Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Your system has been infected background


  • This topic is locked This topic is locked

#16
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
We will try to run Fix now with OTL. Let's start:

Step 1


Delete you OTL and download new copy of OTL

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Services
    33734291
    33734292

    :Files
    C:\DOCUME~1\WINDOW~1\LOCALS~1\Temp\HIAC8.tmp
    \\.\globalroot\Device\svchost.exe\svchost.exe
    C:\Windows\system32\DRIVERS\33734291.sys
    C:\Windows\system32\DRIVERS\33734292.sys

    :Commands
    [purity]
    [emptytemp]
    [emptyflash]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply.
Step 2

Try to scan with OTL now
  • Run OTL.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open notepad window. OTL.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.

  • 0

Advertisements


#17
nijisan

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
OTL still got terminated even if I just run fix >__<
  • 0

#18
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Please print these instruction out so that you know what you are doing. You will need one blank CD to burn this tool. I hope that you will burn this on your PC.

  • Download OTLPEStd.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :D
  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Drag and drop this attached scan.txt into the Custom scans and fixes box
    Attached File  Scan.txt   998bytes   51 downloads
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#19
nijisan

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Can I do this in a flashdrive? I usually boot windows in my flashdrive
  • 0

#20
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
If you know how to do it that you can :D. Basic thing is that you boot this ISO.
  • 0

#21
nijisan

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I may have to do this tomorrow as I have a very busy day today. Sorry. And oh thanks for bearing with me :D
  • 0

#22
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. I will be here :D
  • 0

#23
nijisan

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Sorry took some time, I'm burning the CD now
  • 0

#24
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi nijisan,

I'm here and waiting for your OTLPE log.
  • 0

#25
nijisan

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
It is kinda weird that I've waited for 8 hours and the scanning always get stuck and won't continue. o__o
  • 0

Advertisements


#26
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Please try to run OTL and press Quick Scan button without Scan.txt. Just start OTL and click Quick Scan.
  • 0

#27
nijisan

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Okay I will try
  • 0

#28
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi nijisan,

Any luck? OTL scan should take 10-15 min.
  • 0

#29
nijisan

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Took me time to get my internet connection back again. Here's the OTL scan.




OTL logfile created on: 12/5/2010 11:04:35 AM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.94 Gb Total Space | 118.59 Gb Free Space | 79.09% Space Free | Partition Type: NTFS
Drive D: | 76.31 Gb Total Space | 66.91 Gb Free Space | 87.68% Space Free | Partition Type: FAT32
Drive E: | 148.14 Gb Total Space | 144.73 Gb Free Space | 97.69% Space Free | Partition Type: NTFS
Drive X: | 282.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- C:\Windows\System32\system\svchost.exe -- (Win_Updater)
SRV - File not found [Auto] -- -- (userinit)
SRV - File not found [Auto] -- C:\Windows\System32\sshnas21.dll -- (SSHNAS)
SRV - File not found [Disabled] -- C:\Windows\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/15 06:34:28 | 000,300,656 | ---- | M] (Speedbit Ltd.) [Auto] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2010/10/05 22:31:48 | 000,517,448 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/08/12 23:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/06/21 19:59:19 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/12/16 16:05:00 | 003,375,888 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/05/13 23:18:00 | 000,206,848 | ---- | M] (Grass Software) [Auto] -- C:\Program Files\GrassSoft\Mouse Recorder\MacroService.exe -- (Macro Expert)
SRV - [2008/04/06 20:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/02/18 06:32:03 | 000,081,920 | R--- | M] () [Auto] -- C:\WINDOWS\system32\SupportAppXL\cdrom_mon.exe -- (Autorun CDROM Monitor)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2005/09/22 18:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\Drivers\usbVM303.sys -- (ZSMC303)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\XDva328.sys -- (XDva328)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\XDva326.sys -- (XDva326)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\XDva313.sys -- (XDva313)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\XDva309.sys -- (XDva309)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\vmfilter303.sys -- (vmfilter303)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand] -- C:\Documents and Settings\WINDOWS XP\Desktop\Downloaded Files\Spuc3ngine\Spuc3nginef\spuce.sys -- (spuce1)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- D:\Gravity\RO\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | On_Demand] -- C:\Program Files\ZhyperMU\ZMU2010SMALL R3\zhypermu small r3\MuGuard\llck1.sys -- (LLRING0)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] -- C:\Documents and Settings\WINDOWS XP\Desktop\Downloaded Files\Kiki Engine 1.41 [Unpacked]\Kiki Engine 1.41 [Unpacked]\kiki.sys -- (KIKIDRIVER)
DRV - File not found [Kernel | Boot] -- C:\Windows\System32\DRIVERS\imagedrv.sys -- (Imagedrv)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- C:\Program Files\Garena\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\WINDOW~1\LOCALS~1\Temp\HIAC8.tmp -- (GarenaPEngine)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\btkrnl.sys -- (btkrnl)
DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/11/29 02:45:18 | 000,038,400 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\vbma3ff2.sys -- (vbma3ff2)
DRV - [2010/09/29 15:53:36 | 000,078,328 | ---- | M] (Tonec Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2010/06/21 19:59:21 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/21 19:58:54 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/05/31 20:13:59 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/28 19:03:56 | 000,040,832 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Yonline.ahc -- (Yonline)
DRV - [2010/04/27 19:45:14 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MP4ConverterAudio.sys -- (MP4ConverterAudio)
DRV - [2010/03/08 21:52:45 | 000,004,096 | ---- | M] () [Kernel | Unavailable] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/03/05 04:55:03 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009/12/12 09:16:03 | 000,033,824 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2009/11/24 22:50:16 | 004,463,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/10/21 23:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\33734292.sys -- (33734292)
DRV - [2009/10/13 03:50:00 | 000,133,632 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Mkd2kfNT.sys -- (Mkd2kfNt)
DRV - [2009/10/09 09:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System] -- C:\WINDOWS\system32\drivers\3373429.sys -- (setup_9.0.0.722_29.11.2010_06-15drv)
DRV - [2009/09/25 03:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System] -- C:\WINDOWS\system32\drivers\33734291.sys -- (33734291)
DRV - [2009/07/13 03:37:00 | 000,079,360 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV - [2008/10/30 08:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/04/14 07:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/14 07:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 17:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008/03/18 03:12:20 | 000,105,088 | ---- | M] (ZTE Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/03/18 03:12:20 | 000,105,088 | ---- | M] (ZTE Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/03/18 03:12:20 | 000,105,088 | ---- | M] (ZTE Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008/03/16 22:03:46 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/03/04 03:40:04 | 000,097,408 | ---- | M] (Mobile Connector) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmusbser.sys -- (qcusbser)
DRV - [2007/09/17 02:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/12/21 03:26:00 | 004,405,248 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\WINDOWS_XP_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\WINDOWS_XP_ON_C\..\URLSearchHook: {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - Reg Error: Key error. File not found
IE - HKU\WINDOWS_XP_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\WINDOWS_XP_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVG\AVG9\Toolbar\Firefox\[email protected] [2010/12/02 03:10:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/28 23:49:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/28 23:49:13 | 000,000,000 | ---D | M]

[2010/11/28 23:49:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/10 06:41:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]

O1 HOSTS File: ([2010/11/28 21:33:27 | 000,000,023 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SBCONVERT Class) - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (SBCONVERT Class) - {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (no name) - {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - No CLSID value found.
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\Toolbar\Grabber.dll (Speedbit Ltd.)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\WINDOWS_XP_ON_C\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKU\WINDOWS_XP_ON_C\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKU\WINDOWS_XP_ON_C..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\WINDOWS_XP_ON_C..\Run: [SpeedBitVideoAccelerator] C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe (Speedbit Ltd.)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10i_Plugin.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\WINDOWS_XP_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\WINDOWS_XP_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\Windows\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/29 02:45:57 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/11/29 13:05:40 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010/11/29 00:05:39 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/04 07:18:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\WINDOWS XP\Recent
[2010/12/03 07:16:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Desktop\parity Binary
[2010/12/02 08:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Desktop\exam
[2010/12/02 03:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Start Menu
[2010/12/01 07:06:53 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy of OTL.scr
[2010/12/01 07:06:53 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy (3) of OTL.scr
[2010/12/01 07:06:53 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy (2) of OTL.scr
[2010/11/29 10:16:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/11/29 08:44:18 | 098,217,771 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\WINDOWS XP\Desktop\OTLPEStd.exe
[2010/11/29 08:10:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/29 04:52:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Desktop\FileLister
[2010/11/29 02:54:25 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/11/29 02:45:57 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/11/29 00:21:10 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\3373429.sys
[2010/11/29 00:21:10 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\33734291.sys
[2010/11/29 00:21:10 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\33734292.sys
[2010/11/29 00:04:00 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\WINDOWS XP\Desktop\mbam-setup-1.46.exe
[2010/11/28 23:47:33 | 084,543,856 | ---- | C] ( ) -- C:\Documents and Settings\WINDOWS XP\Desktop\setup_9.0.0.722_29.11.2010_06-15.exe
[2010/11/28 23:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/28 23:00:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/28 23:00:42 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/28 21:32:44 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\System32\VCCLSID.exe
[2010/11/28 21:32:44 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\System32\SrchSTS.exe
[2010/11/28 21:32:44 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\System32\swreg.exe
[2010/11/28 21:32:44 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\VACFix.exe
[2010/11/28 21:32:44 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.exe
[2010/11/28 21:32:44 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe
[2010/11/28 21:32:44 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\404Fix.exe
[2010/11/28 21:32:44 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\o4Patch.exe
[2010/11/28 21:32:44 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\System32\swxcacls.exe
[2010/11/28 21:32:44 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\Agent.OMZ.Fix.exe
[2010/11/28 21:32:44 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\System32\Process.exe
[2010/11/27 07:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Application Data\Malwarebytes
[2010/11/27 07:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/27 06:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\Desktop\Downloaded Files
[2010/11/21 08:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WINDOWS XP\WINDOWS
[2010/11/21 08:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Webzen
[2010/11/20 08:12:46 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent Ultra Accelerator
[2010/11/07 06:12:04 | 000,872,192 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2010/11/07 06:12:04 | 000,103,168 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys
[2010/11/07 06:12:04 | 000,101,376 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2010/11/07 06:12:04 | 000,100,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2010/11/07 06:12:04 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2010/11/07 06:11:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mobile Partner
[2010/11/07 04:11:23 | 000,105,088 | ---- | C] (ZTE Corporation) -- C:\Windows\System32\drivers\ZTEusbser6k.sys
[2010/11/07 04:11:23 | 000,105,088 | ---- | C] (ZTE Corporation) -- C:\Windows\System32\drivers\ZTEusbnmeaext.sys
[2010/11/07 04:11:23 | 000,105,088 | ---- | C] (ZTE Corporation) -- C:\Windows\System32\drivers\ZTEusbnmea.sys
[2010/11/07 04:11:23 | 000,105,088 | ---- | C] (ZTE Corporation) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys
[2010/11/07 04:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\SMART BRO
[2010/11/07 04:10:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\SupportAppXL
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/05 11:03:52 | 000,001,332 | ---- | M] () -- C:\OTLPE.lnk
[2010/12/04 21:57:13 | 000,002,048 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/04 21:52:00 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/12/04 21:30:03 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1004336348-682003330-1004UA.job
[2010/12/04 21:26:00 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010/12/04 20:05:00 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-1482476501-1004336348-682003330-1004.job
[2010/12/04 19:15:41 | 068,509,004 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/12/04 14:30:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1004336348-682003330-1004Core.job
[2010/12/02 19:32:06 | 000,002,323 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Google Chrome.lnk
[2010/12/02 19:32:06 | 000,002,301 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/02 08:44:44 | 000,119,677 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 11 - Network Security.pptx
[2010/12/02 06:53:45 | 000,837,120 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 7a - Internetworking.ppt
[2010/12/02 06:53:34 | 000,729,088 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 9 - Internet.ppt
[2010/12/02 03:15:12 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RealUpgradeLogonTaskS-1-5-21-1482476501-1004336348-682003330-1004.job
[2010/12/01 09:38:16 | 000,077,685 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\BtX.Wallpaper.122985.jpg
[2010/12/01 07:10:42 | 000,000,952 | RH-- | M] () -- C:\boot.ini
[2010/12/01 07:06:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy of OTL.scr
[2010/12/01 07:06:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy (3) of OTL.scr
[2010/12/01 07:06:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WINDOWS XP\Desktop\Copy (2) of OTL.scr
[2010/12/01 06:33:07 | 000,002,457 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\HiJackThis.lnk
[2010/12/01 06:31:12 | 000,013,646 | ---- | M] () -- C:\Windows\System32\wpa.dbl
[2010/11/29 17:10:59 | 000,132,872 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document (2)3.docx
[2010/11/29 17:06:39 | 000,023,462 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3 (2).docx
[2010/11/29 12:00:38 | 000,017,288 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Title Page - Documentation.docx
[2010/11/29 11:52:46 | 000,022,128 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3 (1).docx
[2010/11/29 10:39:29 | 000,021,258 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3.docx
[2010/11/29 10:10:10 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Visio Drawing.vsd
[2010/11/29 09:55:24 | 000,030,189 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document (2).docx
[2010/11/29 09:08:30 | 098,217,771 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\WINDOWS XP\Desktop\OTLPEStd.exe
[2010/11/29 04:55:50 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled3.bmp
[2010/11/29 04:55:40 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled2.bmp
[2010/11/29 04:52:00 | 000,020,359 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\FileLister.zip
[2010/11/29 03:30:26 | 000,034,342 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Main Documentation.docx
[2010/11/29 03:15:52 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\exeHelper_2.com
[2010/11/29 02:50:15 | 000,035,513 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document.docx
[2010/11/29 02:49:11 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\rkill.com
[2010/11/29 02:45:18 | 000,038,400 | ---- | M] () -- C:\Windows\System32\drivers\vbma3ff2.sys
[2010/11/29 01:35:10 | 000,233,632 | RH-- | M] () -- C:\NTLDR
[2010/11/29 01:35:10 | 000,047,580 | RH-- | M] () -- C:\NTDETECT.COM
[2010/11/29 00:41:26 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\~$in Documentation.docx
[2010/11/29 00:39:00 | 000,000,115 | ---- | M] () -- C:\Windows\System32\version.ini
[2010/11/29 00:32:43 | 000,000,108 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Bitdefender Serial.rar
[2010/11/29 00:25:30 | 000,003,023 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\50492_170463769633090_3140060_q.jpg
[2010/11/29 00:08:26 | 084,543,856 | ---- | M] ( ) -- C:\Documents and Settings\WINDOWS XP\Desktop\setup_9.0.0.722_29.11.2010_06-15.exe
[2010/11/29 00:04:21 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\WINDOWS XP\Desktop\mbam-setup-1.46.exe
[2010/11/28 23:49:14 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/28 23:29:43 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Flash_Disinfector.exe
[2010/11/28 23:15:17 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled.bmp
[2010/11/28 23:02:18 | 003,981,348 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Combo-Fix.exe
[2010/11/28 22:15:13 | 000,001,324 | ---- | M] () -- C:\Windows\System32\d3d9caps.dat
[2010/11/28 21:36:29 | 000,002,050 | ---- | M] () -- C:\Windows\System32\tmp.reg
[2010/11/28 02:17:25 | 000,052,950 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\005.gif
[2010/11/27 14:20:03 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/27 13:55:32 | 000,011,715 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\My Documents\Good Carbs and Bad Carbs.docx
[2010/11/27 08:50:41 | 001,413,788 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter 5 - Unobtrusive Methods of Information Gathering.pdf
[2010/11/27 07:40:40 | 000,303,624 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/11/26 04:40:22 | 000,430,090 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Third Long Test.pdf
[2010/11/25 08:59:38 | 000,597,842 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter 6 - Prototyping, RAD, and Extreme Programming.pdf
[2010/11/25 04:59:14 | 000,040,484 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Main Documentation Chapters-guide.docx
[2010/11/22 08:14:41 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\My Documents\Rescue.asd
[2010/11/20 08:12:54 | 000,000,916 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Ultra Accelerator.lnk
[2010/11/16 03:35:09 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Garena.lnk
[2010/11/15 20:55:11 | 000,001,108 | ---- | M] () -- C:\Windows\checkip.dat
[2010/11/15 20:52:38 | 000,001,167 | ---- | M] () -- C:\Windows\ipconfig.dat
[2010/11/15 19:29:01 | 000,000,020 | ---- | M] () -- C:\Windows\GKLauncherInfo.ini
[2010/11/15 18:57:16 | 000,002,799 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Desktop\.NETSpeedBoost 6.0 Professional Edition.lnk
[2010/11/13 01:42:00 | 000,000,025 | ---- | M] () -- C:\Windows\popcinfot.dat
[2010/11/13 01:24:41 | 000,005,006 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\Application Data\settings.dat
[2010/11/09 06:35:42 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\WINDOWS XP\PUTTY.RND
[2010/11/07 09:25:05 | 000,435,590 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/07 09:25:05 | 000,068,360 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/02 08:49:19 | 000,729,088 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 9 - Internet.ppt
[2010/12/02 08:49:14 | 000,837,120 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 7a - Internetworking.ppt
[2010/12/02 08:44:43 | 000,119,677 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Week 11 - Network Security.pptx
[2010/12/01 19:02:26 | 000,001,332 | ---- | C] () -- C:\OTLPE.lnk
[2010/12/01 09:38:19 | 000,077,685 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\BtX.Wallpaper.122985.jpg
[2010/11/29 17:06:40 | 000,023,462 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3 (2).docx
[2010/11/29 12:00:42 | 000,017,288 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Title Page - Documentation.docx
[2010/11/29 11:52:47 | 000,022,128 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3 (1).docx
[2010/11/29 10:39:32 | 000,021,258 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter3.docx
[2010/11/29 10:09:51 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Visio Drawing.vsd
[2010/11/29 10:03:51 | 000,132,872 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document (2)3.docx
[2010/11/29 04:55:50 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled3.bmp
[2010/11/29 04:55:40 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled2.bmp
[2010/11/29 04:52:15 | 000,020,359 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\FileLister.zip
[2010/11/29 03:41:46 | 000,233,632 | RH-- | C] () -- C:\NTLDR
[2010/11/29 03:41:46 | 000,047,580 | RH-- | C] () -- C:\NTDETECT.COM
[2010/11/29 03:41:46 | 000,000,952 | RH-- | C] () -- C:\boot.ini
[2010/11/29 03:24:45 | 000,030,189 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document (2).docx
[2010/11/29 03:16:13 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\exeHelper_2.com
[2010/11/29 02:50:02 | 000,035,513 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\New Microsoft Office Word Document.docx
[2010/11/29 02:48:51 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\rkill.com
[2010/11/29 00:41:26 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\~$in Documentation.docx
[2010/11/29 00:38:58 | 000,000,115 | ---- | C] () -- C:\Windows\System32\version.ini
[2010/11/29 00:32:45 | 000,000,108 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Bitdefender Serial.rar
[2010/11/29 00:25:32 | 000,003,023 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\50492_170463769633090_3140060_q.jpg
[2010/11/28 23:49:14 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/28 23:29:36 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Flash_Disinfector.exe
[2010/11/28 23:15:16 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\untitled.bmp
[2010/11/28 23:05:12 | 000,002,457 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\HiJackThis.lnk
[2010/11/28 22:59:57 | 003,981,348 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Combo-Fix.exe
[2010/11/28 21:33:33 | 000,002,050 | ---- | C] () -- C:\Windows\System32\tmp.reg
[2010/11/28 21:32:44 | 000,075,776 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe
[2010/11/28 21:32:44 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe
[2010/11/28 21:32:44 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
[2010/11/28 20:36:50 | 000,040,484 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Main Documentation Chapters-guide.docx
[2010/11/28 02:17:29 | 000,052,950 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\005.gif
[2010/11/27 13:35:10 | 000,011,715 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\My Documents\Good Carbs and Bad Carbs.docx
[2010/11/27 08:50:35 | 001,413,788 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter 5 - Unobtrusive Methods of Information Gathering.pdf
[2010/11/27 07:44:25 | 000,430,090 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Third Long Test.pdf
[2010/11/25 08:59:01 | 000,597,842 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Chapter 6 - Prototyping, RAD, and Extreme Programming.pdf
[2010/11/25 05:09:26 | 000,034,342 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Desktop\Main Documentation.docx
[2010/11/22 08:14:41 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\My Documents\Rescue.asd
[2010/11/20 08:12:54 | 000,000,916 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Ultra Accelerator.lnk
[2010/11/09 06:35:26 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\PUTTY.RND
[2010/11/05 04:00:47 | 000,000,020 | ---- | C] () -- C:\Windows\GKLauncherInfo.ini
[2010/11/04 06:57:47 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\UserFlag.ini
[2010/10/22 23:37:34 | 000,304,092 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\farm.bmp
[2010/10/16 22:58:46 | 000,005,006 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\settings.dat
[2010/10/03 00:21:00 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2010/08/10 06:37:56 | 000,000,141 | ---- | C] () -- C:\Windows\option.ini
[2010/08/10 06:35:00 | 000,036,864 | ---- | C] () -- C:\Windows\System32\EGameEncrypt.dll
[2010/05/26 10:08:10 | 099,580,183 | ---- | C] () -- C:\Program Files\N0kia.rar
[2010/03/24 21:35:27 | 000,000,318 | ---- | C] () -- C:\Windows\WpePro_0delay.INI
[2010/03/24 05:13:43 | 000,000,321 | ---- | C] () -- C:\Windows\WPE PRO.INI
[2010/03/19 04:11:48 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/02/24 05:34:43 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2010/02/05 08:09:37 | 000,000,306 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/01/06 08:55:56 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/01/06 08:55:56 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010/01/06 08:55:31 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2009/12/12 09:16:03 | 000,033,824 | ---- | C] () -- C:\Windows\System32\drivers\oreans32.sys
[2009/11/22 12:13:05 | 000,124,230 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Application Data\debuggee.mdmp
[2009/10/23 00:17:19 | 000,159,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/10/22 10:39:52 | 000,003,120 | ---- | C] () -- C:\Windows\System32\6ffdbcaf-f6c1-42d3-a4a9-c7957224a70b.dll
[2009/09/24 03:39:26 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009/09/21 01:56:05 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/09/21 01:56:04 | 000,100,864 | ---- | C] () -- C:\Documents and Settings\WINDOWS XP\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/14 07:00:00 | 000,900,944 | ---- | C] () -- C:\Windows\System32\msoibenw.dll
[2008/04/14 07:00:00 | 000,038,400 | ---- | C] () -- C:\Windows\System32\drivers\vbma3ff2.sys
[2008/02/27 01:32:21 | 000,004,161 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2006/05/16 01:25:43 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hpzids01.dll
[2001/08/29 06:57:40 | 000,155,648 | ---- | C] () -- C:\Windows\System32\addurl41.DLL
[2001/07/10 01:43:16 | 000,018,432 | ---- | C] () -- C:\Windows\System32\winwatch.DLL

========== LOP Check ==========

[2010/03/09 17:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\AVG9
[2010/07/28 03:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Bytessence
[2010/11/09 08:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\DMCache
[2009/10/22 10:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\e frontier
[2010/10/06 04:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Garena
[2010/10/22 19:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\GetRightToGo
[2010/09/02 01:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\GrabPro
[2010/02/02 06:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Grasssoft
[2010/11/10 08:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\IDM
[2010/04/26 05:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\LimeWire
[2010/05/29 02:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Mouse Recorder Pro
[2010/03/28 09:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\MSNInstaller
[2010/09/03 00:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\MySQL
[2009/09/27 06:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Nokia
[2010/05/26 07:49:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\OpenCandy
[2010/09/06 08:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Orbit
[2009/09/27 06:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\PC Suite
[2010/09/02 01:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\ProgSense
[2010/02/23 07:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Secret of the Solstice
[2010/02/10 06:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Sony
[2009/12/30 04:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Sony Setup
[2010/02/08 05:30:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Stardock
[2010/06/12 21:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Subversion
[2010/09/13 19:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Toolbar4
[2010/04/13 22:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Ubisoft
[2010/10/26 03:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\Uniblue
[2010/11/27 21:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WINDOWS XP\Application Data\uTorrent
[2010/10/16 09:42:30 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\Uniblue SpyEraser.job
[2010/12/04 21:52:00 | 000,000,298 | -H-- | M] () -- C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/12/04 21:26:00 | 000,000,298 | -H-- | M] () -- C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

========== Purity Check ==========


< End of report >
  • 0

#30
nijisan

nijisan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
bump to top
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP