OTL logfile created on: 13/06/2013 19:37:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.99 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 66.17% Memory free 3.84 Gb Paging File | 3.28 Gb Available in Paging File | 85.39% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.53 Gb Total Space | 35.12 Gb Free Space | 47.12% Space Free | Partition Type: NTFS Drive D: | 589.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: XPPRO-OEM | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/06/13 19:36:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\My Documents\Downloads\OTL.exe PRC - [2013/05/31 22:08:37 | 002,839,592 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\umbrella.exe PRC - [2013/05/29 06:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2013/05/16 03:09:57 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\DefaultTab\DefaultTab\DTUpdate.exe PRC - [2013/04/11 15:28:08 | 000,093,984 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe PRC - [2013/02/11 08:42:26 | 000,572,928 | ---- | M] () -- C:\Program Files\DefaultTab\DefaultTabSearch.exe PRC - [2012/06/05 11:01:10 | 000,217,200 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe PRC - [2012/05/10 13:11:24 | 001,267,264 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\Fighters\FighterSuiteService.exe PRC - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe PRC - [2011/07/03 15:47:25 | 000,341,280 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\SAService.exe PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/01/25 01:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe PRC - [2008/01/09 15:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe PRC - [2007/12/11 12:33:42 | 000,358,224 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe PRC - [2007/11/26 10:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe PRC - [2007/08/24 22:57:48 | 000,036,640 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\SiteAdv.exe PRC - [2007/07/18 15:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/05/29 06:27:38 | 000,393,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll MOD - [2013/05/29 06:27:37 | 013,136,336 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll MOD - [2013/05/29 06:27:35 | 004,051,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll MOD - [2013/05/29 06:26:36 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll MOD - [2013/05/16 03:09:57 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\DefaultTab\DefaultTab\DTUpdate.exe MOD - [2013/02/11 08:42:26 | 000,572,928 | ---- | M] () -- C:\Program Files\DefaultTab\DefaultTabSearch.exe MOD - [2012/11/15 04:11:59 | 004,537,856 | ---- | M] () -- C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.3.0\libGLESv2.dll MOD - [2012/11/15 04:11:59 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.3.0\libEGL.dll MOD - [2012/06/05 11:01:22 | 000,669,808 | ---- | M] () -- C:\Program Files\Fighters\FULL-DISKfighter\MyDefragDll.dll MOD - [2011/07/03 15:47:25 | 000,341,280 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\SAService.exe MOD - [2011/07/03 15:47:25 | 000,116,000 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\CntScan.dll MOD - [2011/07/03 15:47:25 | 000,111,904 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\APengine.dll MOD - [2011/07/03 15:47:25 | 000,070,432 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\McFrmWk.dll MOD - [2011/07/03 15:47:25 | 000,011,552 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\saHook.dll MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2007/08/24 22:57:48 | 000,036,640 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\SiteAdv.exe MOD - [2007/08/24 22:57:10 | 000,910,624 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\SiteAdv.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\Yontoo\Y2Desktop.Updater.exe C:\Documents and Settings\admin\Application Data\Yontoo\YontooDesktop.exe -- (Yontoo Desktop Updater) SRV - [2013/06/13 11:42:19 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/05/31 22:08:37 | 002,839,592 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\umbrella.exe -- (SProtection) SRV - [2013/05/23 18:38:12 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack) SRV - [2013/05/16 03:09:57 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\admin\Application Data\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate) SRV - [2013/04/11 15:28:08 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc) SRV - [2013/03/22 15:09:37 | 002,787,280 | ---- | M] () [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect) SRV - [2013/03/17 23:40:34 | 000,342,608 | ---- | M] (PCRx.com, LLC) [Auto | Stopped] -- C:\Program Files\24x7Help\App24x7Svc.exe -- (24x7HelpSvc) SRV - [2013/03/01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/02/11 08:42:26 | 000,572,928 | ---- | M] () [Auto | Running] -- C:\Program Files\DefaultTab\DefaultTabSearch.exe -- (DefaultTabSearch) SRV - [2013/02/05 16:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService) SRV - [2013/01/11 07:52:12 | 000,256,472 | ---- | M] (Inuvo Inc.) [Auto | Stopped] -- C:\Documents and Settings\admin\Application Data\alotservice\alotservice.exe -- (AlotService) SRV - [2012/06/14 16:20:22 | 000,109,064 | ---- | M] (Wajam) [Auto | Stopped] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater) SRV - [2012/06/05 11:01:10 | 000,217,200 | ---- | M] (SPAMfighter ApS) [On_Demand | Running] -- C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe -- (Common Toolkit Tools) SRV - [2012/05/10 13:11:24 | 001,267,264 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Program Files\Fighters\FighterSuiteService.exe -- (Suite Service) SRV - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2011/07/03 15:47:25 | 000,341,280 | ---- | M] () [Auto | Running] -- C:\Program Files\SiteAdvisor\6172\SAService.exe -- (SiteAdvisor Service) SRV - [2010/08/05 09:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2008/01/25 01:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc) SRV - [2008/01/09 15:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc) SRV - [2007/12/11 12:33:42 | 000,358,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy) SRV - [2007/11/26 10:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\msksrver.exe -- (MSK80Service) SRV - [2007/07/18 15:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1869E22D-517D-4267-99F9-1D31DA95CB20}\MpKslc8e3edd9.sys -- (MpKslc8e3edd9) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\tyfwca.sys -- (blpgrx) DRV - [2012/12/19 01:14:20 | 000,062,208 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\120622.sys -- (120622) DRV - [2012/08/02 15:57:26 | 000,058,696 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files\Free Ride Games\X4HSEx_Pr143.sys -- (X4HSEx_Pr143) DRV - [2011/02/15 21:55:06 | 000,106,240 | ---- | M] (HSPAHandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gwhsnmea.sys -- (zgwhsnmea) DRV - [2011/02/15 21:55:06 | 000,106,240 | ---- | M] (HSPAHandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gwhsmdm.sys -- (zgwhsmdm) DRV - [2011/02/15 21:55:06 | 000,106,240 | ---- | M] (HSPAHandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gwhsdiag.sys -- (zgwhsdiag) DRV - [2011/02/15 21:55:06 | 000,009,216 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_hs.sys -- (massfilter_hs) DRV - [2008/04/14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2007/07/13 06:20:24 | 000,113,952 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP) DRV - [2005/03/17 16:30:10 | 000,132,608 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2004/08/04 11:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004/08/04 11:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtDtCyEtBtByCtD0ByDzy0F0Azz0E0AtN0D0Tzu0CyDtCtBtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1818877193&ir= IE - HKLM\..\SearchScopes,DefaultScope = {7F63C3E4-D433-4380-A9E4-31FC9E00502F} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{7F63C3E4-D433-4380-A9E4-31FC9E00502F}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtDtCyEtBtByCtD0ByDzy0F0Azz0E0AtN0D0Tzu0CyDtCtBtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1818877193&ir= IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms} IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent.com/?appId=A86FDFC1-DC28-4441-B1CB-FC61FFEFD939&ref=toolbox&q={searchTerms} IE - HKLM\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^YK^xdm014^LENUK^gb&si=COjOta6G668CFUdlfAodMhyS3g&ptb=0C0FFC41-BBE8-4127-880B-0BC49916BA66&psa=&ind=2012050602&st=sb&n=77ed74aa&searchfor={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www1.delta-search.com/?affID=119556&tt=gc_&babsrc=HP_ss&mntrId=B06F00142260B59F IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3297964&octid=CT3297964&SearchSource=61&CUI=UN33935595142324131&UM=2&UP=SPBA05F854-73C7-4150-9491-007D598D7584 IE - HKCU\..\URLSearchHook: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMix0.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {3de04067-bc68-4514-9947-c1834fc15cad} - C:\Program Files\Softonic-EngUK\prxtbSof0.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {bd8006aa-6e85-4b36-bb42-7f97053d5b70} - C:\Program Files\Begin-download_FLV_B2\prxtbBeg2.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {7F63C3E4-D433-4380-A9E4-31FC9E00502F} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=120519&tt=gc_&babsrc=SP_ss&mntrId=B06F00142260B59F IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_enGB399 IE - HKCU\..\SearchScopes\{7F63C3E4-D433-4380-A9E4-31FC9E00502F}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298566&CUI=UN37825440371725472&UM=2 IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = http://start.funmoods.com/results.php?f=4&a=axl&q={searchTerms} IE - HKCU\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.com/web?q={searchTerms}&pr=prov&client_id=BD731DD001CDF19D015CCD55&install_time=2013-01-13T14:53:32Z&src_id=31155&camp_id=5106&tb_version=1.3.2000.1(B) IE - HKCU\..\SearchScopes\{B1FAC482-A3E4-49E4-8B22-B22360CD91A4}: "URL" = http://www.mysearchresults.com/search?c=4207&t=20&q={searchTerms} IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent.com/?appId=A86FDFC1-DC28-4441-B1CB-FC61FFEFD939&ref=toolbox&q={searchTerms} IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80275&iwk=254&lng=en IE - HKCU\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^YK^xdm014^LENUK^gb&si=COjOta6G668CFUdlfAodMhyS3g&ptb=0C0FFC41-BBE8-4127-880B-0BC49916BA66&psa=&ind=2012050602&st=sb&n=77ed74aa&searchfor={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@ei.TotalRecipeSearch_14.com/Plugin: C:\Program Files\TotalRecipeSearch_14EI\Installr\1.bin\NP14EISB.dll File not found FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Retrogamer_4w.com/Plugin: C:\Program Files\Retrogamer_4w\bar\1.bin\NP4wStub.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\www.exent.com/GameTreatWidget: C:\Program Files\Free Ride Games\NPGameTreatPlugin.dll File not found FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Documents and Settings\admin\Local Settings\Application Data\RobloxVersions\version-ffdcbe616f2f4697\\NPRobloxProxy.dll () FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\admin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4wffxtbr@Retrogamer_4w.com: C:\Program Files\Retrogamer_4w\bar\1.bin [2012/12/24 19:05:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1650a312-02bc-40ee-977e-83f158701739}: C:\Program Files\SiteAdvisor\6172\FF\ [2011/08/18 11:37:11 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@exfriendalert.com: C:\Program Files\ExFriendAlert\Firefox\ [2013/02/07 10:43:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\happylyrics@hpyproductions.net: C:\Program Files\HappyLyrics\FF\ [2013/05/14 10:24:00 | 000,000,000 | ---D | M] [2012/05/12 21:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: StartWeb (Enabled) CHR - default_search_provider: search_url = http://start.iminent.com/?appId=A86FDFC1-DC28-4441-B1CB-FC61FFEFD939&ref=toolbox&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Mindspark Toolbar Plugin (Enabled) = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hjbmniocfapfhcelcljpofcchebglfkm\4.94.1.35379_0\plugins/paChromePlugIn.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Documents and Settings\admin\Local Settings\Application Data\RobloxVersions\version-ffdcbe616f2f4697\\NPRobloxProxy.dll CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\admin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Exent\u00AE AOD Gecko Plugin (Enabled) = C:\Program Files\Free Ride Games\npExentCtl.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: No name found = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: No name found = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Babylon Toolbar = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.11_0\ CHR - Extension: Babylon Toolbar = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\ CHR - Extension: Babylon Toolbar = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_1\ CHR - Extension: Happy Lyrics = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ealchnonpofjocgofjpopjdoegbbkofj\1.111_0\ CHR - Extension: Happy Lyrics = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ealchnonpofjocgofjpopjdoegbbkofj\1.114_0\ CHR - Extension: Delta Toolbar = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\ CHR - Extension: Delta Toolbar = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_1\ CHR - Extension: MixiDJ V30 = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.15.2.24\ CHR - Extension: MixiDJ V30 = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.15.2.24_0\ CHR - Extension: No name found = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpinjohdoeecbkhkcbeinoncieipmmol\1.23.4_0\crossrider CHR - Extension: No name found = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpinjohdoeecbkhkcbeinoncieipmmol\1.23.4_0\ CHR - Extension: FilmFanatic = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hjbmniocfapfhcelcljpofcchebglfkm\4.75.1.28669_0\ CHR - Extension: FilmFanatic = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hjbmniocfapfhcelcljpofcchebglfkm\4.94.1.35379_0\ CHR - Extension: Iminent = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.19.4.1_0\ CHR - Extension: Iminent = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.19.4.1_1\ CHR - Extension: ExFriendAlert = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.5.77_0\ CHR - Extension: ExFriendAlert = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.5.77_1\ CHR - Extension: Wajam = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\ CHR - Extension: Wajam = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_1\ CHR - Extension: DefaultTab = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.19_0\ CHR - Extension: DefaultTab = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.19_1\ CHR - Extension: RebateInformer = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\odbbfaealmlpnodchplhdomkgpdkeeal\1.0.0.12_0\ CHR - Extension: RebateInformer = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\odbbfaealmlpnodchplhdomkgpdkeeal\1.0.0.12_1\ CHR - Extension: MySearchDial = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\8.0.1_0\ CHR - Extension: No name found = C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2004/08/04 11:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Reg Error: Value error.) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll () O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (Supreme Savings Plugin) - {11111111-1111-1111-1111-110311291112} - C:\Program Files\Supreme Savings Plugin\Supreme Savings Plugin-bho.dll (Innovative Apps) O2 - BHO: (MixiDJ V30 Toolbar) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMix0.dll (Conduit Ltd.) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Program Files\McAfee\MSK\mcapbho.dll () O2 - BHO: (Softonic-EngUK Toolbar) - {3de04067-bc68-4514-9947-c1834fc15cad} - C:\Program Files\Softonic-EngUK\prxtbSof0.dll (Conduit Ltd.) O2 - BHO: (ExFriendAlert) - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files\ExFriendAlert\IE\common.dll (ExFriendAlert) O2 - BHO: (DealPly Shopping) - {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly) O2 - BHO: (Happy Lyrics) - {59C0C5BD-2579-433A-BBB8-AFFD59642BAF} - C:\Program Files\HappyLyrics\hppylrc.dll (Happy Productions) O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\admin\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.) O2 - BHO: (ALOT Appbar Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files\alotappbar\bin\BHO\ALOTHelperBHO.dll (Inuvo, Inc) O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll File not found O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent) O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Begin-download FLV B2 Toolbar) - {bd8006aa-6e85-4b36-bb42-7f97053d5b70} - C:\Program Files\Begin-download_FLV_B2\prxtbBeg2.dll (Conduit Ltd.) O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com) O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll File not found O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - C:\Program Files\RebateInformer\RebateI.dll (Inbox.com, Inc.) O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (mysearchdial Helper Object) - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files\Mysearchdial\bh\mysearchdial.dll (Ironsource Israel (2011) LTD) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll () O3 - HKLM\..\Toolbar: (MixiDJ V30 Toolbar) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMix0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (mysearchdial Toolbar) - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files\Mysearchdial\mysearchdialTlbr.dll (Ironsource Israel (2011) LTD) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files\alotappbar\bin\alothelper.dll (Inuvo, Inc) O3 - HKLM\..\Toolbar: (Begin-download FLV B2 Toolbar) - {bd8006aa-6e85-4b36-bb42-7f97053d5b70} - C:\Program Files\Begin-download_FLV_B2\prxtbBeg2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (MixiDJ V30 Toolbar) - {1122B43D-30EE-403F-9BFA-3CC99B0CADDD} - C:\Program Files\MixiDJ_V30\prxtbMix0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Retrogamer) - {3392CFEC-56F8-41EE-BDB4-4E301EFD2C93} - C:\Program Files\Retrogamer_4w\bar\1.bin\4wbar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-EngUK Toolbar) - {3DE04067-BC68-4514-9947-C1834FC15CAD} - C:\Program Files\Softonic-EngUK\prxtbSof0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Begin-download FLV B2 Toolbar) - {BD8006AA-6E85-4B36-BB42-7F97053D5B70} - C:\Program Files\Begin-download_FLV_B2\prxtbBeg2.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) O4 - HKLM..\Run: [24x7HELP] C:\Program Files\24x7Help\App24x7Help.exe (Crawler, LLC) O4 - HKLM..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe (SPAMfighter ApS) O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe (Iminent) O4 - HKLM..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe (Iminent) O4 - HKLM..\Run: [InboxToolbar] C:\Program Files\Inbox Toolbar\Inbox.exe (Inbox.com, Inc.) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.) O4 - HKLM..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey File not found O4 - HKLM..\Run: [PCPowerSpeed] C:\Program Files\PCPowerSpeed\PCPowerTray.exe (Crawler.com) O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit) O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe () O4 - HKCU..\Run: [AGupdate] C:\Program Files\AppGraffiti\AGupdate.exe (Omega Partners Ltd) O4 - HKCU..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.) O4 - HKCU..\Run: [FDPRO-516] C:\Program Files\Fighters\FighterLauncher.exe (SPAMfighter ApS) O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro) O4 - HKCU..\Run: [RebateInformer] C:\Program Files\RebateInformer\RebateInf.exe (Inbox.com, Inc.) O4 - HKCU..\Run: [SearchProtect] C:\Documents and Settings\admin\Application Data\SearchProtect\bin\cltmng.exe (Conduit) O4 - HKCU..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun File not found O4 - HKCU..\Run: [Updater32912.exe] C:\Documents and Settings\admin\Local Settings\Application Data\Updater32912\Updater32912.exe (Innovative Apps) O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe () O4 - HKCU..\Run: [Yontoo Desktop] C:\Documents and Settings\admin\Application Data\Yontoo\YontooDesktop.exe (Yontoo LLC) O4 - HKLM..\RunOnce: [FilmFanatic Chrome Extension-bar-CrxRegPatcher] C:\Program Files\FilmFanatic Chrome Extension\bar\CrxRegPatcher.exe (Mindspark Interactive Network) O4 - Startup: C:\Documents and Settings\admin\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) O4 - Startup: C:\Documents and Settings\admin\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Documents and Settings\admin\Start Menu\Programs\Startup\Skype.lnk = File not found O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Search - http://tbedits.retrogamer.com/one-toolbaredits/menusearch.jhtml?s=206140027&p2=^RG^xdm643^YY^gb&si=UK720300GamesSonic&a=9CC5FF9E-ABD7-416A-8A8A-5AAF8B5206C6&n=2012122211&cv=3 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - Reg Error: Value error. File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Value error. File not found O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - Reg Error: Value error. File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\nwprovau.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\nwprovau.dll File not found O15 - HKCU\..Trusted Domains: google.co.uk ([www] http in Local intranet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} Reg Error: Key error. (GameTap Player) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356136044906 (WUWebControl Class) O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{998D41CE-C323-46D6-AF86-D268A04301BB}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL File not found O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL File not found O18 - Protocol\Handler\rebinfo {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\Program Files\RebateInformer\RebateI.dll (Inbox.com, Inc.) O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll () O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (xxC:\DOCUME~1\ALLUSE~1\APPLIC~1\BROWSE~1\261249~1.132\{C16C1~1\BROWSE~1.DLL) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/10/01 13:59:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2000/10/10 16:34:20 | 000,000,055 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{c67d62ce-3144-11e1-be75-00142260b59f}\Shell - "" = AutoRun O33 - MountPoints2\{c67d62ce-3144-11e1-be75-00142260b59f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{c67d62ce-3144-11e1-be75-00142260b59f}\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/06/13 19:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Start Menu\Programs\CyberLink PowerDVD [2013/06/13 16:49:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2013/05/29 23:40:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\mysearchdial [2013/05/27 01:33:19 | 000,000,000 | ---D | C] -- C:\Program Files\DealPly [2013/05/27 01:33:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mysearchdial [2013/05/24 15:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller [2013/05/24 15:11:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VAFPlayer [2013/05/24 15:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\Tuguu SL [2013/05/24 15:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\player [2013/05/24 15:04:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Updater32912 [2013/05/24 15:04:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Optimizer Pro [2013/05/24 15:04:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Optimizer Pro [2013/05/24 15:04:04 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro [2013/05/24 15:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Supreme Savings Plugin [2013/05/20 00:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Iminent [2013/05/16 15:05:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Iminent [2013/05/16 03:16:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013/05/16 03:16:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Start Menu\Programs\Free Ride Games [2013/05/16 03:15:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\MixiDJ_V30 [2013/05/16 03:15:33 | 000,000,000 | ---D | C] -- C:\Remote Programs [2013/05/16 03:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\MixiDJ_V30 [2013/05/16 03:15:01 | 001,132,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2013/05/16 03:15:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Free Ride Games [2013/05/16 03:14:18 | 000,058,264 | ---- | C] (Exent Technologies Ltd.) -- C:\WINDOWS\ExentInfo.exe [2013/05/16 03:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\Free Ride Games [2013/05/16 03:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\CRE [2013/05/16 03:12:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Fighters [2013/05/16 03:12:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Fighters [2013/05/16 03:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters [2013/05/16 03:12:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Fighters [2013/05/16 03:11:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fighters [2013/05/16 03:11:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Iminent [2013/05/16 03:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella [2013/05/16 03:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent [2013/05/16 03:10:02 | 000,000,000 | ---D | C] -- C:\Program Files\DefaultTab [2013/05/16 03:09:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2013/05/16 03:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\DefaultTab [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/06/13 19:42:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/06/13 19:42:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{953EC0B5-36D4-44EF-B7C5-2C90E665DD84}.job [2013/06/13 19:42:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\BrowserProtect.job [2013/06/13 19:27:38 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\PCHB_admin_PCHealthBoost_LG.job [2013/06/13 19:25:55 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\Happy Lyrics Update.job [2013/06/13 19:23:58 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/06/13 19:23:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/06/13 19:22:44 | 000,006,290 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF [2013/06/13 19:22:18 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job [2013/06/13 18:44:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/06/13 17:47:43 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2013/06/13 17:12:10 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\RMSmartUpdate.job [2013/06/13 16:57:40 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\skype.ini [2013/06/13 16:55:31 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/06/13 16:54:09 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E7BE475E-C29A-4C3E-B613-0798241594B4}.job [2013/06/13 11:42:19 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/06/13 11:42:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/06/13 09:50:01 | 000,000,000 | ---- | M] () -- C:\END [2013/06/13 09:49:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\TempWmicBatchFile.bat [2013/06/13 09:48:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/05/31 16:21:43 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat [2013/05/31 16:14:43 | 000,000,557 | ---- | M] () -- C:\WINDOWS\System32\MyDefrag.debuglog [2013/05/31 01:35:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2013/05/31 01:33:03 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2013/05/31 01:33:03 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyUpdate.job [2013/05/27 01:33:33 | 000,000,389 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MySearchDial.url [2013/05/27 01:33:33 | 000,000,237 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Online Games.url [2013/05/26 04:01:00 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\PCHB_admin_PCHealthBoost_UP.job [2013/05/26 04:01:00 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\PCHB_admin_PCHealthBoost_RN.job [2013/05/26 04:01:00 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\PCHB_admin_PCHealthBoost_RM.job [2013/05/26 03:00:00 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\PCHB_admin_PCHealthBoost_RS.job [2013/05/24 15:11:58 | 000,001,906 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VAFPlayer.lnk [2013/05/24 15:10:16 | 000,502,770 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/05/24 15:10:16 | 000,088,294 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/05/24 15:04:08 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\Optimizer Pro.lnk [2013/05/18 07:54:18 | 000,000,402 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for admin.job [2013/05/16 15:05:08 | 000,000,596 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog [2013/05/16 03:18:30 | 000,001,885 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\Play 7 Wonders II.lnk [2013/05/16 03:15:58 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Free Games.lnk [2013/05/16 03:15:53 | 000,000,064 | ---- | M] () -- C:\WINDOWS\GPlrLanc.dat [2013/05/16 03:12:43 | 000,001,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FULL-DISKfighter.lnk [2013/05/16 03:09:59 | 000,000,884 | RHS- | M] () -- C:\Documents and Settings\admin\ntuser.pol [2013/05/15 14:33:22 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/05/31 16:21:43 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2013/05/27 01:34:57 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At2.job [2013/05/27 01:33:43 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At1.job [2013/05/27 01:33:37 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\DealPlyUpdate.job [2013/05/27 01:33:33 | 000,000,389 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MySearchDial.url [2013/05/27 01:33:33 | 000,000,237 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Online Games.url [2013/05/27 00:59:43 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\BrowserProtect.job [2013/05/26 00:14:02 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\skype.ini [2013/05/24 15:11:58 | 000,001,906 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VAFPlayer.lnk [2013/05/24 15:04:08 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\Optimizer Pro.lnk [2013/05/20 00:53:43 | 000,000,557 | ---- | C] () -- C:\WINDOWS\System32\MyDefrag.debuglog [2013/05/16 15:04:53 | 000,000,596 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog [2013/05/16 03:16:27 | 000,001,885 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\Play 7 Wonders II.lnk [2013/05/16 03:15:58 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Free Games.lnk [2013/05/16 03:15:53 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat [2013/05/16 03:12:43 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FULL-DISKfighter.lnk [2013/05/16 03:09:59 | 000,000,884 | RHS- | C] () -- C:\Documents and Settings\admin\ntuser.pol [2013/03/29 20:28:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\65um8Mf62.dat [2013/03/29 20:28:34 | 000,136,704 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\58E3GKR8.exe_ [2013/03/29 20:28:34 | 000,136,704 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\58E3GKR8.exe [2013/03/29 20:28:34 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\58E3GKR8.exe_.b [2013/03/29 20:28:34 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\58E3GKR8.exe.b [2012/12/19 01:14:20 | 000,062,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\120622.sys [2012/12/19 01:13:30 | 000,013,018 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl [2012/09/15 22:05:24 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\cywo.sys [2012/09/02 16:26:18 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\binkw32.dll [2012/08/26 16:46:47 | 000,001,695 | ---- | C] () -- C:\WINDOWS\disney.ini [2012/06/28 12:25:46 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2012/06/28 12:25:46 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2012/06/28 12:25:46 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2012/05/20 13:03:59 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\mbam.context.scan [2012/05/04 18:49:04 | 020,480,000 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\store-pp.jbs [2012/02/15 10:51:51 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011/10/30 22:19:09 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2011/10/16 17:04:19 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/08/11 11:25:26 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2010/12/09 16:15:09 | 000,002,048 | -HS- | M] () -- C:\WINDOWS\Installer\{adefcb06-83b6-c13c-87c4-df52fbafc536}\@ [2012/07/07 10:13:44 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\{adefcb06-83b6-c13c-87c4-df52fbafc536}\L [2012/08/03 15:35:17 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\{adefcb06-83b6-c13c-87c4-df52fbafc536}\U [2012/07/07 19:48:56 | 000,000,804 | ---- | M] () -- C:\WINDOWS\Installer\{adefcb06-83b6-c13c-87c4-df52fbafc536}\L\00000004.@ [2012/07/07 21:52:54 | 000,002,048 | -HS- | M] () -- C:\Documents and Settings\admin\Local Settings\Application Data\{adefcb06-83b6-c13c-87c4-df52fbafc536}\@ [2010/12/09 16:15:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\admin\Local Settings\Application Data\{adefcb06-83b6-c13c-87c4-df52fbafc536}\L [2010/12/09 16:15:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\admin\Local Settings\Application Data\{adefcb06-83b6-c13c-87c4-df52fbafc536}\U [2010/12/09 16:15:09 | 000,002,048 | -HS- | M] () -- C:\Documents and Settings\kids\Local Settings\Application Data\{adefcb06-83b6-c13c-87c4-df52fbafc536}\@ [2010/12/09 16:15:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\kids\Local Settings\Application Data\{adefcb06-83b6-c13c-87c4-df52fbafc536}\L [2012/08/04 16:29:48 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\kids\Local Settings\Application Data\{adefcb06-83b6-c13c-87c4-df52fbafc536}\U [2012/08/04 15:42:47 | 000,001,712 | ---- | M] () -- C:\Documents and Settings\kids\Local Settings\Application Data\{adefcb06-83b6-c13c-87c4-df52fbafc536}\U\00000001.@ [2013/05/05 23:05:56 | 000,002,048 | -HS- | M] () -- C:\RECYCLER\S-1-5-18\$adefcb0683b6c13c87c4df52fbafc536\@ [2013/05/06 08:59:02 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$adefcb0683b6c13c87c4df52fbafc536\L [2013/05/12 20:15:56 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$adefcb0683b6c13c87c4df52fbafc536\U [2013/05/12 20:15:41 | 000,000,804 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$adefcb0683b6c13c87c4df52fbafc536\L\00000004.@ [2011/08/11 11:22:47 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] "ThreadingModel" = Both "" = shell32.dll -- [2012/06/08 15:26:20 | 008,462,848 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720 @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 < End of report >