Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

unknown virus for cousin pc

Started by rhomel , Aug 19 2012 06:21 PM

  • Please log in to reply

#1
rhomel
Posted 19 August 2012 - 06:21 PM

rhomel

    Member

  • Member
  • PipPip
  • 90 posts
123.JPG

irus run in pc of my cousin.
please fix it.



OTL logfile created on: 8/20/2012 8:15:03 AM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\DIGIT\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 53.04% Memory free
1.84 Gb Paging File | 0.97 Gb Available in Paging File | 52.57% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 117.19 Gb Total Space | 49.13 Gb Free Space | 41.92% Space Free | Partition Type: NTFS
Drive D: | 180.89 Gb Total Space | 142.16 Gb Free Space | 78.59% Space Free | Partition Type: NTFS

Computer Name: DIGIT_PC | User Name: DIGIT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/20 08:12:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DIGIT\Desktop\OTL.exe
PRC - [2012/08/06 23:43:41 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/07/02 18:16:23 | 003,491,264 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2012/06/28 05:51:53 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/28 05:51:51 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/04/21 16:27:32 | 000,499,312 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2012/04/21 16:27:30 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2011/12/21 16:28:00 | 000,011,776 | ---- | M] () -- C:\Program Files\HP webOS\PDK\tcprelay.exe
PRC - [2011/09/19 18:59:06 | 000,061,440 | ---- | M] (Palm) -- C:\Program Files\HP webOS\SDK\bin\novacomd\x86\novacomd.exe
PRC - [2011/02/28 14:07:19 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2010/05/25 05:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2009/01/09 10:54:26 | 006,302,720 | ---- | M] (ZTE Corporation) -- C:\Program Files\SMART BRO\Modem.exe
PRC - [2008/04/17 20:13:44 | 005,750,784 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/19 14:53:22 | 001,800,192 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12081901\algo.dll
MOD - [2012/08/06 23:43:40 | 000,442,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.75\ppgooglenaclpluginchrome.dll
MOD - [2012/08/06 23:43:39 | 012,235,800 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
MOD - [2012/08/06 23:43:37 | 003,997,720 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.75\pdf.dll
MOD - [2012/08/06 23:42:09 | 000,144,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.75\avutil-51.dll
MOD - [2012/08/06 23:42:08 | 000,266,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.75\avformat-54.dll
MOD - [2012/08/06 23:42:07 | 002,480,680 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll
MOD - [2012/07/22 11:17:34 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
MOD - [2012/06/27 18:38:52 | 000,531,968 | ---- | M] () -- C:\Documents and Settings\DIGIT\Application Data\BabylonToolbar\CR\BUSolution.dll
MOD - [2011/12/21 16:28:00 | 000,011,776 | ---- | M] () -- C:\Program Files\HP webOS\PDK\tcprelay.exe
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl
MOD - [2010/03/24 08:47:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/29 14:11:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/01/09 10:54:24 | 000,876,032 | ---- | M] () -- C:\Program Files\SMART BRO\WaitingForm.dll
MOD - [2009/01/09 10:54:22 | 001,090,048 | ---- | M] () -- C:\Program Files\SMART BRO\DLL_Netcard_R.dll
MOD - [2009/01/09 10:54:14 | 000,258,048 | ---- | M] () -- C:\Program Files\SMART BRO\language\lan_ENG.dll
MOD - [2008/04/17 20:13:44 | 005,750,784 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
MOD - [2008/04/14 10:30:00 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2008/04/14 10:30:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 10:30:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30128\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - File not found [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\BlueStacks\HD-Service.exe BstHdAndroidSvc Android -- (BstHdAndroidSvc)
SRV - [2012/08/12 21:43:23 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/12 20:44:58 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/21 18:57:45 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/06/28 05:51:53 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/03/04 22:40:10 | 000,748,440 | ---- | M] (Spigot, Inc.) [On_Demand | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/12/21 16:28:00 | 000,011,776 | ---- | M] () [Auto | Running] -- C:\Program Files\HP webOS\PDK\tcprelay.exe -- (Palm_TCP_Relay)
SRV - [2011/11/08 18:37:12 | 000,161,664 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/09/19 18:59:06 | 000,061,440 | ---- | M] (Palm) [Auto | Running] -- C:\Program Files\HP webOS\SDK\bin\novacomd\x86\novacomd.exe -- (NovacomD)
SRV - [2011/05/09 04:43:04 | 000,088,688 | R--- | M] (VIA Technologies, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\KaraokeSer.exe -- (KaraokeService)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/01/26 19:09:02 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/01/09 10:54:26 | 000,081,920 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\SupportAppXL\cdrom_mon.exe -- (Autorun CDROM Monitor)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [On_Demand | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/17 20:13:44 | 005,750,784 | ---- | M] () [Auto | Running] -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\wdf01000.sys -- (Wdf01000)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\Scutum50.sys -- (Scutum50)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\rt2870.sys -- (rt2870)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RTS5121.sys -- (RSUSBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\cnnctfy2.sys -- (cnnctfy2MP)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys -- (BstHdDrv)
DRV - [2012/06/28 05:52:42 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/06/28 05:52:42 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/06/28 05:52:37 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/06/28 05:52:37 | 000,097,352 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/06/28 05:52:37 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/06/28 05:52:36 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/06/28 05:52:36 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/06/28 05:52:36 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/04/23 04:26:26 | 000,108,448 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2012/03/14 18:57:50 | 000,158,512 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2012/03/14 18:57:50 | 000,116,016 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2012/03/14 18:57:50 | 000,104,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2012/03/14 18:57:50 | 000,091,952 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2011/11/15 11:32:40 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2011/09/07 16:42:24 | 002,809,712 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2011/07/01 03:46:40 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2010/11/26 19:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/08/07 18:48:30 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/07/27 16:25:48 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010/01/28 23:10:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2010/01/26 19:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/01/06 18:14:14 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009/01/06 18:14:14 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009/01/06 18:14:14 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008/10/16 08:14:00 | 000,030,720 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l251x86.sys -- (AtcL002)
DRV - [2008/02/14 01:42:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2006/06/29 17:20:08 | 000,048,896 | ---- | M] (PHILOG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PhSerUsb.sys -- (PhSerUsb)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.unet.my
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.1\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {b167b83b-348e-4f8a-a00d-693f28ede787}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000ff70e7bb19
IE - HKCU\..\SearchScopes\{8E143E40-AD9D-4BC5-AD58-F048D8AA722C}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{b167b83b-348e-4f8a-a00d-693f28ede787}: "URL" = http://search.expats...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.symbianize.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..keyword.URL: "http://search.yahoo....type=685749&p="
FF - prefs.js..network.proxy.backup.ftp: "85.17.214.139"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.socks: "85.17.214.139"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "85.17.214.139"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "85.17.214.139"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "85.17.214.139"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "85.17.214.139"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "85.17.214.139"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\DIGIT\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\DIGIT\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/01 21:43:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Fiddler2\FiddlerHook [2012/04/11 10:02:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/12 20:44:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/12 19:52:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\DIGIT\Application Data\IDM\idmmzcc5 [2012/07/01 22:48:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\DIGIT\Application Data\IDM\idmmzcc5 [2012/07/01 22:48:38 | 000,000,000 | ---D | M]

