OTL logfile created on: 8/03/2012 9:27:43 PM - Run 1
OTL by OldTimer - Version 3.2.36.1     Folder = C:\Documents and Settings\test\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
 
2.00 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 69.53% Memory free
3.85 Gb Paging File | 3.22 Gb Available in Paging File | 83.77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 279.45 Gb Total Space | 189.11 Gb Free Space | 67.67% Space Free | Partition Type: NTFS
 
Computer Name: TEST-BAAC146BA0 | User Name: test | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/03/08 21:24:35 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
PRC - [2012/01/09 09:07:02 | 001,006,864 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2012/01/09 09:07:02 | 000,129,304 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2012/01/09 09:07:01 | 000,233,592 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe
PRC - [2012/01/09 09:07:01 | 000,159,432 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
PRC - [2012/01/09 09:06:32 | 000,200,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2012/01/09 09:06:32 | 000,142,952 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
PRC - [2008/04/14 08:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/01/09 09:07:04 | 000,546,712 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarHelper.dll
MOD - [2012/01/09 09:07:04 | 000,081,152 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEHook.dll
MOD - [2012/01/09 09:07:04 | 000,030,784 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\components\TBMenuSetting.dll
MOD - [2012/01/09 09:07:04 | 000,030,784 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\components\TBMenuHelp.dll
MOD - [2012/01/09 09:07:02 | 000,174,624 | ---- | M] () -- C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
MOD - [2012/01/09 09:07:02 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_36.dll
MOD - [2012/01/09 09:07:02 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_36.dll
MOD - [2012/01/09 09:06:35 | 000,442,368 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\sqlite3.dll
MOD - [2012/01/09 09:06:33 | 001,081,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
MOD - [2012/01/09 09:06:32 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
MOD - [2012/01/09 09:06:32 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
MOD - [2012/01/09 09:06:32 | 000,012,288 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_system-vc80-mt-1_36.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - [2012/01/09 09:06:32 | 000,200,632 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (neokdss)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] --  -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (fgadipob)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012/01/09 09:06:38 | 000,205,072 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2012/01/09 09:06:38 | 000,171,280 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tmnciesc.sys -- (tmnciesc)
DRV - [2012/01/09 09:06:38 | 000,092,432 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2012/01/09 09:06:38 | 000,084,752 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmeext.sys -- (tmeext)
DRV - [2012/01/09 09:06:38 | 000,081,168 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2012/01/09 09:06:38 | 000,068,368 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2009/07/20 09:14:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/25 11:06:30 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/03/25 11:06:28 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/03/25 11:06:28 | 000,079,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/03/25 11:06:28 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/03/25 11:05:54 | 000,034,216 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/08/12 10:30:54 | 000,007,680 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2008/04/19 06:05:22 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/04/19 06:05:22 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/04/19 06:05:22 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/01/24 16:27:54 | 000,039,704 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rcblan.sys -- (RemoteControl-USBLAN)
DRV - [2005/12/09 16:48:40 | 004,123,136 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/12/07 08:55:20 | 000,126,720 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
IE - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNA_en
IE - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://au.search.yahoo.com/search?fr=mcafee&p={searchTerms}
IE - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\Software\MozillaPlugins\@abr.gov.au/KeyMgmtPlugin: C:\Program Files\ABR\Plug-In\bin\npAUSkeyPlugin.dll (Commonwealth Government of Australia)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@csi.business.gov.au/CsiPlugin: C:\Program Files\Common-Use Signing Interface\bin\npCsiPlugin.dll (Commonwealth Government of Australia)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\firefoxextension [2012/01/09 09:33:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2012/01/09 09:33:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2012/01/09 09:15:52 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2011/08/31 11:39:32 | 000,436,870 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 15032 more lines...
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OE] C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [WLM] C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe (Trend Micro Inc.)
O4 - HKU\.DEFAULT..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe File not found
O4 - HKU\S-1-5-18..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe File not found
O4 - HKU\S-1-5-19..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe File not found
O4 - HKU\S-1-5-20..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe File not found
O4 - HKU\S-1-5-21-3788930324-266944975-2992927495-1003..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\test\Local Settings\Application Data\Akamai\netsession_win.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3788930324-266944975-2992927495-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://designer3d.com.au/planner/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1247545621718 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_10)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 219.139.81.6 168.95.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38F5D6C7-23D8-442A-84E7-FCB1E379512E}: DhcpNameServer = 219.139.81.6 168.95.1.1
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\test\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\test\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{856f1a83-dc38-11da-92f5-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{856f1a83-dc38-11da-92f5-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{856f1a83-dc38-11da-92f5-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\{f09c1606-2f0a-11df-a430-0016e6417e21}\Shell\AutoRun\command - "" = C:\windows\System32\setup.exe -- [2008/04/14 08:12:34 | 000,023,040 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/03/08 21:24:27 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
[2012/03/08 14:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\AppData
[2012/03/08 14:09:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\searchquband
[2012/03/08 14:08:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\test\Recent
[2012/03/08 14:02:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{A37818CF-E0CC-4A13-B685-605AE2F01FD2}
[2012/03/08 14:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2012/03/08 13:55:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\PackageAware
[2012/02/29 09:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2012/02/29 09:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/02/29 09:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[9 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[5 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/03/08 21:24:35 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
[2012/03/08 18:51:16 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Microsoft Office Outlook 2007.lnk
[2012/03/08 18:25:50 | 000,000,438 | ---- | M] () -- C:\windows\MYOBP.INI
[2012/03/08 18:25:28 | 000,000,039 | ---- | M] () -- C:\windows\MYOB.INI
[2012/03/08 17:50:28 | 000,191,765 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2012/03/08 17:50:22 | 000,012,642 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2012/03/08 17:44:31 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2012/03/08 14:02:45 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iLivid Download Manager.lnk
[2012/03/07 11:11:01 | 000,000,486 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
[2012/03/07 09:32:02 | 000,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
[2012/02/29 09:51:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/02/24 10:49:21 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Microsoft Office Word 2007.lnk
[2012/02/20 10:28:23 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/02/17 08:07:58 | 000,001,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sonos Desktop Controller.lnk
[2012/02/15 10:32:22 | 000,277,352 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/02/15 10:15:38 | 000,538,524 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/02/15 10:15:38 | 000,100,338 | ---- | M] () -- C:\windows\System32\perfc009.dat
[9 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[5 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/03/08 14:02:45 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iLivid Download Manager.lnk
[2012/02/29 09:51:54 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/02/15 09:34:21 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll
[2012/02/15 09:34:21 | 000,003,072 | ---- | C] () -- C:\windows\System32\dllcache\iacenc.dll
[2012/01/09 08:25:40 | 000,000,056 | ---- | C] () -- C:\windows\System32\SupportTool.exe.bat
[2011/10/19 08:46:55 | 000,000,663 | ---- | C] () -- C:\windows\openrda.ini
[2011/10/19 08:46:35 | 000,000,000 | ---- | C] () -- C:\windows\drvxl32.INI
[2011/10/19 08:46:33 | 000,000,000 | ---- | C] () -- C:\windows\drvwd32.INI
[2011/10/04 14:17:13 | 000,000,058 | ---- | C] () -- C:\windows\System32\KmTwain.ini
[2011/10/03 20:21:32 | 000,031,567 | ---- | C] () -- C:\windows\maxlink.ini
[2011/10/03 16:31:34 | 000,000,027 | ---- | C] () -- C:\windows\EZSET_SP.INI
[2011/08/29 20:20:22 | 000,326,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3788930324-266944975-2992927495-1003-0.dat
[2011/07/27 21:38:17 | 000,277,030 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/07/20 11:17:36 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat
[2011/07/20 11:17:36 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat
[2011/05/24 12:34:31 | 000,819,200 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2011/05/24 12:34:30 | 000,180,224 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2011/01/27 18:33:34 | 000,021,504 | ---- | C] () -- C:\windows\jestertb.dll
[2011/01/03 21:35:24 | 000,169,872 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/10/13 10:04:03 | 000,000,127 | ---- | C] () -- C:\windows\System32\MRT.INI

< End of report >