OTL logfile created on: 12/26/2013 1:20:16 PM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Infinite Library\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1022.09 Mb Total Physical Memory | 533.93 Mb Available Physical Memory | 52.24% Memory free 2.47 Gb Paging File | 2.14 Gb Available in Paging File | 86.83% Paging File free Paging file location(s): C:\pagefile.sys 1600 3100 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 229.77 Gb Total Space | 154.54 Gb Free Space | 67.26% Space Free | Partition Type: NTFS Drive F: | 931.51 Gb Total Space | 257.68 Gb Free Space | 27.66% Space Free | Partition Type: NTFS Drive G: | 2794.52 Gb Total Space | 2453.34 Gb Free Space | 87.79% Space Free | Partition Type: NTFS Computer Name: DIMENSION9150 | User Name: Infinite Library | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/12/26 12:18:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Infinite Library\Desktop\OTL.exe PRC - [2013/11/07 05:17:30 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe PRC - [2013/10/27 00:29:04 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013/10/16 07:07:44 | 000,130,248 | ---- | M] (Sandboxie Holdings, LLC) -- C:\Program Files\Sandboxie\SbieSvc.exe PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2004/12/16 09:15:10 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dlbxPP5C.DLL [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [Disabled | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2013/12/05 13:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/10/27 00:29:04 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013/10/16 07:07:44 | 000,130,248 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService) SRV - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) SRV - [2004/12/16 09:26:58 | 000,462,848 | ---- | M] (Dell) [On_Demand | Stopped] -- C:\WINDOWS\system32\dlbxcoms.exe -- (dlbx_device) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\12.tmp -- (MEMSWEEP2) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013/11/27 18:24:18 | 000,121,184 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI) DRV - [2013/10/16 07:07:40 | 000,159,840 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2013/04/04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2013/01/03 00:18:04 | 000,030,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2010/11/04 14:18:04 | 000,102,728 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\MxEFUF32.sys -- (MxEFUF) DRV - [2010/02/11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009/12/30 10:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt) DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv) DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct) DRV - [2006/03/01 19:30:54 | 000,618,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52) DRV - [2005/06/14 22:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2005/05/06 13:42:26 | 001,339,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51) DRV - [2005/05/06 13:40:50 | 000,047,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53) DRV - [2005/05/06 13:40:20 | 000,036,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt) DRV - [2004/03/24 10:12:44 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\..\URLSearchHook: {d1e06b91-60e6-4492-af9f-53043fa32716} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {7C25484A-2547-467A-B24F-F84BECA2CA8A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{4EF1AA21-9C2B-45BA-B94E-52B75F18DE2A}: "URL" = https://duckduckgo.com/?q={searchTerms} IE - HKCU\..\SearchScopes\{7C25484A-2547-467A-B24F-F84BECA2CA8A}: "URL" = https://startpage.com/do/search?query={searchTerms}&cat=web&pl=ie&language=english IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Startpage (SSL)" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.danier.com/leather-women-jackets-blazers-103030340-P8329.aspx?lang=en&colour=950|666666&mc=yes" FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.67 FF - prefs.js..extensions.enabledAddons: client%40anonymox.net:2.1.1 FF - prefs.js..extensions.enabledAddons: %7Bd9891a46-b4e2-4afd-a15a-d8f05f13e5d4%7D:1.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\wcapturex@deskperience.com: C:\Program Files\WordWeb\WCaptureMoz FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Infinite Library\Application Data\IDM\idmmzcc5 [2013/12/11 21:06:31 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Infinite Library\Application Data\IDM\idmmzcc5 [2013/12/11 21:06:31 | 000,000,000 | ---D | M] [2013/12/25 18:53:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Extensions [2013/12/25 18:53:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Firefox\Profiles\kvtw6ksd.default\extensions [2013/12/25 18:53:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Firefox\Profiles\m30igwvd.default\extensions [2013/12/25 18:53:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Firefox\Profiles\m30igwvd.default\extensions\staged [2013/12/25 12:37:19 | 000,355,782 | ---- | M] () (No name found) -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Firefox\Profiles\kvtw6ksd.default\extensions\client@anonymox.net.xpi [2013/12/25 12:38:42 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Firefox\Profiles\kvtw6ksd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/12/25 16:16:25 | 000,008,359 | ---- | M] () (No name found) -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Firefox\Profiles\kvtw6ksd.default\extensions\{d9891a46-b4e2-4afd-a15a-d8f05f13e5d4}.xpi [2013/12/25 12:27:35 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Firefox\Profiles\kvtw6ksd.default\searchplugins\dictionary.xml [2013/12/25 12:27:08 | 000,010,345 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Firefox\Profiles\kvtw6ksd.default\searchplugins\duckduckgo.xml [2013/12/25 12:28:27 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Firefox\Profiles\kvtw6ksd.default\searchplugins\startpage-ssl.xml [2013/12/25 12:27:25 | 000,001,679 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Mozilla\Firefox\Profiles\kvtw6ksd.default\searchplugins\thepiratebayorg.xml [2013/12/25 12:18:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/12/25 12:18:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/12/11 21:06:31 | 000,000,000 | ---D | M] (IDM CC) -- C:\DOCUMENTS AND SETTINGS\Infinite Library\APPLICATION DATA\IDM\IDMMZCC5 O1 HOSTS File: ([2011/06/03 15:30:27 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4 - HKLM..\Run: [DLBXCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBXtime.DLL () O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://static.harpersglobe.com/aurigma/ImageUploader5.cab (Image Uploader Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1358707821750 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 10.45.2) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 10.45.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B15E3F6-379A-42EA-BEC4-DE2C5EC62154}: DhcpNameServer = 192.168.0.1 O20 - AppInit_DLLs: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013/04/26 23:27:48 | 000,000,000 | RH-D | M] - F:\autorun -- [ NTFS ] O32 - AutoRun File - [2004/01/22 14:47:00 | 000,000,038 | RH-- | M] () - F:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2013/04/27 09:37:21 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ] O32 - AutoRun File - [2002/10/16 06:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/12/26 12:18:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Infinite Library\Desktop\OTL.exe [2013/12/25 18:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2013/12/25 18:53:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Infinite Library\Recent [2013/12/25 18:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mysearchdial [2013/12/25 18:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Infinite Library\Local Settings\Application Data\Google [2013/12/25 18:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013/12/25 13:35:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2013/12/25 13:02:30 | 016,883,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe [2013/12/25 12:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/12/25 12:15:13 | 000,282,992 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup Stub 26.0.exe [2013/12/25 08:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Infinite Library\Desktop\mbar [2013/12/25 01:22:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner [2013/12/24 18:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Infinite Library\Application Data\Cool Record Edit Pro [2013/12/24 18:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Infinite Library\My Documents\Free Sound Recorder [2013/12/24 02:19:20 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Program Files\startuplite-setup-1.07.exe [2013/12/23 20:04:05 | 000,044,032 | ---- | C] (NirSoft) -- C:\WINDOWS\nircmd.exe [2013/12/23 18:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\NirCmd - Mute Sound Via Hot Keys [2013/12/21 21:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\HDAQFE [2013/12/16 04:10:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ImgBurn [2013/12/10 19:41:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Infinite Library\My Documents\AVS4YOU [2013/12/10 02:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Aegisub-3.0.2-32 [2013/12/07 01:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony [2013/12/07 01:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Infinite Library\Application Data\Publish Providers [2013/11/30 15:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\Ffmpeg For Audacity [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/12/26 13:25:14 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{BBA3DE1D-12C5-4743-B18F-6153BA9C2721}.job [2013/12/26 13:21:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2013/12/26 12:18:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Infinite Library\Desktop\OTL.exe [2013/12/26 09:20:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/12/26 09:19:39 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3990514779-3826623117-1682299583-1006.job [2013/12/26 09:19:39 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3990514779-3826623117-1682299583-1009.job [2013/12/26 09:18:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/12/26 09:17:31 | 1071,812,608 | -HS- | M] () -- C:\hiberfil.sys [2013/12/25 19:20:23 | 000,000,954 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Unmute Volume CTRL+U.lnk [2013/12/25 19:20:20 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Mute Volume CRTL+M.lnk [2013/12/25 19:19:48 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\CCleaner.lnk [2013/12/25 13:44:42 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/12/25 13:04:28 | 016,883,056 | ---- | M] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe [2013/12/25 12:18:59 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013/12/25 12:18:52 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2013/12/25 12:15:24 | 000,282,992 | ---- | M] (Mozilla) -- C:\Program Files\Firefox Setup Stub 26.0.exe [2013/12/25 08:02:25 | 000,051,416 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [2013/12/25 07:36:36 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/12/25 07:36:36 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/12/25 01:22:14 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk [2013/12/25 01:18:48 | 000,755,792 | ---- | M] () -- C:\Program Files\cc_setup.exe [2013/12/24 23:54:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3990514779-3826623117-1682299583-1009.job [2013/12/24 22:19:28 | 000,000,107 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Desktop\TPV.m3u [2013/12/24 03:42:16 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2013/12/24 03:00:49 | 000,309,374 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Desktop\untitled.bmp [2013/12/24 02:19:22 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Program Files\startuplite-setup-1.07.exe [2013/12/23 21:01:06 | 000,000,954 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Desktop\Unmute Volume CTRL+U.lnk [2013/12/23 21:00:35 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Desktop\Mute Volume CRTL+M.lnk [2013/12/23 20:34:45 | 000,002,450 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini [2013/12/22 21:33:44 | 000,000,846 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Desktop\AVS4YOUSoftwareNavigator.lnk [2013/12/20 16:18:15 | 000,000,434 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Vinyl Library.lnk [2013/12/19 20:27:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013/12/16 04:10:31 | 000,001,546 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk [2013/12/15 18:43:13 | 000,000,419 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Dracula.lnk [2013/12/13 22:06:50 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Desktop\KINGSTON DATA TRAVLER (H).lnk [2013/12/11 17:05:25 | 000,145,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/12/10 03:22:55 | 000,000,472 | ---- | M] () -- C:\Documents and Settings\Infinite Library\My Documents\My Pictures.lnk [2013/12/09 13:01:17 | 000,000,477 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player Library.lnk [2013/12/08 02:17:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3990514779-3826623117-1682299583-1006.job [2013/12/03 19:23:27 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\IDM Downloads.lnk [2013/11/28 23:03:04 | 000,000,659 | ---- | M] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\The Daily Show.lnk [2013/11/27 18:24:18 | 000,121,184 | ---- | M] (Tonec Inc.) -- C:\WINDOWS\System32\drivers\idmtdi.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/12/25 19:20:23 | 000,000,954 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Unmute Volume CTRL+U.lnk [2013/12/25 19:20:20 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Mute Volume CRTL+M.lnk [2013/12/25 19:19:48 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\CCleaner.lnk [2013/12/25 12:18:59 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013/12/25 12:18:52 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk [2013/12/25 12:18:52 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2013/12/25 11:46:31 | 1071,812,608 | -HS- | C] () -- C:\hiberfil.sys [2013/12/25 01:22:14 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk [2013/12/25 01:21:07 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At1.job [2013/12/25 01:18:40 | 000,755,792 | ---- | C] () -- C:\Program Files\cc_setup.exe [2013/12/24 22:19:28 | 000,000,107 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Desktop\TPV.m3u [2013/12/24 03:00:49 | 000,309,374 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Desktop\untitled.bmp [2013/12/23 20:57:04 | 000,000,954 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Desktop\Unmute Volume CTRL+U.lnk [2013/12/23 20:53:50 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Desktop\Mute Volume CRTL+M.lnk [2013/12/22 21:33:44 | 000,000,846 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Desktop\AVS4YOUSoftwareNavigator.lnk [2013/12/15 18:43:13 | 000,000,419 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Dracula.lnk [2013/12/10 03:22:55 | 000,000,472 | ---- | C] () -- C:\Documents and Settings\Infinite Library\My Documents\My Pictures.lnk [2013/12/09 13:01:17 | 000,000,477 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player Library.lnk [2013/12/03 19:23:27 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\Microsoft\Internet Explorer\Quick Launch\IDM Downloads.lnk [2013/10/07 12:54:36 | 000,002,450 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini [2013/05/26 10:48:29 | 018,158,493 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Local Settings\Application Data\OcrMap.bin [2013/05/26 00:07:08 | 000,002,310 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\ASSDraw3.cfg [2013/05/21 18:05:16 | 002,216,480 | ---- | C] () -- C:\WINDOWS\wweb32.dll [2013/05/02 22:17:05 | 000,000,408 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\CamShapes.ini [2013/05/02 22:17:05 | 000,000,408 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\CamLayout.ini [2013/05/02 22:17:05 | 000,000,151 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\Camdata.ini [2013/05/02 22:03:52 | 000,001,206 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\CamStudio.Producer.ini [2013/05/02 22:03:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\CamStudio.Producer.Data.ini [2013/05/02 22:02:06 | 000,004,577 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\CamStudio.cfg [2013/05/02 16:42:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2013/05/02 16:38:09 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2013/05/02 16:38:05 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2013/04/30 22:18:04 | 000,000,426 | ---- | C] () -- C:\Program Files\xxGARBAGExx.lnk [2012/10/14 17:06:32 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012/10/14 17:06:32 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2012/10/14 17:06:28 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2012/02/15 16:15:42 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/04 10:32:35 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011/10/23 22:16:34 | 000,778,010 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate [2011/06/02 12:30:30 | 000,000,006 | -HS- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\date [2011/06/02 12:30:29 | 000,000,002 | -HS- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\evf6 [2007/03/15 13:14:58 | 000,001,387 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2006/01/19 14:47:36 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\PFP120JPR.{PB [2006/01/19 14:47:36 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Application Data\PFP120JCM.{PB [2005/12/11 12:09:56 | 000,224,256 | ---- | C] () -- C:\Documents and Settings\Infinite Library\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2004/08/10 13:09:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 18:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 18:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >