And here are the OTL logs.
OTL logfile created on: 9/5/2011 6:23:52 PM - Run 3
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Others\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.37 Mb Total Physical Memory | 626.73 Mb Available Physical Memory | 61.30% Memory free
2.40 Gb Paging File | 2.16 Gb Available in Paging File | 89.89% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.95 Gb Total Space | 2.30 Gb Free Space | 2.19% Space Free | Partition Type: NTFS
Drive E: | 487.53 Mb Total Space | 73.84 Mb Free Space | 15.15% Space Free | Partition Type: FAT32
Computer Name: JOHNNY | User Name: Others | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/09/02 14:29:13 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Others\Desktop\OTL.exe
PRC - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009/03/27 15:54:06 | 000,165,160 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2007/05/10 11:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe
PRC - [2006/08/03 17:51:42 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/05/24 11:31:06 | 000,372,736 | ---- | M] () -- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
PRC - [2004/08/10 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ========== MOD - [2011/03/21 17:30:20 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2006/12/03 15:53:06 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006/11/22 23:35:44 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\preflib.dll
MOD - [2006/11/22 23:30:58 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2006/08/03 17:52:00 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2006/05/24 11:31:06 | 000,372,736 | ---- | M] () -- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
MOD - [2006/01/08 18:14:00 | 000,040,960 | ---- | M] () -- C:\Program Files\Java Launcher\bin\LaunchShellMenu.dll
MOD - [2005/10/13 12:53:36 | 000,090,223 | ---- | M] () -- C:\Program Files\Dell\QuickSet\preflibcl.dll
MOD - [2004/08/10 04:00:00 | 001,287,680 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2004/08/10 04:00:00 | 000,268,288 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2004/08/10 04:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/10 04:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (StarWindService)
SRV - File not found [On_Demand | Stopped] -- -- (nosGetPlusHelper) getPlus®
SRV - [2010/11/09 02:44:00 | 004,290,192 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/03/27 15:54:06 | 000,165,160 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/11/06 13:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007/10/25 09:27:56 | 000,018,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2007/10/25 09:26:34 | 000,455,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2007/08/03 10:24:16 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006/05/24 11:31:06 | 000,372,736 | ---- | M] () [Auto | Running] -- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe -- (StyleXPService)
SRV - [2003/03/09 13:31:02 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ========== DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/06/14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/04/26 19:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/26 19:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010/04/26 19:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009/04/29 19:35:16 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/02/08 23:14:06 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/11/06 13:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/10/25 09:27:08 | 000,030,728 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2007/10/25 09:25:32 | 000,027,144 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2007/10/25 09:25:14 | 000,033,800 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2007/05/10 11:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/12/14 11:42:11 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/11/22 23:34:36 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/08/25 06:23:08 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/14 00:01:16 | 000,013,824 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hnm_wrls_pkt.sys -- (hnmwrlspkt)
DRV - [2006/05/24 17:07:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/24 17:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 17:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 17:01:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/24 17:01:22 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/05/24 17:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/24 16:58:18 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/24 16:57:00 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/05/23 13:06:36 | 001,578,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/01/10 10:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/10/31 14:44:39 | 000,010,880 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe -- (StyleXPHelper)
DRV - [2005/10/14 14:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 14:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 14:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/22 02:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 02:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 02:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/02/01 16:55:40 | 000,021,442 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\gravity\RO\npkcrypt.sys -- (npkcrypt)
DRV - [2004/08/10 04:00:00 | 000,138,496 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2004/08/10 04:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004/04/13 20:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/02/13 15:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2001/08/17 15:05:48 | 000,314,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrO21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000 (08B0)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061214
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061214
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061214
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 6B 5A 75 49 21 3B 46 48 80 DB B7 BB 5E 4C E4 72 [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061214
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 6B 5A 75 49 21 3B 46 48 80 DB B7 BB 5E 4C E4 72 [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 6B 5A 75 49 21 3B 46 48 80 DB B7 BB 5E 4C E4 72 [binary data]
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 6B 5A 75 49 21 3B 46 48 80 DB B7 BB 5E 4C E4 72 [binary data]
IE - HKU\S-1-5-21-118705096-4185100950-221826225-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-118705096-4185100950-221826225-1007\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 6B 5A 75 49 21 3B 46 48 80 DB B7 BB 5E 4C E4 72 [binary data]
IE - HKU\S-1-5-21-118705096-4185100950-221826225-1007\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - File not found
IE - HKU\S-1-5-21-118705096-4185100950-221826225-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-118705096-4185100950-221826225-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://neu-ro.net/?module=vote"FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.5.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.5.5.1
FF - prefs.js..extensions.enabledItems:
[email protected]:5.0.7.0
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 63333
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\
[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/16 15:42:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/02 15:16:01 | 000,000,000 | ---D | M]
[2010/11/25 05:11:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Others\Application Data\Mozilla\Extensions
[2010/11/25 05:11:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Others\Application Data\Mozilla\Extensions\
[email protected][2011/08/30 13:48:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\hm3ye6bl.default\extensions
[2011/04/11 11:41:08 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\hm3ye6bl.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2010/11/20 03:57:19 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\hm3ye6bl.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/06/06 05:38:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\hm3ye6bl.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/14 02:05:12 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\hm3ye6bl.default\extensions\
[email protected][2010/11/26 05:40:23 | 000,002,568 | ---- | M] () -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\hm3ye6bl.default\searchplugins\askcom.xml
[2011/09/03 20:53:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/28 06:06:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/08/18 10:47:57 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/09/01 03:01:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/07/02 14:20:46 | 000,069,632 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npijjiFFPlugin1.dll
[2008/10/01 16:25:28 | 000,284,248 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\mozilla firefox\plugins\npmusicn.dll
[2010/12/09 03:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007/03/09 16:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
O1 HOSTS File: ([2011/09/02 04:27:56 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - File not found
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - File not found
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3E9D340B-D614-4854-AE06-4218201F6AAE} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {3E9D340B-D614-4854-AE06-4218201F6AAE} - No CLSID value found.
O3 - HKU\S-1-5-21-118705096-4185100950-221826225-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-118705096-4185100950-221826225-1007\..\Toolbar\Webbrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-21-118705096-4185100950-221826225-1007..\Run: [Aim6] File not found
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Linus\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-118705096-4185100950-221826225-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-118705096-4185100950-221826225-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-118705096-4185100950-221826225-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-118705096-4185100950-221826225-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Documents and Settings\Others\Local Settings\Application Data\3700n.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation)
O22 - SharedTaskScheduler: {e2cc30f5-4406-4af2-aa64-eb95ad77e367} - jugezatag - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Others\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Others\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 03:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2011/09/05 17:58:21 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Others\Desktop\aswMBR.exe
[2011/09/05 17:39:17 | 000,167,864 | ---- | C] (Webroot) -- C:\Documents and Settings\Others\Desktop\antizeroaccess.exe
[2011/09/04 00:43:37 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/09/02 23:14:11 | 004,846,880 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Others\Desktop\procexp.exe
[2011/09/02 14:29:08 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Others\Desktop\OTL.exe
[2011/09/02 12:36:09 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Others\Desktop\winlogon.exe
[2011/09/02 04:25:17 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\Others\Desktop\GooredFix(2).exe
[2011/09/02 02:47:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/09/02 02:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/09/01 23:52:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Others\Application Data\SUPERAntiSpyware.com
[2011/09/01 22:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/09/01 11:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Others\Desktop\Biology 1C
[2011/08/30 13:52:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Others\Desktop\TDSSKiller
[2011/08/30 13:47:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Others\Desktop\GooredFix Backups
[2011/08/30 13:41:13 | 000,522,752 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Others\Desktop\OTM.exe
[2011/08/30 13:16:41 | 012,510,680 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Others\Desktop\SUPERAntiSpyware.exe
[2011/08/27 19:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Others\Desktop\Brighten - I'll Always Be Around EP
[2011/08/08 02:01:28 | 000,000,000 | ---D | C] -- C:\ut
[2011/08/08 00:04:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Others\Local Settings\Application Data\temp
[2011/08/08 00:04:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Others\Local Settings\Application Data\Conduit
[2011/08/08 00:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/08/07 23:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Others\Application Data\uTorrent
[1 C:\Documents and Settings\Others\*.tmp files -> C:\Documents and Settings\Others\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/09/05 18:18:02 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\MBR.dat
[2011/09/05 17:54:14 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Others\Desktop\aswMBR.exe
[2011/09/05 17:33:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/05 17:32:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/05 17:32:56 | 1072,103,424 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/05 17:30:14 | 000,167,864 | ---- | M] (Webroot) -- C:\Documents and Settings\Others\Desktop\antizeroaccess.exe
[2011/09/03 20:28:39 | 000,000,147 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\rk-proxy.reg
[2011/09/03 14:23:56 | 009,961,472 | ---- | M] () -- C:\Documents and Settings\Others\NTUSER.bak
[2011/09/03 00:20:54 | 000,043,408 | -HS- | M] () -- C:\WINDOWS\System32\c_55590.nl_
[2011/09/02 23:11:13 | 001,846,196 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\ProcessExplorer.zip
[2011/09/02 14:29:13 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Others\Desktop\OTL.exe
[2011/09/02 12:38:10 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Others\Desktop\winlogon.exe
[2011/09/02 12:27:54 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\rkill.exe
[2011/09/02 04:44:15 | 000,000,280 | -H-- | M] () -- C:\boot.ini
[2011/09/02 04:27:56 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/09/02 04:25:16 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\Others\Desktop\GooredFix(2).exe
[2011/09/02 02:47:42 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/01 23:45:46 | 000,000,905 | ---- | M] () -- C:\Documents and Settings\Others\Application Data\Microsoft\Internet Explorer\Quick Launch\Security Protection.lnk
[2011/09/01 23:45:45 | 000,000,090 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\avbase.dat
[2011/09/01 21:53:51 | 004,194,304 | ---- | M] () -- C:\WINDOWS\System32\pdmzmplg.dll
[2011/08/31 15:16:50 | 004,846,880 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Others\Desktop\procexp.exe
[2011/08/31 15:16:50 | 004,846,880 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\exxxp.exe
[2011/08/30 13:50:02 | 001,390,139 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\tdsskiller.zip
[2011/08/30 13:41:28 | 000,522,752 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Others\Desktop\OTM.exe
[2011/08/30 13:19:31 | 012,510,680 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Others\Desktop\SUPERAntiSpyware.exe
[2011/08/19 13:36:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/17 13:58:31 | 004,282,529 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\RMS 08-23-2010.rar
[2011/08/10 13:14:10 | 001,018,645 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\1313000840216.gif
[2011/08/08 21:56:34 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Others\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/08 00:00:40 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[1 C:\Documents and Settings\Others\*.tmp files -> C:\Documents and Settings\Others\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/09/05 18:18:02 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\MBR.dat
[2011/09/03 21:54:47 | 1072,103,424 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/02 23:11:42 | 004,846,880 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\exxxp.exe
[2011/09/02 23:10:54 | 001,846,196 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\ProcessExplorer.zip
[2011/09/02 12:28:58 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\rk-proxy.reg
[2011/09/02 12:27:43 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\rkill.exe
[2011/09/02 02:47:42 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/01 23:45:46 | 000,000,905 | ---- | C] () -- C:\Documents and Settings\Others\Application Data\Microsoft\Internet Explorer\Quick Launch\Security Protection.lnk
[2011/09/01 23:45:45 | 000,000,090 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\avbase.dat
[2011/09/01 23:41:07 | 000,043,408 | -HS- | C] () -- C:\WINDOWS\System32\c_55590.nl_
[2011/09/01 21:53:49 | 004,194,304 | ---- | C] () -- C:\WINDOWS\System32\pdmzmplg.dll
[2011/08/30 13:49:34 | 001,390,139 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\tdsskiller.zip
[2011/08/17 13:57:32 | 004,282,529 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\RMS 08-23-2010.rar
[2011/08/10 13:14:07 | 001,018,645 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\1313000840216.gif
[2011/08/08 00:00:40 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2011/07/24 20:57:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2011/07/14 07:03:24 | 000,011,860 | -HS- | C] () -- C:\Documents and Settings\Others\Local Settings\Application Data\o0r8j32l2vfisvr2oo51y8dg2tk73a7d3r6dbrv6umfu
[2011/07/14 07:03:24 | 000,011,860 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\o0r8j32l2vfisvr2oo51y8dg2tk73a7d3r6dbrv6umfu
[2011/05/22 21:01:08 | 000,019,213 | ---- | C] () -- C:\Documents and Settings\Others\Application Data\FFAA.F97
[2011/03/23 21:23:41 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Wtamebirit.dat
[2011/03/23 21:23:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Aquvutivol.bin
[2011/02/26 08:36:12 | 000,000,033 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2011/02/20 08:08:44 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011/01/29 06:58:04 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/01/29 06:58:04 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/01/29 06:57:53 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Others\Application Data\$_hpcst$.hpc
[2010/12/15 03:01:44 | 000,001,816 | ---- | C] () -- C:\WINDOWS\TSearch.INI
[2010/12/01 04:09:40 | 000,057,344 | ---- | C] () -- C:\WINDOWS\rzrunins.exe
[2010/05/20 21:16:35 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/05 13:36:34 | 000,208,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/11/01 16:26:59 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009/09/27 20:40:12 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/07/25 12:39:28 | 000,236,544 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/05/05 13:09:01 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/04/01 02:31:32 | 000,000,007 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2009/02/25 23:51:16 | 000,000,324 | ---- | C] () -- C:\WINDOWS\WPE PRO.INI
[2008/12/20 14:12:23 | 000,107,520 | ---- | C] () -- C:\Documents and Settings\Others\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/17 10:04:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2008/10/15 15:25:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2008/10/15 15:25:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2008/10/15 15:25:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2008/10/04 20:56:12 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SR2.dat
[2008/08/31 17:40:23 | 000,020,454 | ---- | C] () -- C:\WINDOWS\hpoins01.dat.temp
[2008/08/31 17:40:23 | 000,016,618 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat.temp
[2008/08/11 21:51:40 | 000,063,120 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/04/11 10:47:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/12/26 05:54:18 | 000,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2007/12/05 13:42:30 | 000,001,225 | ---- | C] () -- C:\WINDOWS\prov.ini
[2007/11/28 04:14:05 | 000,001,876 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2007/11/06 13:19:28 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/10/25 09:27:08 | 000,030,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2007/08/19 21:30:57 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/09 20:29:22 | 000,000,653 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
[2007/07/16 01:21:52 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2007/07/15 18:27:04 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Others\Local Settings\Application Data\fusioncache.dat
[2007/06/05 01:11:37 | 000,000,679 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/05/08 20:37:26 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/05/03 08:02:19 | 000,020,454 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2007/05/03 08:02:19 | 000,016,618 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2007/03/10 01:40:38 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/02/27 14:36:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2007/02/13 11:04:02 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/12/25 10:21:02 | 000,065,536 | ---- | C] () -- C:\WINDOWS\IFinst27.exe
[2006/12/20 23:56:53 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/12/14 12:00:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/12/14 11:48:47 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/14 11:39:18 | 000,000,726 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/14 11:38:03 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/12/14 11:29:17 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/12/14 11:29:16 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006/12/14 11:29:15 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/12/14 11:03:10 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/12/14 11:02:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/12/14 11:02:52 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/12/14 11:02:24 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/05/24 17:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/08/16 03:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 03:38:45 | 000,034,380 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 03:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 03:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 03:27:59 | 001,584,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 03:18:33 | 000,456,874 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 03:18:33 | 000,077,880 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 03:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/04/09 16:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/03/22 15:38:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 15:38:24 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 04:00:00 | 000,138,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\afd.sys
[2004/08/10 04:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/10 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 04:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/10 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 04:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/09 21:11:42 | 000,185,856 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/06/08 16:35:58 | 000,103,172 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2003/03/09 13:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ========== [2011/09/02 00:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Subversion
[2011/03/09 07:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\aBfEhFc06510
[2009/05/11 09:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2011/02/23 00:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2011/03/13 11:36:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/04/29 20:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/05/01 01:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2007/12/19 01:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IJJIGame
[2010/07/31 12:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/05/03 17:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2008/05/21 23:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2008/10/01 16:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2011/01/28 13:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/07/08 07:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2011/01/29 06:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/10/05 20:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2007/08/09 20:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/04/21 02:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2009/08/17 17:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/01/12 10:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XemiComputers
[2008/06/20 12:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2011/04/26 09:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/05/05 17:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006/12/21 01:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Linus\Application Data\acccore
[2010/04/18 14:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Linus\Application Data\Audacity
[2008/04/03 21:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Linus\Application Data\CiscoCAA
[2011/07/02 23:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Linus\Application Data\FrostWire
[2008/05/02 18:07:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Linus\Application Data\ijjigame
[2007/03/09 14:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Linus\Application Data\Leadertech
[2011/07/03 00:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Linus\Application Data\LimeWire
[2010/03/05 14:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Linus\Application Data\NavNet Solutions
[2007/12/27 21:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Linus\Application Data\NHN Corporation
[2010/06/29 02:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Linus\Application Data\Subversion
[2007/03/14 13:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Linus\Application Data\Wireshark
[2008/12/19 23:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\acccore
[2010/05/20 22:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Audacity
[2011/05/23 11:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\BitComet
[2011/03/16 22:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Canon
[2008/12/19 19:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\CiscoCAA
[2009/04/30 10:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\DAEMON Tools
[2009/05/01 00:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\DAEMON Tools Lite
[2009/04/30 10:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\DAEMON Tools Pro
[2011/06/16 15:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Downloaded Installations
[2009/04/28 15:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\ESET
[2011/07/03 10:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\FrostWire
[2009/10/05 20:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Leadertech
[2011/07/03 00:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\LimeWire
[2010/03/05 12:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\NavNet Solutions
[2011/01/28 13:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\PC Suite
[2011/01/29 06:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Samsung
[2011/05/07 22:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\spiral
[2010/06/06 15:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Subversion
[2011/08/08 20:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\uTorrent
[2011/02/21 02:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\vghd
[2009/05/17 21:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Viewpoint
[2009/03/05 23:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Wireshark
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2007/06/13 04:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2004/08/10 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004/08/10 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2004/08/10 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
[2004/08/10 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >[2004/08/10 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/10 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
< MD5 for: WINLOGON.EXE >[2004/08/10 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/10 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2011/09/02 12:38:10 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) MD5=9A14A477431A901A7014ED312E0C6C3C -- C:\Documents and Settings\Others\Desktop\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
========== Alternate Data Streams ========== @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81
< End of report >