | 00,000,133 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\default.pls
[2009/08/10 09:22:01 | 00,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/08/09 23:15:35 | 00,000,034 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.log
[2009/08/09 23:14:51 | 00,099,384 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\inst.exe
[2009/08/09 23:14:51 | 00,007,859 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.cat
[2009/08/09 23:14:51 | 00,001,167 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.inf
[2009/08/07 19:51:34 | 00,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/08/06 13:06:48 | 00,059,904 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2009/08/06 13:02:40 | 00,286,720 | ---- | C] () -- C:\Windows\SysWow64\libcurl.dll
[2009/08/06 13:02:22 | 00,143,360 | ---- | C] () -- C:\Windows\SysWow64\libexpatw.dll
[2009/08/03 18:57:18 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/08/03 16:03:41 | 00,598,240 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistMSI2007.txt
[2009/08/03 16:03:39 | 00,020,488 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistUI2007.txt
[2009/08/03 15:22:47 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/08/03 15:22:28 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/03 14:50:59 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2009/08/03 14:39:34 | 00,000,327 | ---- | C] () -- C:\Windows\RefreshLock.ini
[2009/08/03 10:30:45 | 00,000,000 | ---- | C] () -- C:\Windows\LCDMedia.INI
[2009/08/02 22:36:17 | 00,040,960 | ---- | C] () -- C:\Windows\SysWow64\IPPCPUID.DLL
[2009/08/02 22:35:19 | 00,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll
[2009/08/02 22:33:44 | 00,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009/08/02 22:28:02 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009/08/02 22:28:02 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009/08/02 22:28:00 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/08/02 22:28:00 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/08/02 22:19:34 | 00,000,989 | ---- | C] () -- C:\Windows\FF08_not_Spk_Hp.ini
[2009/08/02 22:19:34 | 00,000,928 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2009/08/02 22:19:12 | 00,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/08/02 22:19:11 | 00,127,488 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009/08/02 21:03:00 | 00,041,125 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/08/02 21:02:40 | 00,034,721 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/08/02 21:02:40 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009/08/02 21:00:48 | 00,051,960 | ---- | C] () -- C:\Users\Desktop\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/02 21:00:30 | 00,000,732 | ---- | C] () -- C:\Users\Desktop\AppData\Local\d3d9caps64.dat
[2009/06/02 18:11:16 | 00,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/05/29 16:52:26 | 00,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 16:47:06 | 00,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/04/21 18:26:56 | 00,031,088 | ---- | C] () -- C:\Windows\SysWow64\wrLZMA.dll
[2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/09/12 16:21:02 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2007/09/04 12:56:10 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007/02/05 20:05:26 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 08:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 08:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2006/11/02 05:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 05:34:27 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini

========== Custom Scans ==========


< Code: >

< --------- >

< rocesses >

< >

< :OTL >

< FF - prefs.js..browser.search.defaultenginename: "Sky Web Search" >

< FF - prefs.js..browser.search.selectedEngine: "Sky Web Search" >

< O4 - HKLM..\Run: [] File not found >

< O4 - HKCU..\Run: [AdobeBridge] File not found >

< O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell - "" = AutoRun >

< O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell\AutoRun\command - "" = F:\Startup.exe -- [2007/05/07 03:15:11 | 01,705,336 | R--- | M] (Microsoft Corporation) >

< >

< :Services >

< >

< :Reg >

< >

< :Files >

< C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini >
[2009/09/03 15:01:18 | 00,016,384 | ---- | M] () -- C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Users\Desktop\AppData\Local\*.tmp files]

< >

< :Commands >

< [emptytemp] >

< [Reboot] >

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FB1B13D8
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >
miller330i's Avatar
Computer Specs
Member with 46 posts.
  
Join Date: Oct 2009
Location: People Republic of Kalifornia
Experience: Intermediate
24-Oct-2009, 01:12 AM #34
Eset is 50% done 3 infected files so far. Thanks for the help!
emeraldnzl's Avatar
Computer Specs
Senior Member with 1,575 posts.
  
Join Date: Nov 2007
Location: Auckland,N.Z.
24-Oct-2009, 03:23 AM #35
Well we have a problem with the running of that script.

Let's leave it for now and wait for the Eset one.

After that, if still necessary, we will go through step by step with the instructions for the OTL scrip and see if we can manage to run it properly.
__________________
Manners are the basis of a civilised society and make everyone's lives just a little happier. They cost nothing but they are worth so much.
miller330i's Avatar
Computer Specs
Member with 46 posts.
  
Join Date: Oct 2009
Location: People Republic of Kalifornia
Experience: Intermediate
24-Oct-2009, 04:45 AM #36
problem with script.
Maybe I am copying the wrong things. I dont know as I havent done this earlier. ESET is still running, about 75% done now. Still showing 3 errors, (3 win32/autoit.gen). Thanks for the help! Jeffrey
emeraldnzl's Avatar
Computer Specs
Senior Member with 1,575 posts.
  
Join Date: Nov 2007
Location: Auckland,N.Z.
24-Oct-2009, 04:56 AM #37
Quote:
Maybe I am copying the wrong things.
Could be that or any of a number of other reasons. Let's not worry now.

We will fix it in good time


Night time where I am so this will be my last post to you for a few hours.

Look forward to the scan results when they come.
__________________
Manners are the basis of a civilised society and make everyone's lives just a little happier. They cost nothing but they are worth so much.
miller330i's Avatar
Computer Specs
Member with 46 posts.
  
Join Date: Oct 2009
Location: People Republic of Kalifornia
Experience: Intermediate
24-Oct-2009, 05:30 AM #38
Eset results
C:\Program Files (x86)\VistaCodecPack\Tools\Settings32.exe Win32/Packed.Autoit.Gen application deleted - quarantined
C:\ProgramData\VistaCodecs\{824A49A1-1AB1-4A00-91E5-C3B2C299366D}\Vista Codec Package.msi Win32/Packed.Autoit.Gen application deleted - quarantined
E:\Nero-8.3.13.0_all_update.exe Win32/Toolbar.AskSBar application deleted - quarantined
emeraldnzl's Avatar
Computer Specs
Senior Member with 1,575 posts.
  
Join Date: Nov 2007
Location: Auckland,N.Z.
24-Oct-2009, 07:19 PM #39
Hello miller330i,

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
  • Close browsers before scanning.
  • Scan for tracking cookies.
  • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
  • Click Preferences, then click the Statistics/Logs tab.
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
  • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
  • Please copy and paste the Scan Log results in your next reply, also tell me how your machine is now.
  • Click Close to exit the program.
__________________
Manners are the basis of a civilised society and make everyone's lives just a little happier. They cost nothing but they are worth so much.
miller330i's Avatar
Computer Specs
Member with 46 posts.
  
Join Date: Oct 2009
Location: People Republic of Kalifornia
Experience: Intermediate
25-Oct-2009, 05:06 AM #40
Superspy log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/25/2009 at 00:14 AM
Application Version : 4.29.1004
Core Rules Database Version : 4188
Trace Rules Database Version: 2103
Scan type : Complete Scan
Total Scan Time : 04:39:28
Memory items scanned : 427
Memory threats detected : 0
Registry items scanned : 7296
Registry threats detected : 6
File items scanned : 1145198
File threats detected : 199
Trojan.Agent/Gen
HKLM\System\ControlSet002\Services\utm3mzg3
C:\WINDOWS\SYSTEM32\DRIVERS\UTM3MZG3.SYS
HKLM\System\ControlSet002\Enum\Root\LEGACY_utm3mzg3
HKLM\System\ControlSet004\Services\utm3mzg3
HKLM\System\ControlSet004\Enum\Root\LEGACY_utm3mzg3
HKLM\System\CurrentControlSet\Services\utm3mzg3
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_utm3mzg3
C:\WINDOWS\SYSWOW64\DRIVERS\UTM3MZG3.SYS
Adware.Tracking Cookie
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ad.yield manager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atdmt[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@advertis ing[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@at.atwol a[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@fastclic k[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.brid getrack[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@tacoda[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atwola[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yadro[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@collecti ve-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@apmebf[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@question market[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@mediaple x[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ar.atwol a[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@microsof tsto.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@www.goog leadservices[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@intercli ck[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@statse.w ebtrendslive[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yieldman ager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@pointrol l[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@cdn.at.a twola[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@doublecl ick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@2o7[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@a1.inter click[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@kontera[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@112. 2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@a1.i nterclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ad.y ieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adbr ite[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. pointroll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. techguy[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. undertone[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adse rver.adtechus[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adve rtising[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@apme bf[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@atdm t[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@bs.s erving-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@casa lemedia[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cdn4 .specificclick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@chit ika[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@citi .bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@coll ective-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@doub leclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wflicoajahp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wjnyalc5igp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@edge .ru4[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-eset.hitbox[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-futurepub.hitbox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@fast click[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@hitb ox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@insi ghtexpressai[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@inte rclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@invi temedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@kont era[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@leee nterprises.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi a6degrees[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi aplex[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msna ccountservices.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msnp ortal.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@over ture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ques tionmarket[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@revs ci[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@rich media.yahoo[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@serv ing-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificmedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@stat se.webtrendslive[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@tns-counter[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@traf ficmp[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yadr o[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yiel dmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@zedo[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@112.2o7[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@a1.interclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.vba[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad3.clickhype[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adecn[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adinterax[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adlegend[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.specificclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.adap[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.addesktop[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.associatedcontent[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.bridgetrack[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.clicksor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.lucidmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.mininova[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.torrentreactor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.undertone[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.widgetbucks[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.xapads[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adserver.adtechus[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adultfriendfinder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@apmebf[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@at.atwola[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atwola[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.adventory[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.bannersource[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.exitexchange[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cbs.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cdn4.specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cengagelearning.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@chitika[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cleanadulthost[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@collective-media[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@consumersmarine.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@content.yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@count.rbc[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dmtracker[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dynamic.media.adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wfkikpazwaq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wjnyegczeho.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wmliohdzseq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eas.apm.emediate[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ebay.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-reed.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-zvents.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@epocrates.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@euroclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eyewonder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@****edhard[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gatehousemedia.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gostats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstdigital.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstmagazines.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@imrworldwide[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@increaselowspermcount[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@insightexpressai[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@interclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@invitemedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@kontera[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@l1.qsstats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@leeenterprises.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@linksynergy[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media6degrees[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@microsoftwindows.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnservices.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@myroitracking[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@mystats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@network.realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@nextag[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ontarget.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@openx.realrussianmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@paypal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@qnsr[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@richmedia.yahoo[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.cpmstar[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[3].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sitestat.mayoclinic[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sixapart.adbureau[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@socialmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@stats.paypal[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tds.best-click-go[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tns-counter[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.feedperfect[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.foxnews[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.pulse360[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@usatoday1.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@vortexmediagroup[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@webstats.bhsi[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.rusteensex[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.worldlingomedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www4.addfreestats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yadro[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[2].txt
miller330i's Avatar
Computer Specs
Member with 46 posts.
  
Join Date: Oct 2009
Location: People Republic of Kalifornia
Experience: Intermediate
25-Oct-2009, 05:19 AM #41
after reboot and cleaning. I am running another scan now.
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/25/2009 at 00:14 AM
Application Version : 4.29.1004
Core Rules Database Version : 4188
Trace Rules Database Version: 2103
Scan type : Complete Scan
Total Scan Time : 04:39:28
Memory items scanned : 427
Memory threats detected : 0
Registry items scanned : 7296
Registry threats detected : 6
File items scanned : 1145198
File threats detected : 199
Trojan.Agent/Gen
HKLM\System\ControlSet002\Services\utm3mzg3
C:\WINDOWS\SYSTEM32\DRIVERS\UTM3MZG3.SYS
HKLM\System\ControlSet002\Enum\Root\LEGACY_utm3mzg3
HKLM\System\ControlSet004\Services\utm3mzg3
HKLM\System\ControlSet004\Enum\Root\LEGACY_utm3mzg3
HKLM\System\CurrentControlSet\Services\utm3mzg3
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_utm3mzg3
C:\WINDOWS\SYSWOW64\DRIVERS\UTM3MZG3.SYS
Adware.Tracking Cookie
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ad.yield manager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atdmt[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@advertis ing[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@at.atwol a[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@fastclic k[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.brid getrack[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@tacoda[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atwola[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yadro[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@collecti ve-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@apmebf[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@question market[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@mediaple x[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ar.atwol a[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@microsof tsto.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@www.goog leadservices[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@intercli ck[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@statse.w ebtrendslive[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yieldman ager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@pointrol l[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@cdn.at.a twola[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@doublecl ick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@2o7[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@a1.inter click[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@kontera[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@112. 2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@a1.i nterclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ad.y ieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adbr ite[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. pointroll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. techguy[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. undertone[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adse rver.adtechus[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adve rtising[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@apme bf[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@atdm t[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@bs.s erving-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@casa lemedia[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cdn4 .specificclick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@chit ika[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@citi .bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@coll ective-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@doub leclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wflicoajahp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wjnyalc5igp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@edge .ru4[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-eset.hitbox[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-futurepub.hitbox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@fast click[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@hitb ox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@insi ghtexpressai[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@inte rclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@invi temedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@kont era[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@leee nterprises.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi a6degrees[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi aplex[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msna ccountservices.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msnp ortal.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@over ture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ques tionmarket[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@revs ci[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@rich media.yahoo[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@serv ing-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificmedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@stat se.webtrendslive[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@tns-counter[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@traf ficmp[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yadr o[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yiel dmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@zedo[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@112.2o7[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@a1.interclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.vba[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad3.clickhype[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adecn[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adinterax[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adlegend[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.specificclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.adap[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.addesktop[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.associatedcontent[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.bridgetrack[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.clicksor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.lucidmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.mininova[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.torrentreactor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.undertone[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.widgetbucks[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.xapads[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adserver.adtechus[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adultfriendfinder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@apmebf[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@at.atwola[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atwola[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.adventory[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.bannersource[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.exitexchange[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cbs.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cdn4.specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cengagelearning.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@chitika[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cleanadulthost[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@collective-media[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@consumersmarine.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@content.yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@count.rbc[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dmtracker[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dynamic.media.adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wfkikpazwaq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wjnyegczeho.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wmliohdzseq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eas.apm.emediate[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ebay.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-reed.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-zvents.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@epocrates.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@euroclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eyewonder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@****edhard[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gatehousemedia.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gostats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstdigital.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstmagazines.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@imrworldwide[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@increaselowspermcount[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@insightexpressai[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@interclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@invitemedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@kontera[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@l1.qsstats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@leeenterprises.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@linksynergy[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media6degrees[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@microsoftwindows.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnservices.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@myroitracking[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@mystats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@network.realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@nextag[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ontarget.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@openx.realrussianmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@paypal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@qnsr[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@richmedia.yahoo[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.cpmstar[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[3].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sitestat.mayoclinic[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sixapart.adbureau[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@socialmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@stats.paypal[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tds.best-click-go[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tns-counter[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.feedperfect[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.foxnews[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.pulse360[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@usatoday1.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@vortexmediagroup[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@webstats.bhsi[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.rusteensex[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.worldlingomedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www4.addfreestats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yadro[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[2].txt
emeraldnzl's Avatar
Computer Specs
Senior Member with 1,575 posts.
  
Join Date: Nov 2007
Location: Auckland,N.Z.
25-Oct-2009, 03:43 PM #42
Quote:
after reboot and cleaning. I am running another scan now.
I take it that this scan is still to come?
miller330i's Avatar
Computer Specs
Member with 46 posts.
  
Join Date: Oct 2009
Location: People Republic of Kalifornia
Experience: Intermediate
25-Oct-2009, 03:46 PM #43
New log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/25/2009 at 03:46 AM
Application Version : 4.29.1004
Core Rules Database Version : 4189
Trace Rules Database Version: 2103
Scan type : Complete Scan
Total Scan Time : 01:44:17
Memory items scanned : 229
Memory threats detected : 0
Registry items scanned : 7294
Registry threats detected : 0
File items scanned : 314008
File threats detected : 18
Adware.Tracking Cookie
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@advertis ing[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@at.atwol a[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@tacoda[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atwola[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ar.atwol a[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@cdn.at.a twola[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@a1.i nterclick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ad.y ieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. techguy[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adve rtising[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@apme bf[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@atdm t[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@coll ective-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@doub leclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi aplex[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@rich media.yahoo[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificmedia[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yadr o[1].txt
miller330i's Avatar
Computer Specs
Member with 46 posts.
  
Join Date: Oct 2009
Location: People Republic of Kalifornia
Experience: Intermediate
25-Oct-2009, 03:47 PM #44
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/25/2009 at 00:14 AM
Application Version : 4.29.1004
Core Rules Database Version : 4188
Trace Rules Database Version: 2103
Scan type : Complete Scan
Total Scan Time : 04:39:28
Memory items scanned : 427
Memory threats detected : 0
Registry items scanned : 7296
Registry threats detected : 6
File items scanned : 1145198
File threats detected : 199
Trojan.Agent/Gen
HKLM\System\ControlSet002\Services\utm3mzg3
C:\WINDOWS\SYSTEM32\DRIVERS\UTM3MZG3.SYS
HKLM\System\ControlSet002\Enum\Root\LEGACY_utm3mzg3
HKLM\System\ControlSet004\Services\utm3mzg3
HKLM\System\ControlSet004\Enum\Root\LEGACY_utm3mzg3
HKLM\System\CurrentControlSet\Services\utm3mzg3
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_utm3mzg3
C:\WINDOWS\SYSWOW64\DRIVERS\UTM3MZG3.SYS
Adware.Tracking Cookie
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ad.yield manager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atdmt[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@advertis ing[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@at.atwol a[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@fastclic k[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.brid getrack[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@tacoda[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@atwola[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yadro[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@collecti ve-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@apmebf[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@question market[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@mediaple x[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ar.atwol a[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@microsof tsto.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@www.goog leadservices[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@intercli ck[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@statse.w ebtrendslive[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@yieldman ager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@content. yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@pointrol l[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@cdn.at.a twola[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@ads.poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@doublecl ick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@2o7[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@a1.inter click[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\desktop@kontera[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@112. 2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@a1.i nterclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ad.y ieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adbr ite[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. pointroll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. techguy[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ads. undertone[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adse rver.adtechus[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@adve rtising[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@apme bf[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@atdm t[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@bs.s erving-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@casa lemedia[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cdn4 .specificclick[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@chit ika[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@citi .bridgetrack[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@coll ective-media[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@cont ent.yieldmanager[3].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@doub leclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wflicoajahp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@e-2dj6wjnyalc5igp.stats.esomniture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@edge .ru4[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-eset.hitbox[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ehg-futurepub.hitbox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@fast click[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@hitb ox[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@insi ghtexpressai[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@inte rclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@invi temedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@kont era[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@leee nterprises.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi a6degrees[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@medi aplex[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msna ccountservices.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@msnp ortal.112.2o7[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@over ture[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@poin troll[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@ques tionmarket[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@revs ci[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@rich media.yahoo[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@serv ing-sys[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificclick[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@spec ificmedia[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@stat se.webtrendslive[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@tns-counter[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@traf ficmp[2].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yadr o[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@yiel dmanager[1].txt
C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Cookies\Low\desktop@zedo[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@112.2o7[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@a1.interclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@accessexcellence[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.vba[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ad3.clickhype[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adecn[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adinterax[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adlegend[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adopt.specificclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.adap[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.addesktop[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.associatedcontent[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.bridgetrack[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.clicksor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.lucidmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.mininova[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.torrentreactor[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.undertone[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.widgetbucks[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ads.xapads[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adserver.adtechus[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@adultfriendfinder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@apmebf[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@at.atwola[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@atwola[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.adventory[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.bannersource[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@banners.exitexchange[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cbs.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cdn4.specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cengagelearning.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@chitika[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@cleanadulthost[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@collective-media[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@consumersmarine.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@content.yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@count.rbc[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dmtracker[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@dynamic.media.adrevolver[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wfkikpazwaq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wjnyegczeho.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wmliohdzseq.stats.esomniture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eas.apm.emediate[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ebay.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-reed.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ehg-zvents.hitbox[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@epocrates.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@euroclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@eyewonder[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@****edhard[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gatehousemedia.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@gostats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstdigital.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@hearstmagazines.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@imrworldwide[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@increaselowspermcount[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@insightexpressai[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@interclick[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@invitemedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@kontera[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@l1.qsstats[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@leeenterprises.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@linksynergy[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@media6degrees[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@microsoftwindows.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@msnservices.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@myroitracking[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@mystats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@network.realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@nextag[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@ontarget.122.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@openx.realrussianmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@paypal.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@qnsr[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@realmedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@richmedia.yahoo[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.cpmstar[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[3].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sitestat.mayoclinic[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@sixapart.adbureau[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@socialmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificclick[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@specificmedia[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@stats.paypal[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tds.best-click-go[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tns-counter[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.feedperfect[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.foxnews[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@tracking.pulse360[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@usatoday1.112.2o7[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@vortexmediagroup[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@webstats.bhsi[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.rusteensex[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www.worldlingomedia[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@www4.addfreestats[2].txt
E:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yadro[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[1].txt
E:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[2].txt
emeraldnzl's Avatar
Computer Specs
Senior Member with 1,575 posts.
  
Join Date: Nov 2007
Location: Auckland,N.Z.
25-Oct-2009, 07:26 PM #45
Let's see if we can get that OTL script to run.

Double click OTL.exe


Then click the Run button:

Once OTL is opened you will be presented with a console looking like this:

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code:
    :processes

:OTL
FF - prefs.js..browser.search.defaultenginename: "Sky Web Search"
FF - prefs.js..browser.search.selectedEngine: "Sky Web Search"
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell - "" = AutoRun
O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell\AutoRun\command - "" = F:\Startup.exe -- [2007/05/07 03:15:11 | 01,705,336 | R--- | M] (Microsoft Corporation)

:Files
C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Commands
[purity]
[emptytemp]
[resethosts]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.
__________________
Manners are the basis of a civilised society and make everyone's lives just a little happier. They cost nothing but they are worth so much.
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply
Page 3 of 5 12 3 45

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 05:22 PM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.