Hello...
It's ok I know here is a lot of people who need help:)
Anyway...thanks for replying!
Here are RK reportsRogueKiller V6.1.8 [11/14/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback:
http://www.geekstogo...13-roguekiller/Blog:
http://tigzyrk.blogspot.comOperating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: andro [Admin rights]
Mode: Remove -- Date : 11/14/2011 22:03:50
Bad processes: 2
[SUSP PATH] adawarebp.dll -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.dll -> UNLOADED
[SUSP PATH] adawarebp.exe -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe -> KILLED [TermProc]
Registry Entries: 5
[SUSP PATH] HKLM\[...]\Run : Ad-Aware Browsing Protection ("C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe") -> DELETED
[SUSP PATH] GIGABYTE VGA Utility.lnk : C:\Documents and Settings\andro\Application Data\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe -> DELETED
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> REPLACED (C:\Documents and Settings\andro\Local Settings\Application Data\Microsoft\Wallpaper1.bmp)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
Particular Files / Folders:
Driver: [LOADED]
Infection :
HOSTS File:
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]
Finished : << RKreport[1].txt >>
RKreport[1].txt
------------------------------------------------------------------------------------------------------
RogueKiller V6.1.8 [11/14/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback:
http://www.geekstogo...13-roguekiller/Blog:
http://tigzyrk.blogspot.comOperating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: andro [Admin rights]
Mode: Shortcuts HJfix -- Date : 11/14/2011 22:49:46
Bad processes: 0
Driver: [LOADED]
File attributes restored:
Desktop: Success 484 / Fail 0
Quick launch: Success 9 / Fail 0
Programs: Success 49892 / Fail 0
Start menu: Success 368 / Fail 0
User folder: Success 7630 / Fail 6
My documents: Success 3240 / Fail 3
My favorites: Success 56 / Fail 1
My pictures: Success 0 / Fail 1
My music: Success 0 / Fail 1
My videos: Success 0 / Fail 0
Local drives: Success 41726 / Fail 7
Backup: [FOUND] Success 298 / Fail 7
Drives:
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped
[E:] \Device\Harddisk1\DP(1)0-0+6 -- 0x2 --> Restored
[F:] \Device\Harddisk2\DP(1)0-0+7 -- 0x2 --> Restored
[G:] \Device\Harddisk3\DP(1)0-0+8 -- 0x2 --> Restored
[H:] \Device\Harddisk4\DP(1)0-0+9 -- 0x2 --> Restored
Infection : Fake HDD
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
...and OTL reportOTL logfile created on: 11/14/2011 22:58:43 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\andro\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000424 | Country: Slovenia | Language: SLV | Date Format: M/d/yyyy
2,00 Gb Total Physical Memory | 0,75 Gb Available Physical Memory | 37,54% Memory free
3,85 Gb Paging File | 2,79 Gb Available in Paging File | 72,54% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 131,06 Gb Free Space | 56,28% Space Free | Partition Type: NTFS
Computer Name: JUD-03F4AE0B207 | User Name: andro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/11/10 23:19:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\andro\Desktop\OTL.exe
PRC - [2011/11/09 23:19:43 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/09 16:35:10 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/11/09 16:35:10 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/10/24 15:42:24 | 000,161,336 | ---- | M] (Google) -- C:\Documents and Settings\andro\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/10/11 14:00:32 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/10/11 14:00:20 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/10/11 14:00:10 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011/10/11 14:00:08 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/10/11 14:00:08 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/09/27 11:18:14 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011/09/27 11:15:38 | 001,526,080 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011/09/05 15:20:30 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2011/08/31 16:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2009/03/09 07:37:38 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\UTSCSI.EXE
PRC - [2009/03/05 15:07:20 | 002,260,480 | R-S- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/01/14 09:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
========== Modules (No Company Name) ========== MOD - [2011/11/11 11:17:32 | 000,508,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\thorax.aaw
MOD - [2011/11/09 23:19:41 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/11/09 16:35:12 | 000,591,232 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll
MOD - [2011/11/09 16:35:12 | 000,430,568 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Viprebridge.dll
MOD - [2011/11/09 16:35:12 | 000,308,560 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll
MOD - [2011/10/13 11:45:15 | 008,522,400 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/10/11 14:00:22 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/10/11 13:50:10 | 000,193,904 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MOD - [2011/10/11 13:50:08 | 000,210,288 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/02/05 19:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/03/09 07:37:38 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\UTSCSI.EXE
MOD - [2008/04/14 01:12:03 | 000,562,176 | ---- | M] () -- C:\WINDOWS\system32\qedit.dll
MOD - [2008/04/14 01:12:03 | 000,386,048 | ---- | M] () -- C:\WINDOWS\system32\qdvd.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/03/29 16:42:20 | 000,159,744 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mmfinfo.dll
MOD - [2008/03/29 16:41:52 | 000,023,552 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkunicode.dll
MOD - [2007/03/11 00:10:14 | 000,958,464 | ---- | M] () -- C:\Program Files\DirectVobSub\VSFilter.dll
MOD - [2005/01/14 09:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (ekrn)
SRV - File not found [On_Demand | Stopped] -- -- (EhttpSrv)
SRV - [2011/11/09 16:35:10 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/10/11 14:00:20 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/11 14:00:10 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011/10/11 14:00:08 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/09/27 11:15:38 | 001,526,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/03/09 07:37:38 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UTSCSI.EXE -- (UTSCSI)
SRV - [2009/02/15 22:01:50 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006/01/05 00:06:02 | 000,163,840 | ---- | M] (Alex Feinman) [On_Demand | Stopped] -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe -- (Imapi Helper)
SRV - [2005/01/14 09:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)
========== Driver Services (SafeList) ========== DRV - [2011/11/14 22:50:58 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2011/11/09 16:35:12 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/11/09 16:35:10 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/10/11 14:00:32 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/10/11 14:00:32 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/11 14:00:32 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/10/10 17:43:33 | 006,108,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011/08/31 16:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/11/29 18:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/01/19 17:14:50 | 000,409,728 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPC610NC.SYS -- (SPC610NC)
DRV - [2007/01/19 17:14:50 | 000,409,728 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPC610NC.SYS -- (SPC500NC)
DRV - [2005/07/12 18:53:20 | 000,007,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gflmouhid.sys -- (genmcmnUSB)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...ie=utf8&oe=utf8IE - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "
http://search.babylo....10&affID=8346"FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\andro\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\andro\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\andro\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=7: C:\Documents and Settings\andro\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\andro\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/21 12:11:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/09 23:19:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/27 00:20:15 | 000,000,000 | ---D | M]
[2009/05/28 14:10:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\andro\Application Data\Mozilla\Extensions
[2009/05/28 14:10:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\andro\Application Data\Mozilla\Extensions\
[email protected][2011/10/17 14:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\andro\Application Data\Mozilla\Firefox\Profiles\gp94uszv.default\extensions
[2010/04/27 23:16:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\andro\Application Data\Mozilla\Firefox\Profiles\gp94uszv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/11 11:22:35 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Documents and Settings\andro\Application Data\Mozilla\Firefox\Profiles\gp94uszv.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2011/04/30 12:18:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\andro\Application Data\Mozilla\Firefox\Profiles\gp94uszv.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/11/11 23:48:19 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\andro\Application Data\Mozilla\Firefox\Profiles\gp94uszv.default\extensions\
[email protected][2011/11/09 23:19:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/06/18 19:04:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/11/09 23:19:43 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/08/29 22:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/10/14 22:50:59 | 000,002,286 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/05/07 11:40:29 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/02/26 20:55:59 | 000,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2010/02/26 20:55:59 | 000,001,963 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.xml
[2011/11/09 23:19:44 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/10/13 23:48:10 | 000,437,128 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15061 more lines...
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\andro\Application Data\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-1935655697-1972579041-839522115-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1935655697-1972579041-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRealMode = 0
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\andro\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\andro\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741}
http://static.slide....ageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565}
http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24}
http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.255.209.79 84.255.210.79
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A4DC16C-EC4E-4C90-9FDA-18354A1D5250}: DhcpNameServer = 84.255.209.79 84.255.210.79
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/06 22:34:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2011/11/14 21:56:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\andro\Desktop\RK_Quarantine
[2011/11/11 11:22:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\andro\Local Settings\Application Data\adaware
[2011/11/11 11:22:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2011/11/11 11:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2011/11/11 11:22:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\andro\Application Data\adawaretb
[2011/11/11 11:22:25 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
[2011/11/11 11:15:24 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/11/11 11:15:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2011/11/10 23:19:19 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\andro\Desktop\OTL.exe
[2011/11/10 21:14:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\andro\Recent
[2011/11/10 21:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2011/11/09 23:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\andro\Start Menu\Programs\System Restore
[2011/11/02 15:06:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\andro\Desktop\Programi za popravljanje
[2011/10/22 00:56:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2011/10/19 12:39:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\andro\Application Data\Avira
[2011/10/19 12:39:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/10/19 12:37:24 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/10/19 12:37:22 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/10/19 12:37:22 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/10/19 12:37:22 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2011/10/19 12:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/10/19 12:37:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
========== Files - Modified Within 30 Days ========== [2011/11/14 23:29:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{230EEDDC-82E4-431D-A367-06967DB0A346}.job
[2011/11/14 23:18:34 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{430299A3-091D-4492-A6EA-F3942E2ADFC9}.job
[2011/11/14 23:01:01 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/11/14 22:52:37 | 000,000,069 | -H-- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/11/14 22:50:58 | 000,111,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011/11/14 22:32:00 | 000,001,136 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-1972579041-839522115-1004UA.job
[2011/11/14 22:09:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1935655697-1972579041-839522115-1004.job
[2011/11/14 22:09:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-1972579041-839522115-1004.job
[2011/11/14 21:55:43 | 000,747,008 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\RogueKiller.exe
[2011/11/14 20:32:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-1972579041-839522115-1004Core.job
[2011/11/14 19:35:49 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/11/14 19:31:52 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/14 19:29:34 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-1972579041-839522115-1003.job
[2011/11/14 19:29:34 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\DriverScanner.job
[2011/11/14 19:29:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/11 15:02:18 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2011/11/11 11:37:17 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/11/11 11:22:22 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/11/11 11:19:48 | 012,021,760 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Ad-Aware96Install.msi
[2011/11/10 23:19:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\andro\Desktop\OTL.exe
[2011/11/10 23:02:57 | 019,461,595 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\GridinSoft.Trojan.Killer.v2.0.7.4.Incl.Patch.AND.Key.zip
[2011/11/09 23:26:29 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\POuTdP5zq0KlvR
[2011/11/09 23:24:49 | 000,000,296 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~POuTdP5zq0KlvR
[2011/11/09 23:24:49 | 000,000,216 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~POuTdP5zq0KlvRr
[2011/11/09 23:24:47 | 000,000,857 | ---- | M] () -- C:\Documents and Settings\andro\Application Data\Microsoft\Internet Explorer\Quick Launch\System Restore.lnk
[2011/11/09 23:15:45 | 000,424,792 | -H-- | M] () -- C:\WINDOWS\0.6623914605106059.exe
[2011/11/09 22:53:40 | 000,270,152 | ---- | M] () -- C:\Documents and Settings\andro\My Documents\Alja.rtf
[2011/11/09 16:35:12 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/11/09 16:09:39 | 000,141,824 | -H-- | M] () -- C:\Documents and Settings\andro\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/09 15:13:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1935655697-1972579041-839522115-1003.job
[2011/11/09 14:11:24 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/11/09 14:11:24 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/11/06 15:29:42 | 009,252,277 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Vesna Zmijanac 2011 - 08 - www.FolkoTeka.com - Ako me umiris sad.mp3
[2011/11/06 15:26:26 | 007,684,905 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Vesna Zmijanac 2011 - 07 - www.FolkoTeka.com - Andjele.mp3
[2011/11/06 15:20:40 | 006,972,276 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Vesna Zmijanac 2011 - 05 - www.FolkoTeka.com - Mana.mp3
[2011/11/06 15:11:45 | 007,388,161 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Vesna Zmijanac 2011 - 02 - www.FolkoTeka.com - Pevajte mi pesme.mp3
[2011/11/06 14:34:46 | 005,715,808 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Ado Gegaj 2011 - www.FolkoTeka.com - Vila srece.mp3
[2011/11/06 13:51:46 | 008,480,021 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 07 - Bivsa draga - www.FolkoTeka.com - 2011.mp3
[2011/11/06 13:49:50 | 008,917,827 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 06 - Majka - www.FolkoTeka.com - 2011.mp3
[2011/11/06 13:46:10 | 007,334,812 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 05 - Ludo ljeto - www.FolkoTeka.com - 2011.mp3
[2011/11/06 13:38:12 | 009,637,767 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 03 - Za koju cijenu si dusu prodala - www.FolkoTeka.com - 2011.mp3
[2011/11/06 13:35:13 | 009,062,013 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 02 - Pravo na ljubav - www.FolkoTeka.com - 2011.mp3
[2011/11/06 13:31:13 | 008,264,757 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 01 - Subota je ludilo - www.FolkoTeka.com - 2011.mp3
[2011/11/04 12:31:31 | 001,547,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/04 01:44:19 | 000,436,026 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/04 01:44:19 | 000,068,796 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/04 01:39:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/03 14:04:53 | 000,013,480 | ---- | M] () -- C:\Documents and Settings\andro\Desktop\T2 Playlist 19.10.2011.m3u
[2011/10/19 12:39:27 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
========== Files Created - No Company Name ========== [2011/11/14 22:09:20 | 000,001,843 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLounge.lnk
[2011/11/14 22:09:20 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2011.lnk
[2011/11/14 22:09:20 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/11/14 22:09:20 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2011/11/14 22:09:20 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/11/14 22:09:20 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/11/14 22:09:20 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/11/14 22:09:20 | 000,000,857 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\Microsoft\Internet Explorer\Quick Launch\System Restore.lnk
[2011/11/14 22:09:20 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/14 22:09:20 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/14 22:09:20 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 22:09:20 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DriverScanner.lnk
[2011/11/14 22:09:20 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\Microsoft\Internet Explorer\Quick Launch\DriverScanner.lnk
[2011/11/14 22:09:20 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RegClean Pro.lnk
[2011/11/14 22:09:20 | 000,000,610 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/11/14 22:09:20 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2011/11/14 22:09:20 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/11/14 22:09:19 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011/11/14 22:09:19 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2011/11/14 22:09:19 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/11/14 22:09:17 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/11/14 22:09:17 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
[2011/11/14 22:09:13 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/11/14 22:09:13 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/11/14 22:09:13 | 000,001,100 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk
[2011/11/14 22:09:13 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Stock Photos CS3.lnk
[2011/11/14 22:09:13 | 000,000,856 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Photoshop CS3.lnk
[2011/11/14 22:09:13 | 000,000,539 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe InDesign CS.lnk
[2011/11/14 22:09:12 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Device Central CS3.lnk
[2011/11/14 22:09:12 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Bridge CS3.lnk
[2011/11/14 21:56:18 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011/11/14 21:55:47 | 000,747,008 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\RogueKiller.exe
[2011/11/11 14:18:10 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/11/11 11:19:55 | 012,021,760 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Ad-Aware96Install.msi
[2011/11/11 11:15:25 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/11/10 23:01:06 | 019,461,595 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\GridinSoft.Trojan.Killer.v2.0.7.4.Incl.Patch.AND.Key.zip
[2011/11/09 23:24:49 | 000,000,296 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~POuTdP5zq0KlvR
[2011/11/09 23:24:49 | 000,000,216 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~POuTdP5zq0KlvRr
[2011/11/09 23:24:44 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\POuTdP5zq0KlvR
[2011/11/09 23:15:41 | 000,424,792 | -H-- | C] () -- C:\WINDOWS\0.6623914605106059.exe
[2011/11/06 15:29:32 | 009,252,277 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Vesna Zmijanac 2011 - 08 - www.FolkoTeka.com - Ako me umiris sad.mp3
[2011/11/06 15:26:17 | 007,684,905 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Vesna Zmijanac 2011 - 07 - www.FolkoTeka.com - Andjele.mp3
[2011/11/06 15:20:32 | 006,972,276 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Vesna Zmijanac 2011 - 05 - www.FolkoTeka.com - Mana.mp3
[2011/11/06 15:11:37 | 007,388,161 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Vesna Zmijanac 2011 - 02 - www.FolkoTeka.com - Pevajte mi pesme.mp3
[2011/11/06 14:34:41 | 005,715,808 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Ado Gegaj 2011 - www.FolkoTeka.com - Vila srece.mp3
[2011/11/06 13:51:37 | 008,480,021 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 07 - Bivsa draga - www.FolkoTeka.com - 2011.mp3
[2011/11/06 13:49:42 | 008,917,827 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 06 - Majka - www.FolkoTeka.com - 2011.mp3
[2011/11/06 13:46:02 | 007,334,812 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 05 - Ludo ljeto - www.FolkoTeka.com - 2011.mp3
[2011/11/06 13:38:02 | 009,637,767 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 03 - Za koju cijenu si dusu prodala - www.FolkoTeka.com - 2011.mp3
[2011/11/06 13:35:02 | 009,062,013 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 02 - Pravo na ljubav - www.FolkoTeka.com - 2011.mp3
[2011/11/06 13:31:03 | 008,264,757 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\Davor Badrov - 01 - Subota je ludilo - www.FolkoTeka.com - 2011.mp3
[2011/11/04 01:39:04 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/11/03 14:04:51 | 000,013,480 | ---- | C] () -- C:\Documents and Settings\andro\Desktop\T2 Playlist 19.10.2011.m3u
[2011/04/23 14:07:51 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/23 14:07:51 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/01/03 14:18:55 | 000,467,968 | ---- | C] () -- C:\WINDOWS\VPro500.exe
[2010/12/13 15:33:36 | 000,000,518 | -H-- | C] () -- C:\WINDOWS\System32\SPC610NC.ini
[2010/12/13 14:18:12 | 000,004,990 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\mtbjfghn.xbe
[2010/12/11 13:48:21 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/12/11 13:48:18 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/12/11 13:48:18 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/12/11 13:47:55 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/02/18 18:27:07 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/01/09 19:31:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe
[2009/10/29 12:32:20 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2009/09/09 11:09:19 | 000,004,767 | -H-- | C] () -- C:\WINDOWS\Irremote.ini
[2009/08/13 23:13:52 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009/08/03 04:58:44 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\gflmouhid.sys
[2009/08/03 03:50:16 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\fSAw0BYJat.gif
[2009/08/03 03:50:16 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\fSAw0BYJzn.gif
[2009/08/03 03:50:16 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\andro\Application Data\fSAw0BYJby.gif
[2009/06/03 10:50:31 | 000,000,032 | --S- | C] () -- C:\WINDOWS\System32\273640422.dat
[2009/03/13 12:38:11 | 000,000,069 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/09 07:37:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\UTSCSI.EXE
[2008/12/17 14:11:10 | 000,000,572 | ---- | C] () -- C:\WINDOWS\WT.INI
[2008/12/13 21:48:39 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/08/16 12:18:07 | 000,000,099 | -H-- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/07/01 21:21:09 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\IlmImf.dll
[2008/07/01 21:21:09 | 000,353,280 | ---- | C] () -- C:\WINDOWS\System32\pmtf2.dll
[2008/07/01 21:21:09 | 000,271,872 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib.dll
[2008/07/01 21:21:09 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib2.dll
[2008/07/01 21:21:09 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\pmjp.dll
[2008/07/01 21:21:09 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\pmtf1.dll
[2008/07/01 21:21:09 | 000,204,288 | ---- | C] () -- C:\WINDOWS\System32\pmtf3.dll
[2008/07/01 21:21:09 | 000,112,128 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib3.dll
[2008/07/01 21:21:09 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pmexr.dll
[2008/07/01 21:21:09 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmbm.dll
[2008/06/11 10:58:20 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/06/11 10:58:12 | 002,121,235 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2008/06/11 10:58:12 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/06/11 10:58:12 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/06/11 10:58:04 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/06/10 11:24:12 | 000,001,160 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/06/09 16:40:50 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/06/09 15:54:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/06/08 14:23:23 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/06/07 15:24:36 | 000,141,824 | -H-- | C] () -- C:\Documents and Settings\andro\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/07 00:23:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/07 00:22:06 | 001,547,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/06/06 22:36:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/06/06 22:30:10 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/04/19 23:05:00 | 001,018,748 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2007/04/19 23:05:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004/08/04 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 13:00:00 | 000,436,026 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 13:00:00 | 000,068,796 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ========== [2009/09/05 20:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TuneUp Software
[2011/11/14 19:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2011/10/14 22:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2008/07/17 16:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/09/24 12:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2011/01/04 19:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/06/21 22:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011/10/14 23:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2008/11/28 14:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009/03/12 10:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/09/24 11:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/04/21 02:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters Inc
[2011/10/14 23:37:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2008/06/17 21:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2011/11/07 13:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/10/15 00:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/03/10 23:20:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2010/02/12 03:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/10/14 23:59:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2009/12/23 15:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2009/09/03 12:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\Acoustica
[2011/11/14 22:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\adawaretb
[2011/08/05 15:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\AskToolbar
[2010/02/12 22:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\Auslogics
[2011/10/14 22:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\Babylon
[2011/11/10 22:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\BitTorrent
[2010/12/13 14:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\Carambis
[2011/10/14 23:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\Complitly
[2009/09/24 11:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\DriverCure
[2011/08/18 15:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\DVDVideoSoft
[2011/08/15 12:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\DVDVideoSoftIEHelpers
[2011/11/10 22:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\GetRightToGo
[2010/06/03 14:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\LimeWire
[2008/06/09 15:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\MSNInstaller
[2009/03/12 10:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\NCH Swift Sound
[2008/10/03 12:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\Opera
[2008/06/18 10:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\Propellerhead Software
[2010/12/11 13:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\SystemRequirementsLab
[2011/10/15 01:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\Systweak
[2011/10/15 00:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\TuneUp Software
[2011/10/10 17:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\andro\Application Data\Uniblue
[2009/09/05 20:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\TuneUp Software
[2011/10/09 20:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jud\Application Data\BitTorrent
[2008/06/11 20:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jud\Application Data\Canon
[2008/07/07 22:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jud\Application Data\CoSoSys
[2011/10/09 20:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jud\Application Data\DNA
[2009/03/17 13:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jud\Application Data\Foxit
[2009/07/14 15:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jud\Application Data\LimeWire
[2008/09/19 21:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jud\Application Data\Opera
[2008/06/17 21:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jud\Application Data\Propellerhead Software
[2008/12/13 21:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jud\Application Data\Research In Motion
[2008/07/20 08:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jud\Application Data\TuneUp Software
[2011/10/22 00:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2011/11/14 19:35:49 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/11/14 19:29:34 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\DriverScanner.job
[2011/11/11 15:02:18 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
[2011/10/15 01:37:43 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
[2011/11/14 23:01:01 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/11/14 23:29:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{230EEDDC-82E4-431D-A367-06967DB0A346}.job
[2011/11/14 23:18:34 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{430299A3-091D-4492-A6EA-F3942E2ADFC9}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007/06/13 12:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< C:\Windows\assembly\tmp\U\*.* /s > ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
Will wait for the next steps when you reply!