[code] OTS logfile created on: 9/10/2011 8:06:19 AM - Run 1 OTS by OldTimer - Version 3.1.44.6 Folder = C:\Users\SAMMI\Desktop\STUFF Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy 1,013.00 Mb Total Physical Memory | 349.00 Mb Available Physical Memory | 34.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 131.95 Gb Total Space | 104.05 Gb Free Space | 78.85% Space Free | Partition Type: NTFS Drive D: | 4.00 Gb Total Space | 2.66 Gb Free Space | 66.51% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SAMMI-PC Current User Name: SAMMI Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\SAMMI\Desktop\STUFF\OTS.exe -> [2011/09/10 08:05:56 | 000,646,656 | ---- | M] (OldTimer Tools) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2011/09/08 17:31:41 | 000,924,632 | ---- | M] (Mozilla Corporation) msseces.exe -> C:\Program Files\Microsoft Security Client\msseces.exe -> [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) nissrv.exe -> c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -> [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) msmpeng.exe -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) taskhost.exe -> C:\Windows\System32\taskhost.exe -> [2010/11/20 22:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) epowertray.exe -> C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe -> [2010/06/12 07:28:06 | 000,715,296 | ---- | M] (Acer Incorporated) epowersvc.exe -> C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -> [2010/06/12 07:28:02 | 000,735,776 | ---- | M] (Acer Incorporated) epowerevent.exe -> C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe -> [2010/06/12 07:27:54 | 000,469,536 | ---- | M] (Acer Incorporated) etdctrl.exe -> C:\Program Files\Elantech\ETDCtrl.exe -> [2010/06/10 17:57:20 | 000,548,744 | ---- | M] (ELAN Microelectronic Corp.) mwldaemon.exe -> C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe -> [2010/05/27 12:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) dsiwmis.exe -> C:\Program Files\Launch Manager\dsiwmis.exe -> [2010/05/25 20:31:20 | 000,325,200 | ---- | M] (Dritek System Inc.) lmworker.exe -> C:\Program Files\Launch Manager\LMworker.exe -> [2010/05/25 20:31:20 | 000,305,744 | ---- | M] (Dritek System Inc.) lmanager.exe -> C:\Program Files\Launch Manager\LManager.exe -> [2010/05/25 20:31:18 | 000,960,080 | ---- | M] (Dritek System Inc.) sftvsa.exe -> C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -> [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) sftlist.exe -> C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -> [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) etdctrlhelper.exe -> C:\Program Files\Elantech\ETDCtrlHelper.exe -> [2010/04/07 15:16:54 | 001,599,880 | ---- | M] (ELAN Microelectronic Corp.) pmmupdate.exe -> C:\Program Files\EgisTec IPS\PmmUpdate.exe -> [2010/03/11 15:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) egisupdate.exe -> C:\Program Files\EgisTec IPS\EgisUpdate.exe -> [2010/03/11 15:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) acervcm.exe -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe -> [2010/02/10 04:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) rs_service.exe -> C:\Program Files\Acer\Acer VCM\RS_Service.exe -> [2010/01/30 09:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) updaterservice.exe -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe -> [2010/01/29 09:27:36 | 000,243,232 | ---- | M] (Acer Group) gregsvc.exe -> C:\Program Files\Acer\Registration\GREGsvc.exe -> [2010/01/08 23:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) iupdate.exe -> C:\Program Files\Acer\Updater\iUpdate.exe -> [2010/01/08 19:54:12 | 000,490,872 | ---- | M] (Insyde Software Corp.) isync.exe -> C:\Program Files\Acer\Android Manager\iSync.exe -> [2010/01/08 19:53:30 | 000,407,416 | ---- | M] (Insyde Software Corp.) iaanotif.exe -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> [2009/10/14 03:25:54 | 000,186,904 | ---- | M] (Intel Corporation) iaantmon.exe -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/10/14 03:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Modules - No Company Name] mozjs.dll -> C:\Program Files\Mozilla Firefox\mozjs.dll -> [2011/09/08 17:31:39 | 001,846,232 | ---- | M] () npswf32.dll -> C:\Windows\System32\Macromed\Flash\NPSWF32.dll -> [2011/08/12 11:10:20 | 006,277,280 | ---- | M] () zlib1.dll -> C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll -> [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () libxml2.dll -> C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll -> [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () cddirio.dll -> C:\Program Files\Launch Manager\CdDirIo.dll -> [2009/05/20 16:02:04 | 000,072,200 | ---- | M] () [Win32 Services - Safe List] (NisSrv) Microsoft Network Inspection [On_Demand | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -> [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) (MsMpSvc) Microsoft Antimalware Service [Auto | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) (ePowerSvc) Acer ePower Service [Auto | Running] -> C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -> [2010/06/12 07:28:02 | 000,735,776 | ---- | M] (Acer Incorporated) (MWLService) MyWinLocker Service [On_Demand | Stopped] -> C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe -> [2010/05/27 12:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) (DsiWMIService) Dritek WMI Service [Auto | Running] -> C:\Program Files\Launch Manager\dsiwmis.exe -> [2010/05/25 20:31:20 | 000,325,200 | ---- | M] (Dritek System Inc.) (sftvsa) Application Virtualization Service Agent [On_Demand | Running] -> C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -> [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) (sftlist) Application Virtualization Client [Auto | Running] -> C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -> [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) (RS_Service) Raw Socket Service [Auto | Running] -> C:\Program Files\Acer\Acer VCM\RS_Service.exe -> [2010/01/30 09:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) (Updater Service) Updater Service [Auto | Running] -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe -> [2010/01/29 09:27:36 | 000,243,232 | ---- | M] (Acer Group) (GREGService) GREGService [Auto | Running] -> C:\Program Files\Acer\Registration\GREGsvc.exe -> [2010/01/08 23:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) (IAANTMON) Intel(R) Matrix Storage Event Monitor [Auto | Running] -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/10/14 03:25:30 | 000,354,840 | ---- | M] (Intel Corporation) (WinDefend) Windows Defender [On_Demand | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/14 11:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (MpKsl535956da) MpKsl535956da [Kernel | System | Running] -> c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B2180273-A9D2-4F51-A790-5E12F650CBC2}\MpKsl535956da.sys -> [2011/09/10 06:48:20 | 000,028,752 | ---- | M] (Microsoft Corporation) (SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Users\SAMMI\AppData\Local\Temp\SAS_SelfExtract\sasdifsv.sys -> [2011/07/23 02:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Users\SAMMI\AppData\Local\Temp\SAS_SelfExtract\saskutil.sys -> [2011/07/13 07:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (NisDrv) Microsoft Network Inspection System [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\NisDrvWFP.sys -> [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) (MpNWMon) Microsoft Malware Protection Network Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\MpNWMon.sys -> [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) (TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\TsUsbFlt.sys -> [2010/11/20 20:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) (WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\winusb.sys -> [2010/11/20 19:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) (EUCR) EUCR [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\EUCR6SK.sys -> [2010/06/17 16:50:38 | 000,082,768 | ---- | M] (ENE Technology Inc.) (L1C) NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\L1C62x86.sys -> [2010/05/20 16:10:32 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) (Sftvol) Sftvol [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Sftvollh.sys -> [2010/04/24 01:10:54 | 000,019,304 | ---- | M] (Microsoft Corporation) (Sftredir) Sftredir [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\Sftredirlh.sys -> [2010/04/24 01:10:52 | 000,021,864 | ---- | M] (Microsoft Corporation) (Sftplay) Sftplay [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Sftplaylh.sys -> [2010/04/24 01:10:50 | 000,195,944 | ---- | M] (Microsoft Corporation) (Sftfs) Sftfs [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Sftfslh.sys -> [2010/04/24 01:10:44 | 000,550,760 | ---- | M] (Microsoft Corporation) (athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\athr.sys -> [2010/04/07 12:04:42 | 001,792,512 | ---- | M] (Atheros Communications, Inc.) (mwlPSDVDisk) mwlPSDVDisk [Kernel | System | Running] -> C:\Windows\System32\drivers\mwlPSDVDisk.sys -> [2009/06/03 12:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) (mwlPSDNServ) mwlPSDNServ [Kernel | System | Running] -> C:\Windows\System32\drivers\mwlPSDNserv.sys -> [2009/06/03 12:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) (mwlPSDFilter) mwlPSDFilter [File_System | System | Running] -> C:\Windows\System32\drivers\mwlPSDFilter.sys -> [2009/06/03 12:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c09&m=aod255&r=27b50511k805l04h4wwj5w4762u226 -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c09&m=aod255&r=27b50511k805l04h4wwj5w4762u226 -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c09&m=aod255&r=27b50511k805l04h4wwj5w4762u226 -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.google.com.au/ -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> HKEY_CURRENT_USER\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\SAMMI\AppData\Roaming\Mozilla\FireFox\Profiles\e4rg3syz.default\prefs.js -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "http://www.duckduckgo.com/" -> network.proxy.type -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Mozilla Firefox 6.0.2\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011/09/08 17:31:41 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS -> < FireFox Extensions [User Folders] > -> -> C:\Users\SAMMI\AppData\Roaming\Mozilla\Extensions -> [2011/06/20 08:37:47 | 000,000,000 | ---D | M] No name found -> C:\Users\SAMMI\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} -> [2011/06/20 08:37:47 | 000,000,000 | ---D | M] -> C:\Users\SAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\e4rg3syz.default\extensions -> [2011/07/13 15:39:12 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> duckduckgo-ssl.xml -> C:\Users\SAMMI\AppData\Roaming\Mozilla\FireFox\Profiles\e4rg3syz.default\searchplugins\duckduckgo-ssl.xml -> [2011/06/12 14:55:54 | 000,001,982 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2011/06/05 13:21:21 | 000,000,000 | ---D | M] < HOSTS File > ([2009/06/11 07:39:37 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\System32\drivers\etc\hosts -> Reset Hosts < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Acer ePower Management" -> C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe] -> [2010/06/12 07:28:06 | 000,715,296 | ---- | M] (Acer Incorporated) "AndroidManager" -> C:\Program Files\Acer\Android Manager\AML.exe [C:\Program Files\Acer\Android Manager\AML.exe] -> [2010/01/08 19:47:52 | 000,508,280 | ---- | M] () "EgisTecPMMUpdate" -> C:\Program Files\EgisTec IPS\PmmUpdate.exe ["C:\Program Files\EgisTec IPS\PmmUpdate.exe"] -> [2010/03/11 15:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) "EgisUpdate" -> C:\Program Files\EgisTec IPS\EgisUpdate.exe ["C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d] -> [2010/03/11 15:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) "ETDWare" -> C:\Program Files\Elantech\ETDCtrl.exe [%ProgramFiles%\Elantech\ETDCtrl.exe] -> [2010/06/10 17:57:20 | 000,548,744 | ---- | M] (ELAN Microelectronic Corp.) "IAAnotif" -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe] -> [2009/10/14 03:25:54 | 000,186,904 | ---- | M] (Intel Corporation) "iPatchData" -> C:\Program Files\Acer\Updater\iUpdate.exe [C:\Program Files\Acer\Updater\iUpdate.exe] -> [2010/01/08 19:54:12 | 000,490,872 | ---- | M] (Insyde Software Corp.) "iSyncData" -> C:\Program Files\Acer\Android Manager\iSync.exe [C:\Program Files\Acer\Android Manager\iSync.exe] -> [2010/01/08 19:53:30 | 000,407,416 | ---- | M] (Insyde Software Corp.) "LManager" -> C:\Program Files\Launch Manager\LManager.exe [C:\Program Files\Launch Manager\LManager.exe] -> [2010/05/25 20:31:18 | 000,960,080 | ---- | M] (Dritek System Inc.) "MSC" -> c:\Program Files\Microsoft Security Client\msseces.exe ["c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) "mwlDaemon" -> C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe [C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe] -> [2010/05/27 12:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) "SuiteTray" -> C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe ["C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"] -> [2010/05/27 12:59:08 | 000,337,264 | ---- | M] (Egis Technology Inc.) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"LogonHoursAction" -> [2] -> File not found \\"DontDisplayLogonHoursWarnings" -> [1] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.0.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {20174D15-FFBF-4DBE-B154-91FCAECE50BD}\\DhcpNameServer -> 192.168.0.1 (Atheros AR5B95 Wireless Network Adapter) -> IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles "Use My Stylesheet" -> Reg Error: Invalid data type. "User Stylesheet" -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> C:\Windows\System32\userinit.exe -> [2010/11/20 22:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\System32\SystemPropertiesPerformance.exe -> [2009/07/14 11:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> C:\Windows\system32\drivers\cdrom.sys [\SystemRoot\system32\drivers\cdrom.sys] -> [2010/11/20 18:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009/06/11 07:42:20 | 000,000,024 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Files/Folders - Created Within 30 Days] iTunes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes -> [2011/08/28 07:51:28 | 000,000,000 | ---D | C] iPod -> C:\Program Files\iPod -> [2011/08/28 07:50:14 | 000,000,000 | ---D | C] iTunes -> C:\Program Files\iTunes -> [2011/08/28 07:50:12 | 000,000,000 | ---D | C] tzres.dll -> C:\Windows\System32\tzres.dll -> [2011/08/24 11:53:51 | 000,002,048 | ---- | C] (Microsoft Corporation) SUPERAntiSpyware.com -> C:\Users\SAMMI\AppData\Roaming\SUPERAntiSpyware.com -> [2011/08/23 16:18:01 | 000,000,000 | ---D | C] SUPERAntiSpyware.com -> C:\ProgramData\SUPERAntiSpyware.com -> [2011/08/23 16:18:01 | 000,000,000 | ---D | C] Malwarebytes -> C:\Users\SAMMI\AppData\Roaming\Malwarebytes -> [2011/08/23 15:52:29 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\Windows\System32\drivers\mbamswissarmy.sys -> [2011/08/23 15:52:20 | 000,041,272 | ---- | C] (Malwarebytes Corporation) Malwarebytes -> C:\ProgramData\Malwarebytes -> [2011/08/23 15:52:17 | 000,000,000 | ---D | C] mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2011/08/23 15:52:12 | 000,022,712 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2011/08/23 15:52:12 | 000,000,000 | ---D | C] Microsoft Games -> C:\Users\SAMMI\AppData\Local\Microsoft Games -> [2011/08/13 13:17:20 | 000,000,000 | ---D | C] mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2011/08/11 10:18:44 | 002,382,848 | ---- | C] (Microsoft Corporation) ieui.dll -> C:\Windows\System32\ieui.dll -> [2011/08/11 10:18:39 | 000,176,640 | ---- | C] (Microsoft Corporation) jscript9.dll -> C:\Windows\System32\jscript9.dll -> [2011/08/11 10:18:37 | 001,797,632 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2011/08/11 10:18:37 | 000,065,024 | ---- | C] (Microsoft Corporation) url.dll -> C:\Windows\System32\url.dll -> [2011/08/11 10:18:33 | 000,231,936 | ---- | C] (Microsoft Corporation) ntoskrnl.exe -> C:\Windows\System32\ntoskrnl.exe -> [2011/08/11 08:48:47 | 003,912,576 | ---- | C] (Microsoft Corporation) ntkrnlpa.exe -> C:\Windows\System32\ntkrnlpa.exe -> [2011/08/11 08:48:46 | 003,967,872 | ---- | C] (Microsoft Corporation) conhost.exe -> C:\Windows\System32\conhost.exe -> [2011/08/11 08:48:24 | 000,271,360 | ---- | C] (Microsoft Corporation) winsrv.dll -> C:\Windows\System32\winsrv.dll -> [2011/08/11 08:48:24 | 000,169,984 | ---- | C] (Microsoft Corporation) api-ms-win-core-file-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll -> [2011/08/11 08:48:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) api-ms-win-core-processthreads-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll -> [2011/08/11 08:48:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) api-ms-win-core-sysinfo-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll -> [2011/08/11 08:48:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-synch-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll -> [2011/08/11 08:48:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-misc-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll -> [2011/08/11 08:48:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-localregistry-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll -> [2011/08/11 08:48:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-delayload-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll -> [2011/08/11 08:48:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-processenvironment-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll -> [2011/08/11 08:48:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-string-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll -> [2011/08/11 08:48:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-rtlsupport-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll -> [2011/08/11 08:48:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-profile-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll -> [2011/08/11 08:48:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-memory-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll -> [2011/08/11 08:48:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-libraryloader-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll -> [2011/08/11 08:48:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-interlocked-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll -> [2011/08/11 08:48:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-io-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll -> [2011/08/11 08:48:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-heap-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll -> [2011/08/11 08:48:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-handle-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll -> [2011/08/11 08:48:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-fibers-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll -> [2011/08/11 08:48:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-errorhandling-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll -> [2011/08/11 08:48:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-debug-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll -> [2011/08/11 08:48:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-threadpool-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll -> [2011/08/11 08:48:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) api-ms-win-core-xstate-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll -> [2011/08/11 08:48:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-namedpipe-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll -> [2011/08/11 08:48:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-util-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll -> [2011/08/11 08:48:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-datetime-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll -> [2011/08/11 08:48:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-security-base-l1-1-0.dll -> C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll -> [2011/08/11 08:48:18 | 000,006,144 | -H-- | C] (Microsoft Corporation) api-ms-win-core-localization-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll -> [2011/08/11 08:48:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-console-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll -> [2011/08/11 08:48:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) odbcjt32.dll -> C:\Windows\System32\odbcjt32.dll -> [2011/08/11 08:48:14 | 000,319,488 | ---- | C] (Microsoft Corporation) odbccr32.dll -> C:\Windows\System32\odbccr32.dll -> [2011/08/11 08:48:14 | 000,081,920 | ---- | C] (Microsoft Corporation) odbccp32.dll -> C:\Windows\System32\odbccp32.dll -> [2011/08/11 08:48:13 | 000,122,880 | ---- | C] (Microsoft Corporation) odbccu32.dll -> C:\Windows\System32\odbccu32.dll -> [2011/08/11 08:48:13 | 000,086,016 | ---- | C] (Microsoft Corporation) odbctrac.dll -> C:\Windows\System32\odbctrac.dll -> [2011/08/11 08:48:12 | 000,163,840 | ---- | C] (Microsoft Corporation) [Files/Folders - Modified Within 30 Days] 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/09/10 06:55:51 | 000,009,696 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/09/10 06:55:51 | 000,009,696 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2011/09/10 06:48:02 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011/09/10 06:47:55 | 796,733,440 | -HS- | M] () iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2011/08/28 07:51:28 | 000,001,757 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011/08/23 18:59:48 | 000,631,004 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011/08/23 18:59:48 | 000,111,798 | ---- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2011/08/23 15:52:21 | 000,001,071 | ---- | M] () Recently Added.m3u8 -> C:\Users\SAMMI\Documents\Recently Added.m3u8 -> [2011/08/19 08:22:24 | 000,000,357 | ---- | M] () mlfcache.dat -> C:\Windows\System32\mlfcache.dat -> [2011/08/17 16:30:24 | 000,109,016 | -H-- | M] () FlashPlayerCPLApp.cpl -> C:\Windows\System32\FlashPlayerCPLApp.cpl -> [2011/08/12 11:10:24 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) [Files - No Company Name] iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2011/08/28 07:51:28 | 000,001,757 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2011/08/23 15:52:21 | 000,001,071 | ---- | C] () Recently Added.m3u8 -> C:\Users\SAMMI\Documents\Recently Added.m3u8 -> [2011/08/19 08:22:24 | 000,000,357 | ---- | C] () mlfcache.dat -> C:\Windows\System32\mlfcache.dat -> [2011/08/17 16:30:24 | 000,109,016 | -H-- | C] () nsreg.dat -> C:\Windows\nsreg.dat -> [2011/06/05 13:21:39 | 000,000,000 | ---- | C] () blender.ini -> C:\Windows\blender.ini -> [2011/05/18 14:22:35 | 000,000,031 | ---- | C] () unrar.dll -> C:\Windows\System32\unrar.dll -> [2011/05/12 16:34:42 | 000,175,616 | ---- | C] () FullRemove.exe -> C:\ProgramData\FullRemove.exe -> [2010/07/01 23:15:24 | 000,131,984 | ---- | C] () EMCRI_E.dll -> C:\Windows\EMCRI_E.dll -> [2010/07/01 23:14:16 | 000,361,808 | ---- | C] () RTConvEQ.dat -> C:\Windows\System32\drivers\RTConvEQ.dat -> [2010/07/01 23:06:31 | 000,247,560 | ---- | C] () RtPCEE3.DAT -> C:\Windows\System32\drivers\RtPCEE3.DAT -> [2010/07/01 23:06:31 | 000,037,468 | ---- | C] () RtHdatEx.dat -> C:\Windows\System32\drivers\RtHdatEx.dat -> [2010/07/01 23:06:31 | 000,001,448 | ---- | C] () RTEQEX3.dat -> C:\Windows\System32\drivers\RTEQEX3.dat -> [2010/07/01 23:06:31 | 000,000,520 | ---- | C] () RTEQEX2.dat -> C:\Windows\System32\drivers\RTEQEX2.dat -> [2010/07/01 23:06:31 | 000,000,520 | ---- | C] () RTEQEX1.dat -> C:\Windows\System32\drivers\RTEQEX1.dat -> [2010/07/01 23:06:31 | 000,000,520 | ---- | C] () RTEQEX0.dat -> C:\Windows\System32\drivers\RTEQEX0.dat -> [2010/07/01 23:06:31 | 000,000,520 | ---- | C] () RTHDAEQ1.dat -> C:\Windows\System32\drivers\RTHDAEQ1.dat -> [2010/07/01 23:06:31 | 000,000,176 | ---- | C] () rtkhdaud.dat -> C:\Windows\System32\drivers\rtkhdaud.dat -> [2010/07/01 23:06:31 | 000,000,024 | ---- | C] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/14 14:57:37 | 000,067,584 | --S- | C] () FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2009/07/14 14:33:53 | 000,257,736 | ---- | C] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2009/07/14 12:05:48 | 000,631,004 | ---- | C] () perfi009.dat -> C:\Windows\System32\perfi009.dat -> [2009/07/14 12:05:48 | 000,291,294 | ---- | C] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2009/07/14 12:05:48 | 000,111,798 | ---- | C] () perfd009.dat -> C:\Windows\System32\perfd009.dat -> [2009/07/14 12:05:48 | 000,031,548 | ---- | C] () NOISE.DAT -> C:\Windows\System32\NOISE.DAT -> [2009/07/14 12:05:05 | 000,000,741 | ---- | C] () dssec.dat -> C:\Windows\System32\dssec.dat -> [2009/07/14 12:04:11 | 000,215,943 | ---- | C] () mib.bin -> C:\Windows\mib.bin -> [2009/07/14 09:55:01 | 000,043,131 | ---- | C] () BthpanContextHandler.dll -> C:\Windows\System32\BthpanContextHandler.dll -> [2009/07/14 09:51:43 | 000,073,728 | ---- | C] () BWContextHandler.dll -> C:\Windows\System32\BWContextHandler.dll -> [2009/07/14 09:42:10 | 000,064,000 | ---- | C] () mlang.dat -> C:\Windows\System32\mlang.dat -> [2009/06/11 07:26:10 | 000,673,088 | ---- | C] () < End of report > [/code]