OTL logfile created on: 13/6/2012 1:25:11 PM - Run 2 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Danial\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy 3.00 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 68.79% Memory free 6.19 Gb Paging File | 5.41 Gb Available in Paging File | 87.38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 138.50 Gb Total Space | 2.39 Gb Free Space | 1.72% Space Free | Partition Type: NTFS Drive D: | 10.55 Gb Total Space | 2.38 Gb Free Space | 22.52% Space Free | Partition Type: NTFS Computer Name: DANIALHP | User Name: Danial | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/06/12 22:09:00 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Danial\Desktop\OTL.exe PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/03/21 16:06:48 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe PRC - [2011/09/14 20:11:47 | 000,083,280 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe PRC - [2011/01/07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2010/11/09 00:40:56 | 000,715,440 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe PRC - [2010/05/27 11:44:26 | 001,565,960 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe PRC - [2010/03/06 23:57:07 | 000,689,416 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe PRC - [2010/03/06 23:57:06 | 000,497,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe PRC - [2010/03/06 23:57:06 | 000,345,352 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe PRC - [2010/01/26 15:40:32 | 001,020,248 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe PRC - [2009/09/29 08:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe PRC - [2009/09/29 08:52:52 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe PRC - [2009/09/11 13:51:48 | 001,811,704 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/10/29 14:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/09/06 05:09:54 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2007/07/25 15:02:42 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007/04/30 19:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2007/10/01 11:33:32 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll MOD - [2007/09/06 05:03:06 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2007/09/06 04:52:04 | 000,389,120 | ---- | M] () -- C:\WINDOWS\System32\btwhidcs.dll MOD - [2007/04/30 19:18:50 | 000,112,400 | ---- | M] () -- C:\Program Files\Stardock\ObjectDock\DockShellHook.dll MOD - [2007/04/21 13:47:52 | 000,059,592 | ---- | M] () -- C:\Program Files\Stardock\ObjectDock\zlib.dll MOD - [2007/04/19 14:23:48 | 000,095,944 | ---- | M] () -- C:\Program Files\Stardock\ObjectDock\CrashRpt.dll MOD - [2002/11/19 14:11:40 | 000,139,264 | ---- | M] () -- C:\Program Files\Common Files\Stardock\ODimg.dll MOD - [2002/03/13 19:46:32 | 000,118,784 | ---- | M] () -- C:\Program Files\Stardock\ObjectDock\ODimg.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (WSearch) SRV - [2012/06/08 05:27:58 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010/11/09 00:40:56 | 000,715,440 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom) SRV - [2010/05/27 11:44:26 | 001,565,960 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent) SRV - [2010/05/27 11:44:16 | 001,471,752 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine) SRV - [2010/03/06 23:57:07 | 000,689,416 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy) SRV - [2010/03/06 23:57:06 | 000,497,008 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw) SRV - [2010/03/06 23:57:06 | 000,345,352 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer) SRV - [2009/10/21 02:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009/09/29 08:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009/09/11 13:51:48 | 001,811,704 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService) SRV - [2009/02/19 06:21:00 | 002,769,658 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/09/08 12:14:43 | 000,658,432 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/01/19 15:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/19 15:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007/03/06 02:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vidcap.sys -- (vidcap) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (SymIMMP) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (SymIM) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\scsk5.sys -- (scsk5) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\ezty2.sys -- (ezty2) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ajm3a5aq) DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/07/12 18:44:10 | 000,262,416 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\tmxpflt.sys -- (tmxpflt) DRV - [2011/07/12 18:43:58 | 000,036,624 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\tmpreflt.sys -- (tmpreflt) DRV - [2011/07/12 18:09:32 | 001,405,720 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\vsapint.sys -- (vsapint) DRV - [2011/04/26 17:21:06 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tap0901.sys -- (tap0901) DRV - [2011/03/29 01:46:40 | 000,086,792 | ---- | M] (Tonec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\idmwfp.sys -- (IDMWFP) DRV - [2011/01/08 11:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010/10/01 00:16:40 | 000,010,240 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VKbms.sys -- (VKbms) DRV - [2010/09/25 12:55:46 | 000,006,656 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\hidkmdf.sys -- (hidkmdf) DRV - [2010/07/20 02:03:10 | 000,059,472 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\tmactmon.sys -- (tmactmon) DRV - [2010/07/20 02:03:00 | 000,051,792 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\tmevtmgr.sys -- (tmevtmgr) DRV - [2010/07/20 02:02:54 | 000,163,408 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\tmcomm.sys -- (tmcomm) DRV - [2010/06/28 22:50:22 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/09/15 04:51:03] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) DRV - [2010/03/06 23:57:14 | 000,283,152 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\tmwfp.sys -- (tmwfp) DRV - [2010/03/06 23:57:14 | 000,146,448 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tmlwf.sys -- (tmlwf) DRV - [2010/03/06 23:57:14 | 000,089,872 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tmtdi.sys -- (tmtdi) DRV - [2009/12/22 11:33:08 | 000,135,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS) DRV - [2009/10/21 02:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\npf.sys -- (NPF) DRV - [2009/09/14 10:31:54 | 000,659,328 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF) DRV - [2008/11/17 15:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008/05/01 01:28:00 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sptd.sys -- (sptd) DRV - [2008/03/04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2008/01/19 13:53:22 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\winusb.sys -- (winusb) DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007/09/26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007/08/09 12:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007/08/02 17:32:26 | 000,022,784 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\dadder.sys -- (DAdderFltr) DRV - [2007/07/31 03:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/07/31 02:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007/07/12 02:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007/06/19 09:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007/04/18 20:03:26 | 000,141,312 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007/04/16 12:02:36 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2006/06/30 07:42:59 | 001,965,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VX1000.sys -- (VX1000) DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2004/02/04 10:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tiehdusb.sys -- (TIEHDUSB) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_my&c=81&bd=Pavilion&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\..\SearchScopes,DefaultScope = {C1D5AB6F-FFB0-415F-ACDF-131203E2FAB3} IE - HKCU\..\SearchScopes\{C1D5AB6F-FFB0-415F-ACDF-131203E2FAB3}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 10.10.10.1:808 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/" FF - prefs.js..extensions.enabledItems: {22181a4d-af90-4ca3-a569-faed9118d6bc}:1.6.0.1165 FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.3790 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.4.7amo FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2009/11/05 18:04:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension [2011/09/14 20:13:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/08 05:28:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/04 23:08:16 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\firefoxext [2009/11/05 18:04:11 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Danial\AppData\Roaming\IDM\idmmzcc3 [2011/11/10 10:23:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Danial\AppData\Roaming\IDM\idmmzcc3 [2011/11/10 10:23:33 | 000,000,000 | ---D | M] [2010/03/23 05:07:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danial\AppData\Roaming\Mozilla\Extensions [2009/04/20 23:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danial\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2012/06/06 02:26:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danial\AppData\Roaming\Mozilla\Firefox\Profiles\enphe0jz.default\extensions [2012/06/08 05:28:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/05/28 21:17:02 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012/06/06 02:26:27 | 000,030,312 | ---- | M] () (No name found) -- C:\USERS\DANIAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ENPHE0JZ.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI [2012/01/06 04:27:45 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\DANIAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ENPHE0JZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012/02/14 20:25:32 | 000,709,293 | ---- | M] () (No name found) -- C:\USERS\DANIAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ENPHE0JZ.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI [2012/05/17 16:56:18 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\DANIAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ENPHE0JZ.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI [2012/02/24 01:06:31 | 000,072,222 | ---- | M] () (No name found) -- C:\USERS\DANIAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ENPHE0JZ.DEFAULT\EXTENSIONS\SKIPSCREEN@SKIPSCREEN.XPI [2012/06/08 05:27:59 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2009/03/23 10:46:26 | 000,192,640 | ---- | M] (INITECH (C)) -- C:\Program Files\mozilla firefox\plugins\npINISAFEWeb60.dll [2012/05/04 02:57:08 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml [2011/11/10 01:39:26 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/05/04 02:57:08 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml [2012/05/04 02:57:08 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml [2012/05/04 02:57:11 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml [2012/05/04 02:57:08 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: ([2012/06/13 13:06:53 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found O4 - HKLM..\Run: [hpqSRMon] File not found O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.) O4 - Startup: C:\Users\Danial\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data] O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\system32\wshbth.dll File not found O13 - gopher Prefix: missing O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class) O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///E:/components/hidinputmonitorx.ocx (HidInputMonitorX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} https://accesscontrol.citibank.co.kr/acsapp/initech/plugin/down_ie8/INIS60.cab (INISAFEWeb6 V6 Class) O16 - DPF: {288CED07-83F7-4077-A3A6-FED1A1707B97} http://gorealradown.sbs.co.kr/streamer/AFCSbsStarter.cab (AFCSbsStarter Control) O16 - DPF: {2DCB00FB-3485-486B-BD41-C49AD605264D} http://www.epost.go.kr/comm/easykeytec/easykeytec.cab (EZKeytecWeb Class) O16 - DPF: {36E5F486-B4EF-4D21-85E0-C58EBAA81A30} http://app.gomtv.com/ce/gomtvax/bin/GOMTVAXCSETUP.EXE.CAB (GomTV WebPlayer) O16 - DPF: {39FC0CF9-86F3-4502-B773-D16706EDEC83} https://accesscontrol.citibank.co.kr/acsapp/keystroke/SCSK4_VISTA.cab (SCSK Control) O16 - DPF: {4E60FDC9-25C0-425F-B72B-04347474CFC4} http://conting.sbs.co.kr/service/Conting.CAB (Conting_S Down Control) O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///E:/components/A9.ocx (A9Helper.A9) O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} http://www.srtest.com/srl_bin/sysreqlab_ind.cab (System Requirements Lab Class) O16 - DPF: {61FDA6C5-3F5D-44D9-9CED-1D7AC727ACE0} http://touch.imbc.com/ActiveX/Pointory/CueControl2.ocx (CueControl Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///E:/components/wmvhdrating.ocx (WMVHDRatingCtrl Class) O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class) O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {99C709C7-4F58-46C1-855B-90213C760395} https://secure.kcp.co.kr/webpay/v3d/file/kcp_ansimclick.cab (V3D Client Control) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab56649.cab (MSN Games - Installer) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} http://www.instantaction.com/download/iaplayer.cab (InstantAction Game Launcher) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} https://www.vpay.co.kr/kvpfiles_new/KVPISPCTLD_VISTA.cab (KvpIspCtlD Control) O16 - DPF: {F6E7ECCE-6E60-4681-8D9B-4BBC12A07110} http://www.gmarket.co.kr/challenge/neo_goods/dlls/GWall_1800_Vista/GWall.cab (GWallCtrl Class) O16 - DPF: {F80BB403-10B0-4EA3-885D-308B56B66C39} http://touch.imbc.com/ActiveX/iMBCOnlineService.cab (IMBCGraph Control) O16 - DPF: {FE9CE737-7BA6-451D-A4E0-EB4599D46FD6} http://www.melon.com/cab/MelonActiveXInstaller.cab (Manager Class) O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} http://zone.msn.com/bingame/zpagames/CheckersZPA.cab55579.cab (CheckersZPA Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1899F5D3-A3DB-4501-ABA9-D185E4E07C4E}: DhcpNameServer = 217.112.88.10 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B85124C2-846A-4FCA-B933-15D9ADF7B92E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F263FA81-AEBC-4449-B849-3915DE43E213}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\WINDOWS\System32\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Danial\Desktop\For Vista\Wallpaper\New Laptop\3970_1155513925_large_original.jpg O24 - Desktop BackupWallPaper: C:\Users\Danial\Desktop\For Vista\Wallpaper\New Laptop\3970_1155513925_large_original.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/12/17 00:14:26 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008/09/27 23:36:56 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008/09/27 23:36:56 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{0c12f958-c20b-11de-b25d-0016d391d7a9}\Shell\AutoRun\command - "" = G:\WD_Windows_Tools\Setup.exe O33 - MountPoints2\{792d4611-3b93-11dd-820f-001e377c5a8e}\Shell - "" = AutoRun O33 - MountPoints2\{792d4611-3b93-11dd-820f-001e377c5a8e}\Shell\AutoRun\command - "" = G:\VMC_PBStarter.exe O33 - MountPoints2\{984b5477-a5ad-11de-ab5b-001e377c5a8e}\Shell\AutoRun\command - "" = explorer . O33 - MountPoints2\{984b5477-a5ad-11de-ab5b-001e377c5a8e}\Shell\mobile\command - "" = H:\MobileLaunch.exe O33 - MountPoints2\{d4cc2c5b-1d8a-11de-a745-001e377c5a8e}\Shell - "" = AutoRun O33 - MountPoints2\{d4cc2c5b-1d8a-11de-a745-001e377c5a8e}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (PDBoot.exe) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/06/13 13:06:48 | 000,000,000 | ---D | C] -- C:\_OTL [2012/06/12 23:09:34 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Danial\Desktop\aswMBR.exe [2012/06/12 22:50:25 | 000,000,000 | ---D | C] -- C:\Users\Danial\Desktop\post in gtg [2012/06/12 22:08:48 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Danial\Desktop\OTL.exe [2012/06/10 05:08:48 | 000,000,000 | ---D | C] -- C:\Users\Danial\Desktop\telepopmusic-angel milk [2012/06/10 04:04:14 | 000,000,000 | ---D | C] -- C:\Users\Danial\Desktop\TelePopMusik_Genetic_World [2012/06/04 17:18:40 | 000,000,000 | -HSD | C] -- C:\found.001 [2012/05/31 00:59:45 | 000,000,000 | ---D | C] -- C:\Users\Danial\Desktop\V.A - Love Rain OST Part 2 [www.k2nblog.com] [2012/05/27 13:49:21 | 000,000,000 | ---D | C] -- C:\Users\Danial\Desktop\camera pics [1 C:\Users\Danial\Documents\*.tmp files -> C:\Users\Danial\Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/06/13 13:18:48 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/06/13 13:18:48 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/06/13 13:18:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/06/13 13:17:40 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012/06/13 13:06:53 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2012/06/13 04:03:46 | 000,338,127 | ---- | M] () -- C:\Users\Danial\Desktop\FSS.exe [2012/06/13 03:59:47 | 000,000,512 | ---- | M] () -- C:\Users\Danial\Desktop\MBR.dat [2012/06/12 23:09:35 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Danial\Desktop\aswMBR.exe [2012/06/12 22:09:00 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Danial\Desktop\OTL.exe [2012/06/12 03:58:50 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn [2012/06/11 21:40:10 | 000,002,611 | ---- | M] () -- C:\Users\Danial\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk [2012/06/09 19:56:05 | 000,002,579 | ---- | M] () -- C:\Users\Danial\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office PowerPoint 2007.lnk [2012/06/07 20:59:37 | 000,189,694 | ---- | M] () -- C:\Users\Danial\Desktop\prometheus-20120411024035994.jpg [2012/06/07 16:17:02 | 000,498,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/06/06 18:08:06 | 000,202,752 | ---- | M] () -- C:\Users\Danial\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/06/06 05:48:52 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/06/04 20:52:45 | 000,001,356 | ---- | M] () -- C:\Users\Danial\AppData\Local\d3d9caps.dat [2012/06/04 16:09:43 | 000,002,605 | ---- | M] () -- C:\Users\Danial\Desktop\Firewall-Repair-Vista.reg [2012/06/04 10:19:23 | 000,002,044 | ---- | M] () -- C:\Windows\DCEBOOT.RST [2012/06/04 06:05:05 | 000,022,032 | ---- | M] () -- C:\Windows\DCEBoot.exe [2012/06/04 01:06:20 | 000,102,400 | ---- | M] () -- C:\Windows\RegBootClean.exe [2012/06/02 16:23:09 | 000,000,437 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2012/06/02 16:10:28 | 009,671,812 | ---- | M] () -- C:\Users\Danial\Desktop\01 Burn It Down.mp3 [2012/06/02 14:47:16 | 007,722,884 | ---- | M] () -- C:\Users\Danial\Desktop\08 Pixie Lott - Jack.mp3 [2012/06/01 23:16:09 | 3383,549,740 | ---- | M] () -- C:\Users\Danial\Desktop\[2012-04-09]_SNSD_(MBC_K-POP_SMTown_Live_in_Tokyo).ts [2012/06/01 17:00:22 | 000,282,419 | ---- | M] () -- C:\Users\Danial\Desktop\_201206_01_rkdlem000_1511847.jpg [2012/05/30 16:04:44 | 009,802,231 | ---- | M] () -- C:\Users\Danial\Desktop\Gotye - Somebody That I Used To Know (Feat. Kimbra).mp3 [2012/05/17 23:25:43 | 000,603,282 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/05/17 23:25:43 | 000,106,696 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/05/16 09:11:59 | 000,300,233 | ---- | M] () -- C:\Users\Danial\Desktop\__201201_24_gkdmf__2664413.jpg [2012/05/16 09:11:51 | 000,140,268 | ---- | M] () -- C:\Users\Danial\Desktop\__201201_24_gkdmf__2664303.jpg [2012/05/16 08:36:13 | 000,132,702 | ---- | M] () -- C:\Users\Danial\Desktop\__201201_23_gkdmf__2663201.jpg [1 C:\Users\Danial\Documents\*.tmp files -> C:\Users\Danial\Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/06/13 04:03:41 | 000,338,127 | ---- | C] () -- C:\Users\Danial\Desktop\FSS.exe [2012/06/13 03:59:47 | 000,000,512 | ---- | C] () -- C:\Users\Danial\Desktop\MBR.dat [2012/06/07 20:59:36 | 000,189,694 | ---- | C] () -- C:\Users\Danial\Desktop\prometheus-20120411024035994.jpg [2012/06/07 16:16:39 | 000,498,832 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012/06/04 16:09:43 | 000,002,605 | ---- | C] () -- C:\Users\Danial\Desktop\Firewall-Repair-Vista.reg [2012/06/03 17:57:06 | 000,002,044 | ---- | C] () -- C:\Windows\DCEBOOT.RST [2012/06/03 17:51:22 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe [2012/06/02 05:09:51 | 007,722,884 | ---- | C] () -- C:\Users\Danial\Desktop\08 Pixie Lott - Jack.mp3 [2012/06/02 02:41:44 | 009,671,812 | ---- | C] () -- C:\Users\Danial\Desktop\01 Burn It Down.mp3 [2012/06/01 17:00:20 | 000,282,419 | ---- | C] () -- C:\Users\Danial\Desktop\_201206_01_rkdlem000_1511847.jpg [2012/05/31 11:49:32 | 3383,549,740 | ---- | C] () -- C:\Users\Danial\Desktop\[2012-04-09]_SNSD_(MBC_K-POP_SMTown_Live_in_Tokyo).ts [2012/05/16 09:11:54 | 000,300,233 | ---- | C] () -- C:\Users\Danial\Desktop\__201201_24_gkdmf__2664413.jpg [2012/05/16 09:11:48 | 000,140,268 | ---- | C] () -- C:\Users\Danial\Desktop\__201201_24_gkdmf__2664303.jpg [2012/05/16 08:36:11 | 000,132,702 | ---- | C] () -- C:\Users\Danial\Desktop\__201201_23_gkdmf__2663201.jpg [2011/07/29 09:51:28 | 000,000,000 | ---- | C] () -- C:\Users\Danial\AppData\Local\{26650EA9-BE96-4956-8C92-26C72716F1B6} [2011/06/18 04:19:36 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2011/05/22 18:03:28 | 000,000,053 | ---- | C] () -- C:\Windows\DVDFab.INI [2011/04/14 03:41:16 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2011/02/26 23:38:16 | 000,000,811 | ---- | C] () -- C:\Users\Danial\AppData\Roaming\MPQEditor.ini [2010/12/18 23:05:26 | 000,000,024 | ---- | C] () -- C:\Windows\System32\scskConfigEH.ini [2010/12/15 13:39:20 | 000,656,464 | ---- | C] () -- C:\Windows\System32\MelonDN1.exe [2010/12/13 22:22:53 | 000,219,806 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010/12/13 22:22:53 | 000,219,806 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010/11/17 14:19:16 | 001,105,920 | ---- | C] () -- C:\Windows\System32\ISPPopUpDlg.exe [2010/11/05 10:54:36 | 000,339,968 | ---- | C] () -- C:\Windows\System32\KvpUpCom.dll [2010/10/18 12:37:48 | 000,360,448 | ---- | C] () -- C:\Windows\System32\p3edctrl.dll [2010/10/01 01:44:17 | 000,000,032 | ---- | C] () -- C:\Windows\iMBCPlayer.INI [2010/09/23 23:46:38 | 000,000,033 | ---- | C] () -- C:\Windows\DownloadStudioScheduleMonitor.INI [2010/09/23 23:05:52 | 000,000,046 | ---- | C] () -- C:\Windows\System32\DonationCoder_urlsnooper_InstallInfo.dat [2010/09/02 10:22:54 | 000,283,360 | ---- | C] () -- C:\Windows\System32\melonmvdl.dll [2010/09/02 10:22:50 | 000,860,896 | ---- | C] () -- C:\Windows\System32\MelonWebPlayer.dll [2010/08/14 14:21:28 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll [2010/08/10 04:46:12 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010/06/21 09:22:18 | 000,036,864 | ---- | C] () -- C:\Windows\System32\MAMACExtract.dll [color=#E56717]========== LOP Check ==========[/color] [2008/07/15 18:18:01 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\7Wonders [2012/06/10 15:41:53 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\BitTorrent [2011/09/12 17:24:15 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\Clunet [2011/01/09 12:29:37 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\com.neowiz.bugs.downloadmanager.BugsMvDownloadManager [2009/02/17 09:04:23 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\DAEMON Tools [2008/04/30 17:55:47 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\DigitalPersona [2012/05/22 01:19:56 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\DMCache [2009/01/08 22:49:14 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\DNA [2010/09/23 23:05:52 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\DonationCoder [2011/05/22 18:01:42 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\DVDFab [2008/10/10 20:07:45 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\Free Sound Recorder [2009/05/04 22:35:19 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\GameHouse [2012/06/06 05:50:45 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\IDM [2010/01/03 00:10:59 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\iMBC [2010/01/13 05:12:21 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\KewlBoxPrefs [2011/12/24 03:13:33 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\Key Metric Software [2010/04/26 00:25:47 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\LimeWire [2009/01/13 01:19:39 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\Magic Academy [2008/04/30 18:14:59 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\MRTalk [2008/04/30 18:16:48 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\muvee Technologies [2011/08/23 16:57:20 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\NCH Swift Sound [2008/07/10 14:33:16 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\PlayFirst [2011/10/29 00:49:29 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\Razer [2008/11/15 03:24:17 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\Red Alert 3 [2009/02/07 03:10:26 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\Uniblue [2009/05/04 22:36:54 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\UNOUndercover [2010/09/23 21:44:22 | 000,000,000 | ---D | M] -- C:\Users\Danial\AppData\Roaming\Xi [2012/06/13 13:17:40 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/04/11 08:15:23 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Uniblue SpyEraser.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??????4) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\벅스플레이어4 [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0E08FC17 @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:5C321E34 < End of report >