Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Conduit Search installed and I cant get rid of it

Started by bg111 , May 18 2014 03:03 AM

  • Please log in to reply

#1
bg111
Posted 18 May 2014 - 03:03 AM

bg111

    Member

  • Member
  • PipPipPip
  • 118 posts

Hi

 

I installed the latest version of ImgBurn and I am 100% sure I said no to the installation of Conduit Search, but got it anyway. I can’t get rid of it now, its there every time I open a new tab and I’m sure the computer has been acting funny ever since. After I realised I ran MBAM but it didn’t go.

 

 

 

OTL logfile created on: 18/05/2014 09:32:16 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.25 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 68.58% Memory free
5.19 Gb Paging File | 4.29 Gb Available in Paging File | 82.75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 293.32 Gb Total Space | 14.14 Gb Free Space | 4.82% Space Free | Partition Type: NTFS
Drive E: | 15.09 Gb Total Space | 15.09 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
 
Computer Name: DBKQ562J | User Name: Ben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/05/18 09:29:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
PRC - [2014/05/10 13:09:03 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/05/08 02:52:34 | 032,668,056 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2014/04/19 14:41:07 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2014/03/11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2014/03/11 10:13:14 | 000,951,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/12/18 22:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/08/14 15:19:58 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/07/02 10:16:32 | 000,507,264 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2013/06/14 22:42:46 | 001,104,896 | ---- | M] (Spotify Ltd) -- C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/05/16 15:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/05/16 15:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/02/13 03:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/31 12:18:16 | 000,323,976 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/03/04 14:56:14 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/01/03 09:10:30 | 001,031,848 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2007/03/03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/14 00:05:34 | 000,061,440 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe
PRC - [2006/11/12 11:48:46 | 000,157,592 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2005/09/08 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/06/17 07:56:14 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2005/06/17 07:55:58 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2005/03/22 23:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/18 09:06:53 | 000,041,984 | ---- | M] () -- c:\Documents and Settings\Ben\Local Settings\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpepup5p.dll
MOD - [2014/05/10 13:08:06 | 003,839,088 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/05/04 22:15:23 | 016,351,920 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll
MOD - [2014/01/03 04:42:50 | 003,610,624 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/10/19 00:55:02 | 025,100,288 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\Dropbox\bin\libcef.dll
MOD - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013/02/13 03:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/02/13 03:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2013/01/02 07:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/09/25 20:14:04 | 000,520,234 | ---- | M] () -- C:\Program Files\4Sync\lbase.dll
MOD - [2012/09/25 20:13:30 | 001,353,216 | ---- | M] () -- C:\Program Files\4Sync\ShellExt.dll
MOD - [2011/11/03 16:28:36 | 000,386,048 | ---- | M] () -- C:\WINDOWS\system32\qdvd.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/28 23:37:32 | 000,180,624 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/03/29 21:02:48 | 000,520,234 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2008/04/14 01:12:03 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/02/05 17:34:40 | 000,116,248 | ---- | M] () -- C:\Program Files\Common Files\InterVideo\Common\Bin\MpgTsRdr.ax
MOD - [2006/07/14 06:34:00 | 000,007,680 | ---- | M] () -- C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll
MOD - [2004/07/20 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
MOD - [2004/01/22 18:36:28 | 000,120,832 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- C:\DOCUME~1\Ben\LOCALS~1\Temp\020572~1.EXE -- (0205721342944925mcinstcleanup)
SRV - [2014/05/18 09:15:36 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/10 13:09:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/12/18 22:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/05/16 15:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2009/03/04 14:56:14 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2007/03/03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2007/02/08 17:13:46 | 000,212,480 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/14 00:05:34 | 000,061,440 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Auto | Running] -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2006/11/13 21:59:52 | 000,122,880 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe -- (digiSPTIService)
SRV - [2005/12/12 16:52:32 | 000,180,224 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe -- (ELService)
SRV - [2005/06/17 07:55:58 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PPPoEWin.SYS -- (PPPoEWin)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\igyzcptg.sys -- (igyzcptg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ifmnnwar.sys -- (ifmnnwar)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (bvrp_pci)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (ayrcohrl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\aec.sys -- (aec)
DRV - [2014/05/11 09:50:30 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/07/17 01:58:06 | 000,046,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2013/02/25 06:27:48 | 000,128,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2011/03/07 18:22:07 | 000,646,392 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/04/14 19:39:20 | 000,827,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/04/06 09:13:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009/04/06 09:13:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2007/03/16 03:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007/03/16 03:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006/12/27 15:19:49 | 000,162,432 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ithsgt.sys -- (ithsgt)
DRV - [2006/12/27 15:19:49 | 000,012,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lilsgt.sys -- (lilsgt)
DRV - [2006/11/13 21:38:28 | 000,011,776 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\diginet.sys -- (DigiNet)
DRV - [2006/11/13 21:38:24 | 000,016,384 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\DigiFilt.sys -- (DigiFilter)
DRV - [2006/11/13 21:37:58 | 000,015,232 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbx2midk.sys -- (MBX2MIDK)
DRV - [2006/11/13 21:37:42 | 000,015,488 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbx2dfu.sys -- (MBX2DFU)
DRV - [2006/11/13 21:36:36 | 000,109,056 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dalwdm.sys -- (dalwdmservice)
DRV - [2006/10/05 17:07:28 | 000,072,608 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2006/08/29 00:54:56 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gan_adapter.sys -- (hamachi_oem)
DRV - [2006/01/12 10:18:38 | 000,022,752 | ---- | M] (Behringer Spezielle Studiotechnik GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bumxmidi.sys -- (BCUMXMIDI)
DRV - [2005/12/12 16:52:34 | 000,010,112 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELhid.sys -- (ELhid)
DRV - [2005/12/12 16:52:34 | 000,007,040 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELmon.sys -- (ELmon)
DRV - [2005/12/12 16:52:34 | 000,006,912 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELkbd.sys -- (ELkbd)
DRV - [2005/12/12 16:52:34 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ELmou.sys -- (ELmou)
DRV - [2005/12/12 16:52:32 | 000,007,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)
DRV - [2005/11/16 21:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/22 18:19:54 | 000,148,608 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/05/31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005/05/31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005/04/30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005/04/30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005/04/30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005/04/22 22:34:56 | 000,052,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2005/04/22 21:11:30 | 000,098,048 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005/04/06 09:54:44 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2005/03/30 12:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005/03/25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2005/01/14 17:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005/01/12 17:36:00 | 000,138,402 | ---- | M] (GlobespanVirata Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\glausb.sys -- (lanusb)
DRV - [2005/01/06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/12/21 11:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004/12/03 11:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2004/10/28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2004/10/19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004/10/04 10:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004/07/08 17:07:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2003/11/17 21:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 21:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 21:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 22:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2002/10/16 13:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2001/08/17 14:04:46 | 000,223,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camdrv21.sys -- (camvid20)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 58 95 ED 90 0B CB 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Conduit Search"
FF - prefs.js..browser.search.selectedEngine: "Conduit Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.18
FF - prefs.js..extensions.enabledAddons: %7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.54
FF - prefs.js..extensions.enabledAddons: YoutubeDownloader%40PeterOlayev.com:2.3.0
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:5.9.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Documents and Settings\Ben\Application Data\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Ben\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/24 11:36:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/04/19 14:42:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/05/10 13:07:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/18 09:02:07 | 000,000,000 | ---D | M]
 
[2009/01/08 12:15:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions
[2014/05/18 09:08:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions
[2010/04/27 21:00:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/04/30 19:50:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2014/03/25 07:39:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/07/22 20:14:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2014/04/26 08:41:09 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012/06/28 08:14:49 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2014/05/10 12:30:30 | 000,000,000 | ---D | M] ("Flash Video Downloader - Full HD Download") -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\[email protected]
[2014/05/18 09:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\staged
[2014/04/19 14:33:50 | 000,169,146 | ---- | M] () (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\[email protected]
[2014/05/07 22:40:05 | 000,075,097 | ---- | M] () (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\[email protected]
[2014/05/04 21:12:43 | 000,226,350 | ---- | M] () (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi
[2014/02/11 20:34:26 | 000,870,217 | ---- | M] () (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2014/05/05 17:24:49 | 000,000,916 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\mukgun5k.default\searchplugins\conduit-search.xml
[2014/05/10 13:07:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/10 13:09:03 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/04/19 14:42:55 | 000,000,000 | ---D | M] (RealDownloader) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2014/04/19 14:41:18 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
 
O1 HOSTS File: ([2012/07/25 22:43:59 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [Gainward] C:\WINDOWS\TBPanel.exe (Gainward Co.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKCU..\Run: [Fraps] C:\Fraps\fraps.exe (Beepa P/L)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_13_0_0_206_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\Ben\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Ben\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O15 - HKCU\..Trusted Domains: bitdefender.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: bitdefender.com ([quickscan] http in Trusted sites)
O15 - HKCU\..Trusted Domains: bitdefender.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish...shUKActivia.cab (Snapfish Activia)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://194.72.186.24...sCamControl.cab (CamImage Class)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BCA6E7F-0487-47E0-975A-4C5D2A5EE95E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A529CB21-63E2-4D77-85C1-B144B42A3553}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/03 21:57:45 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/18 09:28:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2014/05/18 09:06:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Application Data\DropboxMaster
[2014/05/11 09:50:30 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014/05/11 09:38:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Desktop\New Folder (2)
[2014/05/10 13:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/05/08 06:18:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ben\Recent
[2014/05/05 18:25:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Desktop\Okami OST
[2014/05/05 17:40:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Desktop\Album
[2014/05/05 17:17:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Application Data\ImgBurn
[2014/05/05 17:16:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ImgBurn
[2014/05/05 17:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2014/05/05 00:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Desktop\OkamiOST5Disc
[2014/04/26 09:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Desktop\Master Challenge
[2014/04/19 14:42:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2014/04/19 14:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/09/11 21:51:07 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ben\Application Data\pcouffin.sys
[2007/03/13 22:25:50 | 000,089,680 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ben\MSSSerif120.fon
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/18 09:31:55 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/18 09:29:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2014/05/18 09:18:34 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3843634061-819627678-391793244-1005.job
[2014/05/18 09:18:34 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3843634061-819627678-391793244-1005.job
[2014/05/18 09:16:59 | 000,004,384 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
[2014/05/18 09:15:36 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/05/18 09:07:38 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2014/05/18 09:06:58 | 000,000,996 | ---- | M] () -- C:\Documents and Settings\Ben\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/18 09:06:32 | 000,000,976 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Dropbox.lnk
[2014/05/18 08:59:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/05/18 08:59:09 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3843634061-819627678-391793244-1005.job
[2014/05/18 08:57:35 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/18 08:57:35 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3843634061-819627678-391793244-1005.job
[2014/05/18 08:57:32 | 000,000,218 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/05/18 08:57:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/18 08:57:12 | 3487,723,520 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/17 19:24:43 | 000,000,032 | ---- | M] () -- C:\WINDOWS\System32\w3data.vss
[2014/05/17 19:24:43 | 000,000,032 | ---- | M] () -- C:\WINDOWS\System32\msvcsv60.dll
[2014/05/17 19:24:43 | 000,000,032 | ---- | M] () -- C:\WINDOWS\msocreg32.dat
[2014/05/11 09:50:30 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014/05/10 21:40:19 | 000,004,314 | ---- | M] () -- C:\Image.mds
[2014/05/10 10:16:38 | 000,000,212 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/05/10 10:14:21 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3843634061-819627678-391793244-1005.job
[2014/05/07 22:58:28 | 000,003,622 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\cc_20140507_225825.reg
[2014/05/05 17:16:10 | 000,001,546 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2014/05/05 17:16:10 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk
[2014/04/19 14:46:54 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3843634061-819627678-391793244-1005.job
[2014/04/19 14:41:11 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
 
========== Files Created - No Company Name ==========
 
[2014/05/11 09:53:45 | 3487,723,520 | -HS- | C] () -- C:\hiberfil.sys
[2014/05/10 21:40:19 | 000,004,314 | ---- | C] () -- C:\Image.mds
[2014/05/07 22:58:27 | 000,003,622 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\cc_20140507_225825.reg
[2014/05/05 17:16:10 | 000,001,546 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2014/05/05 17:16:10 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk
[2014/04/19 15:09:23 | 009,606,783 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\11 The One I Love.mp3
[2013/08/18 14:39:24 | 001,098,236 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/08/18 14:39:24 | 001,098,236 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/08/18 14:39:24 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/08/18 14:38:58 | 002,289,288 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/07/28 11:32:48 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2011/09/11 21:51:07 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\pcouffin.cat
[2011/09/11 21:51:07 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\pcouffin.inf
[2010/07/31 10:23:31 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\Ben\SciTE.recent
[2010/03/02 21:40:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ben\BGMSound1_copy(1).htm
[2009/09/21 07:55:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ben\BGMSound1.htm
[2009/06/12 20:45:16 | 000,153,600 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\SharedSettings.ccs
[2009/01/29 21:16:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ben\index.htm
[2009/01/29 10:59:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ben\Page 1.htm
[2008/01/06 21:04:44 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\PnkBstrK.sys
[2007/12/19 20:41:18 | 000,003,615 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\NMM-MetaData.db
[2007/01/19 19:46:15 | 000,000,016 | -H-- | C] () -- C:\Documents and Settings\Ben\mxfilerelatedcache.mxc2
[2006/05/20 23:00:58 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2006/04/29 00:23:07 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Ben\DELPHINE.CFG
[2006/04/16 08:28:01 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\dvd.bmk
[2006/04/05 21:51:49 | 000,244,736 | ---- | C] () -- C:\Documents and Settings\Ben\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/05 19:05:24 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Ben\Local Settings\Application Data\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2005/08/16 04:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 01:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012/09/24 19:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2010/11/29 21:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2012/10/12 07:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4Sync
[2011/04/09 22:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2006/05/31 18:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2010/09/28 21:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2005/08/16 20:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2008/10/19 08:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2011/02/13 09:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iIfEcEj06504
[2008/08/21 19:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2013/07/06 10:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2008/10/07 18:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2008/01/03 21:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2011/09/27 08:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2007/12/17 19:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2011/03/15 08:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2007/12/17 19:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/04/03 20:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2008/10/07 18:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2014/05/18 08:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/03/11 20:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2008/10/07 18:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2011/11/02 23:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/10/16 07:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\4Sync
[2010/07/06 21:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Bioshock
[2011/05/27 20:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Bioshock2
[2012/09/05 20:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Braid
[2009/02/10 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Canon
[2009/06/12 20:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\CoffeeCup Software
[2012/03/24 11:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\DDMSettings
[2007/04/05 18:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\DigiDelivery
[2014/05/17 19:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Digidesign
[2014/05/18 09:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Dropbox
[2014/05/18 09:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\DropboxMaster
[2012/01/12 22:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\ElevatedDiagnostics
[2010/04/02 13:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Facebook
[2006/08/19 13:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Gearbox Software
[2014/05/05 17:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\ImgBurn
[2008/10/07 19:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\InterVideo
[2007/03/13 22:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Leadertech
[2010/11/30 08:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\LucasArts
[2010/03/16 21:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Magix
[2011/11/21 21:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Mipony
[2008/03/01 00:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\muvee Technologies
[2007/12/17 19:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Nokia
[2007/12/19 20:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Nokia Multimedia Player
[2007/12/17 20:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\NSeries
[2011/11/13 10:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Nucleosys
[2012/07/23 22:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Oracle
[2011/03/15 08:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\PACE Anti-Piracy
[2007/12/17 20:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\PC Suite
[2011/12/16 23:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Petroglyph
[2012/10/25 21:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\PrimoPDF
[2008/04/03 20:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Propellerhead Software
[2014/05/07 22:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\QuickScan
[2011/09/26 09:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\ScummVM
[2006/12/17 20:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Snapfish
[2010/09/28 21:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Sony
[2010/09/28 21:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Sony Setup
[2013/06/15 10:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Spotify
[2006/04/07 18:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Template
[2007/05/06 18:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\The Longest Journey
[2012/03/11 20:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Ubisoft
[2008/10/07 19:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Ulead Systems
[2011/09/17 09:09:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Vso
[2010/07/11 14:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\WinPatrol
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 65 bytes -> C:\Documents and Settings\Ben\Desktop\First Vocal.wav:com.dropbox.attributes
@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 1208 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:l9G6dHQEWu0a6VDm1ixnSzZ
@Alternate Data Stream - 1123 bytes -> C:\Program Files\Common Files\Microsoft Shared:FRfNbYGVPEJqJ8Tab5A
@Alternate Data Stream - 1105 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:XJFUkQbvii0m0gIo8i8b
@Alternate Data Stream - 1020 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:DobnmRnsW5dWSOMIxGMZohe2Ptl

< End of report >
 

 


  • 0

Advertisements

#2
JSntgRvr
Posted 18 May 2014 - 01:10 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

:welcome:

 

Reset your browsers. Follow the instructions here.

 

Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.  Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
 
 

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
 

Download : ADWCleaner to your desktop.
 
NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs and click on the AdwCleaner icon.
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt
 

bf_new.gif Please download Malwarebytes' Anti-Malware from Here
 
Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
  • Select the language and click OK.
  • Accept the agreement
  • Make sure a checkmark is placed next to Enable the Free Trial and Launch
  • Malwarebytes' Anti-Malware, then click on finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Scan Now".
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click on Quanrantee All,.
  • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
  • Upon restart, launch Malwarebytes Antimalware and select History.
  • Double click on the last scan done, then on Copy to Clipboard.
  • Right click on your next reply and select Paste.
  • Submit your reply.
 
 
Extra Note:
 
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
 

  • 0

#3
bg111
Posted 19 May 2014 - 01:21 PM

bg111

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 118 posts

Hi. Sorry for the delay:

 

# AdwCleaner v3.209 - Report created 19/05/2014 at 08:13:27
# Updated 18/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Ben - DBKQ562J
# Running from : C:\Documents and Settings\Ben\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\Ben\Local Settings\Application Data\mipony-plugin

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4EA30ABA-A44A-407C-AABF-DDBDDF13440C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{023D0FF4-1727-4251-B2E0-43841F3CA8C6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14B0510D-23CB-42BA-B516-76173A02974B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\mipony-plugin
Key Deleted : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\Software\mipony-plugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mipony-plugin Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v29.0.1 (en-GB)

[ File : C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\rfrxgm2t.default-1400481465140\prefs.js ]


*************************

AdwCleaner[R0].txt - [1940 octets] - [19/05/2014 07:59:40]
AdwCleaner[S0].txt - [1885 octets] - [19/05/2014 08:13:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1945 octets] ##########

 

 

 

 

 

I only ran a quickscan on MBAM is that ok?

 

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.05.19.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Ben :: DBKQ562J [administrator]

19/05/2014 19:49:03
mbam-log-2014-05-19 (19-49-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 303354
Time elapsed: 17 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 


  • 0

#4
JSntgRvr
Posted 19 May 2014 - 05:22 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

There is no sign of Conduit. Still having issues?


  • 0

#5
bg111
Posted 20 May 2014 - 12:44 AM

bg111

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 118 posts

No. everything seems to be ok now. :spoton:


  • 0

#6
JSntgRvr
Posted 20 May 2014 - 02:20 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Congratulations.

Lets cleanup the computer of the tools we used.

Run AdwCleaner and click on uninstall.
  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run
Manually remove any other files or folders left.

Here are some suggestions.
  • Always keep your JAVA updated. Older versions will make your computer vulnerable.
  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Miekiemoes.

Best wishes! icon_hello.gif
  • 0

#7
bg111
Posted 21 May 2014 - 12:45 AM

bg111

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 118 posts

Thank you.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP