Hi there and sorry for the delay but we look for zero replies - so you were overlooked. Do the re-directs happen in FF or IE or both ?
The problem is only occurring in FF
And here is my log from OTListIt2
OTListIt logfile created on: 5/11/2009 11:06:05 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Documents and Settings\Danieln\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.36 Mb Total Physical Memory | 501.86 Mb Available Physical Memory | 49.09% Memory free
2.40 Gb Paging File | 1.75 Gb Available in Paging File | 72.97% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.85 Gb Total Space | 3.24 Gb Free Space | 17.21% Space Free | Partition Type: NTFS
Drive D: | 51.72 Gb Total Space | 8.01 Gb Free Space | 15.49% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 465.76 Gb Total Space | 76.53 Gb Free Space | 16.43% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: IBM-AF2D47F8806
Current User Name: Danieln
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
[color=orange]========== Processes (SafeList) ==========[/color]
PRC - C:\Program Files\Common Files\Virtual Token\vtserver.exe (UPEK Inc.)
PRC - C:\WINDOWS\system32\ibmpmsvc.exe ()
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe (Seagate Technology LLC)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation)
PRC - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe ()
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\WINDOWS\System32\QCONSVC.EXE (IBM Corp.)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
PRC - C:\WINDOWS\System32\TPHDEXLG.EXE (IBM Corporation)
PRC - C:\WINDOWS\system32\TpKmpSVC.exe ()
PRC - C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\TpShocks.exe (IBM Corp.)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
PRC - C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Program Files\UniKey\UniKeyNT.exe ()
PRC - C:\Documents and Settings\Danieln\Desktop\OTListIt2.exe (OldTimer Tools)
[color=orange]========== Win32 Services (SafeList) ==========[/color]
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (AVP [Auto | Stopped]) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab)
SRV - (Basics Service [Auto | Running]) -- C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe (Seagate Technology LLC)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (btwdins [Auto | Running]) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IBM Rapid Restore Ultra Service [Auto | Running]) -- C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe ()
SRV - (IBMPMSVC [Auto | Running]) -- C:\WINDOWS\system32\ibmpmsvc.exe ()
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Irmon [Auto | Running]) -- C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [On_Demand | Stopped]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (MBAMService [Auto | Running]) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (PsaSrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\psasrv.exe ()
SRV - (QCONSVC [Auto | Running]) -- C:\WINDOWS\System32\QCONSVC.EXE (IBM Corp.)
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (S24EventMonitor [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (SoundMAX Agent Service (default) [Auto | Running]) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
SRV - (TPHDEXLGSVC [Auto | Running]) -- C:\WINDOWS\System32\TPHDEXLG.EXE (IBM Corporation)
SRV - (TpKmpSVC [Auto | Running]) -- C:\WINDOWS\system32\TpKmpSVC.exe ()
SRV - (UMWdf [Auto | Running]) -- C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
SRV - (vtserver [Auto | Running]) -- C:\Program Files\Common Files\Virtual Token\vtserver.exe (UPEK Inc.)
SRV - (WmcCds [Unknown | Stopped]) -- c:\program files\windows media connect\mswmccds.exe (Microsoft Corporation)
SRV - (WmcCdsLs [On_Demand | Stopped]) -- C:\Program Files\Windows Media Connect\mswmcls.exe (Microsoft Corporation)
[color=orange]========== Driver Services (SafeList) ==========[/color]
DRV - (ac97intc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (ANC [System | Running]) -- C:\WINDOWS\System32\drivers\ANC.SYS (IBM Corp.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (b57w2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (btaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation)
DRV - (BTDriver [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btport.sys (Broadcom Corporation)
DRV - (BTKRNL [Boot | Running]) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation)
DRV - (BTWDNDIS [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\btwdndis.sys (Broadcom Corporation)
DRV - (BTWUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\btwusb.sys (Broadcom Corporation)
DRV - (CmdIde [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (drvmcdb [Boot | Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (drvnddm [Auto | Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (EGATHDRV [Auto | Running]) -- C:\WINDOWS\SYSTEM32\EGATHDRV.SYS (IBM Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (HSFHWICH [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (ibmfilter [Auto | Running]) -- C:\WINDOWS\system32\drivers\ibmfilter.sys (IBM)
DRV - (IBMPMDRV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys (IBM Corp.)
DRV - (IBMTPCHK [System | Running]) -- C:\WINDOWS\System32\drivers\IBMBLDID.SYS ()
DRV - (kl1 [Boot | Running]) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (klbg [Boot | Running]) -- C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (KLFLTDEV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\klfltdev.sys (Kaspersky Lab)
DRV - (KLIF [System | Running]) -- C:\WINDOWS\system32\DRIVERS\klif.sys (Kaspersky Lab)
DRV - (klim5 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\klim5.sys (Kaspersky Lab)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (MBAMProtector [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (NSCIRDA [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nscirda.sys (National Semiconductor Corporation)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (PMEM [Auto | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS (Microsoft Corporation)
DRV - (PQNTDrv [System | Running]) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (psadd [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\psadd.sys (IBM Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (QCNDISIF [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\qcndisif.SYS (IBM Corporation.)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (s0016bus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s0016bus.sys (MCCI Corporation)
DRV - (s0016mdfl [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016nd5 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s0016nd5.sys (MCCI Corporation)
DRV - (s0016obex [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s0016obex.sys (MCCI Corporation)
DRV - (s0016unic [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s0016unic.sys (MCCI Corporation)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Running]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (ShockMgr [System | Running]) -- C:\WINDOWS\System32\drivers\ShockMgr.sys (IBM Corporation)
DRV - (Shockprf [Boot | Running]) -- C:\WINDOWS\System32\drivers\shockprf.sys (IBM Corporation)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Smapint [System | Running]) -- C:\WINDOWS\System32\drivers\Smapint.sys (Microsoft Corporation)
DRV - (SmiHlp [Auto | Running]) -- C:\Program Files\IBM fingerprint software\smihlp.sys (UPEK Inc.)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sscdbhk5 [System | Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)
DRV - (ssrtln [System | Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (TcUsb [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\tcusb.sys (UPEK Inc.)
DRV - (TDSMAPI [System | Running]) -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS ()
DRV - (tfsnboio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)
DRV - (tfsncofs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)
DRV - (tfsndrct [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)
DRV - (tfsndres [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)
DRV - (tfsnifs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)
DRV - (tfsnopio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)
DRV - (tfsnpool [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)
DRV - (tfsnudf [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)
DRV - (tfsnudfa [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)
DRV - (TPDiskPM [Boot | Running]) -- C:\WINDOWS\System32\drivers\TPDiskPM.sys (IBM Corporation)
DRV - (TPHKDRV [System | Running]) -- C:\WINDOWS\System32\drivers\TPHKDRV.sys (IBM Corporation)
DRV - (TPInput [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\TPInput.sys (IBM Corporation)
DRV - (TPM11 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nsctpm11.sys (National Semiconductor Corp.)
DRV - (TPPWRIF [System | Running]) -- C:\WINDOWS\System32\drivers\Tppwrif.sys ()
DRV - (TSMAPIP [System | Running]) -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS ()
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV - (w29n51 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\w29n51.sys (Intel® Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
[color=orange]========== Standard Registry (SafeList) ==========[/color]
[color=orange]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=orange]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.3.9
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:5.0.20090122Wb2
FF - prefs.js..extensions.enabledItems: [email protected]:6.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.1
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.5.5
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.87
FF - prefs.js..extensions.enabledItems: {B5EDB4EF-A5A8-4228-B991-E8DCC641453B}:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..google.toolbar.linkdoctor.backup.keyword.URL: "chrome://browser-region/locale/region.properties"
FF - prefs.js..google.toolbar.linkdoctor.backup.keyword.enabled: true
FF - prefs.js..keyword.URL: "about:neterror?e=query&u="
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/31 17:39:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/05/06 20:50:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/04 14:06:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 15:55:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2009\THBEXT [2009/05/01 20:49:46 | 00,000,000 | ---D | M]
[2009/03/25 03:56:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\mozilla\Extensions
[2009/03/25 03:56:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/11 17:13:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\mozilla\Firefox\Profiles\0z8o1rzy.default\extensions
[2009/03/28 04:35:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\mozilla\Firefox\Profiles\0z8o1rzy.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/04/10 01:30:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\mozilla\Firefox\Profiles\0z8o1rzy.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2009/04/26 15:57:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\mozilla\Firefox\Profiles\0z8o1rzy.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2009/04/13 01:14:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\mozilla\Firefox\Profiles\0z8o1rzy.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2009/05/11 19:53:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 15:55:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/28 04:31:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/03/31 17:05:44 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B5EDB4EF-A5A8-4228-B991-E8DCC641453B}
[2009/03/31 17:39:25 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/29 15:55:11 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 15:55:11 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 19:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 19:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/26 19:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 19:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 19:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/13 20:03:25 | 00,002,221 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SafeSearch.xml
[2009/03/26 19:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 19:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" (Kaspersky Lab)
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray (Malwarebytes Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TP4EX] tp4ex.exe (IBM Corporation)
O4 - HKLM..\Run: [TpShocks] TpShocks.exe (IBM Corp.)
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (Tonec Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\PkgMgr.exe (Lenovo Group Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240678214054 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{CFBD72F4-6B01-4D03-B383-6F1B892CFA43}\\NameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll (Broadcom Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\QConGina: DllName - QConGina.dll - C:\WINDOWS\system32\QConGina.dll (IBM Corp.)
O20 - Winlogon\Notify\tphotkey: DllName - tphklock.dll - C:\WINDOWS\system32\tphklock.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/25 03:27:34 | 00,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/30 16:05:14 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/30 16:05:14 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/30 16:05:15 | 00,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]
[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/11 23:04:59 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Danieln\Desktop\OTListIt2.exe
[2009/05/10 20:32:02 | 00,000,078 | -HS- | C] () -- D:\desktop.ini
[2009/05/10 19:57:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/05/10 19:56:54 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/05/10 19:53:18 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/05/10 19:48:11 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/05/09 02:21:24 | 00,310,382 | ---- | C] () -- D:\Backup My K800i 5_9_2009.mpb
[2009/05/08 20:17:21 | 02,855,207 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Zenky & Khanh Won - Loi Hua Bi Quen Lang.mp3
[2009/05/08 18:16:14 | 02,989,372 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Haidjkey & Lil' Chip - Viet Ten Em.mp3
[2009/05/08 18:03:24 | 05,078,470 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Dang Khoi & May Trang - Yeu Nguoi Khong Nen Yeu.mp3
[2009/05/08 17:57:46 | 06,735,830 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Kaishi - Ky Niem.mp3
[2009/05/08 17:54:47 | 04,065,280 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Noo Phuoc Thinh - Nam Hoc Cuoi.mp3
[2009/05/08 17:52:05 | 02,988,118 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Khanh Nguyen - Hanh Phuc Tron Tron.mp3
[2009/05/08 17:50:55 | 04,433,920 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Duy Khoan - Loi Cam On.mp3
[2009/05/08 17:44:43 | 04,317,568 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Will-X, La & Jin - Chiec O Chieu Mua.mp3
[2009/05/08 17:33:32 | 03,448,999 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Phuong Fit - Cai Toi Khac Biet.mp3
[2009/05/08 17:25:05 | 03,974,418 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Knk & Kindly - Xa Nhau De Mai Gan Nhau.mp3
[2009/05/08 00:35:57 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/05/07 13:20:04 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/05/06 20:47:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/05/06 20:09:31 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\Rooter.exe
[2009/05/06 19:59:30 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/06 18:50:59 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/05/05 20:47:49 | 00,000,508 | ---- | C] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Danieln.job
[2009/05/05 20:47:44 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/05 20:47:44 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/05 20:47:41 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/05 20:47:39 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/05 20:17:29 | 00,001,745 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\MyPhoneExplorer.lnk
[2009/05/05 20:17:21 | 00,000,000 | ---D | C] -- C:\Program Files\MyPhoneExplorer
[2009/05/05 16:26:02 | 00,000,194 | ---- | C] () -- C:\Boot.bak
[2009/05/05 16:25:54 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/05/05 16:25:51 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/05/05 16:23:25 | 03,018,077 | R--- | C] () -- C:\Documents and Settings\Danieln\Desktop\ComboFix.exe
[2009/05/04 21:07:48 | 10,720,91136 | -HS- | C] () -- C:\hiberfil.sys
[2009/05/03 18:18:31 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2009/05/01 20:56:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/05/01 20:56:29 | 00,001,767 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009/05/01 20:56:27 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/05/01 20:56:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Danieln\Application Data\SUPERAntiSpyware.com
[2009/05/01 20:50:35 | 00,101,287 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2009/05/01 20:50:35 | 00,089,601 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2009/05/01 20:49:55 | 00,033,808 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klbg.sys
[2009/05/01 20:49:25 | 04,272,160 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/05/01 20:49:25 | 00,434,208 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/05/01 20:49:25 | 00,036,552 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009/05/01 20:49:25 | 00,003,612 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009/05/01 20:49:25 | 00,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2009/05/01 20:49:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2009/05/01 20:48:58 | 00,226,832 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2009/05/01 20:30:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2009/05/01 12:30:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/05/01 11:25:55 | 00,000,000 | ---D | C] -- D:\My Scans
[2009/05/01 11:23:41 | 00,000,000 | ---D | C] -- D:\My Albums
[2009/05/01 11:01:59 | 00,626,960 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvaut32.dll
[2009/05/01 11:01:59 | 00,487,424 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcp70.dll
[2009/05/01 11:01:59 | 00,344,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcr70.dll
[2009/05/01 11:01:59 | 00,044,544 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSXML4a.dll
[2009/05/01 11:00:35 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2009/05/01 10:46:47 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/05/01 10:46:47 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2009/05/01 10:46:26 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/05/01 10:46:26 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009/05/01 10:38:21 | 00,000,000 | ---D | C] -- C:\Program Files\HP
[2009/04/30 17:43:47 | 00,000,134 | ---- | C] () -- C:\WINDOWS\rootkitno.ini
[2009/04/30 17:43:39 | 00,000,000 | ---D | C] -- C:\RootkitNO
[2009/04/30 17:43:03 | 00,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2009/04/30 17:42:32 | 00,000,000 | ---D | C] -- D:\RegRun2
[2009/04/30 17:42:24 | 00,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2009/04/28 15:35:35 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2009/04/28 15:32:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/04/28 00:00:05 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/04/27 23:59:37 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/04/27 23:59:31 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/04/27 23:59:27 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/04/27 23:59:14 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/04/27 23:58:07 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/04/27 23:35:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/04/27 23:35:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/04/27 23:34:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/04/27 23:34:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/04/27 22:53:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/04/27 22:36:24 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/04/25 21:59:07 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/25 21:59:05 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/25 21:59:04 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/25 21:57:58 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/25 21:57:56 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/25 21:57:54 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/25 21:57:53 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/25 21:57:51 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/25 21:57:50 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/25 21:57:49 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/25 21:57:47 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/25 21:57:46 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/25 21:57:44 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/25 21:57:41 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/04/25 21:57:40 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/04/25 21:57:36 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/04/25 21:29:53 | 00,268,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009/04/25 21:29:53 | 00,027,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2009/04/23 23:19:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Danieln\Application Data\MyPhoneExplorer
[2009/04/22 22:55:08 | 00,028,018 | ---- | C] () -- D:\Backup My K800i 4_22_2009.mpb
[2009/04/21 23:45:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/04/21 21:38:16 | 00,088,328 | ---- | C] () -- D:\Backup K800i 4_20_2009.rar
[2009/04/21 00:02:57 | 00,000,000 | ---D | C] -- C:\Program Files\Avanquest update
[2009/04/21 00:02:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/04/20 23:48:04 | 00,307,601 | ---- | C] () -- D:\Backup K800i 4_20_2009.mpb
[2009/04/20 21:11:43 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/20 21:11:04 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/20 21:10:46 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/20 21:10:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/18 19:21:53 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/04/18 19:21:53 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/04/18 19:21:53 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/04/18 19:21:53 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/04/18 19:21:53 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/04/18 19:21:53 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/04/18 19:21:53 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/04/18 19:21:53 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/04/18 19:21:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/18 19:18:34 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/04/18 12:39:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\box.xob
[2009/04/16 15:18:26 | 00,020,409 | ---- | C] () -- D:\LK.docx
[2009/04/16 12:39:26 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2009/04/16 12:33:02 | 00,115,752 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016unic.sys
[2009/04/16 12:33:02 | 00,010,792 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016cr.sys
[2009/04/16 12:33:01 | 00,114,216 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016mgmt.sys
[2009/04/16 12:33:00 | 00,110,632 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016obex.sys
[2009/04/16 12:32:59 | 00,120,744 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016mdm.sys
[2009/04/16 12:32:59 | 00,025,512 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016nd5.sys
[2009/04/16 12:32:59 | 00,015,016 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016mdfl.sys
[2009/04/16 12:32:59 | 00,012,200 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016cmnt.sys
[2009/04/16 12:32:59 | 00,012,200 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016cm.sys
[2009/04/16 12:32:58 | 00,089,256 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016bus.sys
[2009/04/16 12:32:58 | 00,012,200 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016whnt.sys
[2009/04/16 12:32:58 | 00,012,200 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s0016wh.sys
[2009/04/16 12:24:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/14 19:31:07 | 00,113,950 | ---- | C] () -- D:\cc_20090414_193104.reg
[2009/04/14 19:24:10 | 00,001,745 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\HijackThis.lnk
[2009/04/14 19:24:07 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/14 15:04:29 | 00,360,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\TCPIP.SYS.ORIGINAL
[2009/04/14 15:00:48 | 00,000,753 | ---- | C] () -- C:\Documents and Settings\Danieln\Desktop\PFPortChecker.lnk
[2009/04/14 15:00:48 | 00,000,000 | ---D | C] -- C:\Program Files\PFPortChecker
[2009/04/14 14:22:28 | 00,019,935 | ---- | C] () -- D:\Warwick vs City.docx
[2009/04/14 01:43:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector
[2009/04/13 19:31:17 | 00,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2009/04/13 19:31:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/04/13 19:21:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/04/13 19:16:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/04/13 00:43:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/04/08 02:19:32 | 00,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2009/03/31 23:06:12 | 00,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2009/03/31 16:36:41 | 03,524,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\SysLib0.sys
[2009/03/25 04:15:27 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/03/25 04:15:24 | 02,255,360 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009/03/25 04:15:23 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/25 04:15:23 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/25 04:15:22 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/03/25 04:15:21 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/03/25 04:15:21 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/03/25 03:29:24 | 00,002,481 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/03/25 03:18:07 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/03/25 03:17:29 | 00,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2009/03/25 03:11:52 | 00,002,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.SYS
[2009/03/25 03:00:44 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/03/25 03:00:44 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/03/25 03:00:44 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/03/25 03:00:44 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/03/25 03:00:44 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/03/25 03:00:44 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/03/25 02:59:03 | 00,000,376 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/03/25 02:47:48 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll
[2009/03/25 02:47:47 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll
[2009/03/25 02:47:31 | 00,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2009/03/25 02:43:59 | 00,009,340 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2005/05/25 07:32:38 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/04/27 18:53:10 | 00,019,853 | ---- | C] () -- C:\WINDOWS\ibmprc.ini
[2005/04/01 05:22:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/09 20:03:43 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/09 15:10:32 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\AIBMRUNL.dll
[2003/04/11 01:04:00 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2002/05/16 08:29:04 | 00,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/24 03:18:00 | 00,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 22:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1980/01/01 09:00:00 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[1980/01/01 09:00:00 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\tpinspm.dll
[1980/01/01 09:00:00 | 00,000,587 | ---- | C] () -- C:\WINDOWS\win.ini
[1980/01/01 09:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[color=orange]========== Files - Modified Within 30 Days ==========[/color]
[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/11 23:04:22 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Danieln\Desktop\OTListIt2.exe
[2009/05/11 19:04:45 | 04,272,160 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/05/11 19:04:36 | 00,036,552 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009/05/11 17:54:05 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/05/11 17:16:09 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/05/11 17:13:58 | 00,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/11 17:00:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/11 17:00:03 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Danieln\Local Settings\desktop.ini
[2009/05/11 16:59:57 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/11 16:59:49 | 10,720,91136 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/11 00:43:10 | 00,434,208 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/05/11 00:43:10 | 00,003,612 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009/05/10 22:00:13 | 00,000,508 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Danieln.job
[2009/05/10 20:32:02 | 00,000,078 | -HS- | M] () -- D:\desktop.ini
[2009/05/10 19:56:46 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/05/09 02:21:33 | 00,310,382 | ---- | M] () -- D:\Backup My K800i 5_9_2009.mpb
[2009/05/08 20:19:10 | 02,855,207 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Zenky & Khanh Won - Loi Hua Bi Quen Lang.mp3
[2009/05/08 18:18:08 | 02,989,372 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Haidjkey & Lil' Chip - Viet Ten Em.mp3
[2009/05/08 18:05:29 | 05,078,470 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Dang Khoi & May Trang - Yeu Nguoi Khong Nen Yeu.mp3
[2009/05/08 17:59:20 | 06,735,830 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Kaishi - Ky Niem.mp3
[2009/05/08 17:56:34 | 04,065,280 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Noo Phuoc Thinh - Nam Hoc Cuoi.mp3
[2009/05/08 17:52:48 | 04,433,920 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Duy Khoan - Loi Cam On.mp3
[2009/05/08 17:52:31 | 02,988,118 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Khanh Nguyen - Hanh Phuc Tron Tron.mp3
[2009/05/08 17:46:31 | 04,317,568 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Will-X, La & Jin - Chiec O Chieu Mua.mp3
[2009/05/08 17:36:07 | 03,448,999 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Phuong Fit - Cai Toi Khac Biet.mp3
[2009/05/08 17:26:46 | 03,974,418 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Knk & Kindly - Xa Nhau De Mai Gan Nhau.mp3
[2009/05/06 21:11:32 | 00,193,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/06 20:59:35 | 00,000,587 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/06 20:54:36 | 00,506,068 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/06 20:54:36 | 00,444,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/06 20:54:36 | 00,072,306 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/06 20:09:32 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\Rooter.exe
[2009/05/06 18:45:05 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/06 18:39:13 | 03,018,077 | R--- | M] () -- C:\Documents and Settings\Danieln\Desktop\ComboFix.exe
[2009/05/05 20:47:44 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/05 20:17:29 | 00,001,745 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\MyPhoneExplorer.lnk
[2009/05/05 16:32:34 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/05 16:26:02 | 00,000,264 | RHS- | M] () -- C:\BOOT.INI
[2009/05/01 20:57:13 | 00,226,832 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2009/05/01 20:57:13 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klbg.sys
[2009/05/01 20:57:09 | 00,101,287 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2009/05/01 20:57:09 | 00,089,601 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2009/05/01 20:56:29 | 00,001,767 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009/05/01 15:36:46 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe
[2009/04/30 18:07:26 | 00,000,134 | ---- | M] () -- C:\WINDOWS\rootkitno.ini
[2009/04/30 17:43:03 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/30 17:43:03 | 00,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/04/30 17:43:03 | 00,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[2009/04/28 15:34:19 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/27 22:43:05 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/04/25 06:30:39 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/04/22 22:55:17 | 00,028,018 | ---- | M] () -- D:\Backup My K800i 4_22_2009.mpb
[2009/04/21 21:38:16 | 00,088,328 | ---- | M] () -- D:\Backup K800i 4_20_2009.rar
[2009/04/20 23:48:04 | 00,307,601 | ---- | M] () -- D:\Backup K800i 4_20_2009.mpb
[2009/04/20 20:18:13 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/20 12:56:28 | 00,031,232 | ---- | M] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/04/19 01:22:42 | 00,019,935 | ---- | M] () -- D:\Warwick vs City.docx
[2009/04/18 19:34:31 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090426-124120.backup
[2009/04/18 12:39:36 | 00,000,000 | ---- | M] () -- C:\WINDOWS\box.xob
[2009/04/16 15:19:42 | 00,020,409 | ---- | M] () -- D:\LK.docx
[2009/04/14 19:31:44 | 00,113,950 | ---- | M] () -- D:\cc_20090414_193104.reg
[2009/04/14 19:24:10 | 00,001,745 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\HijackThis.lnk
[2009/04/14 15:04:29 | 00,360,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\TCPIP.SYS.ORIGINAL
[2009/04/14 15:00:48 | 00,000,753 | ---- | M] () -- C:\Documents and Settings\Danieln\Desktop\PFPortChecker.lnk
[2009/04/13 18:53:24 | 00,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI
[2009/04/13 18:52:50 | 00,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
[2009/04/12 16:36:38 | 00,000,050 | ---- | M] () -- C:\WINDOWS\MegaManager.INI
[color=orange]========== LOP Check ==========[/color]
[2009/05/01 20:56:34 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/28 04:27:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/03/31 17:50:05 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/04/20 21:11:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/03/28 04:33:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/03/28 04:25:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/03/28 04:26:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/03/31 21:17:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2009/04/21 15:25:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/04/13 19:16:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/04/06 16:40:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2009/03/28 04:35:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/03/25 03:00:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ibm
[2009/03/25 02:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2009/05/11 17:00:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2009/05/01 20:30:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2009/03/31 17:53:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/03/29 13:39:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/14 01:43:57 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/05/10 19:49:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/05/01 20:27:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/04/13 20:01:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2004/08/09 20:06:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/03/31 17:23:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2009/03/28 04:31:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/05/01 20:47:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/05/01 20:56:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/04/14 12:33:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/05/11 23:05:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/31 16:21:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/03/25 03:59:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/05/01 20:56:27 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Danieln\Application Data
[2009/03/31 17:22:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\AccurateRip
[2009/04/21 23:47:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Adobe
[2009/04/17 18:53:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Apple Computer
[2009/03/28 18:12:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\COWON
[2009/04/07 02:25:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\dBpoweramp
[2009/03/31 20:10:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Desktopicon
[2009/05/11 23:05:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\DMCache
[2009/04/13 20:40:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\IBM
[2004/08/09 20:03:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Identities
[2009/04/09 21:24:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\IDM
[2009/03/25 04:15:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\InstallShield
[2009/04/21 23:47:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Macromedia
[2009/03/30 18:02:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Malwarebytes
[2009/04/14 13:23:27 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Danieln\Application Data\Microsoft
[2009/03/25 03:56:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Mozilla
[2009/04/10 01:17:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Mp3tag
[2009/05/11 22:57:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\MyPhoneExplorer
[2009/04/14 12:19:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Skype
[2009/04/14 12:04:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\skypePM
[2009/03/25 02:59:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Sonic
[2009/03/31 17:38:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Sun
[2009/05/01 20:56:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\SUPERAntiSpyware.com
[2009/05/01 21:14:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\Symantec
[2009/05/10 19:33:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\uTorrent
[2009/03/28 04:30:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Danieln\Application Data\WinRAR
[2009/05/11 17:54:05 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/04/20 20:18:13 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/05/10 22:00:13 | 00,000,508 | ---- | M] () -- C:\WINDOWS\Tasks\Malwarebytes' Scheduled Update for Danieln.job
[2009/03/31 16:34:35 | 00,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2009/05/11 17:00:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[color=orange]========== Purity Check ==========[/color]
[color=orange]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8FF81EB0
< End of report >