Google redirect - tddskiller won't run - Virus, Spyware, Malware Removal

Hello,

I have the google redirect virus on my computer, I followed the guide in this forum but I'm not able to run tddskiller.exe I have tried chaning the name of the file and nothing seems to work, also the sound on my videos is gone not sure if that's related, I also had a malware program that hide all my files, I think I was able to clean that up and recover most of my hidden files but the search redirects is still a problem

Any help would be appreciated

Thanks

OTL logfile created on: 6/5/2011 1:56:46 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 151.52 Mb Available Physical Memory | 15.81% Memory free
2.26 Gb Paging File | 1.20 Gb Available in Paging File | 53.21% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 178.29 Gb Total Space | 12.05 Gb Free Space | 6.76% Space Free | Partition Type: NTFS
Drive D: | 8.00 Gb Total Space | 0.88 Gb Free Space | 11.03% Space Free | Partition Type: FAT32

Computer Name: YOUR-B27FB1C401 | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/05 13:55:39 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\OTL.exe
PRC - [2011/05/28 14:46:56 | 000,803,728 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
PRC - [2011/05/28 14:46:56 | 000,412,560 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/05/25 18:22:06 | 007,589,888 | ---- | M] () -- C:\Program Files\Full Tilt Poker\FullTiltPoker.exe
PRC - [2011/05/23 19:46:39 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/05/17 13:29:46 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/05/12 08:57:06 | 000,821,080 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/04/11 01:14:28 | 000,419,840 | ---- | M] (Igor Pavlov) -- C:\Program Files\7-Zip\7zFM.exe
PRC - [2011/03/28 16:15:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 16:15:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/01/03 04:29:50 | 000,976,896 | ---- | M] (ActMask Co.,Ltd - http://www.all2pdf.com) -- C:\WINDOWS\system32\PrintDisp.exe
PRC - [2010/06/04 08:10:36 | 000,822,384 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
PRC - [2010/04/27 01:52:32 | 002,325,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2010/03/01 14:00:34 | 009,216,928 | ---- | M] (Innovative Solutions) -- C:\Program Files\Innovative Solutions\DriverMax\devices.exe
PRC - [2010/02/02 01:10:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/02 01:10:10 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2010/01/26 13:13:52 | 001,214,128 | ---- | M] (FSPro Labs) -- C:\Program Files\My Lockbox\mylbx.exe
PRC - [2010/01/06 17:23:32 | 000,142,648 | ---- | M] (FSPro Labs) -- C:\WINDOWS\system32\fsproflt.exe
PRC - [2009/10/28 20:59:48 | 000,065,536 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) -- C:\WINDOWS\system32\PrintCtrl.exe
PRC - [2008/08/06 10:48:25 | 000,570,880 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/24 22:14:20 | 009,375,744 | ---- | M] (Zamaan's Software) -- C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.5\BHR.exe

========== Modules (SafeList) ==========

MOD - [2011/06/05 13:55:39 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Auto | Stopped] -- -- (AVGIDSAgent)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/05/12 08:57:06 | 000,821,080 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/04/27 01:52:32 | 002,325,816 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/04/19 10:50:32 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/01/06 17:23:32 | 000,142,648 | ---- | M] (FSPro Labs) [Auto | Running] -- C:\WINDOWS\system32\fsproflt.exe -- (fsproflt)
SRV - [2009/10/28 20:59:48 | 000,065,536 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\WINDOWS\system32\PrintCtrl.exe -- (Printer Control)
SRV - [2008/08/06 10:48:25 | 000,570,880 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)