[2011/07/03 06:52:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DIGIT\Application Data\Mozilla\Extensions
[2012/08/12 20:51:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DIGIT\Application Data\Mozilla\Firefox\Profiles\xe5t3hxu.default\extensions
[2012/01/26 08:15:59 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\DIGIT\Application Data\Mozilla\Firefox\Profiles\xe5t3hxu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2011/07/30 10:26:30 | 000,001,956 | ---- | M] () -- C:\Documents and Settings\DIGIT\Application Data\Mozilla\Firefox\Profiles\xe5t3hxu.default\searchplugins\metacrawler.xml
[2012/03/01 19:41:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/06 10:41:34 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/07/01 22:48:38 | 000,000,000 | ---D | M] (IDM CC) -- C:\DOCUMENTS AND SETTINGS\DIGIT\APPLICATION DATA\IDM\IDMMZCC5
[2012/03/15 22:37:02 | 000,009,524 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\DIGIT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\XE5T3HXU.DEFAULT\EXTENSIONS\{3E9A3920-1B27-11DA-8CD6-0800200C9A66}.XPI
[2012/02/06 08:16:46 | 007,704,298 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\DIGIT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\XE5T3HXU.DEFAULT\EXTENSIONS\{7BDB48D1-CD94-4B99-A5A4-E418B9EE6532}.XPI
[2012/07/01 21:43:31 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/04/11 10:02:00 | 000,000,000 | ---D | M] (FiddlerHook) -- C:\PROGRAM FILES\FIDDLER2\FIDDLERHOOK
[2011/07/19 11:12:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/08/12 20:44:59 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/08 18:37:13 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/07/22 08:55:14 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/02/16 03:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/16 03:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://search.babylo...00000ff70e7bb19
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylo...00000ff70e7bb19
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.babylo...00000ff70e7bb19
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7574_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U1 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: DivX\u00AE Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Entanglement = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: FB Refresh = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bdlfdaajmclngiomogmleihllaejcnni\2.0.1_0\
CHR - Extension: Adblock Plus (Beta) = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Babylon Toolbar = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\
CHR - Extension: AdBlock = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.38_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1451_0\
CHR - Extension: Skype Extension = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7574_0\
CHR - Extension: Poppit = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.3.0_0\

O1 HOSTS File: ([2012/03/05 20:53:00 | 000,000,106 | R--- | M]) - C:\WINDOWS\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 box.anchorfree.net
O1 - Hosts: 127.0.0.1 www.box.anchorfree.net
O1 - Hosts: 127.0.0.1 a433.com
O1 - Hosts: 127.0.0.1 www.a433.com
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.1\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.1\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Tweak UI] C:\WINDOWS\System32\TWEAKUI.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\DIGIT\Start Menu\Programs\Startup\alcrmv.exe.lnk = C:\Program Files\Realtek AC97\alcrmv.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\DIGIT\Start Menu\Programs\Startup\RocketDock.lnk = C:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70E7BB19-5268-48B6-B125-5274EE37DCB9}: NameServer = 10.3.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF2A7233-97E4-4790-8778-9E527EDD9FA7}: NameServer = 10.198.220.124 202.126.40.5
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\DIGIT\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\DIGIT\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/07/03 05:45:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{77830570-18aa-11e1-a0f8-4487fc8572c7}\Shell - "" = AutoRun
O33 - MountPoints2\{77830570-18aa-11e1-a0f8-4487fc8572c7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{77830570-18aa-11e1-a0f8-4487fc8572c7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/20 08:12:24 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DIGIT\Desktop\OTL.exe
[2012/08/20 08:07:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/08/12 21:37:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\DIGIT\Recent
[2012/08/10 11:51:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2012/08/07 17:30:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Sync Framework
[2012/08/07 17:25:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight 3 SDK
[2012/08/07 16:08:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIGIT\My Documents\Comic Life
[2012/08/07 16:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIGIT\Start Menu\Programs\Recover My Files
[2012/08/07 16:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\GetData
[2012/08/07 16:06:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner Professional
[2012/08/07 16:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner Professional
[2012/08/07 16:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\plasq
[2012/08/07 16:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\plasq
[2012/08/03 06:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIGIT\Desktop\Lie to me
[2012/07/22 14:36:37 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/07/22 08:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Motorola Driver Installer
[2012/07/22 08:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\hpmonitor
[2012/07/22 08:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIGIT\Application Data\BabylonToolbar
[2012/07/22 08:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012/07/22 08:55:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIGIT\Application Data\Babylon
[2012/07/22 08:55:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012/07/22 08:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2012/07/22 08:34:54 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2012/07/22 08:25:58 | 000,048,896 | ---- | C] (PHILOG) -- C:\WINDOWS\System32\drivers\PhSerUsb.sys

========== Files - Modified Within 30 Days ==========

[2012/08/20 08:12:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DIGIT\Desktop\OTL.exe
[2012/08/20 08:03:01 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/20 08:02:57 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1606980848-1801674531-1003.job
[2012/08/20 08:02:53 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/20 08:02:53 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job
[2012/08/20 08:02:53 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2012/08/20 08:02:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/19 20:39:10 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/19 20:35:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/15 22:10:44 | 001,854,647 | ---- | M] () -- C:\Documents and Settings\DIGIT\My Documents\logic.psd
[2012/08/15 22:08:33 | 000,285,692 | ---- | M] () -- C:\Documents and Settings\DIGIT\Desktop\Untitled-1.jpg
[2012/08/13 19:17:16 | 000,846,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/12 14:25:52 | 002,880,338 | ---- | M] () -- C:\Documents and Settings\DIGIT\Desktop\FuzzyLogicDocumentation.pdf
[2012/08/12 13:02:27 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-1606980848-1801674531-1003.job
[2012/08/11 22:41:18 | 000,056,832 | ---- | M] () -- C:\Documents and Settings\DIGIT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/09 16:06:51 | 001,722,299 | ---- | M] () -- C:\Documents and Settings\DIGIT\My Documents\gbfbbf.psd
[2012/08/09 16:06:45 | 000,064,119 | ---- | M] () -- C:\Documents and Settings\DIGIT\My Documents\gbf&bbf.jpg
[2012/08/09 16:06:45 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\DIGIT\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2012/08/07 17:55:13 | 000,801,886 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/08/07 17:55:13 | 000,208,976 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/08/07 17:03:33 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\DIGIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/07 16:05:37 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\DIGIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Comic Life.lnk
[2012/08/07 16:05:37 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Comic Life.lnk
[2012/07/26 18:32:46 | 000,002,313 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RSD Lite.lnk
[2012/07/22 08:55:36 | 000,000,247 | ---- | M] () -- C:\user.js
[2012/07/22 07:29:18 | 006,152,612 | ---- | M] () -- C:\Documents and Settings\DIGIT\My Documents\by chance.mp3
[2012/07/21 17:57:00 | 000,000,211 | -HS- | M] () -- C:\boot.ini

========== Files Created - No Company Name ==========

[2012/08/15 22:10:42 | 001,854,647 | ---- | C] () -- C:\Documents and Settings\DIGIT\My Documents\logic.psd
[2012/08/15 22:07:51 | 000,285,692 | ---- | C] () -- C:\Documents and Settings\DIGIT\Desktop\Untitled-1.jpg
[2012/08/13 19:17:16 | 000,846,496 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/12 20:48:52 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/12 19:52:20 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/08/12 14:25:28 | 002,880,338 | ---- | C] () -- C:\Documents and Settings\DIGIT\Desktop\FuzzyLogicDocumentation.pdf
[2012/08/09 16:06:45 | 000,064,119 | ---- | C] () -- C:\Documents and Settings\DIGIT\My Documents\gbf&bbf.jpg
[2012/08/07 20:31:51 | 001,722,299 | ---- | C] () -- C:\Documents and Settings\DIGIT\My Documents\gbfbbf.psd
[2012/08/07 17:03:33 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\DIGIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/07 17:03:32 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\DIGIT\Start Menu\Programs\Internet Explorer.lnk
[2012/08/07 16:05:37 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\DIGIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Comic Life.lnk
[2012/08/07 16:05:37 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Comic Life.lnk
[2012/07/26 21:34:37 | 566,085,837 | ---- | C] () -- C:\Documents and Settings\DIGIT\Desktop\War.Horse.2011.mkv
[2012/07/22 08:55:36 | 000,000,247 | ---- | C] () -- C:\user.js
[2012/07/22 08:34:55 | 000,002,319 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\RSD Lite.lnk
[2012/07/22 08:34:55 | 000,002,313 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RSD Lite.lnk
[2012/03/28 21:51:42 | 000,169,984 | ---- | C] () -- C:\WINDOWS\System32\1911.dll
[2012/03/11 23:16:55 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012/02/16 09:09:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/27 07:00:40 | 000,004,087 | ---- | C] () -- C:\Documents and Settings\DIGIT\Application Data\leeman
[2012/01/17 19:29:49 | 000,000,724 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/12/22 08:59:07 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\DIGIT\Application Data\Adobe GIF Format CS5 Prefs
[2011/12/22 08:58:41 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\DIGIT\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2011/12/21 15:37:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\DIGIT\DesktopFiddler2Upgrade.exe
[2011/11/29 17:56:28 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\DIGIT\VNCConfig.cfg
[2011/11/28 21:02:10 | 000,025,944 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/11/28 21:02:10 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/11/27 15:27:11 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\DIGIT\.appletviewer
[2011/10/21 23:52:00 | 000,001,816 | ---- | C] () -- C:\WINDOWS\TSearch.INI
[2011/10/12 04:46:29 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\DIGIT\PUTTY.RND
[2011/08/21 08:26:17 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\DIGIT\ntuser.pol
[2011/08/06 03:28:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2011/07/25 08:39:28 | 000,000,406 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/07/23 22:40:35 | 000,050,994 | ---- | C] () -- C:\Documents and Settings\DIGIT\Application Data\room_v3.dat
[2011/07/22 19:26:20 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\Audio3D.dll
[2011/07/22 19:26:20 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\A3D.dll
[2011/07/10 01:42:44 | 000,000,129 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2011/07/04 20:34:13 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2011/07/04 05:51:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011/07/04 05:51:46 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/07/04 05:24:56 | 000,005,115 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\mtbjfghn.xbe
[2011/07/03 11:08:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/07/03 08:15:56 | 000,386,923 | ---- | C] () -- C:\WINDOWS\KMSAct.exe
[2011/07/03 06:52:09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/03 06:52:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/07/03 06:34:53 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\backup_account.exe
[2011/07/03 06:10:58 | 000,056,832 | ---- | C] () -- C:\Documents and Settings\DIGIT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/03 06:07:29 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/07/03 05:54:22 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2011/07/03 05:50:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/07/03 05:43:33 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/21 08:37:30 | 000,036,044 | ---- | C] () -- C:\WINDOWS\System32\bassmod.dll

========== LOP Check ==========

[2011/12/09 07:25:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2012/02/18 14:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/07/22 08:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012/01/27 07:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverGenius
[2011/07/28 04:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
[2011/07/26 03:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_Arctica
[2011/09/15 21:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlyVPN
[2011/07/06 05:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Guitar Pro 6
[2012/01/28 20:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Individual Software
[2011/11/12 13:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2011/11/27 18:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/03/29 11:24:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2011/11/09 20:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JCreator
[2011/08/19 19:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MDMA
[2011/07/04 05:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/08/13 07:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlatinumHideIP
[2011/11/29 22:34:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011/08/26 08:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2012/08/10 16:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/02/02 23:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualWifiRouter
[2011/09/03 21:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2011/11/21 20:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\106DE
[2011/11/30 15:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\2K Sports
[2011/07/04 06:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\AnvSoft
[2011/10/20 22:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\ArcticLine
[2012/07/22 08:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Babylon
[2012/07/22 08:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\BabylonToolbar
[2011/12/01 19:12:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Booster
[2011/07/09 08:33:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\BWMonitor
[2011/07/04 05:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Carambis
[2011/10/21 05:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Charles
[2012/03/21 07:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\DeepBurner
[2012/08/17 23:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\DMCache
[2012/01/03 18:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Dropbox
[2011/07/04 05:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Easeware
[2011/08/26 20:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Free Audio Editor
[2012/02/02 23:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\GetRightToGo
[2011/08/29 20:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Guitar Pro 6
[2012/07/01 22:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\IDM
[2011/07/03 07:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\ImgBurn
[2011/08/26 09:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Import Audio from Video
[2011/07/06 06:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\ImTOO
[2012/01/28 20:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Individual Software
[2011/11/28 21:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\IObit
[2011/11/14 21:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\iolo
[2011/11/09 20:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\JCreator
[2012/03/27 20:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Notepad++
[2012/03/11 23:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\pdfforge
[2011/07/04 06:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Pelles C
[2011/11/29 23:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\petanDrive
[2011/08/13 07:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\PlatinumHideIP
[2012/08/05 19:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Power Sound Editor Free
[2011/09/17 21:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Resolume
[2011/11/26 20:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Rovio
[2012/03/14 08:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\Search Settings
[2011/09/18 06:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\TeamViewer
[2011/11/26 11:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\TeraCopy
[2011/11/12 20:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIGIT\Application Data\TuneUp Software
[2012/08/20 08:02:53 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\Express Files Updater.job
[2012/08/20 08:02:53 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
[2012/07/01 20:45:03 | 000,000,220 | ---- | M] () -- C:\WINDOWS\Tasks\KMS Activation for Office.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 182 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:54D4173A
@Alternate Data Stream - 161 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB1B13D8
@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9

< End of report >



OTL Extras logfile created on: 8/20/2012 8:15:03 AM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\DIGIT\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 53.04% Memory free
1.84 Gb Paging File | 0.97 Gb Available in Paging File | 52.57% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 117.19 Gb Total Space | 49.13 Gb Free Space | 41.92% Space Free | Partition Type: NTFS
Drive D: | 180.89 Gb Total Space | 142.16 Gb Free Space | 78.59% Space Free | Partition Type: NTFS

Computer Name: DIGIT_PC | User Name: DIGIT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"58851:TCP" = 58851:TCP:*:Enabled:Pando Media Booster
"58851:UDP" = 58851:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"58851:TCP" = 58851:TCP:*:Enabled:Pando Media Booster
"58851:UDP" = 58851:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"D:\Warcraft III\Warcraft III.exe" = D:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Documents and Settings\DIGIT\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\DIGIT\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc)
"C:\Program Files\Nsasoft\ProductKeyExplorer\ProductKeyExplorer.exe" = C:\Program Files\Nsasoft\ProductKeyExplorer\ProductKeyExplorer.exe:*:Enabled:Product Key Explorer -- (Nsasoft LLC.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00C69CD1-89D7-41DD-9A9A-3F495BA7E087}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{1A772F15-B3FE-381A-BD29-82A78096B720}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4418
"{1B7E8D22-F280-4A8F-84BF-39B0F37F6D5F}" = Microsoft SQL Server System CLR Types
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java™ 7 Update 1
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{32A3A4F4-B792-11D6-A78A-00B0D0170010}" = Java™ SE Development Kit 7 Update 1
"{34C8AA92-6E3B-3890-8312-6156FE95F9BF}" = Microsoft Visual C++ 2010 RC x86 Runtime - 10.0.30128
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A09F880-BB02-490C-B2E7-7C09DD505B53}" = Microsoft SQL Server 2008 R2 Management Objects
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4769E972-2E92-49C5-B6F9-465EFD0C4D94}" = VirtualDJ PRO Full
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{6457ADFE-1166-4866-8FAA-5E497FAFA93E}" = Bluserver Transparent
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D939E50-FD94-458B-BB4E-B4CEE0A6DA2A}_is1" = Comic Life 1.3.6.71
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7BAC15E1-52CB-4529-B678-9EEDADE55E79}" = HP webOS SDK
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = SMART BRO
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C4BFE6D-13DF-3AAB-9FD3-C6617A57EBFB}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B217B8BC-8543-46DB-B049-89660B8BFADD}_is1" = CCleaner Professional
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B8EF780F-126C-4CF0-AAB2-1B68BF06BA1C}" = Motorola Internal Driver Installation 3.7.0
"{BF901F72-A7E8-4F3C-9E70-5E1B8FD05CEB}" = ResumeMaker Ultimate
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
"{D5297321-6138-43d8-93B0-EB268CC86A68}" = IObit Toolbar v5.1
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.5
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{E9CF8701-483A-4344-8119-0002BD0992A8}" = MySQL Server 5.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F20386D5-EE47-42FF-90CB-203A61787CA2}" = Oracle VM VirtualBox 4.1.10
"{F2440AC3-8438-43B8-99A3-EB4BD0A0ED21}" = RSDLite
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"332CCC08910F1AE2E4D90D25DEDE87E3EF797832" = Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1)
"7-Zip" = 7-Zip
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 6.0 Extended" = Adobe Photoshop 6.0 Extended
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Akamai" = Akamai NetSession Interface Service
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.2.3
"Audacity" = Audacity
"avast" = avast! Pro Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"BabylonToolbar" = Babylon toolbar on IE
"Bandwidth Monitor" = Bandwidth Monitor
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"CHM To PDF_is1" = CHM To PDF Converter
"Connectify" = Connectify
"Disk Cleaner" = Disk Cleaner
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVD Shrink" = DVD Shrink
"English Malayalam Dictionary" = English Malayalam Dictionary
"FastStone Image Viewer 4.0" = FastStone Image Viewer 4.0
"Fiddler2" = Fiddler2
"Font Expert" = Font Expert
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InfraRecorder" = InfraRecorder
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Internet Download Manager" = Internet Download Manager
"iolo Memory Mechanic_is1" = iolo Memory Mechanic
"Java Launcher_is1" = Java Launcher 3.201 (Standard edition)
"JCreator Pro_is1" = JCreator Pro 4.50
"LEAP Office Full" = LEAP Office Full
"Malayalam Unicode to ASCII Font" = Malayalam Unicode to ASCII Font
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MsJavaVM" = Microsoft VM for Java
"nbi-nb-base-7.1.0.0.0" = NetBeans IDE 7.1
"NSIS" = Nullsoft Install System
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PellesC" = Pelles C for Windows (remove only)
"PicPick Image Editor" = PicPick Image Editor
"Power Sound Editor Free" = Power Sound Editor Free
"Product Key Explorer_is1" = Product Key Explorer 2.8.7
"Rainlendar" = Rainlendar
"RealPlayer 15.0" = RealPlayer
"Recover My Files_is1" = Recover My Files
"Recuva Data Recovery" = Recuva Data Recovery
"RocketDock" = RocketDock
"Sib Icon Editor" = Sib Icon Editor
"Smart Defrag 2_is1" = Smart Defrag 2
"System Tools Pack" = System Tools Pack
"The KMPlayer" = The KMPlayer
"UltraISO_is1" = UltraISO Premium V9.36
"Video Edit Master" = Video Edit Master
"Visual Studio 6.0 Enterprise Edition" = Microsoft Visual Studio 6.0 Enterprise Edition
"VLC media player" = VLC media player 2.0.3
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinPcapInst" = WinPcap 3.0
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"WMouseXP Remote" = WMouseXP Remote
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Chikka Messenger" = Chikka Messenger
"UnityWebPlayer" = Unity Web Player
"WinSetupFromUSB" = WinSetupFromUSB
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/8/2012 8:13:35 PM | Computer Name = DIGIT_PC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 7/11/2012 7:21:00 PM | Computer Name = DIGIT_PC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 7/13/2012 8:54:18 AM | Computer Name = DIGIT_PC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 7/14/2012 1:29:54 PM | Computer Name = DIGIT_PC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 7/15/2012 8:48:19 PM | Computer Name = DIGIT_PC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 7/17/2012 9:19:06 AM | Computer Name = DIGIT_PC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 7/18/2012 10:28:06 AM | Computer Name = DIGIT_PC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 7/18/2012 10:53:38 AM | Computer Name = DIGIT_PC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 7/18/2012 11:47:54 AM | Computer Name = DIGIT_PC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 7/18/2012 7:01:03 PM | Computer Name = DIGIT_PC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

[ System Events ]
Error - 8/19/2012 1:52:33 PM | Computer Name = DIGIT_PC | Source = Service Control Manager | ID = 7000
Description = The Scutum50 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 8/19/2012 1:52:33 PM | Computer Name = DIGIT_PC | Source = Service Control Manager | ID = 7000
Description = The BlueStacks Hypervisor service failed to start due to the following
error: %%3

Error - 8/19/2012 1:52:33 PM | Computer Name = DIGIT_PC | Source = Service Control Manager | ID = 7000
Description = The BlueStacks Log Rotator Service service failed to start due to
the following error: %%2

Error - 8/19/2012 10:29:20 PM | Computer Name = DIGIT_PC | Source = Service Control Manager | ID = 7000
Description = The Scutum50 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 8/19/2012 10:29:20 PM | Computer Name = DIGIT_PC | Source = Service Control Manager | ID = 7000
Description = The BlueStacks Hypervisor service failed to start due to the following
error: %%3

Error - 8/19/2012 10:29:20 PM | Computer Name = DIGIT_PC | Source = Service Control Manager | ID = 7000
Description = The BlueStacks Log Rotator Service service failed to start due to
the following error: %%2

Error - 8/20/2012 11:03:50 AM | Computer Name = DIGIT_PC | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 8/20/2012 11:04:22 AM | Computer Name = DIGIT_PC | Source = Service Control Manager | ID = 7000
Description = The Scutum50 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 8/20/2012 11:04:22 AM | Computer Name = DIGIT_PC | Source = Service Control Manager | ID = 7000
Description = The BlueStacks Hypervisor service failed to start due to the following
error: %%3

Error - 8/20/2012 11:04:22 AM | Computer Name = DIGIT_PC | Source = Service Control Manager | ID = 7000
Description = The BlueStacks Log Rotator Service service failed to start due to
the following error: %%2


< End of report >

Edited by rhomel, 19 August 2012 - 06:38 PM.

  • 0

Advertisements

#2
rhomel
Posted 20 August 2012 - 12:28 PM

rhomel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts
please help to fix my cousin pc. Anyone
  • 0

#3
Gammo
Posted 23 August 2012 - 06:57 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP