Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malicious url blocked keeps popping up [Closed]


  • This topic is locked This topic is locked

#1
lactolibra

lactolibra

    New Member

  • Member
  • Pip
  • 4 posts
OTL logfile created on: 8/8/2012 5:11:25 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Well\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 30.87% Memory free
3.81 Gb Paging File | 2.57 Gb Available in Paging File | 67.35% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 38.67 Gb Free Space | 79.19% Space Free | Partition Type: NTFS
Drive D: | 58.59 Gb Total Space | 58.18 Gb Free Space | 99.30% Space Free | Partition Type: NTFS
Drive E: | 58.59 Gb Total Space | 51.85 Gb Free Space | 88.49% Space Free | Partition Type: NTFS
Drive F: | 66.86 Gb Total Space | 66.09 Gb Free Space | 98.85% Space Free | Partition Type: NTFS

Computer Name: VINIT | User Name: Well | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/08 17:11:15 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Well\My Documents\Downloads\OTL.exe
PRC - [2012/08/04 10:43:11 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/19 22:44:40 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/07/12 21:45:40 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.115\GoogleCrashHandler.exe
PRC - [2012/07/03 21:51:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/03/27 03:15:22 | 000,329,544 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe
PRC - [2011/12/09 22:52:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2011/07/29 04:38:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2007/06/13 15:53:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/16 19:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/11/16 18:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/08 00:45:45 | 001,793,024 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12080701\algo.dll
MOD - [2012/08/04 10:43:10 | 002,246,624 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/08/04 10:31:10 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
MOD - [2012/07/14 01:58:08 | 000,049,104 | ---- | M] () -- C:\Program Files\Common Files\DFX\Dlls\dfxShared32.dll
MOD - [2012/03/27 03:15:22 | 000,329,544 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe
MOD - [2011/07/29 04:39:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 04:38:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/03/30 08:04:30 | 000,280,143 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\libidn-11.dll
MOD - [2009/03/28 01:32:24 | 000,332,254 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\libssl32.dll
MOD - [2009/03/28 01:32:22 | 001,554,920 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\libeay32.dll
MOD - [2005/10/07 15:05:32 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/08/04 10:43:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/04 10:31:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/19 22:44:40 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/03/27 03:15:22 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\FOXCONN 845.945 ALL\FXDrv32.sys -- (FXDrv32)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/07/03 21:51:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 21:51:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 21:51:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 21:51:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 21:51:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 21:51:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 21:51:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/03/27 03:15:18 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2007/04/10 17:04:40 | 004,397,568 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/12/14 14:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 04:01:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.gamesgofree.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-re...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search-re...stemid=406&sr=0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.gamesgofree.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2653012
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT2653012.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10516.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/09 17:07:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/04 09:58:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/04 10:43:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/04 10:43:04 | 000,000,000 | ---D | M]

[2012/06/08 20:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Well\Application Data\Mozilla\Extensions
[2012/08/08 01:07:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\extensions
[2012/07/24 01:38:57 | 000,000,000 | ---D | M] (Veoh Web Player) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}
[2012/07/27 14:48:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\wn8deps8.default\extensions
[2012/07/15 19:44:26 | 000,000,000 | ---D | M] (MyWebFace) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\wn8deps8.default\extensions\[email protected]_5a.com
[2012/07/27 14:56:48 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\conduit.xml
[2012/06/25 16:15:51 | 000,009,634 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\my-web-search.xml
[2012/07/19 18:42:35 | 000,001,742 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\search-the-web.xml
[2012/06/08 12:11:22 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\Search_Results.xml
[2012/08/04 10:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/08/04 10:43:01 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2012/08/04 10:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2012/08/04 10:43:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012/07/19 18:34:51 | 000,553,054 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\WELL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G1E51CTI.DEFAULT\EXTENSIONS\{AFE43E80-0ABC-4DF2-81A0-3FE44B74ABE8}.XPI
[2012/08/08 01:07:34 | 000,003,245 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\WELL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G1E51CTI.DEFAULT\EXTENSIONS\[email protected]
[2012/07/30 06:34:15 | 000,004,955 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\WELL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G1E51CTI.DEFAULT\EXTENSIONS\[email protected]
[2012/07/09 17:07:02 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/08/04 09:58:39 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/08/04 10:43:11 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/09 22:53:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/07/31 00:28:18 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/06/21 00:07:52 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/07/31 00:28:18 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/31 00:28:18 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/07/31 00:28:18 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/06/08 12:11:22 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/07/31 00:28:18 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/07/31 00:28:18 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - homepage: http://search.condui...=48&sspv=CHOB18
CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://in.search.yah...p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms}
CHR - homepage: http://search.condui...=48&sspv=CHOB18
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - Extension: avast! WebRep = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Codec-V = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.19.57_0\crossrider
CHR - Extension: Codec-V = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.19.57_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2001/08/23 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Codec-V) - {11111111-1111-1111-1111-110011041135} - C:\Program Files\Codec-V\Codec-V.dll File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DFX.lnk = C:\Program Files\DFX\DFX.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.myweb...F0&n=2012072412 File not found
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.31.6.133 172.31.6.85
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AD398F0-85F9-4359-85AA-03322BC3B8EE}: DhcpNameServer = 172.31.6.133 172.31.6.85
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Well\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Well\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/30 17:33:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\AutoRun\command - "" = prueba/balas.exe
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\Explore\command - "" = prueba/balas.exe
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\Open\command - "" = prueba/balas.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/08 05:13:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Well\Recent
[2012/08/04 10:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/08/04 10:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\DDMSettings
[2012/07/28 02:20:21 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2012/07/27 05:56:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/07/25 03:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Hi
[2012/07/25 03:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HiPlayer
[2012/07/25 03:41:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Baidu
[2012/07/24 01:42:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\Conduit
[2012/07/24 01:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\CRE
[2012/07/24 01:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\Veoh Networks
[2012/07/20 19:44:01 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dfxmm32.dll
[2012/07/20 19:44:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DFX Audio Enhancer
[2012/07/20 19:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\DFX
[2012/07/20 19:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DFX
[2012/07/19 22:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/07/19 22:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Oracle
[2012/07/19 22:44:54 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/07/18 06:29:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\wtxpcom
[2012/07/17 19:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2012/07/17 19:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\YTD Video Downloader
[2012/07/17 19:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2012/07/16 05:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\VideoDownloadConverter_4z
[2012/07/15 17:32:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\TVUAx
[2012/07/15 10:57:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\Pokki
[2012/07/15 10:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\ProgSense
[2012/07/15 10:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\GrabPro
[2012/07/15 10:45:35 | 000,000,000 | ---D | C] -- C:\downloads
[2012/07/15 10:43:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Orbit
[2012/07/11 14:34:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/08 16:50:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-162531612-725345543-1003UA.job
[2012/08/08 16:28:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/08 16:21:02 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/08/08 13:36:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/07 23:45:38 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/08/07 21:50:02 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-162531612-725345543-1003Core.job
[2012/08/06 11:36:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/05 02:00:58 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/05 02:00:57 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\Well\Desktop\Google Chrome.lnk
[2012/08/04 10:31:11 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/04 10:31:11 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/07/31 16:21:41 | 000,002,638 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/07/27 14:44:49 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
[2012/07/25 10:34:44 | 000,000,138 | ---- | M] () -- C:\WINDOWS\vsfilter.INI
[2012/07/22 17:24:18 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\Well\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/20 19:44:01 | 000,001,435 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DFX.lnk
[2012/07/19 22:44:40 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/07/19 22:44:40 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/07/19 22:44:40 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/07/19 22:44:40 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/07/18 17:00:59 | 012,619,032 | ---- | M] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.3gp
[2012/07/18 16:54:37 | 015,167,395 | ---- | M] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.flv
[2012/07/15 11:28:43 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/07/11 14:34:13 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/25 03:47:13 | 000,000,138 | ---- | C] () -- C:\WINDOWS\vsfilter.INI
[2012/07/20 19:44:01 | 000,001,435 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DFX.lnk
[2012/07/18 16:59:54 | 012,619,032 | ---- | C] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.3gp
[2012/07/18 16:42:11 | 015,167,395 | ---- | C] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.flv
[2012/07/17 19:02:06 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
[2012/07/11 14:34:13 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/05/15 04:23:07 | 000,001,400 | -HS- | C] () -- C:\Documents and Settings\Well\Application Data\systemHc.$dk
[2012/04/11 17:19:35 | 000,036,228 | ---- | C] () -- C:\Documents and Settings\Well\Application Data\KeyBlaze.dmp
[2012/04/10 09:06:23 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Well\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/08 01:00:52 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012/04/07 20:10:22 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/04/07 20:10:22 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/03/30 22:56:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/03/30 22:55:45 | 000,132,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/30 21:25:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/30 17:59:42 | 002,026,604 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2012/03/30 17:59:35 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4977.dll
[2012/03/30 17:59:32 | 000,442,964 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2012/03/30 17:54:09 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/03/30 17:51:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2012/03/30 17:49:05 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2012/03/30 17:35:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/03/30 17:31:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Well\Desktop\Shortcut to RETAIL.pif:SummaryInformation
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >


OTL Extras logfile created on: 8/8/2012 5:11:25 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Well\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 30.87% Memory free
3.81 Gb Paging File | 2.57 Gb Available in Paging File | 67.35% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 38.67 Gb Free Space | 79.19% Space Free | Partition Type: NTFS
Drive D: | 58.59 Gb Total Space | 58.18 Gb Free Space | 99.30% Space Free | Partition Type: NTFS
Drive E: | 58.59 Gb Total Space | 51.85 Gb Free Space | 88.49% Space Free | Partition Type: NTFS
Drive F: | 66.86 Gb Total Space | 66.09 Gb Free Space | 98.85% Space Free | Partition Type: NTFS

Computer Name: VINIT | User Name: Well | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.scr [@ = SCRFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\1ClickDownload\1ClickDownloader.exe" = C:\Program Files\1ClickDownload\1ClickDownloader.exe:*:Enabled:1ClickDownloader
"C:\Documents and Settings\Well\My Documents\Downloads\sweetimsetup.exe" = C:\Documents and Settings\Well\My Documents\Downloads\sweetimsetup.exe:*:Enabled:InHouseSDM Setup
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player
"C:\Program Files\Hi\HiPlayer\1.14.0.121\HiP2PService.exe" = C:\Program Files\Hi\HiPlayer\1.14.0.121\HiP2PService.exe:*:Enabled:HiP2PService.exe
"C:\Program Files\Hi\HiPlayer\1.14.0.121\StatReport.exe" = C:\Program Files\Hi\HiPlayer\1.14.0.121\StatReport.exe:*:Enabled:StatReport.exe
"C:\Program Files\Hi\HiPlayer\1.14.0.121\HiPlayer.exe" = C:\Program Files\Hi\HiPlayer\1.14.0.121\HiPlayer.exe:*:Enabled:HiPlayer.exe
"C:\Documents and Settings\All Users\Application Data\HiPlayer\bdupdate.exe" = C:\Documents and Settings\All Users\Application Data\HiPlayer\bdupdate.exe:*:Enabled:Autoupdate -- (.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{44476191-43CE-4520-8616-B2E37D93F3E9}" = Goldfish Aquarium
"{4908C75E-E5E2-43F7-B1DF-023CBA831033}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AC76BA86-7AD7-5464-3428-7E8A450000A7}" = Spelling Dictionaries For Adobe Reader Package
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"DFX" = DFX
"DivX Setup" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GOM Player" = GOM Player
"HDMI" = Intel® Graphics Media Accelerator Driver
"Mozilla Firefox 15.0 (x86 en-GB)" = Mozilla Firefox 15.0 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSNINST" = MSN
"VLC media player" = VLC media player 2.0.2
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid MPEG-4 Video Codec

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/19/2012 5:03:15 AM | Computer Name = VINIT | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 14.0.0.4574, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/19/2012 5:03:20 AM | Computer Name = VINIT | Source = Application Hang | ID = 1001
Description = Fault bucket -1233852642.

Error - 7/19/2012 9:39:34 AM | Computer Name = VINIT | Source = Application Error | ID = 1000
Description = Faulting application dfx.exe, version 0.0.0.0, faulting module unknown,
version 0.0.0.0, fault address 0x00000000.

Error - 7/19/2012 9:39:54 AM | Computer Name = VINIT | Source = Application Error | ID = 1001
Description = Fault bucket 41389952.

Error - 7/19/2012 9:39:58 AM | Computer Name = VINIT | Source = Application Error | ID = 1000
Description = Faulting application dfx.exe, version 0.0.0.0, faulting module unknown,
version 0.0.0.0, fault address 0x00000000.

Error - 7/19/2012 9:41:29 AM | Computer Name = VINIT | Source = Application Error | ID = 1000
Description = Faulting application dfx.exe, version 0.0.0.0, faulting module unknown,
version 0.0.0.0, fault address 0x00000000.

Error - 7/20/2012 3:36:16 PM | Computer Name = VINIT | Source = Application Hang | ID = 1002
Description = Hanging application winamp.exe, version 5.6.2.3199, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 7/20/2012 3:36:26 PM | Computer Name = VINIT | Source = Application Hang | ID = 1001
Description = Fault bucket -1562877512.

Error - 7/20/2012 4:08:20 PM | Computer Name = VINIT | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 14.0.0.4574, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/20/2012 4:08:45 PM | Computer Name = VINIT | Source = Application Hang | ID = 1001
Description = Fault bucket -1233852642.

[ System Events ]
Error - 7/27/2012 7:59:07 AM | Computer Name = VINIT | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 7/27/2012 4:50:57 PM | Computer Name = VINIT | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 7/27/2012 4:50:57 PM | Computer Name = VINIT | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 7/27/2012 4:51:12 PM | Computer Name = VINIT | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 7/27/2012 4:51:12 PM | Computer Name = VINIT | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 7/29/2012 7:59:08 AM | Computer Name = VINIT | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 7/31/2012 7:59:09 AM | Computer Name = VINIT | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 8/2/2012 7:59:10 AM | Computer Name = VINIT | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 8/4/2012 7:59:11 AM | Computer Name = VINIT | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 8/6/2012 7:59:12 AM | Computer Name = VINIT | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.


< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there on completion of this could you let me know if the alerts cease

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    [2012/06/25 16:15:51 | 000,009,634 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\my-web-search.xml
    [2012/07/19 18:42:35 | 000,001,742 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\search-the-web.xml
    [2012/06/08 12:11:22 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\Search_Results.xml
    [2012/08/04 10:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
    [2012/06/21 00:07:52 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
    [2012/06/08 12:11:22 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
    O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
    O2 - BHO: (Codec-V) - {11111111-1111-1111-1111-110011041135} - C:\Program Files\Codec-V\Codec-V.dll File not found
    O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\AutoRun\command - "" = prueba/balas.exe
    O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\Explore\command - "" = prueba/balas.exe
    O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\Open\command - "" = prueba/balas.exe


    :Files
    ipconfig /flushdns /c
    C:\Program Files\Codec-V
    C:\PROGRA~1\SEARCH~1\
    C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#3
lactolibra

lactolibra

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
I have done the OLT.Txt part and this was the result it showed and after this some extras.txt. please check and inform. i will download malwarebytes antimalware and post reply of the results now.

OTL logfile created on: 8/9/2012 1:08:42 AM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Well\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 0.57 Gb Available Physical Memory | 28.87% Memory free
3.81 Gb Paging File | 2.61 Gb Available in Paging File | 68.42% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 38.52 Gb Free Space | 78.89% Space Free | Partition Type: NTFS
Drive D: | 58.59 Gb Total Space | 58.18 Gb Free Space | 99.30% Space Free | Partition Type: NTFS
Drive E: | 58.59 Gb Total Space | 51.85 Gb Free Space | 88.49% Space Free | Partition Type: NTFS
Drive F: | 66.86 Gb Total Space | 66.09 Gb Free Space | 98.85% Space Free | Partition Type: NTFS

Computer Name: VINIT | User Name: Well | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/09 01:02:42 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Well\My Documents\Downloads\OTL.exe
PRC - [2012/08/04 10:43:11 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/12 21:45:40 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.115\GoogleCrashHandler.exe
PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/07/03 21:51:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/03/27 03:15:22 | 000,329,544 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe
PRC - [2011/12/09 22:52:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2011/07/29 04:38:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2007/06/13 15:53:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/16 19:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/11/16 18:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/08 12:52:43 | 001,793,024 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12080800\algo.dll
MOD - [2012/08/04 10:43:10 | 002,246,624 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/08/04 10:31:10 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
MOD - [2012/07/14 01:58:08 | 000,049,104 | ---- | M] () -- C:\Program Files\Common Files\DFX\Dlls\dfxShared32.dll
MOD - [2012/03/27 03:15:22 | 000,329,544 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe
MOD - [2011/07/29 04:39:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 04:38:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/03/30 08:04:30 | 000,280,143 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\libidn-11.dll
MOD - [2009/03/28 01:32:24 | 000,332,254 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\libssl32.dll
MOD - [2009/03/28 01:32:22 | 001,554,920 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\libeay32.dll
MOD - [2005/10/07 15:05:32 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/08/04 10:43:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/04 10:31:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/03/27 03:15:22 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\FOXCONN 845.945 ALL\FXDrv32.sys -- (FXDrv32)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/07/03 21:51:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 21:51:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 21:51:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 21:51:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 21:51:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 21:51:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 21:51:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/03/27 03:15:18 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2007/04/10 17:04:40 | 004,397,568 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/12/14 14:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 04:01:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.gamesgofree.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-re...q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search-re...stemid=406&sr=0
IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.gamesgofree.com/
IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2653012
IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT2653012.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10516.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/09 17:07:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/04 09:58:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/09 00:50:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/04 10:43:04 | 000,000,000 | ---D | M]

[2012/06/08 20:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Well\Application Data\Mozilla\Extensions
[2012/08/09 00:49:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\extensions
[2012/07/24 01:38:57 | 000,000,000 | ---D | M] (Veoh Web Player) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}
[2012/08/09 00:11:56 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\extensions\[email protected]
[2012/07/27 14:48:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\wn8deps8.default\extensions
[2012/07/15 19:44:26 | 000,000,000 | ---D | M] (MyWebFace) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\wn8deps8.default\extensions\[email protected]_5a.com
[2012/07/27 14:56:48 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\conduit.xml
[2012/06/25 16:15:51 | 000,009,634 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\my-web-search.xml
[2012/07/19 18:42:35 | 000,001,742 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\search-the-web.xml
[2012/06/08 12:11:22 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\Search_Results.xml
[2012/08/04 10:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/08/04 10:43:01 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2012/08/04 10:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2012/08/04 10:43:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012/07/19 18:34:51 | 000,553,054 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\WELL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G1E51CTI.DEFAULT\EXTENSIONS\{AFE43E80-0ABC-4DF2-81A0-3FE44B74ABE8}.XPI
[2012/08/08 01:07:34 | 000,003,245 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\WELL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G1E51CTI.DEFAULT\EXTENSIONS\[email protected]
[2012/07/30 06:34:15 | 000,004,955 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\WELL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G1E51CTI.DEFAULT\EXTENSIONS\[email protected]
[2012/07/09 17:07:02 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/08/04 09:58:39 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/08/04 10:43:11 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/09 22:53:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/07/31 00:28:18 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/06/21 00:07:52 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/07/31 00:28:18 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/31 00:28:18 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/07/31 00:28:18 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/06/08 12:11:22 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/07/31 00:28:18 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/07/31 00:28:18 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - homepage: http://search.condui...=48&sspv=CHOB18
CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://in.search.yah...p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms}
CHR - homepage: http://search.condui...=48&sspv=CHOB18
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - Extension: avast! WebRep = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Codec-V = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.19.57_0\crossrider
CHR - Extension: Codec-V = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.19.57_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2001/08/23 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1454471165-162531612-725345543-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DFX.lnk = C:\Program Files\DFX\DFX.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-162531612-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.myweb...F0&n=2012072412 File not found
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.31.6.133 172.31.6.85
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AD398F0-85F9-4359-85AA-03322BC3B8EE}: DhcpNameServer = 172.31.6.133 172.31.6.85
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Well\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Well\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/30 17:33:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\AutoRun\command - "" = prueba/balas.exe
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\Explore\command - "" = prueba/balas.exe
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\Open\command - "" = prueba/balas.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/09 01:08:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/09 00:48:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Well\Recent
[2012/08/09 00:44:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/08/09 00:41:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2012/08/09 00:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
[2012/08/09 00:18:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\Downloaded Installations
[2012/08/09 00:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\adawarebp
[2012/08/09 00:12:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2012/08/08 19:49:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Malwarebytes
[2012/08/08 19:49:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/08/08 19:49:06 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/08/08 19:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/08/04 10:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/08/04 10:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\DDMSettings
[2012/07/28 02:20:21 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2012/07/27 05:56:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/07/25 03:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Hi
[2012/07/25 03:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HiPlayer
[2012/07/24 01:42:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\Conduit
[2012/07/24 01:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\CRE
[2012/07/24 01:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\Veoh Networks
[2012/07/20 19:44:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DFX Audio Enhancer
[2012/07/20 19:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\DFX
[2012/07/20 19:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DFX
[2012/07/19 22:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/07/19 22:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Oracle
[2012/07/18 06:29:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\wtxpcom
[2012/07/17 19:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2012/07/17 19:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\YTD Video Downloader
[2012/07/17 19:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2012/07/16 05:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\VideoDownloadConverter_4z
[2012/07/15 17:32:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\TVUAx
[2012/07/15 10:57:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\Pokki
[2012/07/15 10:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\ProgSense
[2012/07/15 10:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\GrabPro
[2012/07/15 10:45:35 | 000,000,000 | ---D | C] -- C:\downloads
[2012/07/15 10:43:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Orbit
[2012/07/11 14:34:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/09 00:50:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-162531612-725345543-1003UA.job
[2012/08/09 00:43:57 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/08/09 00:42:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/09 00:28:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/08 21:50:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-162531612-725345543-1003Core.job
[2012/08/08 19:49:08 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/07 23:45:38 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/08/06 11:36:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/05 02:00:58 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/05 02:00:57 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\Well\Desktop\Google Chrome.lnk
[2012/07/31 16:21:41 | 000,002,638 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/07/27 14:44:49 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
[2012/07/25 10:34:44 | 000,000,138 | ---- | M] () -- C:\WINDOWS\vsfilter.INI
[2012/07/22 17:24:18 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\Well\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/20 19:44:01 | 000,001,435 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DFX.lnk
[2012/07/18 17:00:59 | 012,619,032 | ---- | M] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.3gp
[2012/07/18 16:54:37 | 015,167,395 | ---- | M] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.flv
[2012/07/15 11:28:43 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/07/11 14:34:13 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/08 19:49:08 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/25 03:47:13 | 000,000,138 | ---- | C] () -- C:\WINDOWS\vsfilter.INI
[2012/07/20 19:44:01 | 000,001,435 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DFX.lnk
[2012/07/18 16:59:54 | 012,619,032 | ---- | C] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.3gp
[2012/07/18 16:42:11 | 015,167,395 | ---- | C] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.flv
[2012/07/17 19:02:06 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
[2012/07/11 14:34:13 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/05/15 04:23:07 | 000,001,400 | -HS- | C] () -- C:\Documents and Settings\Well\Application Data\systemHc.$dk
[2012/04/11 17:19:35 | 000,036,228 | ---- | C] () -- C:\Documents and Settings\Well\Application Data\KeyBlaze.dmp
[2012/04/10 09:06:23 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Well\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/08 01:00:52 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012/04/07 20:10:22 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/04/07 20:10:22 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/03/30 22:56:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/03/30 21:25:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/30 17:59:42 | 002,026,604 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2012/03/30 17:59:35 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4977.dll
[2012/03/30 17:59:32 | 000,442,964 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2012/03/30 17:54:09 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/03/30 17:51:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2012/03/30 17:49:05 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2012/03/30 17:35:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/03/30 17:31:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== LOP Check ==========

[2012/08/09 00:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2012/03/30 17:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/05/15 15:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012/06/08 17:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/04/14 07:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DFX
[2012/08/09 00:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2012/07/26 02:35:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HiPlayer
[2012/06/21 00:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012/06/14 20:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2012/04/03 19:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/07/27 14:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2012/08/09 00:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
[2012/05/30 02:53:44 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Well\Application Data\.#
[2012/06/21 00:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\Babylon
[2012/08/04 10:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\DDMSettings
[2012/06/23 14:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\eType
[2012/07/15 10:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\GrabPro
[2012/07/27 01:05:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\Hi
[2012/06/21 00:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\MB2
[2012/07/26 22:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\Octoshape
[2012/07/15 10:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\OpenCandy
[2012/07/19 22:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\Oracle
[2012/07/15 11:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\Orbit
[2012/06/23 02:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\PerformerSoft
[2012/07/15 10:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\ProgSense
[2012/03/31 19:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\Registry Mechanic
[2012/06/14 20:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\SendSpace
[2012/01/04 09:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\TypingMaster7
[2012/07/16 05:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\VideoDownloadConverter_4z
[2012/07/18 06:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Well\Application Data\wtxpcom
[2012/08/09 00:43:57 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Well\Desktop\Shortcut to RETAIL.pif:SummaryInformation
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

Attached Files


  • 0

#4
lactolibra

lactolibra

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
I downloaded malwarebytes antimalware and performed the scan. this was the log file produced after completion. After it still the problem has not been solved. malicious url blocked still persists. please help. its annoying me a lot.

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.08.07

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Well :: VINIT [administrator]

8/9/2012 1:24:00 AM
mbam-log-2012-08-09 (01-24-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219215
Time elapsed: 2 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You have posted the original OTL log could you run a fresh OTL scan please selecting all users
  • 0

#6
lactolibra

lactolibra

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
this is done with all users as u said...

OTL logfile created on: 8/10/2012 12:19:32 AM - Run 2
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Well\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 1.09 Gb Available Physical Memory | 55.47% Memory free
3.81 Gb Paging File | 3.14 Gb Available in Paging File | 82.21% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 38.00 Gb Free Space | 77.83% Space Free | Partition Type: NTFS
Drive D: | 58.59 Gb Total Space | 58.18 Gb Free Space | 99.29% Space Free | Partition Type: NTFS
Drive E: | 58.59 Gb Total Space | 51.85 Gb Free Space | 88.49% Space Free | Partition Type: NTFS
Drive F: | 66.86 Gb Total Space | 66.09 Gb Free Space | 98.85% Space Free | Partition Type: NTFS

Computer Name: VINIT | User Name: Well | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/09 02:34:13 | 000,105,832 | ---- | M] (SurfRight B.V.) -- C:\Program Files\HitmanPro\hmpsched.exe
PRC - [2012/08/09 01:02:42 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Well\My Documents\Downloads\OTL.exe
PRC - [2012/08/04 10:43:11 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/12 21:45:40 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.115\GoogleCrashHandler.exe
PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/07/03 21:51:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/03/27 03:15:22 | 000,329,544 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe
PRC - [2011/12/09 22:52:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2011/07/29 04:38:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2007/06/13 15:53:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/16 19:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/11/16 18:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/09 13:40:14 | 001,793,024 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12080900\algo.dll
MOD - [2012/08/04 10:43:10 | 002,246,624 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/08/04 10:31:10 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
MOD - [2012/07/14 01:58:08 | 000,049,104 | ---- | M] () -- C:\Program Files\Common Files\DFX\Dlls\dfxShared32.dll
MOD - [2012/03/27 03:15:22 | 000,329,544 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe
MOD - [2011/07/29 04:39:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 04:38:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/03/30 08:04:30 | 000,280,143 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\libidn-11.dll
MOD - [2009/03/28 01:32:24 | 000,332,254 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\libssl32.dll
MOD - [2009/03/28 01:32:22 | 001,554,920 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\libeay32.dll
MOD - [2005/10/07 15:05:32 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/08/09 02:34:13 | 000,105,832 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV - [2012/08/04 10:43:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/04 10:31:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/03/27 03:15:22 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\FOXCONN 845.945 ALL\FXDrv32.sys -- (FXDrv32)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/07/03 21:51:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 21:51:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 21:51:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 21:51:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 21:51:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 21:51:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 21:51:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/03/27 03:15:18 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2007/04/10 17:04:40 | 004,397,568 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/12/14 14:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 04:01:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.gamesgofree.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-re...q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search-re...stemid=406&sr=0
IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.gamesgofree.com/
IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2653012
IE - HKU\S-1-5-21-1454471165-162531612-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT2653012.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10516.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/09 17:07:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/04 09:58:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/09 00:50:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/04 10:43:04 | 000,000,000 | ---D | M]

[2012/06/08 20:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Well\Application Data\Mozilla\Extensions
[2012/08/09 00:49:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\extensions
[2012/07/24 01:38:57 | 000,000,000 | ---D | M] (Veoh Web Player) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}
[2012/08/09 00:11:56 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\extensions\[email protected]
[2012/07/27 14:48:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\wn8deps8.default\extensions
[2012/07/15 19:44:26 | 000,000,000 | ---D | M] (MyWebFace) -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\wn8deps8.default\extensions\[email protected]_5a.com
[2012/07/27 14:56:48 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\conduit.xml
[2012/06/25 16:15:51 | 000,009,634 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\my-web-search.xml
[2012/07/19 18:42:35 | 000,001,742 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\search-the-web.xml
[2012/06/08 12:11:22 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Mozilla\Firefox\Profiles\g1e51cti.default\searchplugins\Search_Results.xml
[2012/08/04 10:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/08/04 10:43:01 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2012/08/04 10:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2012/08/04 10:43:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012/07/19 18:34:51 | 000,553,054 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\WELL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G1E51CTI.DEFAULT\EXTENSIONS\{AFE43E80-0ABC-4DF2-81A0-3FE44B74ABE8}.XPI
[2012/08/08 01:07:34 | 000,003,245 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\WELL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G1E51CTI.DEFAULT\EXTENSIONS\[email protected]
[2012/07/30 06:34:15 | 000,004,955 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\WELL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\G1E51CTI.DEFAULT\EXTENSIONS\[email protected]
[2012/07/09 17:07:02 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/08/04 09:58:39 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/08/04 10:43:11 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/09 22:53:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/07/31 00:28:18 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/06/21 00:07:52 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/07/31 00:28:18 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/31 00:28:18 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/07/31 00:28:18 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/06/08 12:11:22 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/07/31 00:28:18 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/07/31 00:28:18 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - homepage: http://search.condui...=48&sspv=CHOB18
CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://in.search.yah...p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms}
CHR - homepage: http://search.condui...=48&sspv=CHOB18
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - Extension: avast! WebRep = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Codec-V = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.19.57_0\crossrider
CHR - Extension: Codec-V = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.19.57_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Well\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2001/08/23 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1454471165-162531612-725345543-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DFX.lnk = C:\Program Files\DFX\DFX.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-162531612-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.myweb...F0&n=2012072412 File not found
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.31.6.133 172.31.6.85
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AD398F0-85F9-4359-85AA-03322BC3B8EE}: DhcpNameServer = 172.31.6.133 172.31.6.85
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Well\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Well\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/30 17:33:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\AutoRun\command - "" = prueba/balas.exe
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\Explore\command - "" = prueba/balas.exe
O33 - MountPoints2\{65da3e50-a0b2-11e1-836d-00e01c3caa21}\Shell\Open\command - "" = prueba/balas.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/09 23:59:35 | 000,135,016 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\LnkProtect.dll
[2012/08/09 02:47:05 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2012/08/09 02:34:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro
[2012/08/09 02:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012/08/09 02:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2012/08/09 02:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\My Documents\Simply Super Software
[2012/08/09 02:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Simply Super Software
[2012/08/09 02:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Trojan Remover
[2012/08/09 02:00:28 | 000,605,968 | ---- | C] (Igor Pavlov) -- C:\WINDOWS\System32\ztv7z.dll
[2012/08/09 02:00:28 | 000,077,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll
[2012/08/09 02:00:26 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2012/08/09 02:00:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2012/08/09 01:08:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/09 00:48:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Well\Recent
[2012/08/09 00:41:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2012/08/09 00:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
[2012/08/09 00:18:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\Downloaded Installations
[2012/08/09 00:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\adawarebp
[2012/08/08 19:49:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Malwarebytes
[2012/08/08 19:49:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/08/08 19:49:06 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/08/08 19:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/08/04 10:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/08/04 10:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\DDMSettings
[2012/07/28 02:20:21 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2012/07/27 05:56:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/07/25 03:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Hi
[2012/07/25 03:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HiPlayer
[2012/07/24 01:42:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\Conduit
[2012/07/24 01:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\CRE
[2012/07/24 01:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\Veoh Networks
[2012/07/20 19:44:01 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dfxmm32.dll
[2012/07/20 19:44:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DFX Audio Enhancer
[2012/07/20 19:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\DFX
[2012/07/20 19:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DFX
[2012/07/19 22:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/07/19 22:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Oracle
[2012/07/19 22:44:54 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/07/18 06:29:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\wtxpcom
[2012/07/17 19:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2012/07/17 19:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\YTD Video Downloader
[2012/07/17 19:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2012/07/16 05:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\VideoDownloadConverter_4z
[2012/07/15 17:32:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\TVUAx
[2012/07/15 10:57:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Local Settings\Application Data\Pokki
[2012/07/15 10:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\ProgSense
[2012/07/15 10:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\GrabPro
[2012/07/15 10:45:35 | 000,000,000 | ---D | C] -- C:\downloads
[2012/07/15 10:43:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Well\Application Data\Orbit
[2012/07/11 14:34:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/10 00:01:06 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/08/09 23:59:35 | 000,135,016 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\LnkProtect.dll
[2012/08/09 23:58:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/09 23:50:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-162531612-725345543-1003UA.job
[2012/08/09 23:28:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/09 21:50:02 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-162531612-725345543-1003Core.job
[2012/08/09 19:53:09 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\Well\Desktop\Google Chrome.lnk
[2012/08/09 19:53:09 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\Well\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/09 15:15:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/08/09 02:47:05 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2012/08/09 02:12:04 | 000,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/06 11:36:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/04 10:31:11 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/04 10:31:11 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/07/31 16:21:41 | 000,002,638 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/07/27 14:44:49 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
[2012/07/25 10:34:44 | 000,000,138 | ---- | M] () -- C:\WINDOWS\vsfilter.INI
[2012/07/22 17:24:18 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\Well\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/20 19:44:01 | 000,001,435 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DFX.lnk
[2012/07/19 22:44:40 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/07/19 22:44:40 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/07/19 22:44:40 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/07/19 22:44:40 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/07/18 17:00:59 | 012,619,032 | ---- | M] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.3gp
[2012/07/18 16:54:37 | 015,167,395 | ---- | M] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.flv
[2012/07/15 11:28:43 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/07/11 14:34:13 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/09 02:12:04 | 000,132,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/09 02:00:28 | 000,185,616 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar39.dll
[2012/08/09 02:00:28 | 000,169,744 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2012/08/09 02:00:28 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2012/08/09 02:00:28 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2012/08/09 02:00:28 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2012/07/25 03:47:13 | 000,000,138 | ---- | C] () -- C:\WINDOWS\vsfilter.INI
[2012/07/20 19:44:01 | 000,001,435 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DFX.lnk
[2012/07/18 16:59:54 | 012,619,032 | ---- | C] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.3gp
[2012/07/18 16:42:11 | 015,167,395 | ---- | C] () -- C:\Documents and Settings\Well\My Documents\vaana vaana velluvaye Racha Full Video Song By-----SWAPNIL.flv
[2012/07/17 19:02:06 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
[2012/07/11 14:34:13 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/05/15 04:23:07 | 000,001,400 | -HS- | C] () -- C:\Documents and Settings\Well\Application Data\systemHc.$dk
[2012/04/11 17:19:35 | 000,036,228 | ---- | C] () -- C:\Documents and Settings\Well\Application Data\KeyBlaze.dmp
[2012/04/10 09:06:23 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Well\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/08 01:00:52 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012/04/07 20:10:22 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/04/07 20:10:22 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/03/30 22:56:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/03/30 21:25:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/30 17:59:42 | 002,026,604 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2012/03/30 17:59:35 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4977.dll
[2012/03/30 17:59:32 | 000,442,964 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2012/03/30 17:54:09 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/03/30 17:51:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2012/03/30 17:49:05 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2012/03/30 17:35:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/03/30 17:31:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Well\Desktop\Shortcut to RETAIL.pif:SummaryInformation
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC1216D7

< End of report >
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you still getting the alerts ? If so could you post a screenshot
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP