Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

i cant install or download any anti virus


  • Please log in to reply

#1
Virus killer needed

Virus killer needed

    New Member

  • Member
  • Pip
  • 4 posts
i need help i will give u all the information u need
  • 0

Advertisements


#2
Virus killer needed

Virus killer needed

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
ok i read the instructions here whats going on the computer was crashing showing blue screen then after a while it stop and show the blue screen for a sec and restarts then i try to download bitdefener manager but it would not download so i try to just download the setup but when i try to setup it crashes the computer instantly. So i went and download Malwarebytes' Anti-Malware it cant update but it install and i ran a scan it foudn a couple viruses but the main virus is still there becasue when i try to update it still wont work, i uninstall it and try install bitdefender but no luck blue screen


OTL logfile created on: 25/12/2011 6:55:49 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1014.07 Mb Total Physical Memory | 96.00 Mb Available Physical Memory | 9.47% Memory free
2.39 Gb Paging File | 1.27 Gb Available in Paging File | 53.21% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 18.69 Gb Free Space | 25.09% Space Free | Partition Type: NTFS

Computer Name: LastXP20 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/25 18:53:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
PRC - [2011/12/04 12:07:44 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware2\mbamservice.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/07/16 22:21:04 | 000,302,592 | ---- | M] () -- C:\Users\Administrator\Desktop\gmer.exe
PRC - [2011/06/13 18:52:23 | 001,011,768 | ---- | M] (Google Inc.) -- C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/05/15 17:01:44 | 000,478,720 | ---- | M] (Crossrider) -- C:\Program Files\CrossriderWebApps\Crossrider.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/10/27 04:00:02 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/05 04:00:00 | 001,572,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/05/01 23:15:48 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/13 18:16:54 | 003,316,000 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_b427739.dll
MOD - [2011/12/04 12:07:43 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/11/18 09:57:43 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/07/30 22:57:34 | 003,572,224 | ---- | M] () -- C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ffdshow.ax
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/07/16 22:21:04 | 000,302,592 | ---- | M] () -- C:\Users\Administrator\Desktop\gmer.exe
MOD - [2011/06/13 18:52:21 | 000,329,272 | ---- | M] () -- C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\ppgooglenaclpluginchrome.dll
MOD - [2011/06/13 18:52:20 | 003,649,592 | ---- | M] () -- C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\pdf.dll
MOD - [2011/06/13 18:51:14 | 000,294,456 | ---- | M] () -- C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\Locales\en-US.dll
MOD - [2011/06/13 18:50:47 | 000,104,520 | ---- | M] () -- C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\avutil-50.dll
MOD - [2011/06/13 18:50:45 | 000,203,848 | ---- | M] () -- C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\avformat-52.dll
MOD - [2011/06/13 18:50:43 | 001,846,344 | ---- | M] () -- C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\avcodec-52.dll
MOD - [2011/06/13 16:18:55 | 006,333,088 | ---- | M] () -- C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\gcswf32.dll
MOD - [2011/05/28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/05/05 04:00:00 | 001,532,416 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/05/05 04:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/05/05 04:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/05/01 23:15:48 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2008/05/01 23:15:38 | 000,010,240 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2008/05/01 23:15:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2007/10/17 05:32:24 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\ShellExt\FolderSize.dll
MOD - [2007/03/30 13:30:46 | 000,122,880 | ---- | M] () -- C:\WINDOWS\system32\ShellExt\FileExtToggle.dll
MOD - [2007/03/30 13:27:44 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\ShellExt\HiddenFilesToggle.dll
MOD - [2007/03/30 13:20:28 | 000,122,880 | ---- | M] () -- C:\WINDOWS\system32\ShellExt\BrowserBack.dll
MOD - [2007/03/30 13:14:18 | 000,122,880 | ---- | M] () -- C:\WINDOWS\system32\ShellExt\SelectAll.dll
MOD - [2004/12/10 06:51:50 | 000,061,952 | ---- | M] () -- C:\Program Files\Ares\MP3Source.ax


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (STacSV)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/12/13 18:16:54 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware2\mbamservice.exe -- (MBAMService)
SRV - [2011/03/08 13:04:00 | 004,089,336 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Unknown | Running] -- -- (SCDEmu)
DRV - [2011/12/25 11:45:15 | 000,064,000 | ---- | M] (CurioLab S.M.B.A.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\extit.sys -- (ExterminateIt)
DRV - [2011/12/21 00:18:21 | 000,636,744 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Common Files\Microsoft Shared\Triedit\{8EF3C372-2A65-45b5-B423-F87E1054A832}.sys -- ({8EF3C372-2A65-45b5-B423-F87E1054A832})
DRV - [2011/12/01 11:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\NBVol.sys -- (NBVol)
DRV - [2011/12/01 11:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\NBVolUp.sys -- (NBVolUp)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/19 00:45:00 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/07/14 23:54:27 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/07/14 23:54:26 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/06/23 01:43:04 | 001,068,216 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\wcmvcam.sys -- (WCMVCAM)
DRV - [2010/05/13 17:02:31 | 000,012,960 | ---- | M] (BITDEFENDER LLC) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\bdrawpr.sys -- (BdRawPr)
DRV - [2009/12/25 11:50:54 | 000,009,984 | ---- | M] (ZD Soft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\scncap.sys -- (scncap)
DRV - [2007/12/14 12:28:20 | 001,270,872 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.tangotoolbar.net/ [binary data]
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.co...rket={Language}
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "Google"
FF - prefs.js..browser.search.defaulturl: "http://go.mail.ru/se...fftb&utf8in&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com.jm/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.3.2.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.72.17
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.5.0.0
FF - prefs.js..extensions.enabledItems: {BAEBEF65-9289-47c5-8524-C345CC5D860D}:1.9
FF - prefs.js..keyword.URL: "http://www.google.co...ch?hl=en-GB&q="
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Users\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\WINDOWS\system32\npOGPPlugin.dll (OGPlanet)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Administrator\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Administrator\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Administrator\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Administrator\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Fiddler2\FiddlerHook [2011/06/20 14:25:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\All Users\Application Data\CodecCheck\firefox [2011/07/13 17:12:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/22 12:51:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/25 11:45:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/04 12:07:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2011/06/17 18:19:05 | 000,000,000 | ---D | M]

[2011/07/19 11:58:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\Application Data\Mozilla\Extensions
[2011/12/20 15:04:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\Application Data\Mozilla\Firefox\Profiles\bsd7htq7.default\extensions
[2011/09/27 18:19:31 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Administrator\Application Data\Mozilla\Firefox\Profiles\bsd7htq7.default\extensions\[email protected]
[2011/12/04 12:07:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\BSD7HTQ7.DEFAULT\EXTENSIONS\[email protected]
[2011/12/04 12:07:45 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/06/19 10:40:33 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/14 14:35:58 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/12/04 12:07:38 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/04 12:07:38 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Chrome NaCl (Disabled) = C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\pdf.dll
CHR - plugin: Chrome DAP extension (Enabled) = C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.1_0\lib/npdapchrome.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Administrator\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Administrator\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Premiumplay Codec-C = C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.13.21_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2011/12/25 13:02:32 | 000,439,740 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15122 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (MrFroggy Class) - {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} - C:\Program Files\Minibar\Froggy.dll (TODO: <название компании>)
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O2 - BHO: (AlterGeoBHO Class) - {9BFBA68E-E21B-458E-AE12-FE85E903D2C1} - C:\Program Files\AlterGeo\AlterGeo Magic Scanner\3.3.2.779\AlterGeo.BrowserPlugin.dll (Wi2Geo)
O2 - BHO: (CrossRider) - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files\CrossriderWebApps\Crossrider.dll ()
O2 - BHO: (MinibarBHO) - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Kango.dll (KangoExtensions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {121AC508-44AF-45CF-A4E9-DDA8619A4C73} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files\Zemi Interactive\4Story_US\PrePatch.exe File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware2\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Steam] C:\Windows\Steam.exe File not found
O4 - HKLM..\Run: [SystemTray] C:\WINDOWS\System32\systray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKCU..\Run: [CrossRiderPlugin] C:\Program Files\CrossriderWebApps\Crossrider.exe (Crossrider)
O4 - HKCU..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - Startup: C:\Users\Administrator\Start Menu\Programs\Startup\AutorunsDisabled [2011/07/02 08:34:35 | 000,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM File not found
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM File not found
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Share Your Mood - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\MinibarButton.dll (TODO: <Company name>)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.183.0.76 65.183.0.86
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{811951D2-CA06-4836-A40B-9E0CC359FAFA}: DhcpNameServer = 65.183.0.76 65.183.0.86
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Users\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Users\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/17 06:09:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{24d91dc0-f395-11e0-abc2-001320c4963c}\Shell - "" = AutoRun
O33 - MountPoints2\{24d91dc0-f395-11e0-abc2-001320c4963c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{24d91dc0-f395-11e0-abc2-001320c4963c}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{3249cfa0-9938-11e0-8489-001320c4963c}\Shell\AutoRun\command - "" = H:\A1\V1\try.exe
O33 - MountPoints2\{3249cfa0-9938-11e0-8489-001320c4963c}\Shell\open\command - "" = H:\A1\V1\try.exe
O33 - MountPoints2\{52fc76f0-98d8-11e0-8488-001320c4963c}\Shell\AutoRun\command - "" = H:\A1\V1\try.exe
O33 - MountPoints2\{52fc76f0-98d8-11e0-8488-001320c4963c}\Shell\open\command - "" = H:\A1\V1\try.exe
O33 - MountPoints2\{91a037c3-ccc3-11e0-930b-001320c4963c}\Shell\AutoRun\command - "" = H:\A1\V1\try.exe
O33 - MountPoints2\{91a037c3-ccc3-11e0-930b-001320c4963c}\Shell\open\command - "" = H:\A1\V1\try.exe
O33 - MountPoints2\{938d73c0-fcd1-11e0-a40d-001320c4963c}\Shell\AutoRun\command - "" = I:\A1\V1\try.exe
O33 - MountPoints2\{938d73c0-fcd1-11e0-a40d-001320c4963c}\Shell\open\command - "" = I:\A1\V1\try.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/25 18:53:47 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2011/12/25 16:35:39 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Administrator\Desktop\dds.scr
[2011/12/25 16:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/25 14:36:32 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware2
[2011/12/25 14:36:28 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/25 14:36:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/12/25 12:59:43 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Application Data\Malwarebytes
[2011/12/25 12:59:31 | 000,000,000 | ---D | C] -- C:\Users\All Users\Application Data\Malwarebytes
[2011/12/25 11:45:15 | 000,064,000 | ---- | C] (CurioLab S.M.B.A.) -- C:\WINDOWS\System32\drivers\extit.sys
[2011/12/24 22:13:21 | 000,000,000 | ---D | C] -- C:\Users\All Users\Application Data\Spybot - Search & Destroy
[2011/12/24 21:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2011/12/24 20:43:12 | 000,012,960 | ---- | C] (BITDEFENDER LLC) -- C:\WINDOWS\System32\drivers\bdrawpr.sys
[2011/12/24 20:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2011/12/24 17:13:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\My Documents\Soul Reaver 2
[2011/12/23 15:57:43 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Application Data\ImgBurn
[2011/12/23 14:34:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\My Documents\dvd
[2011/12/23 14:23:04 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\ImgBurn
[2011/12/23 14:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2011/12/23 14:22:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Application Data\DVD Flick
[2011/12/23 14:22:49 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\DVD Flick
[2011/12/23 14:22:43 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\ssubtmr6.dll
[2011/12/23 14:22:43 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\WINDOWS\System32\trayicon_handler.ocx
[2011/12/23 14:22:43 | 000,028,672 | ---- | C] (-) -- C:\WINDOWS\System32\mousewheel.ocx
[2011/12/23 14:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Flick
[2011/12/21 00:33:32 | 000,000,000 | ---D | C] -- C:\Users\All Users\Application Data\GetRight
[2011/12/21 00:31:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Application Data\GetRight
[2011/12/19 15:05:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Application Data\TMNT
[2011/12/19 15:03:50 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\Ubisoft
[2011/12/19 14:59:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2011/12/18 19:43:50 | 000,000,000 | ---D | C] -- C:\dell
[2011/12/18 13:34:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\My Documents\JustCause
[2011/12/17 21:52:50 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\KAPITALSIN
[2011/12/17 21:51:58 | 000,000,000 | ---D | C] -- C:\Program Files\KAPITALSIN
[2011/12/16 23:59:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/12/16 23:30:01 | 000,000,000 | -HSD | C] -- C:\Boot
[2011/12/16 22:27:15 | 000,065,776 | ---- | C] (JGsoft - Just Great Software) -- C:\WINDOWS\UnDeploy.exe
[2011/12/16 21:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\GnuWin32
[2011/12/16 21:04:27 | 000,000,000 | RH-D | C] -- C:\Users\Administrator\Recent
[2011/12/16 20:50:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\gag4.10
[2011/12/16 20:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2011/12/15 21:00:54 | 000,000,000 | ---D | C] -- C:\SAVE
[2011/12/15 20:08:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\My Shared Folder
[2011/12/15 16:29:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/12/15 14:52:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\My Documents\Devastation
[2011/12/15 12:37:15 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\Exterminate It!
[2011/12/15 12:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\Exterminate It!
[2011/12/15 11:38:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Application Data\Curiolab
[2011/12/15 10:08:13 | 000,000,000 | ---D | C] -- C:\Users\All Users\Uniblue
[2011/12/14 21:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\Digitalo Studios
[2011/12/14 21:49:52 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\Devastation
[2011/12/14 21:48:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\solcache
[2011/12/14 16:35:12 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\Sierra
[2011/12/14 16:35:11 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra On-Line
[2011/12/14 15:55:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Start Menu\Programs\Sierra
[2011/12/14 15:55:13 | 000,000,000 | ---D | C] -- C:\Sierra
[2011/12/14 14:35:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Local Settings\Application Data\Babylon
[2011/12/14 14:35:55 | 000,000,000 | ---D | C] -- C:\Users\All Users\Application Data\Babylon
[2011/12/14 14:35:55 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Application Data\Babylon
[2011/12/14 00:54:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Copy of econ
[2011/12/13 23:38:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\econ
[2011/12/12 21:28:35 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\MW2Bot
[2011/12/12 21:28:31 | 000,000,000 | ---D | C] -- C:\Program Files\MW2Bot
[2011/11/30 21:02:42 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\Quick Screen Capture
[2011/11/30 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Screen Capture
[2011/11/30 21:02:42 | 000,000,000 | ---D | C] -- C:\MyCaptures
[2011/11/30 20:57:34 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\CamStudio
[2011/11/30 20:57:32 | 000,049,664 | ---- | C] (CamStudio Group) -- C:\WINDOWS\System32\CamCodec.dll
[2011/11/27 22:18:25 | 000,000,000 | ---D | C] -- C:\Users\All Users\Start Menu\Programs\SourceTec
[2011/11/27 22:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\SourceTec
[2011/07/13 17:36:42 | 000,090,112 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.RocketDivision.StarBurnX.dll
[2011/07/13 17:36:42 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.VIDEOEDITLib.dll
[2011/07/13 17:36:42 | 000,009,728 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.dvdauthorLib.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/25 19:04:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-1383384898-1177238915-500UA.job
[2011/12/25 18:53:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2011/12/25 18:50:00 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-682003330-1383384898-1177238915-500UA.job
[2011/12/25 18:13:01 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/25 16:42:38 | 000,004,029 | ---- | M] () -- C:\Users\Administrator\Desktop\Attach.zip
[2011/12/25 16:35:38 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Administrator\Desktop\dds.scr
[2011/12/25 15:28:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/25 15:28:25 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011/12/25 13:13:01 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/25 13:02:40 | 000,002,964 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2011/12/25 13:02:32 | 000,439,740 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/25 11:45:15 | 000,064,000 | ---- | M] (CurioLab S.M.B.A.) -- C:\WINDOWS\System32\drivers\extit.sys
[2011/12/25 09:25:59 | 000,000,375 | RHS- | M] () -- C:\boot.ini
[2011/12/24 22:04:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-1383384898-1177238915-500Core.job
[2011/12/24 21:54:33 | 000,015,698 | ---- | M] () -- C:\Users\All Users\Application Data\bdinstall.bin
[2011/12/24 21:54:22 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/12/24 21:53:43 | 000,100,208 | ---- | M] () -- C:\Users\All Users\Application Data\1324781602.bdinstall.bin
[2011/12/24 21:50:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-682003330-1383384898-1177238915-500Core.job
[2011/12/24 20:27:27 | 000,000,330 | ---- | M] () -- C:\WINDOWS\sierra.ini
[2011/12/23 14:23:04 | 000,001,546 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2011/12/23 14:23:04 | 000,001,528 | ---- | M] () -- C:\Users\All Users\Desktop\ImgBurn.lnk
[2011/12/23 14:22:49 | 000,001,577 | ---- | M] () -- C:\Users\Administrator\Desktop\DVD Flick.lnk
[2011/12/22 15:43:45 | 000,032,768 | ---- | M] () -- C:\t1l8.30
[2011/12/22 13:01:45 | 000,000,531 | ---- | M] () -- C:\Users\Administrator\Desktop\Trevor Off-Key - Do Jamaica [wegotitfirst.com].mp3.lnk
[2011/12/22 12:51:26 | 000,001,476 | ---- | M] () -- C:\Users\Administrator\Desktop\DivX Movies.lnk
[2011/12/22 12:50:37 | 000,000,777 | ---- | M] () -- C:\Users\All Users\Desktop\DivX Plus Player.lnk
[2011/12/19 15:05:13 | 000,001,594 | ---- | M] () -- C:\Users\All Users\Desktop\TMNT.lnk
[2011/12/18 18:44:49 | 000,020,480 | ---- | M] () -- C:\t2dk.1g
[2011/12/18 15:14:44 | 003,145,856 | ---- | M] () -- C:\fb_0.dds
[2011/12/18 15:14:44 | 003,145,784 | ---- | M] () -- C:\fb_0.bmp
[2011/12/18 15:02:39 | 003,145,856 | ---- | M] () -- C:\fb_1.dds
[2011/12/18 15:02:39 | 003,145,784 | ---- | M] () -- C:\fb_1.bmp
[2011/12/17 21:52:50 | 000,001,533 | ---- | M] () -- C:\Users\Administrator\Desktop\Play to Just Cause.lnk
[2011/12/17 02:45:45 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/12/17 02:45:44 | 000,000,375 | -H-- | M] () -- C:\Boot.BAK
[2011/12/16 23:30:22 | 000,001,905 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2011/12/16 23:22:20 | 000,001,887 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2011/12/16 21:01:24 | 119,416,832 | ---- | M] () -- C:\Users\Administrator\Desktop\gparted-live-0.11.0-2.iso
[2011/12/15 20:51:12 | 000,001,474 | ---- | M] () -- C:\Users\Administrator\Desktop\Opposing Force.LNK
[2011/12/15 12:37:16 | 000,000,756 | ---- | M] () -- C:\Users\All Users\Desktop\Exterminate It!.lnk
[2011/12/14 21:49:54 | 000,001,707 | ---- | M] () -- C:\Users\All Users\Desktop\Play Devastation.lnk
[2011/12/14 17:11:37 | 000,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011/12/14 17:11:37 | 000,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll
[2011/12/14 17:11:36 | 000,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll
[2011/12/14 16:35:17 | 000,001,431 | ---- | M] () -- C:\Users\Administrator\Desktop\Gunman Chronicles.lnk
[2011/12/14 15:55:58 | 000,001,461 | ---- | M] () -- C:\Users\Administrator\Desktop\Blue Shift.LNK
[2011/12/14 14:36:03 | 000,000,237 | ---- | M] () -- C:\user.js
[2011/12/14 00:57:12 | 000,711,487 | ---- | M] () -- C:\Users\Administrator\Desktop\econ.zip
[2011/12/14 00:54:52 | 000,444,333 | ---- | M] () -- C:\Users\Administrator\Desktop\econ.rar
[2011/12/12 21:28:35 | 000,000,672 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\MW2Bot.lnk
[2011/12/09 19:58:38 | 001,440,948 | ---- | M] () -- C:\hello.bmp
[2011/12/07 19:56:45 | 000,000,643 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\FarmVilleBot Lite.lnk
[2011/12/07 19:56:45 | 000,000,618 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\FarmVilleBot.lnk
[2011/12/06 22:30:55 | 001,529,021 | ---- | M] () -- C:\Users\Administrator\Desktop\IMG_1325.jpg
[2011/12/06 16:36:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/05 22:45:11 | 000,029,328 | ---- | M] () -- C:\Users\Administrator\Desktop\320292_10150272727624822_560429821_7831725_6693137_n.jpg
[2011/12/05 06:39:05 | 000,496,706 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/05 06:39:05 | 000,084,616 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/04 01:46:11 | 000,001,816 | ---- | M] () -- C:\WINDOWS\TSearch.INI
[2011/12/04 01:46:11 | 000,000,063 | ---- | M] () -- C:\WINDOWS\HexEditor_FindList.hed
[2011/11/30 21:02:43 | 000,000,683 | ---- | M] () -- C:\Users\Administrator\Desktop\Quick Screen Capture.lnk
[2011/11/27 22:33:42 | 000,000,023 | ---- | M] () -- C:\WINDOWS\SWFDecompiler.INI
[2011/11/27 22:33:28 | 000,000,839 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Sothink SWF Decompiler.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/25 16:42:38 | 000,004,029 | ---- | C] () -- C:\Users\Administrator\Desktop\Attach.zip
[2011/12/25 16:40:19 | 000,302,592 | ---- | C] () -- C:\Users\Administrator\Desktop\gmer.exe
[2011/12/25 12:59:30 | 000,002,964 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2011/12/24 21:54:22 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/12/24 21:53:43 | 000,100,208 | ---- | C] () -- C:\Users\All Users\Application Data\1324781602.bdinstall.bin
[2011/12/24 20:43:07 | 000,015,698 | ---- | C] () -- C:\Users\All Users\Application Data\bdinstall.bin
[2011/12/23 14:23:04 | 000,001,546 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2011/12/23 14:23:04 | 000,001,528 | ---- | C] () -- C:\Users\All Users\Desktop\ImgBurn.lnk
[2011/12/23 14:22:49 | 000,001,577 | ---- | C] () -- C:\Users\Administrator\Desktop\DVD Flick.lnk
[2011/12/22 15:43:45 | 000,032,768 | ---- | C] () -- C:\t1l8.30
[2011/12/22 13:01:45 | 000,000,531 | ---- | C] () -- C:\Users\Administrator\Desktop\Trevor Off-Key - Do Jamaica [wegotitfirst.com].mp3.lnk
[2011/12/22 12:50:37 | 000,000,777 | ---- | C] () -- C:\Users\All Users\Desktop\DivX Plus Player.lnk
[2011/12/19 15:05:13 | 000,001,594 | ---- | C] () -- C:\Users\All Users\Desktop\TMNT.lnk
[2011/12/18 18:44:49 | 000,020,480 | ---- | C] () -- C:\t2dk.1g
[2011/12/18 15:02:39 | 003,145,856 | ---- | C] () -- C:\fb_1.dds
[2011/12/18 15:02:39 | 003,145,784 | ---- | C] () -- C:\fb_1.bmp
[2011/12/18 13:36:31 | 003,145,856 | ---- | C] () -- C:\fb_0.dds
[2011/12/18 13:36:31 | 003,145,784 | ---- | C] () -- C:\fb_0.bmp
[2011/12/17 21:52:50 | 000,001,533 | ---- | C] () -- C:\Users\Administrator\Desktop\Play to Just Cause.lnk
[2011/12/16 23:30:06 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2011/12/16 23:30:06 | 000,000,375 | -H-- | C] () -- C:\Boot.BAK
[2011/12/16 23:30:02 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2011/12/16 21:05:08 | 119,416,832 | ---- | C] () -- C:\Users\Administrator\Desktop\gparted-live-0.11.0-2.iso
[2011/12/16 20:10:45 | 000,001,905 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2011/12/16 20:10:45 | 000,001,887 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2011/12/15 20:51:12 | 000,001,474 | ---- | C] () -- C:\Users\Administrator\Desktop\Opposing Force.LNK
[2011/12/15 19:35:10 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\mf.dll
[2011/12/15 10:34:32 | 000,000,756 | ---- | C] () -- C:\Users\All Users\Desktop\Exterminate It!.lnk
[2011/12/14 21:49:54 | 000,001,707 | ---- | C] () -- C:\Users\All Users\Desktop\Play Devastation.lnk
[2011/12/14 17:11:37 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011/12/14 17:11:37 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011/12/14 17:11:36 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011/12/14 16:35:17 | 000,001,431 | ---- | C] () -- C:\Users\Administrator\Desktop\Gunman Chronicles.lnk
[2011/12/14 16:35:17 | 000,000,330 | ---- | C] () -- C:\WINDOWS\sierra.ini
[2011/12/14 15:55:58 | 000,001,461 | ---- | C] () -- C:\Users\Administrator\Desktop\Blue Shift.LNK
[2011/12/14 15:21:16 | 941,293,568 | ---- | C] () -- C:\Users\Administrator\Desktop\[PSP] Midnight Club - LA Remix (EUR) [PyTon].iso
[2011/12/14 14:36:02 | 000,000,237 | ---- | C] () -- C:\user.js
[2011/12/14 00:57:12 | 000,711,487 | ---- | C] () -- C:\Users\Administrator\Desktop\econ.zip
[2011/12/14 00:54:25 | 000,444,333 | ---- | C] () -- C:\Users\Administrator\Desktop\econ.rar
[2011/12/12 21:28:35 | 000,000,672 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\MW2Bot.lnk
[2011/12/09 19:58:38 | 001,440,948 | ---- | C] () -- C:\hello.bmp
[2011/12/09 16:06:50 | 012,582,912 | ---- | C] () -- C:\Users\Administrator\Desktop\GoldenEye 007.z64
[2011/12/06 22:30:30 | 001,529,021 | ---- | C] () -- C:\Users\Administrator\Desktop\IMG_1325.jpg
[2011/12/05 22:45:20 | 000,029,328 | ---- | C] () -- C:\Users\Administrator\Desktop\320292_10150272727624822_560429821_7831725_6693137_n.jpg
[2011/12/04 12:07:52 | 000,000,730 | ---- | C] () -- C:\Users\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/04 01:08:58 | 000,001,816 | ---- | C] () -- C:\WINDOWS\TSearch.INI
[2011/11/30 21:02:43 | 000,000,683 | ---- | C] () -- C:\Users\Administrator\Desktop\Quick Screen Capture.lnk
[2011/11/27 22:33:42 | 000,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI
[2011/11/27 22:33:28 | 000,000,839 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Sothink SWF Decompiler.lnk
[2011/11/13 23:42:29 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\lkfl.dat
[2011/11/13 23:42:29 | 000,000,128 | ---- | C] () -- C:\WINDOWS\System32\pdfl.dat
[2011/11/13 23:42:29 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\ibfl.dat
[2011/11/04 19:51:58 | 000,000,348 | ---- | C] () -- C:\WINDOWS\kaillera.ini
[2011/11/04 19:30:45 | 000,110,592 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/10/03 19:10:51 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011/09/25 19:43:47 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011/09/25 19:43:46 | 000,138,056 | ---- | C] () -- C:\Users\Administrator\Application Data\PnkBstrK.sys
[2011/09/25 19:43:26 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011/09/25 19:43:23 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011/07/21 17:52:39 | 000,000,008 | ---- | C] () -- C:\Users\Administrator\Local Settings\Application Data\.mpid
[2011/07/15 19:25:09 | 000,000,271 | ---- | C] () -- C:\WINDOWS\game.ini
[2011/07/15 00:35:40 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2011/07/14 23:54:27 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011/07/14 23:54:26 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011/07/13 17:39:38 | 000,016,384 | ---- | C] () -- C:\Users\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/13 17:36:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\AxInterop.VIDEOEDITLib.dll
[2011/07/13 17:36:42 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\AxInterop.dvdauthorLib.dll
[2011/07/13 17:28:50 | 000,221,696 | ---- | C] () -- C:\WINDOWS\System32\vid_conv2.dll
[2011/07/13 17:28:50 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\vid_core2.dll
[2011/07/13 17:28:48 | 006,963,712 | ---- | C] () -- C:\WINDOWS\System32\videotrans.dll
[2011/07/13 17:28:48 | 006,088,192 | ---- | C] () -- C:\WINDOWS\System32\vid_trans2.dll
[2011/07/13 17:28:48 | 000,731,136 | ---- | C] () -- C:\WINDOWS\System32\vid_format2.dll
[2011/07/13 17:28:48 | 000,452,608 | ---- | C] () -- C:\WINDOWS\System32\videoformat.dll
[2011/07/13 17:28:48 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011/07/13 17:28:48 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\viscomgifenc.dll
[2011/07/13 17:28:48 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\viscomtran.dll
[2011/07/13 17:28:48 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\imgscaler.dll
[2011/07/13 17:28:48 | 000,069,560 | ---- | C] () -- C:\WINDOWS\System32\vid_multi2.dll
[2011/07/13 17:28:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\img_utils.dll
[2011/07/13 17:28:48 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\videocore.dll
[2011/06/30 21:46:35 | 000,000,332 | ---- | C] () -- C:\WINDOWS\WPE PRO - modified.INI
[2011/06/18 10:42:44 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2011/06/18 09:16:05 | 000,544,480 | ---- | C] () -- C:\Users\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/17 15:53:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/06/17 15:41:53 | 000,014,281 | ---- | C] () -- C:\WINDOWS\System32\sleep.exe
[2011/06/17 15:41:53 | 000,000,143 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2011/06/17 15:41:52 | 000,013,339 | ---- | C] () -- C:\WINDOWS\System32\WAIT.EXE
[2011/06/17 15:41:51 | 000,019,083 | ---- | C] () -- C:\WINDOWS\System32\DELTREE.EXE
[2011/06/17 15:41:39 | 000,000,794 | ---- | C] () -- C:\WINDOWS\Removes.ini
[2011/06/17 15:41:22 | 000,477,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/17 07:06:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/06/17 06:41:33 | 000,000,002 | ---- | C] () -- C:\WINDOWS\ppGameDrive.ini
[2011/06/17 06:41:33 | 000,000,002 | ---- | C] () -- C:\WINDOWS\ppAppDrive.ini
[2011/06/17 06:35:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\renuser.exe
[2011/06/17 06:29:04 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/06/17 06:29:01 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2011/06/17 06:29:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/06/17 06:26:58 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ThumbView_Lite.dll
[2011/06/17 06:26:58 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\tbhookin.dll
[2011/06/17 06:26:58 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ts_settings.ini
[2011/06/17 06:26:40 | 001,152,165 | ---- | C] () -- C:\WINDOWS\System32\HFExtract.exe
[2011/06/17 06:26:40 | 000,708,272 | ---- | C] () -- C:\WINDOWS\System32\Universal Silent Switch Finder.exe
[2011/06/17 06:26:40 | 000,699,508 | ---- | C] () -- C:\WINDOWS\System32\UpxGui.exe
[2011/06/17 06:26:40 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\PCalc.exe
[2011/06/17 06:26:40 | 000,210,432 | ---- | C] () -- C:\WINDOWS\System32\Notepad2.exe
[2011/06/17 06:26:40 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\mmm.dll
[2011/06/17 06:26:40 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\metapath.exe
[2011/06/17 06:26:40 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\Cabarc.exe
[2011/06/17 06:26:40 | 000,110,085 | ---- | C] () -- C:\WINDOWS\System32\cdimage.exe
[2011/06/17 06:26:40 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\WallChan.exe
[2011/06/17 06:26:40 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\Cabtool.exe
[2011/06/17 06:26:40 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifyPE.exe
[2011/06/17 06:26:40 | 000,001,128 | ---- | C] () -- C:\WINDOWS\System32\WC.com
[2011/06/17 06:26:40 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\Notepad2.ini
[2011/06/17 06:26:12 | 000,494,557 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll
[2011/06/17 06:26:12 | 000,025,037 | ---- | C] () -- C:\WINDOWS\System32\Nucleus.dll
[2011/06/17 06:26:11 | 000,566,624 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll
[2011/06/17 06:26:11 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10.dll
[2011/06/17 06:25:54 | 000,000,006 | ---- | C] () -- C:\WINDOWS\SetupSMenu.ini
[2011/06/17 06:25:54 | 000,000,006 | ---- | C] () -- C:\WINDOWS\LastXPSetupSMenu.ini
[2011/06/17 06:20:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/06/17 06:05:29 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/06/17 06:04:38 | 000,394,752 | ---- | C] () -- C:\WINDOWS\System32\cygwinb19.dll
[2010/02/28 10:17:48 | 003,284,480 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009/07/08 20:03:02 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll
[2008/05/05 04:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/05/05 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/05/05 04:00:00 | 000,496,706 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/05/05 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/05/05 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/05/05 04:00:00 | 000,084,616 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/05/05 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/05/05 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/05/05 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/05/05 04:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/05/05 04:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/05/05 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/04/17 15:34:40 | 000,135,716 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

========== LOP Check ==========

[2011/12/14 14:35:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\Babylon
[2011/12/23 15:58:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\BitTorrent
[2011/11/13 23:43:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\CheckPoint
[2011/11/08 20:20:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\com.essexreddevelopment.mergepdfmac
[2011/12/15 11:38:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\Curiolab
[2011/07/19 00:50:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\DAEMON Tools Pro
[2011/06/18 00:42:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\Garena
[2011/07/02 13:38:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\Gearbox Software
[2011/12/23 18:01:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\GetRight
[2011/09/11 20:23:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\GetRightToGo
[2011/12/25 16:21:31 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\ImgBurn
[2011/07/23 01:15:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\IObit
[2011/11/14 00:05:30 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\MailFrontier
[2011/07/21 01:18:30 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\Minibar
[2011/08/17 20:17:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\NPLUTO Corporation
[2011/11/05 18:33:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\Opera
[2011/11/27 01:36:06 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\PriceGong
[2011/08/23 20:10:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\Research In Motion
[2011/07/21 00:51:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\Rovio
[2011/09/25 18:52:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\SickBrick
[2011/12/20 15:20:59 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\TMNT
[2011/07/14 00:34:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\Unity
[2011/06/17 06:30:30 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\uTorrent
[2011/11/06 00:21:40 | 000,000,000 | ---D | M] -- C:\Users\Administrator\Application Data\WebcamMax
[2011/08/22 18:12:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\2CBB
[2011/12/14 14:35:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\Babylon
[2011/11/13 23:39:12 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\CheckPoint
[2011/07/13 17:12:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\CodecCheck
[2011/07/19 00:44:29 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\DAEMON Tools Pro
[2011/08/10 19:23:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\GarenaMessenger
[2011/12/23 18:01:51 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\GetRight
[2011/12/14 14:36:40 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\InstallMate
[2011/07/22 22:53:00 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\IObit
[2011/11/14 00:16:59 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\Kaspersky SDK
[2011/08/15 16:13:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\Nexon
[2011/12/15 10:21:14 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\NexonUS
[2011/11/19 19:13:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\PMB Files
[2011/07/13 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\Premium
[2011/11/06 12:53:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\PSPVC
[2011/08/02 01:50:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\Research In Motion
[2011/06/17 18:19:05 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\SpeedBit
[2011/11/28 20:59:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\TEMP
[2011/11/13 23:41:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\WinZip
[2011/11/02 17:43:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\WinZipEC
[2011/09/24 16:30:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Application Data\YouTube Downloader
[2011/07/13 14:23:45 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Application Data\{784E3329-1B2A-421E-9427-596088B766F6}
[2011/07/23 12:33:54 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
[2011/12/24 21:50:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-682003330-1383384898-1177238915-500Core.job
[2011/12/25 18:50:00 | 000,000,996 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-682003330-1383384898-1177238915-500UA.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 198 bytes -> C:\Users\All Users\Application Data\TEMP:0C1EFF69
@Alternate Data Stream - 115 bytes -> C:\Users\All Users\Application Data\TEMP:2B11E0DF

< End of report >

Edited by Virus killer needed, 25 December 2011 - 06:37 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP