Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need help


  • Please log in to reply

#1
ArchX

ArchX

    New Member

  • Member
  • Pip
  • 8 posts
I've posted my problems in THIStopic.

You can get all the information from that topic ... please try to help me, thanks !

My Log from OTL scan:

OTL logfile created on: 9.4.2011 17:09:41 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrator\Desktop\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041A | Country: Croatia | Language: HRV | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 37,88 Gb Free Space | 25,41% Space Free | Partition Type: NTFS
Drive H: | 465,76 Gb Total Space | 183,47 Gb Free Space | 39,39% Space Free | Partition Type: NTFS

Computer Name: DOMA-FF61133048 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.04.09 17:09:31 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\desktop\Downloads\OTL.exe
PRC - [2011.03.23 20:59:05 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.02.26 03:19:28 | 003,502,992 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.11.07 23:52:57 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2009.02.06 15:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.02.06 15:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008.04.14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011.04.09 17:09:31 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\desktop\Downloads\OTL.exe
MOD - [2011.02.26 03:19:34 | 000,972,176 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_44036.dll
MOD - [2010.08.23 18:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.04.14 06:42:12 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.01.13 21:53:05 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.07 23:52:57 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010.11.07 23:52:56 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.16 13:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.02.06 15:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.02.06 15:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2004.08.04 06:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset)


========== Driver Services (SafeList) ==========

DRV - [2011.02.01 22:33:23 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.12.22 18:17:43 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.12.22 18:17:43 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.07.06 19:26:54 | 006,088,296 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.07.06 04:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.11.18 08:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 08:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.02.06 15:24:24 | 000,093,336 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.02.06 15:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.02.06 15:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2006.07.02 04:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.08.09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [1998.09.16 10:07:10 | 000,041,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfc4.sys -- (SFC4)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:2.7.2.0
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.31.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.29 09:41:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.23 20:59:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.11.07 22:45:20 | 000,000,000 | ---D | M]

[2010.11.09 22:54:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2011.04.09 15:33:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\suq7oyo3.default\extensions
[2010.11.13 18:28:24 | 000,000,000 | ---D | M] (BitTorrentBar Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\suq7oyo3.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011.02.05 14:07:17 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\suq7oyo3.default\extensions\[email protected]
[2011.04.08 13:37:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.22 18:27:18 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010.10.27 07:42:57 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010.10.27 07:42:57 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.10.27 07:42:57 | 000,000,786 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eudict.xml
[2010.10.27 07:42:57 | 000,001,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-hr.xml

O1 HOSTS File: ([2010.04.30 15:56:09 | 000,001,798 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1289163113968 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1289163207671 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.139.104.2 83.139.105.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.06 23:23:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4ead3f36-efe0-11df-a658-0019dbdb8a61}\Shell - "" = AutoRun
O33 - MountPoints2\{4ead3f36-efe0-11df-a658-0019dbdb8a61}\Shell\Auto\command - "" = Autorun.exe
O33 - MountPoints2\{4ead3f36-efe0-11df-a658-0019dbdb8a61}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4ead3f36-efe0-11df-a658-0019dbdb8a61}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.04.08 13:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Auslogics
[2011.04.08 13:34:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
[2011.04.08 13:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2011.04.07 22:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\4A Games
[2011.04.07 22:04:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\4A Games
[2011.04.07 22:03:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\NVIDIA
[2011.04.07 21:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Razor 1911
[2011.04.07 15:41:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Unofficial Fallout 3 Patch
[2011.04.07 00:18:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup-Disabled
[2011.04.05 18:51:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fallout3
[2011.04.05 18:50:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2011.04.05 10:13:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Unofficial Shivering Isles Patch
[2011.03.29 11:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Oblivion Mod Manager
[2011.03.29 11:36:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Unofficial Oblivion Patch
[2011.03.27 17:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 6
[2011.03.23 15:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Electronic Arts
[2011.03.23 15:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Electronic Arts
[2011.03.23 15:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\TRiViUM
[2011.03.22 19:19:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2011.03.22 19:17:12 | 000,447,752 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2011.03.22 19:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2011.03.22 19:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011.03.22 16:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011.03.22 16:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2011.03.20 18:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bloodline Champions
[2011.03.20 18:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA
[2011.03.20 18:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011.03.20 18:19:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011.03.20 18:19:28 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011.03.20 13:47:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2011.03.20 13:46:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Firaxis Games
[2011.03.20 13:46:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Firaxis Games
[2011.03.19 15:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\BitTorrentBar
[2011.03.19 15:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2011.03.17 23:57:36 | 000,000,000 | ---D | C] -- C:\MSCAN
[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

========== Files - Modified Within 30 Days ==========

[2011.04.09 17:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2011.04.09 16:57:20 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EF792C15-E074-499A-A4D5-A81EBEBAB63C}.job
[2011.04.09 14:05:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.04.09 13:06:36 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.04.09 12:11:41 | 000,501,632 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.04.09 12:11:41 | 000,087,412 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.04.09 12:09:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.04.09 12:07:44 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011.04.09 12:07:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.04.08 14:33:50 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.04.08 14:33:27 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011.04.08 14:33:27 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2011.04.08 13:34:41 | 000,000,899 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Auslogics Disk Defrag.lnk
[2011.04.07 21:06:20 | 000,001,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Temperature.png
[2011.04.07 21:02:37 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\EVEREST Home Edition.lnk
[2011.04.06 21:39:02 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Word 2007.lnk
[2011.04.06 14:36:14 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Fallout Mod Manager.lnk
[2011.04.05 12:10:41 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2011.04.05 10:18:51 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Oblivion.lnk
[2011.04.05 10:15:57 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Oblivion Mod Manager.lnk
[2011.04.05 10:15:22 | 000,000,895 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TES Construction Set (Oblivion).lnk
[2011.04.05 09:53:19 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Oblivion.lnk
[2011.04.04 10:55:08 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Excel 2007.lnk
[2011.04.02 21:33:50 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011.03.31 23:20:56 | 000,087,570 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\the-elder-scrolls-v-skyrim-20110330052320824_640w.jpg
[2011.03.27 17:15:51 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk
[2011.03.26 17:17:55 | 000,252,080 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.03.26 17:17:55 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.03.26 17:17:53 | 000,252,080 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.03.23 15:49:32 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Sims™ Medieval.lnk
[2011.03.22 16:56:16 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011.03.21 14:12:48 | 001,448,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.03.20 18:30:01 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Bloodline Champions.lnk
[2011.03.20 13:46:28 | 000,001,656 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sid Meier's Pirates!.lnk
[2011.03.16 23:21:30 | 000,327,866 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\dragonborn_1920x1200.jpg
[2011.03.16 23:21:11 | 000,164,032 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\elderscrolls-background3.jpg
[2011.03.16 01:26:46 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2011.04.08 13:34:41 | 000,000,899 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Auslogics Disk Defrag.lnk
[2011.04.07 21:06:18 | 000,001,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Temperature.png
[2011.04.07 21:02:37 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\EVEREST Home Edition.lnk
[2011.04.05 10:17:47 | 000,000,852 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Oblivion.lnk
[2011.04.05 10:15:22 | 000,000,895 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TES Construction Set (Oblivion).lnk
[2011.04.05 09:53:19 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Oblivion.lnk
[2011.03.31 23:20:55 | 000,087,570 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\the-elder-scrolls-v-skyrim-20110330052320824_640w.jpg
[2011.03.29 11:57:07 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Oblivion Mod Manager.lnk
[2011.03.29 11:33:20 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2011.03.27 17:15:51 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk
[2011.03.23 15:49:31 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Sims™ Medieval.lnk
[2011.03.22 16:56:16 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011.03.20 18:30:01 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Bloodline Champions.lnk
[2011.03.20 18:20:04 | 000,120,184 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011.03.20 13:46:28 | 000,001,656 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Sid Meier's Pirates!.lnk
[2011.03.17 23:58:03 | 000,001,942 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2011.03.17 23:58:03 | 000,001,901 | ---- | C] () -- C:\WINDOWS\ATM.INI
[2011.03.17 23:58:03 | 000,000,027 | ---- | C] () -- C:\WINDOWS\ACROGRAF.INI
[2011.03.17 23:57:41 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfc4.sys
[2011.03.17 23:57:41 | 000,010,041 | ---- | C] () -- C:\WINDOWS\System\msfcepp2.vxd
[2011.03.17 23:57:39 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System\LFKODAK.DLL
[2011.03.16 23:21:28 | 000,327,866 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\dragonborn_1920x1200.jpg
[2011.03.16 23:21:10 | 000,164,032 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\elderscrolls-background3.jpg
[2011.02.26 03:19:32 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2011.02.05 14:21:52 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys
[2011.01.14 16:51:30 | 000,153,600 | ---- | C] () -- C:\WINDOWS\System32\AI_ContextMenu.dll
[2011.01.10 19:02:35 | 000,000,209 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\D2Info0
[2011.01.10 19:02:35 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\DofusAppId0_2
[2011.01.03 23:43:55 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2010.12.28 21:33:53 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.12.28 21:33:44 | 000,214,520 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.12.28 21:33:23 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.12.28 21:16:55 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.12.26 12:35:16 | 000,000,563 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010.12.22 18:17:43 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.12.22 18:17:43 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.11.26 11:30:58 | 000,027,316 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.11.24 22:14:22 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010.11.22 22:06:18 | 000,019,521 | ---- | C] () -- C:\WINDOWS\hpqins13.dat
[2010.11.22 16:11:47 | 000,157,204 | ---- | C] () -- C:\WINDOWS\hphins26.dat
[2010.11.22 16:11:47 | 000,000,787 | ---- | C] () -- C:\WINDOWS\hphmdl26.dat
[2010.11.11 22:33:06 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.11.09 23:03:17 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.09 23:03:16 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.09 22:54:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.11.07 23:29:45 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.11.07 23:29:44 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.11.07 23:29:43 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.11.07 00:07:32 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.07 00:05:19 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.11.07 00:04:53 | 001,448,608 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.06 23:24:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.11.06 23:20:29 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.07.10 06:38:00 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009.03.13 16:06:30 | 000,357,101 | ---- | C] () -- C:\WINDOWS\reset.exe
[2008.12.19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007.11.26 21:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2006.11.02 18:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004.08.04 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.04 06:00:00 | 000,501,632 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.04 06:00:00 | 000,087,412 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.04 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011.01.10 19:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\app
[2011.04.08 13:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Auslogics
[2011.04.07 00:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BitTorrent
[2010.11.26 11:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.02.01 22:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite
[2010.12.07 12:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Pro
[2011.01.10 19:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Dofus 2
[2011.01.10 19:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.11.07 23:40:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GlarySoft
[2010.12.23 03:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ImgBurn
[2011.03.20 13:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2010.11.10 13:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LolClient
[2011.01.10 19:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011.03.27 17:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TeamViewer
[2010.11.13 01:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TS3Client
[2010.11.07 23:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TuneUp Software
[2010.11.08 23:33:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\URSoft
[2011.04.07 22:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2011.02.01 22:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.12.07 12:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2011.03.22 19:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2011.03.22 19:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010.11.07 22:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011.04.05 18:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fallout3
[2011.02.13 20:57:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lionhead Studios
[2011.01.03 16:32:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010.11.25 23:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010.11.08 23:34:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.11.07 23:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011.01.14 16:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2011.03.04 10:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.11.07 23:16:10 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2011.04.09 17:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2011.04.09 12:07:44 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2010.11.07 23:12:15 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryUpdate.job
[2011.04.09 16:57:20 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{EF792C15-E074-499A-A4D5-A81EBEBAB63C}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13

< End of report >


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP