[pika3pika]

hi i need help my computer suddenly stop and not responding sometimes when i open lot program or when i surfing in net and open few tab . anyone can help ???? i already use malwarebytes and avira to search for virus but i dont find any virus. i just want to know maybe it was a hardware problem or virus problem . coz the last time i never had that happen

[Advertisements]

Hi pika3pika,



My name is Valinorum and I will be your helper today. Before we proceed, please, acknowledge yourself the following(s):

• Please do not create any new threads on this while we are working on your system, as it wastes another volunteer's time.
• Please do not install any new software while we are working on this system,as it may hinder our process.
• Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
• Please do not try to fix anything without being ask.
• Please do not attach your logs. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
• Please print or save the instructions I give you for quick reference. We may be using Safe mode and you will not always be able to access this thread.
• Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malwares infections are so severe that only option we have is to re-format and re-install the operating system.
• If you are confused about any instruction stop and ask. do not keep going on.
• The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.

Note: Please, bare in mind that I am still a trainee and my replies need to be reviewed by my teachers before I post them to you. Take it as a good thing because now you have two people examining your problem. I really hope that we will be able to send you home with a smile on your face.

 

• Step #1 Scan with OTL
• Please download OldTimer's Listit from one of the following locations and save it to your Desktop.
  Download Link 1
  Download Link 2
  Downlaod LInk 3
• Copy and Paste the following code inside the Custom Scans/Fixes box;
  

  netsvcs
  BASESERVICES
  %SYSTEMDRIVE%\*.exe
  /md5start
  services.*
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  CREATERESTOREPOINT

• Click the Quick Scan button;
• After the scan two logs will be produced;
• Copy and paste the content of the logs in your next reply

 

• Step #2 Scan with Security Check
  • Download Security Check by screen317 to your Desktop from any of the following location;
  • Link 1
  • Link 2
• Right click on the program and choose Run as Administrator;
• After the checking a log will appear;
• Copy and Paste the content of the log in your next reply.

 

• Required Log(s):
• OTL.txt;
• Extras.txt;
• Security Check log.

Regards,
Valinorum

[Valinorum]

Hi pika3pika,



My name is Valinorum and I will be your helper today. Before we proceed, please, acknowledge yourself the following(s):

• Please do not create any new threads on this while we are working on your system, as it wastes another volunteer's time.
• Please do not install any new software while we are working on this system,as it may hinder our process.
• Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
• Please do not try to fix anything without being ask.
• Please do not attach your logs. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
• Please print or save the instructions I give you for quick reference. We may be using Safe mode and you will not always be able to access this thread.
• Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malwares infections are so severe that only option we have is to re-format and re-install the operating system.
• If you are confused about any instruction stop and ask. do not keep going on.
• The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.

Note: Please, bare in mind that I am still a trainee and my replies need to be reviewed by my teachers before I post them to you. Take it as a good thing because now you have two people examining your problem. I really hope that we will be able to send you home with a smile on your face.

 

• Step #1 Scan with OTL
• Please download OldTimer's Listit from one of the following locations and save it to your Desktop.
  Download Link 1
  Download Link 2
  Downlaod LInk 3
• Copy and Paste the following code inside the Custom Scans/Fixes box;
  

  netsvcs
  BASESERVICES
  %SYSTEMDRIVE%\*.exe
  /md5start
  services.*
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  CREATERESTOREPOINT

• Click the Quick Scan button;
• After the scan two logs will be produced;
• Copy and paste the content of the logs in your next reply

 

• Step #2 Scan with Security Check
  • Download Security Check by screen317 to your Desktop from any of the following location;
  • Link 1
  • Link 2
• Right click on the program and choose Run as Administrator;
• After the checking a log will appear;
• Copy and Paste the content of the log in your next reply.

 

• Required Log(s):
• OTL.txt;
• Extras.txt;
• Security Check log.

Regards,
Valinorum

[pika3pika]

the security check i cant choose the administrator coz i dunno the password so i use the current user

[pika3pika]

Results of screen317's Security Check version 0.99.74
Windows XP Service Pack 2 x86
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
PC Cleaner Pro
AntiVir Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 40
Adobe Flash Player 11.8.800.168
Mozilla Firefox (6.0.2)
Google Chrome 29.0.1547.66
Google Chrome 29.0.1547.76
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

[pika3pika]

OTL logfile created on: 10/3/2013 7:28:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dd\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 50.84% Memory free
3.85 Gb Paging File | 2.76 Gb Available in Paging File | 71.87% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 9.65 Gb Free Space | 24.70% Space Free | Partition Type: NTFS
Drive D: | 35.46 Gb Total Space | 25.82 Gb Free Space | 72.81% Space Free | Partition Type: NTFS

Computer Name: DD-K | User Name: dd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/03 19:27:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dd\Desktop\OTL.exe
PRC - [2013/09/17 10:21:30 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/09/13 12:49:52 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/04/18 20:38:38 | 000,491,840 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/06 11:06:42 | 001,607,552 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/06/29 11:04:25 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011/06/29 11:04:24 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/28 11:20:56 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/12/13 08:39:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009/10/15 14:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009/08/14 17:50:38 | 003,210,240 | ---- | M] () -- C:\Program Files\CE100 Dialer\ICard.exe
PRC - [2009/08/14 10:34:16 | 001,058,816 | ---- | M] () -- C:\Program Files\CE100 Dialer\PcxSvr.exe
PRC - [2009/08/11 19:22:04 | 000,096,768 | ---- | M] () -- C:\Program Files\CE100 Dialer\Driver\HaierDcService.exe
PRC - [2008/10/31 16:03:50 | 000,516,608 | ---- | M] () -- C:\Program Files\CE100 Dialer\IdleMng.exe
PRC - [2004/08/03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/17 10:21:27 | 000,410,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll
MOD - [2013/09/17 10:21:26 | 013,611,984 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
MOD - [2013/09/17 10:21:25 | 004,053,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
MOD - [2013/09/17 10:20:34 | 000,709,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
MOD - [2013/09/17 10:20:33 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\libegl.dll
MOD - [2013/09/17 10:20:31 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\madbasic_.bpl
MOD - [2013/01/15 18:47:50 | 000,517,440 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll
MOD - [2011/08/19 16:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2010/10/18 15:00:00 | 003,827,200 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
MOD - [2010/06/17 14:27:22 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009/08/14 17:50:38 | 003,210,240 | ---- | M] () -- C:\Program Files\CE100 Dialer\ICard.exe
MOD - [2009/08/14 10:34:16 | 001,058,816 | ---- | M] () -- C:\Program Files\CE100 Dialer\PcxSvr.exe
MOD - [2009/08/11 19:22:04 | 000,096,768 | ---- | M] () -- C:\Program Files\CE100 Dialer\Driver\HaierDcService.exe
MOD - [2009/06/27 10:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2009/06/26 10:56:24 | 000,122,880 | R--- | M] () -- C:\Program Files\CE100 Dialer\MsmPlugs\HiFlyCT.plug
MOD - [2009/06/26 10:56:22 | 000,065,536 | R--- | M] () -- C:\Program Files\CE100 Dialer\MsmPlugs\HiFlyCT.base
MOD - [2009/06/10 08:29:34 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2009/06/05 15:35:24 | 000,524,800 | ---- | M] () -- C:\Program Files\CE100 Dialer\SvrAdpt.dll
MOD - [2009/05/06 17:14:14 | 000,237,568 | ---- | M] () -- C:\Program Files\CE100 Dialer\SyncAdpt.dll
MOD - [2009/04/21 15:00:28 | 000,409,600 | ---- | M] () -- C:\Program Files\CE100 Dialer\BaseLib.dll
MOD - [2009/03/12 14:45:38 | 000,486,400 | ---- | M] () -- C:\Program Files\CE100 Dialer\UiMng.dll
MOD - [2008/12/19 10:47:52 | 000,583,168 | ---- | M] () -- C:\Program Files\CE100 Dialer\PcxCfg.dll
MOD - [2008/10/31 16:03:50 | 000,516,608 | ---- | M] () -- C:\Program Files\CE100 Dialer\IdleMng.exe
MOD - [2004/08/03 23:56:46 | 001,287,680 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2004/08/03 23:56:44 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/03 23:56:44 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/05/01 17:23:28 | 000,041,472 | ---- | M] () -- C:\Program Files\CE100 Dialer\CsCvt.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/09/13 12:49:52 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/09/11 23:24:58 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/01/31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/06/29 11:04:25 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2011/06/29 11:04:24 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/28 11:20:56 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009/10/15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\RAAH73\ÉVé¦éóâtâHâïâ_\winio.sys -- (WINIO)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a3i2w5am)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/04/03 11:54:16 | 000,029,984 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys -- (IObitUnlocker)
DRV - [2011/06/29 11:04:28 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/29 11:04:27 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/02/15 11:52:39 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/11/26 18:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/04/27 11:56:44 | 000,019,496 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010/04/24 15:40:48 | 002,134,256 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/04/07 18:07:42 | 000,102,656 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3GDatausbser.sys -- (wirelessusbser)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-hom...L&ts=1377266314

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-hom...L&ts=1377266314
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{01F5D3AC-894B-4b5d-8322-4CD90CAEAE49}: "URL" = http://search.yahoo....icevm&type=IEBD
IE - HKCU\..\SearchScopes\{F9EC5808-C47F-4164-ACB1-2AACA0C348A7}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://id.search.yah...type=800236&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=800236"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@leeuu.com/npgboxruner;version=: C:\Documents and Settings\dd\Application Data\gbox\npgboxruner.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\dd\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/15 12:38:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/25 20:00:31 | 000,000,000 | ---D | M]

[2011/09/10 19:56:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dd\Application Data\Mozilla\Extensions
[2013/08/09 23:34:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\extensions
[2013/07/28 12:56:33 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\extensions\[email protected]
[2013/08/23 22:01:40 | 000,000,000 | ---D | M] (@@toolbarname@@) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\extensions\[email protected]
[2013/08/09 23:34:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\extensions
[2011/09/10 19:57:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2013/07/28 12:56:33 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\extensions\[email protected]
[2011/09/10 20:20:35 | 000,608,840 | ---- | M] () (No name found) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/09 23:34:00 | 000,000,910 | ---- | M] () -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\searchplugins\yahoo.xml
[2013/10/02 21:42:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/15 12:38:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/15 12:38:14 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/08/23 20:58:36 | 000,000,782 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\delta-homes.xml
[2013/08/16 20:21:39 | 000,000,734 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\qvo6.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = http://suggestquerie...q={searchTerms},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\dd\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - Extension: Google Drive = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Call of Gods = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bjfnmklbdnbkkaihgjjkieghlebmapak\0.0.0.2_0\
CHR - Extension: YouTube = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Pockie Ninja = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fnllmdekhoodfjggoncakndldjihiiol\1.71_0\
CHR - Extension: AdBlock = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001/08/23 19:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [HaierDcService] C:\Program Files\CE100 Dialer\Driver\HaierDcService.exe ()
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 6] C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = ??
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9273DAB-E879-4264-B393-F3C86C9044F8}: NameServer = 10.17.3.252 10.17.125.230
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/22 20:35:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/10/03 19:27:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\dd\Desktop\OTL.exe
[2013/10/03 11:28:05 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013/10/02 22:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/10/02 22:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/10/02 22:07:01 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/09/28 13:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2013/09/28 13:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2013/09/13 14:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/09/13 12:50:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2013/09/08 17:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN
[2013/09/08 17:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileASSASSIN
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/03 19:36:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013/10/03 19:30:12 | 000,891,167 | ---- | M] () -- C:\Documents and Settings\dd\Desktop\SecurityCheck.exe
[2013/10/03 19:27:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dd\Desktop\OTL.exe
[2013/10/03 19:19:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/03 19:10:03 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/03 18:57:02 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2013/10/03 18:56:54 | 000,131,817 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2013/10/03 18:56:51 | 000,000,988 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/03 18:56:51 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2013/10/03 18:56:50 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2013/10/03 18:56:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/02 22:07:05 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/09/25 22:34:25 | 000,617,786 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\PicsArt_1380097495570.jpg
[2013/09/25 21:56:32 | 001,824,898 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130925_200308.jpg
[2013/09/25 21:49:51 | 000,419,435 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130925_085957.jpg
[2013/09/25 21:43:10 | 001,320,042 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130922_125203.jpg
[2013/09/25 21:34:59 | 000,569,139 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130921_110602.jpg
[2013/09/20 21:54:39 | 000,074,869 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130920_102707.jpg
[2013/09/20 21:52:58 | 000,092,241 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130920_102431.jpg
[2013/09/14 22:46:35 | 000,585,226 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\2013-09-14-10-12-43_deco.jpg
[2013/09/09 21:11:20 | 000,256,179 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\dyah fb.jpg
[2013/09/08 22:50:36 | 001,182,195 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\IMAG3134.jpg
[2013/09/08 22:43:26 | 000,962,490 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\IMAG4350.jpg
[2013/09/08 22:24:15 | 000,147,381 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130907_112937.jpg
[2013/09/08 22:20:45 | 000,118,641 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130904_2105021.jpg
[2013/09/08 17:10:26 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk
[2013/09/04 21:08:42 | 000,031,249 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\hitam2.jpg
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/03 19:29:51 | 000,891,167 | ---- | C] () -- C:\Documents and Settings\dd\Desktop\SecurityCheck.exe
[2013/10/02 22:07:05 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/09/25 22:30:46 | 000,617,786 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\PicsArt_1380097495570.jpg
[2013/09/25 21:50:44 | 001,824,898 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130925_200308.jpg
[2013/09/25 21:48:45 | 000,419,435 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130925_085957.jpg
[2013/09/25 21:35:38 | 001,320,042 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130922_125203.jpg
[2013/09/25 21:32:44 | 000,569,139 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130921_110602.jpg
[2013/09/20 21:54:07 | 000,074,869 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130920_102707.jpg
[2013/09/20 21:52:33 | 000,092,241 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130920_102431.jpg
[2013/09/14 22:44:33 | 000,585,226 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\2013-09-14-10-12-43_deco.jpg
[2013/09/09 21:06:10 | 000,256,179 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\dyah fb.jpg
[2013/09/08 22:47:12 | 001,182,195 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\IMAG3134.jpg
[2013/09/08 22:39:00 | 000,962,490 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\IMAG4350.jpg
[2013/09/08 22:22:22 | 000,147,381 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130907_112937.jpg
[2013/09/08 22:19:59 | 000,118,641 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130904_2105021.jpg
[2013/09/08 17:10:26 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk
[2012/11/14 20:12:05 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2012/08/05 17:55:07 | 000,000,248 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2012/04/26 21:34:15 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\dd\jagex_cl_runescape_LIVE.dat
[2012/04/26 21:34:15 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\dd\random.dat
[2011/01/25 23:38:46 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\dd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/22 20:45:03 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

========== ZeroAccess Check ==========

[2011/01/22 20:43:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004/08/03 23:56:46 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004/08/03 23:56:44 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/03 23:56:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/02/15 11:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2013/07/28 13:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/02/02 05:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC1Data
[2012/12/09 21:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2013/08/30 20:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/07/28 12:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2011/08/16 12:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\AskToolbar
[2012/02/04 21:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\DAEMON Tools Lite
[2011/03/11 14:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\FALCOM
[2011/01/30 18:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\Foxit Software
[2013/06/09 23:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\gbox
[2012/11/14 20:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\IObit
[2013/04/07 12:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\IObit Apps
[2011/10/31 21:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\OpenOffice.org
[2012/02/02 05:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\PC Cleaners
[2012/11/05 22:21:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\PCPro
[2011/06/12 22:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\Rovio
[2013/08/09 23:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\Search Settings
[2013/09/30 21:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\splitscreen
[2013/08/16 20:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\SwvUpdater
[2012/08/07 00:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\Unity
[2013/06/16 18:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\Virtual City

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV - [2004/08/03 23:56:48 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2004/08/03 23:56:48 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2004/08/03 23:56:46 | 000,382,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2004/08/03 23:56:42 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2004/08/03 23:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2004/08/03 23:56:44 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2004/08/03 23:56:44 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2004/08/03 23:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
No service found with a name of EapHost
SRV - [2004/08/03 23:56:46 | 000,134,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2004/08/03 23:56:48 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2004/08/04 00:56:44 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2004/08/03 23:56:52 | 000,150,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2004/08/03 23:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2004/08/03 23:56:44 | 000,023,552 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2004/08/03 23:56:50 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2004/08/03 23:56:50 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2004/08/03 23:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2004/08/03 23:56:46 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2004/08/03 23:56:46 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2004/08/03 23:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2004/08/03 23:56:58 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2004/08/03 23:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2004/08/03 23:56:46 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2004/08/03 23:56:46 | 000,174,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2004/08/03 23:56:46 | 000,395,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2004/08/03 23:56:46 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2004/08/03 23:56:46 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2004/08/03 23:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2004/08/03 23:56:48 | 000,081,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2004/08/03 23:56:46 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2004/08/03 23:56:46 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2004/08/03 23:56:46 | 000,170,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2004/08/03 23:56:46 | 000,190,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2004/08/03 23:56:44 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2004/08/03 23:56:48 | 000,246,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2004/08/03 23:56:48 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2004/08/03 23:56:46 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2004/08/03 23:56:58 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2004/08/03 23:56:42 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2004/08/03 23:56:44 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2004/08/03 23:56:48 | 000,333,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2005/05/04 14:45:36 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2004/08/03 23:56:48 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2004/08/03 23:56:42 | 000,616,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
No service found with a name of Dot3Svc
SRV - [2004/08/04 00:05:44 | 000,359,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2004/08/03 23:56:48 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)

< %SYSTEMDRIVE%\*.exe >
[2011/03/22 17:47:01 | 225,672,412 | ---- | M] (Inquisitor ) -- C:\Love Death 555 HF Patch.exe

< MD5 for: EXPLORER.EXE >
[2004/08/03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004/08/03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: SERVICES >
[2001/08/23 19:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services

< MD5 for: SERVICES.EXE >
[2004/08/03 23:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\system32\dllcache\services.exe
[2004/08/03 23:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\system32\services.exe

< MD5 for: SERVICES.INI >
[2011/06/14 19:52:59 | 000,003,193 | ---- | M] () MD5=7688D281F98711C6D2CC79227FF85538 -- C:\Program Files\IObit\Advanced SystemCare 4\services.ini

< MD5 for: SERVICES.LNK >
[2011/01/22 20:35:24 | 000,001,602 | ---- | M] () MD5=011FB6129E9121A6DF0AF2D0314E5452 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2013/09/29 22:25:07 | 000,000,090 | ---- | M] () MD5=6DCE09ACF3B3B40DDD3EE889A8A10821 -- C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\Y3SABWDZ\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MSC >
[2001/08/23 19:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc

< MD5 for: SERVICES.RDB >
[2008/09/30 17:55:38 | 000,262,144 | ---- | M] () MD5=00D8C85E07B0D69A27816B54E56EF85B -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
[2008/09/30 17:46:24 | 005,406,720 | ---- | M] () MD5=26ADA4D35A087DA76A00253AA882F694 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb

< MD5 for: SVCHOST.EXE >
[2004/08/03 23:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/03 23:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2012/08/15 08:48:46 | 000,218,184 | ---- | M] () MD5=B6381489F9C8612AFFD4A2765ABD341C -- C:\Documents and Settings\dd\My Documents\Downloads\mbam-chameleon-1.62.1.1000\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/03 23:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/03 23:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/03 23:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/03 23:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2012/08/15 08:48:46 | 000,218,184 | ---- | M] () MD5=B6381489F9C8612AFFD4A2765ABD341C -- C:\Documents and Settings\dd\My Documents\Downloads\mbam-chameleon-1.62.1.1000\winlogon.exe

========== Files - Unicode (All) ==========
[2013/08/22 20:35:09 | 000,195,126 | ---- | M] ()(C:\Documents and Settings\dd\My Documents\?? P1020075.JPG) -- C:\Documents and Settings\dd\My Documents\旋转 P1020075.JPG
[2013/08/22 20:32:21 | 000,195,126 | ---- | C] ()(C:\Documents and Settings\dd\My Documents\?? P1020075.JPG) -- C:\Documents and Settings\dd\My Documents\旋转 P1020075.JPG
[2011/08/27 19:05:06 | 000,000,000 | ---D | M](C:\(C79)(??RPG) [???~?] ?????? C79???) -- C:\(C79)(同人RPG) [永久る～ぷ] 双子魔法組曲 C79体験版
[2011/05/05 16:05:40 | 381,379,152 | ---- | C] ()(C:\??????????~extra story of Lunatic Princess.CD.bin) -- C:\東方琳瑯抄えくすとら～extra story of Lunatic Princess.CD.bin
[2011/05/05 15:36:30 | 296,855,774 | ---- | C] ()(C:\[110422][697486][??????] ????????????? ????Disc (mdf+mds+????? rr3%).rar) -- C:\[110422][697486][エウシュリー] 神採りアルケミーマイスター 予約特典Disc (mdf+mds+ジャケット rr3%).rar
[2011/04/30 21:12:43 | 000,000,000 | ---D | C](C:\(C79)(??RPG) [???~?] ?????? C79???) -- C:\(C79)(同人RPG) [永久る～ぷ] 双子魔法組曲 C79体験版
[2011/04/20 23:00:07 | 296,855,774 | ---- | M] ()(C:\[110422][697486][??????] ????????????? ????Disc (mdf+mds+????? rr3%).rar) -- C:\[110422][697486][エウシュリー] 神採りアルケミーマイスター 予約特典Disc (mdf+mds+ジャケット rr3%).rar
[2010/09/20 19:24:47 | 381,379,152 | ---- | M] ()(C:\??????????~extra story of Lunatic Princess.CD.bin) -- C:\東方琳瑯抄えくすとら～extra story of Lunatic Princess.CD.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:931BB48A

< End of report >

[pika3pika]

OTL Extras logfile created on: 10/3/2013 7:28:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dd\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 50.84% Memory free
3.85 Gb Paging File | 2.76 Gb Available in Paging File | 71.87% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 9.65 Gb Free Space | 24.70% Space Free | Partition Type: NTFS
Drive D: | 35.46 Gb Total Space | 25.82 Gb Free Space | 72.81% Space Free | Partition Type: NTFS

Computer Name: DD-K | User Name: dd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"56959:TCP" = 56959:TCP:*:Enabled:Pando Media Booster
"56959:UDP" = 56959:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"56959:TCP" = 56959:TCP:*:Enabled:Pando Media Booster
"56959:UDP" = 56959:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Nimbuzz\Nimbuzz.exe" = C:\Program Files\Nimbuzz\Nimbuzz.exe:*:Enabled:Nimbuzz Desktop Client -- ()
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\BeautyStrike1.6\hl.exe" = C:\Program Files\BeautyStrike1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1270EE0A-2E34-4BB1-B0E7-CF8DB6F1FE75}" = IObit Apps Toolbar v7.4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{84D238DD-CC71-47A2-B210-CE100_TATA}_is1" = DataCard v2.0.0
"{8867E31E-33BA-4DDD-A347-E4AF3F2232A1}" = Virtual City
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype・5.8
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BeautyStrike1.6" = BeautyStrike1.6 Uninstall
"Enable S3 for USB Device" = Enable S3 for USB Device
"FileASSASSIN" = FileASSASSIN
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"IObit Unlocker_is1" = IObit Unlocker
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.5.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0.2 (x86 en-US)" = Mozilla Firefox 6.0.2 (x86 en-US)
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nimbuzz" = Nimbuzz 2.3.1
"NVIDIA Drivers" = NVIDIA Drivers
"Smart Defrag 2_is1" = Smart Defrag 2
"WIC" = Windows Imaging Component
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/30/2013 8:23:36 AM | Computer Name = DD-K | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 6.3.0.105, faulting module
kernel32.dll, version 5.1.2600.2180, fault address 0x000097d2.

Error - 6/2/2013 10:42:12 AM | Computer Name = DD-K | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 6.3.0.105, faulting module
skype.exe, version 6.3.0.105, fault address 0x003b15de.

Error - 6/23/2013 11:31:58 AM | Computer Name = DD-K | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 6.3.0.107, faulting module
skype.exe, version 6.3.0.107, fault address 0x003b235e.

Error - 6/30/2013 10:26:31 AM | Computer Name = DD-K | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 6.3.0.107, faulting module
skype.exe, version 6.3.0.107, fault address 0x003b235e.

Error - 8/18/2013 10:56:00 AM | Computer Name = DD-K | Source = Application Error | ID = 1000
Description = Faulting application acdwiclient.exe, version 1.0.0.1, faulting module
acdwiclient.exe, version 1.0.0.1, fault address 0x0000737e.

Error - 8/18/2013 11:18:59 AM | Computer Name = DD-K | Source = Application Error | ID = 1000
Description = Faulting application acdwiclient.exe, version 1.0.0.1, faulting module
acdwiclient.exe, version 1.0.0.1, fault address 0x0000737e.

Error - 8/20/2013 9:41:16 AM | Computer Name = DD-K | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 6.3.0.107, faulting module
skype.exe, version 6.3.0.107, fault address 0x003b235e.

Error - 8/31/2013 12:23:51 PM | Computer Name = DD-K | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 6.3.0.107, faulting module
kernel32.dll, version 5.1.2600.2180, fault address 0x000097d2.

Error - 9/28/2013 4:01:53 AM | Computer Name = DD-K | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 29.0.1547.76, faulting module
chrome.dll, version 29.0.1547.76, fault address 0x0061e2a5.

[ System Events ]
Error - 9/13/2013 9:00:34 AM | Computer Name = DD-K | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service SkypeUpdate
with arguments "/ComService" in order to run the server: {CC957078-B838-47C4-A7CF-626E7A82FC58}

Error - 9/20/2013 1:39:43 AM | Computer Name = DD-K | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 9/28/2013 2:22:18 AM | Computer Name = DD-K | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 9/29/2013 2:53:16 AM | Computer Name = DD-K | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 9/30/2013 10:07:51 AM | Computer Name = DD-K | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 10/2/2013 8:39:21 AM | Computer Name = DD-K | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 10/3/2013 2:41:57 AM | Computer Name = DD-K | Source = Service Control Manager | ID = 7031
Description = The COM+ System Application service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 1000 milliseconds:
Restart the service.

Error - 10/3/2013 2:41:59 AM | Computer Name = DD-K | Source = Service Control Manager | ID = 7034
Description = The MS Software Shadow Copy Provider service terminated unexpectedly.
It has done this 1 time(s).

Error - 10/3/2013 2:42:02 AM | Computer Name = DD-K | Source = Service Control Manager | ID = 7034
Description = The Volume Shadow Copy service terminated unexpectedly. It has done
this 1 time(s).

Error - 10/3/2013 2:42:07 AM | Computer Name = DD-K | Source = Service Control Manager | ID = 7031
Description = The COM+ System Application service terminated unexpectedly. It has
done this 2 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.


< End of report >

[Valinorum]

Hi pika3pika,

• Step #1 Uninstall Programs
  I want you to uninstall the following program(s) listed below due to poor reputation we receive about them. To uninstall a program, go to Start > Control Panel > Add or Remove Programs or Start > Control Panel > Programs and Features. Wait for the list to fill up and double-click on the items I have listed below and follow the on-screen instruction to remove/uninstall them.
• IObit Apps Toolbar v7.4
• Pando Media Booster
• Browser Configuration Utility
• Advanced SystemCare 6
• IObit Unlocker
• JDownloader

 

• Step #2 Remove PC Cleaner Pro
• Download PC Cleaner Pro Nuke to your Desktop.
  Download Link
• Double click on it to run;
• Follow the instructions

 

• Step #3 Fix with OTL
• Re-run OTL by right clicking and choosing Run as administrator;
• Under the Custom Scans/Fixes Box copy and paste the following contents inside the quote box. (Do not include the word 'quote').
  

  :Commands
  [createrestorepoint]
  
  :OTL
  SRV - File not found [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
  SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
  SRV - [2009/10/15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
  DRV - [2013/04/03 11:54:16 | 000,029,984 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys -- (IObitUnlocker)
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-hom...L&ts=1377266314
  IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-hom...L&ts=1377266314
  IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found
  IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
  IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
  FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
  [2013/07/28 12:56:33 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\extensions\[email protected]
  [2013/07/28 12:56:33 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\extensions\[email protected]
  [2013/08/23 20:58:36 | 000,000,782 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\delta-homes.xml
  [2013/08/16 20:21:39 | 000,000,734 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
  CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
  CHR - Extension: Advanced SystemCare Surfing Protection = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
  O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
  O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
  O4 - HKLM..\Run: [] File not found
  O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
  O4 - HKLM..\Run: [HaierDcService] C:\Program Files\CE100 Dialer\Driver\HaierDcService.exe ()
  O4 - HKCU..\Run: [Advanced SystemCare 6] C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
  O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = ??
  [2013/10/03 19:36:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
  [2013/07/28 13:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
  [2011/08/16 12:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\AskToolbar
  [2012/11/14 20:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\IObit
  [2013/04/07 12:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\IObit Apps
  [2012/02/02 05:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\PC Cleaners
  [2013/08/16 20:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\SwvUpdater
  
  :Commands
  [createrestorepoint]
  [emptytemp]
  

• Click on "Run Fix" and let the program run unhindered;
• Your PC will reboot automatically and a log will be opened;
• Please post it in your next reply;
• Re-run OTL and click on Quick Scan;
• Post the log that opens also.

 

• Step #4 Fix with AdwCleaner
  Download : ADWCleaner to your desktop.
  
  NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.
  
  Close all programs and click on the AdwCleaner icon.
  
  
  
  Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
  
  The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

 

• Required Log(s):
• OTL fix log;
• OTL.txt;
• AdwCleaner log.

How is your PC running?

Regards,
Valinorum

[pika3pika]

i already uninstall the program but when i click the pro cleaner exe it said not a valid win 32 application so what should i do????

[Valinorum]

Follow the next steps.

[pika3pika]

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: No service named Application Updater was found to stop!
Service\Driver key Application Updater not found.
File C:\Program Files\Application Updater\ApplicationUpdater.exe not found.
Error: No service named AdvancedSystemCareService6 was found to stop!
Service\Driver key AdvancedSystemCareService6 not found.
File C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe not found.
Error: No service named BCUService was found to stop!
Service\Driver key BCUService not found.
File C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe not found.
Error: No service named IObitUnlocker was found to stop!
Service\Driver key IObitUnlocker not found.
File C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\ not found.
File C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Folder C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\extensions\[email protected]\ not found.
Folder C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\extensions\[email protected]\ not found.
C:\Program Files\Mozilla Firefox\searchplugins\delta-homes.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml moved successfully.
File C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\Plugin\img folder moved successfully.
C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\Plugin folder moved successfully.
C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCU not found.
File C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HaierDcService deleted successfully.
C:\Program Files\CE100 Dialer\Driver\HaierDcService.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 6 not found.
File C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoInternetIcon deleted successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Documents and Settings\All Users\Application Data\IObit\IObit Unlocker folder moved successfully.
C:\Documents and Settings\All Users\Application Data\IObit\ASCDownloader folder moved successfully.
C:\Documents and Settings\All Users\Application Data\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\IObit\Advanced SystemCare folder moved successfully.
C:\Documents and Settings\All Users\Application Data\IObit folder moved successfully.
C:\Documents and Settings\dd\Application Data\AskToolbar folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\SmartRAM folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Smart Defrag 2 folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\IObit Uninstaller folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\IObit Malware Fighter folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\InternetBooster folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6\Startup Manager folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6\SmartRAM folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6\Log folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6\Internet Booster folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6\EmptyFolder folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6\Driver Manager\DriverBackup folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6\Driver Manager folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6\DiskCheck folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6\Boottime folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6\Backup folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\temp folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\SmartRAM folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\Smart RAM folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\SecurityHoles folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\PrivacySweeper folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\EmptyFolder folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\Driver Manager\DriverBackup folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\Driver Manager folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\DiskCheck folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V4\Toolbox folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V4\Startup Manager folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V4\SmartRAM folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V4\Smart RAM folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V4\PMonitor folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V4\Log folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V4\EmptyFolder folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V4\Backup folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit\Advanced SystemCare folder moved successfully.
C:\Documents and Settings\dd\Application Data\IObit folder moved successfully.
Folder C:\Documents and Settings\dd\Application Data\IObit Apps\ not found.
C:\Documents and Settings\dd\Application Data\PC Cleaners folder moved successfully.
C:\Documents and Settings\dd\Application Data\SwvUpdater folder moved successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: dd
->Temp folder emptied: 211629925 bytes
->Temporary Internet Files folder emptied: 32177842 bytes
->Java cache emptied: 2003045 bytes
->FireFox cache emptied: 165362179 bytes
->Google Chrome cache emptied: 228961432 bytes
->Flash cache emptied: 6377 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 738675 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2142714 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15074360 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 134222553 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 756.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10042013_223817

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\dd\Local Settings\Temp\Temporary Internet Files\Content.IE5\RYZ46YEP\OCYwjcOyoa4xG397dIZNTE09PVdTaWj7lnMXPoj7PvgOwB9B2Z4Ng0yJW6yn1zg9cK3snwTioP3DLdwauRL3zDhiWq7HJflZU62yvItvrXm75hZ1z8H5_8Ua1b3jXyGznVll80iVf1VtpW8uegrYTBpf8lKiVAyliWmSmUV65CtpG5x[1].png not found!
File\Folder C:\Documents and Settings\dd\Local Settings\Temp\Temporary Internet Files\Content.IE5\2XPQFMHC\7YWnY96yoa79KffwaUTQer7tZljOf8ynnVvadSeOMQWswzCS_i0YsUEcQpoEJrm5UQPMpRhDpgV8RtKAzZ32BB0yb3ZBtj8lq8Csz2K5vy9Oz_3IMUFjeZLZSod9tBCi2ZYqSX7Yhc6PaBqugLH6YyMVcedC9lKP[1].jpg not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[pika3pika]

OTL logfile created on: 10/4/2013 10:45:18 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dd\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 66.06% Memory free
3.85 Gb Paging File | 3.26 Gb Available in Paging File | 84.67% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 10.28 Gb Free Space | 26.32% Space Free | Partition Type: NTFS
Drive D: | 35.46 Gb Total Space | 25.82 Gb Free Space | 72.81% Space Free | Partition Type: NTFS

Computer Name: DD-K | User Name: dd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/03 19:27:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dd\Desktop\OTL.exe
PRC - [2013/09/17 10:21:30 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/09/13 12:49:52 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/06 11:06:42 | 001,607,552 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/06/29 11:04:25 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011/06/29 11:04:24 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/28 11:20:56 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/12/13 08:39:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/08/14 17:50:38 | 003,210,240 | ---- | M] () -- C:\Program Files\CE100 Dialer\ICard.exe
PRC - [2009/08/14 10:34:16 | 001,058,816 | ---- | M] () -- C:\Program Files\CE100 Dialer\PcxSvr.exe
PRC - [2008/10/31 16:03:50 | 000,516,608 | ---- | M] () -- C:\Program Files\CE100 Dialer\IdleMng.exe
PRC - [2004/08/03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/17 10:21:27 | 000,410,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll
MOD - [2013/09/17 10:21:25 | 004,053,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
MOD - [2013/09/17 10:20:31 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
MOD - [2011/08/19 16:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2010/06/17 14:27:22 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009/08/14 17:50:38 | 003,210,240 | ---- | M] () -- C:\Program Files\CE100 Dialer\ICard.exe
MOD - [2009/08/14 10:34:16 | 001,058,816 | ---- | M] () -- C:\Program Files\CE100 Dialer\PcxSvr.exe
MOD - [2009/06/26 10:56:24 | 000,122,880 | R--- | M] () -- C:\Program Files\CE100 Dialer\MsmPlugs\HiFlyCT.plug
MOD - [2009/06/26 10:56:22 | 000,065,536 | R--- | M] () -- C:\Program Files\CE100 Dialer\MsmPlugs\HiFlyCT.base
MOD - [2009/06/05 15:35:24 | 000,524,800 | ---- | M] () -- C:\Program Files\CE100 Dialer\SvrAdpt.dll
MOD - [2009/05/06 17:14:14 | 000,237,568 | ---- | M] () -- C:\Program Files\CE100 Dialer\SyncAdpt.dll
MOD - [2009/04/21 15:00:28 | 000,409,600 | ---- | M] () -- C:\Program Files\CE100 Dialer\BaseLib.dll
MOD - [2009/03/12 14:45:38 | 000,486,400 | ---- | M] () -- C:\Program Files\CE100 Dialer\UiMng.dll
MOD - [2008/12/19 10:47:52 | 000,583,168 | ---- | M] () -- C:\Program Files\CE100 Dialer\PcxCfg.dll
MOD - [2008/10/31 16:03:50 | 000,516,608 | ---- | M] () -- C:\Program Files\CE100 Dialer\IdleMng.exe
MOD - [2003/05/01 17:23:28 | 000,041,472 | ---- | M] () -- C:\Program Files\CE100 Dialer\CsCvt.dll


========== Services (SafeList) ==========

SRV - [2013/09/13 12:49:52 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/09/11 23:24:58 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/01/31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/06/29 11:04:25 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2011/06/29 11:04:24 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/28 11:20:56 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\AppleChargerSrv.exe -- (AppleChargerSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\RAAH73\ÉVé¦éóâtâHâïâ_\winio.sys -- (WINIO)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (an4e9dia)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/06/29 11:04:28 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/29 11:04:27 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/02/15 11:52:39 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/11/26 18:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/04/27 11:56:44 | 000,019,496 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010/04/24 15:40:48 | 002,134,256 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/04/07 18:07:42 | 000,102,656 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3GDatausbser.sys -- (wirelessusbser)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://id.search.yah...type=800236&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=800236"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@leeuu.com/npgboxruner;version=: C:\Documents and Settings\dd\Application Data\gbox\npgboxruner.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\dd\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/15 12:38:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/25 20:00:31 | 000,000,000 | ---D | M]

[2011/09/10 19:56:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dd\Application Data\Mozilla\Extensions
[2013/10/04 19:33:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\extensions
[2013/08/23 22:01:40 | 000,000,000 | ---D | M] (@@toolbarname@@) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\extensions\[email protected]
[2013/10/04 19:33:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\extensions
[2011/09/10 19:57:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/09/10 20:20:35 | 000,608,840 | ---- | M] () (No name found) -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/09 23:34:00 | 000,000,910 | ---- | M] () -- C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\searchplugins\yahoo.xml
[2013/10/02 21:42:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/15 12:38:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/15 12:38:14 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = http://suggestquerie...q={searchTerms},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\dd\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - Extension: Google Drive = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Call of Gods = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bjfnmklbdnbkkaihgjjkieghlebmapak\0.0.0.2_0\
CHR - Extension: YouTube = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Pockie Ninja = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fnllmdekhoodfjggoncakndldjihiiol\1.71_0\
CHR - Extension: AdBlock = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001/08/23 19:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9273DAB-E879-4264-B393-F3C86C9044F8}: NameServer = 10.17.3.252 10.17.125.230
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/22 20:35:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/04 22:47:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/04 22:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dd\Application Data\IObit
[2013/10/04 22:38:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/10/03 19:27:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\dd\Desktop\OTL.exe
[2013/10/03 11:28:05 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013/10/02 22:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/10/02 22:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/10/02 22:07:01 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/09/28 13:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2013/09/28 13:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2013/09/13 14:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/09/13 12:50:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2013/09/08 17:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN
[2013/09/08 17:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileASSASSIN

========== Files - Modified Within 30 Days ==========

[2013/10/04 22:42:22 | 000,131,817 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2013/10/04 22:41:40 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2013/10/04 22:41:37 | 000,000,988 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/04 22:41:36 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2013/10/04 22:41:35 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2013/10/04 22:41:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/04 22:19:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/04 22:10:00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/04 21:59:45 | 000,066,282 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130907_112937.jpg
[2013/10/04 19:35:21 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\dd\Desktop\PC_Cleaner_Pro_Nuke.exe
[2013/10/04 19:23:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/03 19:30:12 | 000,891,167 | ---- | M] () -- C:\Documents and Settings\dd\Desktop\SecurityCheck.exe
[2013/10/03 19:27:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dd\Desktop\OTL.exe
[2013/10/02 22:07:05 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/09/25 22:34:25 | 000,617,786 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\PicsArt_1380097495570.jpg
[2013/09/25 21:56:32 | 001,824,898 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130925_200308.jpg
[2013/09/25 21:49:51 | 000,419,435 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130925_085957.jpg
[2013/09/25 21:43:10 | 001,320,042 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130922_125203.jpg
[2013/09/25 21:34:59 | 000,569,139 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130921_110602.jpg
[2013/09/20 21:54:39 | 000,074,869 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130920_102707.jpg
[2013/09/20 21:52:58 | 000,092,241 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130920_102431.jpg
[2013/09/14 22:46:35 | 000,585,226 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\2013-09-14-10-12-43_deco.jpg
[2013/09/09 21:11:20 | 000,256,179 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\dyah fb.jpg
[2013/09/08 22:50:36 | 001,182,195 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\IMAG3134.jpg
[2013/09/08 22:43:26 | 000,962,490 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\IMAG4350.jpg
[2013/09/08 22:20:45 | 000,118,641 | ---- | M] () -- C:\Documents and Settings\dd\My Documents\20130904_2105021.jpg
[2013/09/08 17:10:26 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk

========== Files Created - No Company Name ==========

[2013/10/04 21:59:36 | 000,066,282 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130907_112937.jpg
[2013/10/04 19:35:19 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\dd\Desktop\PC_Cleaner_Pro_Nuke.exe
[2013/10/03 19:29:51 | 000,891,167 | ---- | C] () -- C:\Documents and Settings\dd\Desktop\SecurityCheck.exe
[2013/10/02 22:07:05 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/09/25 22:30:46 | 000,617,786 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\PicsArt_1380097495570.jpg
[2013/09/25 21:50:44 | 001,824,898 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130925_200308.jpg
[2013/09/25 21:48:45 | 000,419,435 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130925_085957.jpg
[2013/09/25 21:35:38 | 001,320,042 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130922_125203.jpg
[2013/09/25 21:32:44 | 000,569,139 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130921_110602.jpg
[2013/09/20 21:54:07 | 000,074,869 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130920_102707.jpg
[2013/09/20 21:52:33 | 000,092,241 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130920_102431.jpg
[2013/09/14 22:44:33 | 000,585,226 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\2013-09-14-10-12-43_deco.jpg
[2013/09/09 21:06:10 | 000,256,179 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\dyah fb.jpg
[2013/09/08 22:47:12 | 001,182,195 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\IMAG3134.jpg
[2013/09/08 22:39:00 | 000,962,490 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\IMAG4350.jpg
[2013/09/08 22:19:59 | 000,118,641 | ---- | C] () -- C:\Documents and Settings\dd\My Documents\20130904_2105021.jpg
[2013/09/08 17:10:26 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk
[2012/11/14 20:12:05 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2012/08/05 17:55:07 | 000,000,248 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2012/04/26 21:34:15 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\dd\jagex_cl_runescape_LIVE.dat
[2012/04/26 21:34:15 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\dd\random.dat
[2011/01/25 23:38:46 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\dd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/22 20:45:03 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

========== ZeroAccess Check ==========

[2011/01/22 20:43:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004/08/03 23:56:46 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004/08/03 23:56:44 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/03 23:56:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/02/15 11:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012/02/02 05:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC1Data
[2012/12/09 21:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2013/08/30 20:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/07/28 12:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2012/02/04 21:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\DAEMON Tools Lite
[2011/03/11 14:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\FALCOM
[2011/01/30 18:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\Foxit Software
[2013/06/09 23:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\gbox
[2013/10/04 22:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\IObit
[2011/10/31 21:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\OpenOffice.org
[2012/11/05 22:21:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\PCPro
[2011/06/12 22:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\Rovio
[2013/09/30 21:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\splitscreen
[2012/08/07 00:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\Unity
[2013/06/16 18:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dd\Application Data\Virtual City

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013/08/22 20:35:09 | 000,195,126 | ---- | M] ()(C:\Documents and Settings\dd\My Documents\?? P1020075.JPG) -- C:\Documents and Settings\dd\My Documents\旋转 P1020075.JPG
[2013/08/22 20:32:21 | 000,195,126 | ---- | C] ()(C:\Documents and Settings\dd\My Documents\?? P1020075.JPG) -- C:\Documents and Settings\dd\My Documents\旋转 P1020075.JPG
[2011/08/27 19:05:06 | 000,000,000 | ---D | M](C:\(C79)(??RPG) [???~?] ?????? C79???) -- C:\(C79)(同人RPG) [永久る～ぷ] 双子魔法組曲 C79体験版
[2011/05/05 16:05:40 | 381,379,152 | ---- | C] ()(C:\??????????~extra story of Lunatic Princess.CD.bin) -- C:\東方琳瑯抄えくすとら～extra story of Lunatic Princess.CD.bin
[2011/05/05 15:36:30 | 296,855,774 | ---- | C] ()(C:\[110422][697486][??????] ????????????? ????Disc (mdf+mds+????? rr3%).rar) -- C:\[110422][697486][エウシュリー] 神採りアルケミーマイスター 予約特典Disc (mdf+mds+ジャケット rr3%).rar
[2011/04/30 21:12:43 | 000,000,000 | ---D | C](C:\(C79)(??RPG) [???~?] ?????? C79???) -- C:\(C79)(同人RPG) [永久る～ぷ] 双子魔法組曲 C79体験版
[2011/04/20 23:00:07 | 296,855,774 | ---- | M] ()(C:\[110422][697486][??????] ????????????? ????Disc (mdf+mds+????? rr3%).rar) -- C:\[110422][697486][エウシュリー] 神採りアルケミーマイスター 予約特典Disc (mdf+mds+ジャケット rr3%).rar
[2010/09/20 19:24:47 | 381,379,152 | ---- | M] ()(C:\??????????~extra story of Lunatic Princess.CD.bin) -- C:\東方琳瑯抄えくすとら～extra story of Lunatic Princess.CD.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:931BB48A

< End of report >

[pika3pika]

in adwcleaner i press scan button but should i check all and clean it all ????

[Valinorum]

Yes, please.

[pika3pika]

# AdwCleaner v3.006 - Report created 05/10/2013 at 10:21:02
# Updated 01/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : dd - DD-K
# Running from : C:\Documents and Settings\dd\My Documents\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\Extensions\[email protected]
File Deleted : C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\Extensions\[email protected]
File Deleted : C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\user.js

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\dd\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\dd\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Documents and Settings\dd\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Product Deleted : Ask Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180


-\\ Mozilla Firefox v6.0.2 (en-US)

[ File : C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\2kwwunmj.default\prefs.js ]


[ File : C:\Documents and Settings\dd\Application Data\Mozilla\Firefox\Profiles\bw2dhaod.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "delta-homes");

-\\ Google Chrome v30.0.1599.69

[ File : C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5297 octets] - [04/10/2013 22:48:48]
AdwCleaner[R1].txt - [5357 octets] - [05/10/2013 10:16:39]
AdwCleaner[S0].txt - [4550 octets] - [05/10/2013 10:21:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4610 octets] ##########

[pika3pika]

ahhh i think i know why my computer sometimes stop responding it probably becoz of the VGA driver i think its hardware problem.