========== Driver Services (SafeList) ==========

DRV - [2011/04/27 19:18:34 | 000,239,472 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/04/01 17:07:59 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/04/01 17:07:59 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/03/23 01:00:08 | 000,016,080 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/03/23 01:00:06 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/27 01:53:10 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/04/27 01:53:10 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2010/04/27 01:53:09 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/04/27 01:53:07 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/04/27 01:53:05 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/27 01:52:07 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010/04/27 01:52:07 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010/04/25 11:02:51 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys -- (FileObjInfo)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/04/28 09:13:24 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/06/05 18:37:54 | 000,043,792 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\FSPFltd.sys -- (FSProFilter)
DRV - [2008/02/19 09:09:10 | 000,072,704 | ---- | M] (Point Grey Research) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HS3dSensor1394.sys -- (PGR1394b)
DRV - [2005/06/30 15:16:26 | 001,094,848 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/04/20 13:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/14 23:12:12 | 000,175,616 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 16:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/04 13:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 07:41:36 | 000,606,684 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004/08/04 07:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 17:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)
DRV - [2001/06/04 09:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...arm1=seconduser

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...arm1=seconduser
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...arm1=seconduser
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=127.0.0.1:4021

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.812
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.5.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.9.1.14019
FF - prefs.js..extensions.enabledItems: [email protected]:0.8.5
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.0.3.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2
FF - prefs.js..extensions.enabledItems: {BB080420-8088-F650-3D47-13799CCD6159}:1.33
FF - prefs.js..extensions.enabledItems: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.6.8
FF - prefs.js..extensions.enabledItems: {c2b1f3ae-5cd5-49b7-8a0c-2c3bcbbbb294}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.4.2
FF - prefs.js..extensions.enabledItems: [email protected]:2.2.41
FF - prefs.js..keyword.URL: "http://search.yahoo....type=685749&p="
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 07:46:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/24 16:45:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/30 14:16:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/01/31 16:54:55 | 000,000,000 | ---D | M]

[2010/09/06 15:20:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Extensions
[2010/07/24 00:58:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/09/06 15:20:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Extensions\[email protected]
[2011/06/01 16:16:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions
[2011/01/14 23:27:36 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/05/18 07:10:07 | 000,000,000 | ---D | M] (ShopToWin4) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\{6cbc25b0-0a52-11df-8a39-0800200c9a66}
[2011/06/02 15:50:29 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\{78d04645-1584-43e6-b11f-9a4b01958fd6}
[2011/05/05 06:50:30 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2011/06/02 15:50:32 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\{a276c7ce-aece-410f-94a4-40b68f017a86}
[2011/03/31 22:56:57 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/09/05 21:49:13 | 000,000,000 | ---D | M] (Multiproxy Switch) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\{BB080420-8088-F650-3D47-13799CCD6159}
[2011/04/05 23:11:22 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2011/06/02 15:50:36 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\{c5e90d08-7e53-437f-a904-9060929c5ca0}
[2011/02/17 23:38:26 | 000,000,000 | ---D | M] ("LinkDiagnosis 2.2") -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\[email protected]
[2010/04/29 20:27:56 | 000,000,000 | ---D | M] (Click&Clean) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\[email protected]
[2011/01/28 14:37:04 | 000,000,000 | ---D | M] (Foxy SEO Tool) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\[email protected]
[2011/05/31 07:02:47 | 000,000,000 | ---D | M] (Foxit PDF Creator Toolbar) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Mozilla\Firefox\Profiles\hpc8t9v4.default\extensions\[email protected]
[2011/06/02 19:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/10 11:25:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/06/02 19:56:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\HP_ADMINISTRATOR.YOUR-B27FB1C401\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\HPC8T9V4.DEFAULT\EXTENSIONS\{317B5128-0B0B-49B2-B2DB-1E7560E16C74}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\HP_ADMINISTRATOR.YOUR-B27FB1C401\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\HPC8T9V4.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\HP_ADMINISTRATOR.YOUR-B27FB1C401\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\HPC8T9V4.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\HP_ADMINISTRATOR.YOUR-B27FB1C401\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\HPC8T9V4.DEFAULT\EXTENSIONS\[email protected]
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\HP_ADMINISTRATOR.YOUR-B27FB1C401\LOCAL SETTINGS\APPLICATION DATA\{5643E3A9-6F17-4A52-B308-855AA2A83B75}
[2011/04/05 21:38:57 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011/04/05 21:38:57 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
[2010/05/10 11:25:26 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/08/03 17:50:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/29 07:46:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/30 22:05:04 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/05 12:21:44 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (SQplus) - {CCF078EE-B071-4C40-9E57-F7B5962E8C95} - C:\Program Files\SeoQuake\SQplus.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (SeoQuake) - {9C590067-8A6A-4db6-B052-069283790B04} - C:\Program Files\SeoQuake\SeoQuake.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BHR] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.5\BHR.exe (Zamaan's Software)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Ijecasax] File not found
O4 - HKLM..\Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe (FSPro Labs)
O4 - HKLM..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [DriverMax] C:\Program Files\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Value error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.134 68.87.72.134
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Value error. File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/09 18:52:55 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 05:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - Unable to obtain root file information for disk D:\
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\DOCUME~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.exe "\??\C:\DOCUME~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.dat,) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/05 13:55:47 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\OTL.exe
[2011/06/05 12:56:06 | 001,431,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\1542.exe
[2011/06/05 12:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\tdsskiller
[2011/06/05 12:39:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\GooredFix Backups
[2011/06/05 12:38:00 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\GooredFix.exe
[2011/06/05 12:21:14 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/06/05 12:19:35 | 000,522,752 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\OTM.exe
[2011/06/05 12:17:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/06/05 12:13:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\erunt
[2011/06/03 13:55:00 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/06/03 11:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/06/02 23:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/06/02 23:45:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Start Menu\Programs\Revo Uninstaller
[2011/06/02 23:02:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Windows Search
[2011/06/02 22:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/06/02 22:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/06/02 21:56:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Start Menu\Programs\FixRedirectVirus
[2011/06/02 21:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\FixRedirectVirus
[2011/06/02 21:55:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\dl23
[2011/06/02 20:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/06/02 20:19:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Windows Desktop Search
[2011/06/02 20:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2011/06/02 20:18:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011/06/02 20:12:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\ElevatedDiagnostics
[2011/06/02 20:10:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/06/02 20:10:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/06/02 15:38:10 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/06/02 14:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Rootkit Unhooker LE
[2011/06/02 13:49:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Browser Hijack Recover(BHR)
[2011/06/02 13:49:39 | 000,000,000 | ---D | C] -- C:\Program Files\Browser Hijack Recover
[2011/06/02 13:41:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Emsisoft HiJackFree
[2011/06/02 13:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft HiJackFree
[2011/06/02 13:29:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Zamaan's Software
[2011/06/02 13:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\Zamaan's Software
[2011/06/02 11:18:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\IECompatCache
[2011/06/02 07:31:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Full Tilt Poker
[2011/06/01 22:50:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/01 19:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\ZipGenius
[2011/06/01 19:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZipGenius 6
[2011/06/01 19:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\ZipGenius 6
[2011/06/01 19:03:52 | 009,269,161 | ---- | C] (WinInizio Software ) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\zg63std.exe
[2011/06/01 18:14:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/06/01 18:13:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Avira
[2011/06/01 18:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/06/01 18:06:42 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/06/01 18:06:40 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/06/01 18:06:39 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/06/01 18:06:39 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/06/01 18:06:39 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/06/01 18:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/06/01 18:06:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/06/01 17:41:44 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\mbam-setup-1.51.0.1200.exe
[2011/06/01 13:45:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Recent
[2011/06/01 13:27:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Start Menu\Programs\Windows XP Recovery
[2011/05/24 08:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Start Menu\Programs\HiJackThis
[2011/05/22 19:39:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/22 16:57:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
[2011/05/12 19:58:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\Backlink Loophole Projects
[2011/05/12 19:57:57 | 000,000,000 | ---D | C] -- C:\Program Files\Backlink Loophole
[2011/05/12 19:57:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Backlink Loophole
[1 C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\*.tmp files -> C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\*.tmp files -> C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/05 14:01:03 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/06/05 13:55:39 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\OTL.exe
[2011/06/05 13:32:51 | 000,000,209 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\mainhst.zgh
[2011/06/05 12:55:35 | 001,301,452 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\tdsskiller.zip
[2011/06/05 12:54:24 | 000,000,428 | ---- | M] () -- C:\WINDOWS\zipgenius.xml
[2011/06/05 12:46:16 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2011/06/05 12:42:32 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/06/05 12:42:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/05 12:42:17 | 1005,113,344 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/05 12:38:00 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\GooredFix.exe
[2011/06/05 12:21:44 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/06/05 12:19:30 | 000,522,752 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\OTM.exe
[2011/06/05 12:12:37 | 000,513,320 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\erunt.zip
[2011/06/05 08:59:52 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{76E4A9F0-B884-49AB-9DC7-4C7259B0999F}.job
[2011/06/04 21:21:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/06/04 20:54:15 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/02 23:46:00 | 000,000,928 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\Revo Uninstaller.lnk
[2011/06/02 22:07:08 | 000,017,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/06/02 22:07:07 | 000,001,695 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Hitman Pro 3.5.lnk
[2011/06/02 21:52:43 | 002,991,347 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\dl23.zip
[2011/06/02 20:18:58 | 000,001,798 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2011/06/02 20:18:55 | 000,527,024 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/02 20:18:55 | 000,096,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/02 20:02:26 | 000,652,800 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\MicrosoftFixit50362.msi
[2011/06/02 18:32:48 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Jkokovitogol.dat
[2011/06/02 13:49:45 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\8104297.jun
[2011/06/02 13:49:40 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Microsoft\Internet Explorer\Quick Launch\Browser Hijack Recover(BHR).lnk
[2011/06/02 13:49:40 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\Browser Hijack Recover(BHR).lnk
[2011/06/02 13:41:30 | 000,000,716 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft HiJackFree.lnk
[2011/06/02 13:29:19 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\BHR Startup Programs.lnk
[2011/06/02 13:29:19 | 000,000,853 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\Browser Hijack Retaliator 4.5.lnk
[2011/06/02 11:57:33 | 000,215,040 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/02 09:10:33 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\HiJackThis.lnk
[2011/06/02 08:45:03 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Quick Care.lnk
[2011/06/02 08:45:01 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 4.lnk
[2011/06/02 08:28:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Dhubawicoziqowuk.bin
[2011/06/02 08:27:40 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/06/02 08:27:39 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/06/02 07:33:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/01 22:50:49 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/01 22:39:39 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/06/01 20:27:22 | 000,606,105 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\unhide.exe
[2011/06/01 19:05:03 | 000,000,140 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Join ZipGenius page on Facebook.url
[2011/06/01 19:05:03 | 000,000,121 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Follow ZipGenius on Twitter.url
[2011/06/01 19:05:02 | 000,000,787 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZipGenius 6.lnk
[2011/06/01 19:03:55 | 009,269,161 | ---- | M] (WinInizio Software ) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\zg63std.exe
[2011/06/01 18:54:48 | 001,138,372 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\7z921.exe
[2011/06/01 18:07:08 | 000,001,718 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/06/01 17:41:48 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\mbam-setup-1.51.0.1200.exe
[2011/06/01 17:39:27 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\HijackThis.msi
[2011/06/01 13:27:36 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\16310052
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/28 14:05:00 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\2004099637
[2011/05/25 07:10:16 | 001,431,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\1542.exe
[2011/05/22 19:37:35 | 004,350,161 | R--- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\ComboFix.exe
[2011/05/22 17:56:34 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeSchedule.job
[2011/05/21 23:07:27 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~16899876r
[2011/05/21 23:07:27 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~16899876
[2011/05/21 23:07:07 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\16899876
[2011/05/19 21:25:17 | 000,005,840 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\25in0384fr7j37l418ulg45q6se6
[2011/05/19 21:25:17 | 000,005,840 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\25in0384fr7j37l418ulg45q6se6
[2011/05/17 22:04:09 | 000,013,850 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\h355m4tfgk12ar0321wiru
[2011/05/17 22:04:09 | 000,013,850 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\h355m4tfgk12ar0321wiru
[2011/05/17 20:25:33 | 000,005,050 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\2j63fc3134r1yb2
[2011/05/17 20:25:33 | 000,005,050 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2j63fc3134r1yb2
[2011/05/16 19:50:16 | 000,013,772 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\2x1ld0gl6p2c71f
[2011/05/16 19:50:16 | 000,013,772 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2x1ld0gl6p2c71f
[2011/05/12 20:17:36 | 000,010,446 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\1i1iov1aj0j32i5
[2011/05/12 20:17:36 | 000,010,446 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1i1iov1aj0j32i5
[2011/05/10 22:14:24 | 000,010,414 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\5162qny2ob203v1p2ryg257h14
[2011/05/10 22:14:24 | 000,010,414 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\5162qny2ob203v1p2ryg257h14
[2011/05/07 20:17:28 | 000,012,322 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\rh5gc08dj7m4xes01n2uhelu2b1g0gu
[2011/05/07 20:17:28 | 000,012,322 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\rh5gc08dj7m4xes01n2uhelu2b1g0gu
[1 C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\*.tmp files -> C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\*.tmp files -> C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/05 12:12:37 | 000,513,320 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\erunt.zip
[2011/06/03 13:58:38 | 1005,113,344 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/03 12:54:33 | 000,000,444 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{76E4A9F0-B884-49AB-9DC7-4C7259B0999F}.job
[2011/06/02 23:46:00 | 000,000,928 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\Revo Uninstaller.lnk
[2011/06/02 22:07:08 | 000,017,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/06/02 22:07:07 | 000,001,695 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Hitman Pro 3.5.lnk
[2011/06/02 21:59:11 | 001,301,452 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\tdsskiller.zip
[2011/06/02 21:52:41 | 002,991,347 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\dl23.zip
[2011/06/02 20:18:58 | 000,001,814 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
[2011/06/02 20:18:58 | 000,001,798 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2011/06/02 20:08:02 | 000,652,800 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\MicrosoftFixit50362.msi
[2011/06/02 13:49:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\8104297.jun
[2011/06/02 13:49:40 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\Microsoft\Internet Explorer\Quick Launch\Browser Hijack Recover(BHR).lnk
[2011/06/02 13:49:40 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\Browser Hijack Recover(BHR).lnk
[2011/06/02 13:41:29 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft HiJackFree.lnk
[2011/06/02 13:29:19 | 000,000,919 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\BHR Startup Programs.lnk
[2011/06/02 13:29:19 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\Browser Hijack Retaliator 4.5.lnk
[2011/06/02 13:08:28 | 000,000,428 | ---- | C] () -- C:\WINDOWS\zipgenius.xml
[2011/06/02 12:31:49 | 000,000,209 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Application Data\mainhst.zgh
[2011/06/02 08:45:03 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Quick Care.lnk
[2011/06/02 08:45:01 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 4.lnk
[2011/06/01 22:50:49 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/01 20:27:29 | 000,606,105 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\unhide.exe
[2011/06/01 19:05:03 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Join ZipGenius page on Facebook.url
[2011/06/01 19:05:03 | 000,000,121 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Follow ZipGenius on Twitter.url
[2011/06/01 19:05:01 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZipGenius 6.lnk
[2011/06/01 18:55:03 | 001,138,372 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\7z921.exe
[2011/06/01 18:07:08 | 000,001,718 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/06/01 17:39:26 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\My Documents\HijackThis.msi
[2011/06/01 13:27:36 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\16310052
[2011/05/28 14:04:56 | 000,000,098 | ---- | C] () -- C:\WINDOWS\System32\2004099637
[2011/05/24 22:03:56 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\uSeRiNiT.exe
[2011/05/24 22:02:27 | 000,001,134 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\FixNCR.reg
[2011/05/24 08:09:41 | 000,002,501 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\HiJackThis.lnk
[2011/05/22 19:38:23 | 004,350,161 | R--- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\ComboFix.exe
[2011/05/21 23:07:27 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~16899876r
[2011/05/21 23:07:27 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~16899876
[2011/05/21 23:07:07 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\16899876
[2011/05/19 21:23:42 | 000,005,840 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\25in0384fr7j37l418ulg45q6se6
[2011/05/19 21:23:42 | 000,005,840 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\25in0384fr7j37l418ulg45q6se6
[2011/05/17 22:01:34 | 000,013,850 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\h355m4tfgk12ar0321wiru
[2011/05/17 22:01:34 | 000,013,850 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\h355m4tfgk12ar0321wiru
[2011/05/17 20:24:22 | 000,005,050 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2j63fc3134r1yb2
[2011/05/17 20:24:21 | 000,005,050 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\2j63fc3134r1yb2
[2011/05/16 19:47:57 | 000,013,772 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\2x1ld0gl6p2c71f
[2011/05/16 19:47:57 | 000,013,772 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2x1ld0gl6p2c71f
[2011/05/12 20:15:55 | 000,010,446 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\1i1iov1aj0j32i5
[2011/05/12 20:15:55 | 000,010,446 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1i1iov1aj0j32i5
[2011/05/10 22:12:42 | 000,010,414 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\5162qny2ob203v1p2ryg257h14
[2011/05/10 22:12:42 | 000,010,414 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\5162qny2ob203v1p2ryg257h14
[2011/05/07 20:15:27 | 000,012,322 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\rh5gc08dj7m4xes01n2uhelu2b1g0gu
[2011/05/07 20:15:27 | 000,012,322 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\rh5gc08dj7m4xes01n2uhelu2b1g0gu
[2011/05/01 00:07:42 | 000,010,388 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\vhf6a7ab7h335d07ur33rbd5x6cjdqx1gr8iu
[2011/05/01 00:07:42 | 000,010,388 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\vhf6a7ab7h335d07ur33rbd5x6cjdqx1gr8iu
[2011/04/23 10:25:42 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Jkokovitogol.dat
[2011/04/23 10:25:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Dhubawicoziqowuk.bin
[2011/02/14 21:03:30 | 000,000,233 | ---- | C] () -- C:\WINDOWS\ScreenHunter.INI
[2011/02/01 22:09:12 | 001,391,616 | ---- | C] () -- C:\WINDOWS\System32\ActPDF.dll
[2011/02/01 22:08:59 | 000,691,200 | ---- | C] () -- C:\WINDOWS\System32\PrintLog.exe
[2011/02/01 22:08:59 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\PrtPass.exe
[2010/09/02 17:58:57 | 000,137,976 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/30 22:25:05 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/07/26 10:00:25 | 000,044,932 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/07/19 01:37:16 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010/05/16 22:56:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/08 20:38:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\prvlcl.dat
[2010/04/29 17:42:00 | 000,215,040 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/28 20:00:55 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2010/04/27 00:43:24 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/04/27 00:43:21 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/04/26 23:45:29 | 000,000,155 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Local Settings\Application Data\fusioncache.dat
[2010/04/20 22:15:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/04/16 16:19:50 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/01/06 01:56:57 | 000,004,110 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\vsrenaae.pyv
[2009/12/20 20:42:18 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/12/11 16:47:39 | 000,000,564 | ---- | C] () -- C:\WINDOWS\pagebreeze.ini
[2007/12/11 16:47:39 | 000,000,044 | ---- | C] () -- C:\WINDOWS\formbreeze.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/03/14 17:54:07 | 000,022,528 | ---- | C] () -- C:\WINDOWS\exeshl.dll
[2007/03/14 17:54:07 | 000,000,188 | ---- | C] () -- C:\WINDOWS\netctrl.ini
[2007/02/26 12:05:35 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/02/26 12:05:24 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/02/26 12:02:19 | 000,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2007/02/26 12:02:06 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2007/02/26 11:58:03 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2007/02/26 11:57:05 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/09/19 10:59:51 | 000,000,073 | ---- | C] () -- C:\WINDOWS\sysInf.dat
[2006/07/22 13:33:39 | 000,093,319 | ---- | C] () -- C:\WINDOWS\Orwell Uninstaller.exe
[2006/04/03 11:50:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msds.dat
[2006/02/22 17:14:50 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallThunderbird.exe
[2006/02/02 13:52:10 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006/02/02 13:52:10 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006/01/10 16:56:54 | 000,236,892 | ---- | C] () -- C:\WINDOWS\XSite Pro Uninstaller.exe
[2006/01/05 13:37:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/12/10 18:48:54 | 000,000,995 | ---- | C] () -- C:\WINDOWS\EBHTMLCP.INI
[2005/12/03 15:21:13 | 000,001,379 | ---- | C] () -- C:\WINDOWS\KeywordsAnalyzer.INI
[2005/11/10 14:50:31 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2005/11/10 14:50:31 | 000,000,020 | ---- | C] () -- C:\WINDOWS\akebook.ini
[2005/11/10 14:50:31 | 000,000,004 | ---- | C] () -- C:\WINDOWS\a3kebook.ini
[2005/10/25 15:39:49 | 000,042,455 | ---- | C] () -- C:\WINDOWS\dkbeng.dat
[2005/10/25 15:38:44 | 000,000,632 | ---- | C] () -- C:\WINDOWS\keypro.ini
[2005/10/24 20:32:12 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/24 20:31:47 | 000,006,906 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/10/23 20:19:45 | 000,000,037 | ---- | C] () -- C:\WINDOWS\hlpbrz6.ini
[2005/09/09 19:21:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/09/09 19:19:32 | 000,001,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2005/09/09 18:57:02 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-9972322.exe
[2005/09/09 18:56:17 | 000,014,288 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/09/09 18:56:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/09/09 18:53:38 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/09/09 18:49:04 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/09 18:44:08 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/09/09 18:44:08 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/09/09 18:44:08 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/09/09 18:44:08 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/09/09 18:44:08 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/09/09 18:44:08 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/09/09 18:37:12 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/09 18:30:47 | 000,112,873 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2005/09/09 18:30:47 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2005/09/09 18:25:23 | 000,080,418 | ---- | C] () -- C:\WINDOWS\HPHins08.dat
[2005/09/09 18:25:22 | 000,004,011 | ---- | C] () -- C:\WINDOWS\hphmdl08.dat
[2005/09/09 18:23:11 | 000,072,881 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2005/09/09 18:23:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl01.dat
[2005/09/09 18:22:11 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/09/09 18:17:41 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/09/09 18:07:39 | 000,000,036 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2005/09/09 18:04:15 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/09/09 18:00:23 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/09/09 18:00:23 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/09/09 18:00:03 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/07/07 15:07:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/06/07 17:48:54 | 000,217,656 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/06/07 01:57:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/06/07 01:55:32 | 000,527,024 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/06/07 01:55:32 | 000,096,516 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/05/10 01:52:32 | 000,022,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2004/11/17 06:32:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/11/17 06:27:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/27 00:51:38 | 000,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/24 01:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/24 01:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/07 00:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2010/03/04 15:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Article Architect
[2009/02/04 14:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2010/04/27 01:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/07/17 18:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2008/08/12 09:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comcast
[2008/08/04 13:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/07/21 12:58:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeApp
[2011/06/02 22:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/02/01 22:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Iceni
[2010/04/20 21:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2011/05/01 16:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2010/04/25 16:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2010/10/04 23:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Magic Submitter
[2010/01/04 22:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Niche Finder
[2009/10/14 20:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\page
[2010/08/04 17:03:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlotSoft
[2006/08/14 13:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2010/04/15 13:01:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2010/07/21 13:46:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2008/03/16 12:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/10/03 12:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2005/10/29 12:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2007/07/08 11:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/06/21 21:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebLogAnalyzer
[2010/04/17 21:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2011/06/04 21:21:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/06/05 12:42:32 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
[2011/06/05 14:01:03 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/05 08:59:52 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{76E4A9F0-B884-49AB-9DC7-4C7259B0999F}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

Edited by vbloom, 05 June 2011 - 02:08 PM.

Google redirect - tddskiller won't run

#1
vbloom

Posted 05 June 2011 - 01:15 PM

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us