Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91804 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] Nasty Beagle, please help


  • This topic is locked This topic is locked
36 replies to this topic

#31 Tom_q2356

Tom_q2356

    Authentic Member

  • Authentic Member
  • PipPip
  • 178 posts

Posted 04 November 2009 - 03:12 AM

OTL logfile created on: 11/3/2009 11:00:02 PM - Run 2
OTL by OldTimer - Version 3.1.1.8 Folder = C:\Documents and Settings\Others\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.98 Mb Total Physical Memory | 536.57 Mb Available Physical Memory | 52.45% Memory free
1.47 Gb Paging File | 0.94 Gb Available in Paging File | 64.18% Paging File free
Paging file location(s): c:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.91 Gb Total Space | 2.45 Gb Free Space | 8.78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TomQ
Current User Name: Others
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Documents and Settings\Others\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Others\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
PRC - C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe (Speedbit Ltd.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\SlimBrowser\sbrowser.exe (FlashPeak, Inc.)
PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Startup Faster 2004\SFAgent.exe (URSoft,Inc)
PRC - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
PRC - C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe (YourWare Solutions ™)
PRC - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files\reliz\akeys.exe (Softarium.com)
PRC - C:\Program Files\Common Files\Stardock\sdmcp.exe (Stardock)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()
PRC - C:\Program Files\Ahead\InCD\incdsrv.exe ()
PRC - C:\Program Files\CursorXP\CursorXP.exe ( )
PRC - C:\WINDOWS\SYSTEM32\ati2evxx.exe ()
PRC - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)


========== Win32 Services (SafeList) ==========

SRV - File not found
SRV - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
SRV - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (Raxco Software, Inc.)
SRV - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.)
SRV - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\IcbcDaemon.exe ()
SRV - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - C:\WINDOWS\SYSTEM32\p2pgasvc.dll (Microsoft Corporation)
SRV - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - C:\WINDOWS\SYSTEM32\6to4svc.dll (Microsoft Corporation)
SRV - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe ()
SRV - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - C:\Program Files\Ahead\InCD\incdsrv.exe ()
SRV - C:\WINDOWS\SYSTEM32\ati2evxx.exe ()
SRV - C:\WINDOWS\System32\Fast.exe (Microsoft Corporation)
SRV - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)


========== Driver Services (SafeList) ==========

DRV - C:\WINDOWS\SYSTEM32\DRIVERS\splitcam.sys (LoteSoft Co.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys (Malwarebytes Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\aswmon2.sys (ALWIL Software)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\aswSP.sys (ALWIL Software)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\aswTdi.sys (ALWIL Software)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\aswRdr.sys (ALWIL Software)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\aavmker4.sys (ALWIL Software)
DRV - C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\DefragFs.sys (Raxco Software, Inc.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys (Meetinghouse Data Communications)
DRV - C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - C:\WINDOWS\SYSTEM32\vsdatant.sys (Check Point Software Technologies LTD)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\motccgpfl.sys (Motorola)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\motccgp.sys (Motorola)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\tcpip6.sys (Microsoft Corporation)
DRV - C:\WINDOWS\system32\ZoneLabs\srescan.sys (Check Point Software Technologies LTD)
DRV - C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\Motousbnet.sys (Motorola)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\ManyCam.sys (ManyCam LLC.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\motswch.sys (Motorola)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\motodrv.sys (Motorola Inc)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\ZD1211BU.sys (Atheros Technology Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys (Motorola)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\motport.sys (Motorola)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\wg111v3.sys (Realtek Semiconductor Corporation )
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\motfilt.sys (Motorola Inc)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\CMBProtector.dat ()
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\CertClient.dat ()
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\P2k.sys (Motorola Inc)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\lmpc2.sys (FSPro Labs)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\cdralw2k.sys (Sonic Solutions)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\cdr4_xp.sys (Sonic Solutions)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys (Padus, Inc.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\motovision.sys (Windows ® 2000 DDK provider)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\MotoVisionDP.sys (Mjtsai Corp)
DRV - C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys (Intel® Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys (Intel® Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys (Intel® Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys (Intel® Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys (Intel® Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys (Intel® Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys (Intel® Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys (Intel® Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys (Intel® Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys (Intel® Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\rt2500.sys (Ralink Technology Inc.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\incdfs.sys ()
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\incdpass.sys (Ahead Software)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\incdrm.sys (Ahead Software AG)
DRV - C:\Program Files\Everstrike\Lock Folder XP 3.2\UniShieldXP.sys ()
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\Vcs.sys ()
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\STAC97.sys (SigmaTel, Inc.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys (Dell Computer Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\strmdisp.sys (Conexant Systems)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWICH.sys (Conexant Systems)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys (Conexant Systems)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys (Conexant Systems)
DRV - C:\WINDOWS\System32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - C:\WINDOWS\System32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - C:\WINDOWS\System32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - C:\WINDOWS\System32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - C:\WINDOWS\System32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - C:\WINDOWS\System32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - C:\WINDOWS\System32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - C:\WINDOWS\System32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - C:\WINDOWS\System32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\fsvga.sys (Microsoft Corporation)
DRV - C:\WINDOWS\System32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - C:\WINDOWS\System32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - C:\WINDOWS\System32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - C:\WINDOWS\System32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\usbuvt.sys (IC Media Corporation)
DRV - C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys ()
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\NetSecCm.sys (Samsung Electronics Co., Ltd)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\icm10blk.sys (Intel Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\ICM10USB.sys (Intel Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\ntspppoe.sys (Efficient Networks, Inc.)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS (Sony Corporation)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\Atusbcam.sys (Agilent Technologies)
DRV - C:\WINDOWS\SYSTEM32\DRIVERS\aspi32.sys (Adaptec)
DRV - C:\WINDOWS\system32\giveio.sys ()


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Others\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll (ALWIL Software)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\SYSTEM32\WBEM\framedyn.dll (Microsoft Corporation)
MOD - C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll (BillP Studios)
MOD - C:\Program Files\CursorXP\CurXP0.dll ( )


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_Url = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.96
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.5
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.2.20080910
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14

FF - user.js..browser.search.openintab: false

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ File not found
FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2007/02/18 17:41:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/15 14:44:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/27 11:06:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/31 01:08:03 | 00,000,000 | ---D | M]

[2009/07/17 11:28:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\8g1iwoqs.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2008/12/08 20:40:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\8g1iwoqs.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/07/03 18:31:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\8g1iwoqs.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/14 15:05:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\8g1iwoqs.default\extensions
[2009/07/30 06:16:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2008/12/10 15:58:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/30 06:16:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Extensions
[2009/07/30 06:16:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Extensions
[2008/12/10 15:58:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/30 06:16:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2009/10/14 15:05:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\8g1iwoqs.default\extensions
[2009/07/03 18:31:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\8g1iwoqs.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/12/08 20:40:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\8g1iwoqs.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/07/17 11:28:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\8g1iwoqs.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/07/13 17:12:02 | 00,000,944 | ---- | M] () -- C:\Documents and Settings\Others\Application Data\Mozilla\Firefox\Profiles\8g1iwoqs.default\searchplugins\icqplugin.xml
[2009/10/31 22:02:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/09/27 11:06:40 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/05 07:44:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009/10/31 22:02:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/31 22:02:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/05 07:44:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009/09/27 11:06:40 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/31 22:02:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/09/27 11:06:32 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/09/27 11:06:32 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/10/31 22:02:04 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/09/27 11:06:34 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2008/06/02 17:02:48 | 00,200,704 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2006/08/10 14:23:23 | 00,139,305 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2008/06/05 00:16:39 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2008/06/05 00:16:40 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2008/06/05 00:16:40 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2008/06/05 00:16:40 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2008/06/05 00:16:41 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2008/06/05 00:16:41 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2008/06/05 00:16:41 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2006/08/10 14:23:55 | 00,024,621 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2006/08/10 14:22:21 | 00,081,967 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2007/03/10 07:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2009/08/24 22:09:28 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/08/24 22:09:28 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/08/24 22:09:28 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/08/24 22:09:28 | 00,002,343 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/08/24 22:09:28 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/08/24 22:09:28 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/08/24 22:09:28 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (949779 bytes) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 27994 more lines...
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (bho2gr Class) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll (Headlight Software, Inc.)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (PopKiller Class) - {9A23B8A4-C6C9-4A68-8FA6-5F905DC8FF80} - C:\Program Files\SysShield Tools\Internet Eraser\PKExt.dll (SysShield Consulting, Inc.)
O2 - BHO: (ICBC Anti-Phishing class) - {BB4491A2-D11A-4c6b-91C0-B53246A3122B} - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll (中国工商银行)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (1-Click Answers) - {7754C418-F62E-44aa-B169-E719E718BCFD} - C:\Program Files\1-Click Answers\IEToolbar\AnswersToolbarU.dll (Answers Corporation)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (IncrediBar) - {D8073790-84C7-4602-BF77-C6ACBF1612E4} - C:\Program Files\IncrediBar\bin\IBTBar.dll (IncrediBar)
O3 - HKLM\..\Toolbar: (AbsoluteShield) - {EE9DD090-902D-4623-9360-FB7D8666202B} - C:\Program Files\SysShield Tools\Internet Eraser\AbsoluteBar.dll (AbsoluteShield Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (IncrediBar) - {D8073790-84C7-4602-BF77-C6ACBF1612E4} - C:\Program Files\IncrediBar\bin\IBTBar.dll (IncrediBar)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (1-Click Answers) - {7754C418-F62E-44AA-B169-E719E718BCFD} - C:\Program Files\1-Click Answers\IEToolbar\AnswersToolbarU.dll (Answers Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (IncrediBar) - {D8073790-84C7-4602-BF77-C6ACBF1612E4} - C:\Program Files\IncrediBar\bin\IBTBar.dll (IncrediBar)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [StartupFaster] C:\Program Files\Startup Faster 2004\StrpFstCfg.exe (URSoft,Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\StartupFaster [2009/10/25 13:53:13 | 00,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Others\Start Menu\Programs\Startup\StartupFaster [2009/08/02 10:26:11 | 00,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLastUserName = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ShutdownWithoutLogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\PhotoSupport present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuNetworkPlaces = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMFUprogramsList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuEjectPC = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDisconnect = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNtSecurity = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: GreyMSIAds = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceMaxRecentDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTips = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartBanner = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTaskGrouping = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWebServices = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileUrl = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoExpandedNewMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: SpecifyDefaultButtons = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnforceShellExtensionSecurity = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: PromptRunasInstallNetPath = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceCopyAclwithFile = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartRunNoHOMEPATH = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictRun: 0? = strpfstcfg.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictRun: 1? = newadmin.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm ()
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2007/11/13 20:44:04 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Answers... - C:\Program Files\1-Click Answers\Html\atiemenu.htm ()
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRDownload.htm ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Logoff - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComLogoff.html ()
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRBrowse.htm ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2007/11/13 20:44:04 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2007/11/13 20:44:04 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2007/11/13 20:44:04 | 00,000,000 | ---D | M]
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IncrediBar - {023FA804-DCE1-4817-94ED-6BA4200F9AF2} - C:\Program Files\IncrediBar\bin\IBTBar.dll (IncrediBar)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\SYSTEM32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O15 - HKLM\..Trusted Domains: 72 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: bankofamerica.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: com.cn ([mybank.icbc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: com.cn ([www.icbc] http in Trusted sites)
O15 - HKCU\..Trusted Domains: hotmail.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: live.com ([login] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([v4.Windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([v4.Windowsupdate] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([Windowsupdate] https in Trusted sites)
O15 - HKCU\..Trusted Domains: msn.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 432 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0D99625B-0619-4420-BB61-82DEE1B91D3A} https://ebank.gdb.co...s/CertKitAx.cab (BlockHouse Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://download.ewid...oOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} http://us.chat1.yimg...v45/yacscom.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://TomQ2356.spac...ad/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.safe...lscbase8460.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} http://us.games2.yim...ctl_0_0_0_1.ocx (ExentInf Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1222675051475 (MUWebControl Class)
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} http://chat.yahoo.com/cab/yacsui.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} http://chat.yahoo.com/cab/yuplapp.cab (Yahoo! Webcam Upload Wrapper)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} https://mybank.icbc....afeControls.cab (AxSubmitControl Class)
O16 - DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} http://download.yaho...nvfav030408.cab (YbUploadFavsCtl Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...8192.0495138889 (Reg Error: Key error.)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://us.dl1.yimg.c...utocomplete.cab (YAddBook Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D81CA86B-EF63-42AF-BEE3-4502D9A03C2D} http://wwws.musicmat...er/MMLRadio.cab (MMRadioHostX Class)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.micr...04/clearadj.cab (CTAdjust Class)
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} http://chat.yahoo.com/cab/yvwrctl.cab (Yahoo! Webcam Viewer Wrapper)
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} http://pccheckup.del...ll/gtdownde.cab (Dell PC Checkup Installer Control)
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} http://chat.msn.com/bin/msnchat45.cab (MSN Chat Control 4.5)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Yahoo! MahJong Solitaire http://download.game...s/y/mjst4_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Pool 2 http://download.game...ts/y/pote_x.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.13.36.5 64.13.115.12
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuiX.exe) - C:\WINDOWS\SYSTEM32\logonuiX.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\MCPClient: DllName - C:\Program Files\Common Files\Stardock\mcpstub.dll - C:\Program Files\Common Files\Stardock\MCPStub.dll (Stardock)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/24 11:42:39 | 00,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Documents and Settings\Others\Desktop\CAZBDPKE.
[2009/11/03 12:08:23 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Others\Recent
[2009/10/31 22:08:37 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/10/31 22:02:41 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/10/31 22:02:41 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/10/31 22:02:41 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/10/31 22:02:41 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/10/31 21:40:13 | 00,528,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Others\Desktop\OTL.exe
[2009/10/31 09:45:58 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/10/31 09:29:28 | 00,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\Others\Desktop\Rooter.exe
[2009/10/30 11:44:10 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/10/30 11:44:09 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/10/30 11:44:09 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/10/30 11:44:09 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/10/30 11:43:11 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/10/26 09:45:22 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/10/26 09:40:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Others\Local Settings\Application Data\Deployment
[2009/10/25 21:12:32 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/10/25 16:32:28 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/10/25 16:17:36 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2009/10/25 15:02:25 | 00,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2009/10/24 22:08:15 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/24 22:08:12 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/24 22:08:12 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/24 11:01:41 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/10/24 11:01:41 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/10/24 10:54:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/10/22 17:30:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Others\Local Settings\Application Data\Temp
[2009/10/17 14:44:51 | 00,000,000 | ---D | C] -- C:\Program Files\Dream Aquarium
[2009/10/16 21:21:32 | 00,058,768 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2009/10/16 21:21:29 | 00,106,384 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2009/10/16 21:21:29 | 00,069,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2009/10/16 21:21:19 | 00,030,096 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2009/10/16 21:21:17 | 01,221,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2009/10/16 21:21:17 | 00,110,480 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2009/10/16 21:21:16 | 00,310,160 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2009/10/16 21:21:16 | 00,107,408 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2009/10/16 21:21:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2009/10/16 21:21:14 | 00,353,680 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2009/10/16 21:19:24 | 00,216,464 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2009/10/16 21:19:24 | 00,107,408 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2009/10/16 21:19:23 | 00,475,536 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2009/10/16 21:17:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2009/10/16 08:25:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Others\Local Settings\Application Data\Yahoo!
[2009/10/15 22:58:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Others\Application Data\Kingsoft
[2009/10/15 22:30:58 | 00,000,000 | ---D | C] -- C:\Program Files\Wisdom-soft ScreenHunter 5 Free
[2009/10/15 21:41:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/10/11 13:03:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Others\Application Data\JAM Software
[2009/10/11 13:03:01 | 00,000,000 | ---D | C] -- C:\Program Files\TreeSize Professional
[2009/10/08 23:32:51 | 00,013,824 | ---- | C] (LoteSoft Co.) -- C:\WINDOWS\System32\drivers\splitcam.sys
[2009/10/08 23:31:05 | 00,000,000 | ---D | C] -- C:\Program Files\SplitCam
[2009/10/08 17:51:21 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009/10/08 17:50:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Others\Application Data\uTorrent
[2009/10/08 17:01:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Others\Application Data\WebcamMax
[2009/10/08 08:01:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Others\Application Data\ManyCam
[2009/10/08 08:01:35 | 00,000,000 | ---D | C] -- C:\Program Files\ManyCam 2.4
[2009/10/08 02:17:51 | 00,000,000 | ---D | C] -- C:\_OTM
[2009/10/06 23:40:28 | 00,000,000 | ---D | C] -- C:\Program Files\SpeedBit Video Accelerator
[2009/10/06 23:31:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Others\My Documents\My DAP Downloads
[2009/10/06 23:31:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2009/10/06 23:26:07 | 00,000,000 | ---D | C] -- C:\Program Files\DAP
[2009/10/05 20:47:46 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/10/05 20:39:43 | 00,000,000 | ---D | C] -- C:\Program Files\AGI
[2009/10/05 07:43:46 | 00,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2009/10/05 07:43:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009/10/05 07:38:51 | 00,000,000 | ---D | C] -- C:\Program Files\ICQ6.5

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Others\Desktop\CAZBDPKE.
[2009/11/03 22:55:32 | 00,352,605 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009/11/03 22:53:40 | 00,000,024 | ---- | M] () -- C:\WINDOWS\LogonStudio.ini
[2009/11/03 22:48:05 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/11/03 22:47:51 | 10,727,46496 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/03 15:54:27 | 20,447,232 | ---- | M] () -- C:\Documents and Settings\Others\ntuser.dat
[2009/11/03 15:53:51 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Others\NTUSER.INI
[2009/11/02 12:43:48 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2009/11/01 19:34:29 | 00,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2104054462-3242262833-941974269-1007Core1ca5ae7466c3c30.job
[2009/10/31 22:01:58 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/10/31 22:01:58 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/10/31 22:01:58 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/10/31 22:01:58 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/10/31 22:01:58 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/10/31 21:40:20 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Others\Desktop\OTL.exe
[2009/10/31 10:09:31 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/31 09:29:30 | 00,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Others\Desktop\Rooter.exe
[2009/10/30 20:49:38 | 17,651,591 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\Ashampoo WinOptimizer 6.50.www.EmuleProgramas.Com.rar
[2009/10/30 13:09:51 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\MyMother.doc
[2009/10/30 11:19:29 | 03,427,862 | R--- | M] () -- C:\Documents and Settings\Others\Desktop\jgh.exe
[2009/10/30 07:34:37 | 00,047,616 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\Win32kDiag.exe
[2009/10/30 07:33:45 | 00,102,660 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\SystemLook.exe
[2009/10/30 00:20:38 | 00,000,424 | ---- | M] () -- C:\WINDOWS\NJCOM.INI
[2009/10/30 00:13:54 | 00,949,779 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\HOSTS
[2009/10/28 11:36:06 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\Buyfurniture.doc
[2009/10/26 11:50:56 | 00,194,560 | ---- | M] () -- C:\Documents and Settings\Others\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/26 09:42:26 | 00,000,482 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Others.job
[2009/10/25 06:11:34 | 00,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2009/10/24 15:09:14 | 00,000,999 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/10/24 15:09:14 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/10/23 18:12:04 | 00,551,054 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/23 18:12:04 | 00,475,446 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/10/23 18:12:04 | 00,085,514 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/10/23 18:01:44 | 00,948,077 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.20091030-001353.backup
[2009/10/23 17:27:11 | 00,001,374 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/10/21 15:55:50 | 00,016,758 | ---- | M] () -- C:\WINDOWS\ePrompter.ini
[2009/10/17 19:37:35 | 00,000,013 | ---- | M] () -- C:\WINDOWS\System32\WinSys32.crc
[2009/10/17 13:41:34 | 00,102,400 | ---- | M] () -- C:\WINDOWS\DreamAquarium.scr
[2009/10/11 08:10:09 | 00,236,544 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/10/09 23:26:28 | 00,000,021 | ---- | M] () -- C:\WINDOWS\System32\mylk.dat
[2009/10/08 23:32:51 | 00,013,824 | ---- | M] (LoteSoft Co.) -- C:\WINDOWS\System32\drivers\splitcam.sys
[2009/10/08 22:35:02 | 00,939,061 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.20091023-180144.backup
[2009/10/08 08:03:18 | 00,001,568 | ---- | M] () -- C:\Documents and Settings\Others\Desktop\ManyCam 2.4.lnk
[2009/10/06 23:31:26 | 00,172,032 | ---- | M] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\anigif.ocx
[2009/10/05 20:46:57 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/10/05 20:46:57 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

========== Files Created - No Company Name ==========

[2009/11/01 19:34:29 | 00,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2104054462-3242262833-941974269-1007Core1ca5ae7466c3c30.job
[2009/10/30 11:44:10 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009/10/30 11:44:09 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/10/30 11:44:09 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/10/30 11:44:09 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/10/30 11:18:46 | 03,427,862 | R--- | C] () -- C:\Documents and Settings\Others\Desktop\jgh.exe
[2009/10/30 07:34:41 | 00,047,616 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\Win32kDiag.exe
[2009/10/30 07:33:44 | 00,102,660 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\SystemLook.exe
[2009/10/30 00:26:44 | 00,023,040 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\MyMother.doc
[2009/10/28 11:36:05 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\Buyfurniture.doc
[2009/10/26 09:11:30 | 10,727,46496 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/24 22:10:21 | 00,000,482 | ---- | C] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Others.job
[2009/10/17 14:45:08 | 00,094,208 | ---- | C] () -- C:\WINDOWS\Dream Aquarium.scr
[2009/10/17 13:41:34 | 00,102,400 | ---- | C] () -- C:\WINDOWS\DreamAquarium.scr
[2009/10/16 21:21:14 | 00,352,605 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2009/10/15 21:50:17 | 17,651,591 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\Ashampoo WinOptimizer 6.50.www.EmuleProgramas.Com.rar
[2009/10/13 23:20:51 | 20,447,232 | ---- | C] () -- C:\Documents and Settings\Others\ntuser.dat
[2009/10/08 23:31:14 | 00,389,120 | ---- | C] () -- C:\WINDOWS\System32\actskn43.ocx
[2009/10/08 17:00:02 | 00,941,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009/10/08 08:03:17 | 00,001,568 | ---- | C] () -- C:\Documents and Settings\Others\Desktop\ManyCam 2.4.lnk
[2009/09/11 13:15:03 | 00,001,500 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/08/02 10:35:04 | 00,000,028 | ---- | C] () -- C:\WINDOWS\PIMAREG.INI
[2009/03/30 21:20:41 | 00,389,175 | ---- | C] () -- C:\WINDOWS\System32\RsaFun.dll
[2009/03/30 21:20:41 | 00,282,734 | ---- | C] () -- C:\WINDOWS\System32\NPCard.dll
[2009/03/30 21:20:41 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\UnblkPIN.dll
[2009/03/30 21:20:39 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\jcutilTdrUKLCD.dll
[2009/03/30 21:20:38 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\jcutilHUAUK.dll
[2009/03/30 21:20:38 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\jcutilHUAUKLCD.dll
[2009/03/30 21:20:38 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\jcutilgem101101.dll
[2009/03/30 21:20:36 | 00,027,136 | ---- | C] () -- C:\WINDOWS\System32\jcinGEM102.dll
[2009/03/30 21:20:34 | 00,023,040 | ---- | C] () -- C:\WINDOWS\System32\jcidGEM102.dll
[2009/03/30 21:20:33 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\hmukchk.dll
[2009/03/30 21:20:31 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\GEMPIN01.dll
[2009/03/30 21:20:30 | 00,184,320 | ---- | C] () -- C:\WINDOWS\System32\GdApi.dll
[2009/01/05 15:44:10 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/12/15 17:34:20 | 02,823,496 | -H-- | C] () -- C:\Documents and Settings\Others\Local Settings\Application Data\IconCache.db
[2008/12/06 17:42:17 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2008/12/06 17:42:17 | 00,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2008/09/14 07:52:41 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\CmbSafeBase.dll
[2008/09/14 07:52:40 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\PBHttpComm.dll
[2006/09/03 19:18:39 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\jcinTHTFUK.dll
[2006/09/03 19:18:38 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\jcidTHTFUK.dll
[2006/09/03 19:18:38 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\jcinpublic.dll
[2006/09/03 19:18:38 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\jcinHUAUK.dll
[2006/09/03 19:18:38 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\jcidHUAUK.dll
[2006/09/03 19:18:38 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\jcinGEM101.dll
[2006/09/03 19:18:38 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\jcidGEM101.dll
[2006/09/03 19:18:38 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\jcidGD84.dll
[2006/09/03 19:18:38 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\jcinGD84.dll
[2006/09/03 19:18:38 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\jcidWATCHK.dll
[2006/09/03 19:18:37 | 00,262,208 | ---- | C] () -- C:\WINDOWS\System32\GPKPCSC.dll
[2006/09/03 19:18:37 | 00,241,758 | ---- | C] () -- C:\WINDOWS\System32\GPKPIN.dll
[2006/09/03 19:18:37 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\CEA_Crypt.dll
[2006/09/03 19:18:37 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\ChangPIN.dll
[2006/09/03 19:18:36 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\jcinWATCHK.dll
[2006/09/03 19:18:34 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\USBKey.dll
[2006/08/21 00:37:59 | 00,002,913 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/08/10 06:58:31 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\70681b24.dll
[2006/08/10 06:58:28 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\68af6bb3.dll
[2006/07/10 18:19:56 | 00,796,584 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2006/06/29 14:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 14:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 15:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/04/08 10:11:38 | 00,000,040 | ---- | C] () -- C:\WINDOWS\powerplayer.ini
[2006/03/22 10:03:02 | 00,000,040 | ---- | C] () -- C:\WINDOWS\nero.INI
[2006/03/21 19:47:12 | 00,085,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\incdfs.sys
[2006/02/27 18:06:40 | 00,000,006 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DirectCDUserNameD.txt
[2006/02/19 16:25:23 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2006/02/14 17:25:44 | 00,000,009 | ---- | C] () -- C:\WINDOWS\winxfigt.sys
[2005/12/25 18:00:36 | 00,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005/11/16 10:40:42 | 00,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2005/11/16 10:40:42 | 00,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2005/10/19 13:45:34 | 00,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2005/10/19 12:57:04 | 00,000,027 | ---- | C] () -- C:\WINDOWS\AdvConfig.ini
[2005/05/15 13:29:59 | 00,163,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys
[2005/04/28 13:51:17 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\odlib.dll
[2005/03/28 16:36:38 | 00,000,116 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2005/02/11 23:36:33 | 00,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys
[2005/01/21 10:52:56 | 00,010,856 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/01/04 12:41:31 | 00,000,214 | ---- | C] () -- C:\WINDOWS\Gurunet.ini
[2005/01/03 14:25:15 | 00,000,206 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2004/12/25 10:46:48 | 00,000,064 | ---- | C] () -- C:\WINDOWS\eFaxView.ini
[2004/12/03 16:54:11 | 00,016,758 | ---- | C] () -- C:\WINDOWS\ePrompter.ini
[2004/11/06 17:11:28 | 00,000,806 | ---- | C] () -- C:\WINDOWS\UnitConverter.INI
[2004/10/27 06:39:05 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/10/17 21:38:38 | 05,144,064 | ---- | C] () -- C:\Documents and Settings\Others\Local Settings\Application Data\70549405-1385-4dbb-9a1a-15a3af3d067b.msi
[2004/10/08 08:08:11 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\stdsoap2.dll
[2004/08/28 22:33:27 | 00,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini
[2004/08/28 22:30:55 | 00,187,392 | ---- | C] () -- C:\WINDOWS\System32\JPGUtils.dll
[2004/08/16 14:52:06 | 00,397,312 | ---- | C] () -- C:\WINDOWS\System32\CMBEdit.dll
[2004/07/30 16:20:41 | 00,000,129 | ---- | C] () -- C:\Documents and Settings\Others\Local Settings\Application Data\fusioncache.dat
[2004/07/24 17:44:02 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/07/03 20:32:40 | 00,000,000 | ---- | C] () -- C:\WINDOWS\audio.INI
[2004/07/03 20:20:24 | 00,000,173 | ---- | C] () -- C:\WINDOWS\srlink.ini
[2004/07/03 20:20:24 | 00,000,040 | ---- | C] () -- C:\WINDOWS\System32\sx96.ini
[2004/06/19 12:48:35 | 00,000,067 | ---- | C] () -- C:\WINDOWS\morphexe.INI
[2004/06/06 13:39:27 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/06/03 22:08:19 | 00,000,478 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/06/03 21:44:16 | 00,000,146 | ---- | C] () -- C:\WINDOWS\TBPlugin.INI
[2004/06/03 21:44:16 | 00,000,095 | ---- | C] () -- C:\WINDOWS\avconfig.ini
[2004/05/26 10:30:32 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\astrolib32.dll
[2004/05/25 12:11:43 | 00,000,119 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2004/05/24 09:05:31 | 00,000,227 | ---- | C] () -- C:\WINDOWS\SIMAQU~1.INI
[2004/04/03 16:53:17 | 00,000,037 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/03/09 14:50:36 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\ICMSetup532.dll
[2004/03/09 14:50:34 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\8532util.dll
[2004/02/03 21:09:07 | 00,000,093 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/10/16 10:48:44 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2003/10/14 18:43:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2003/09/05 18:18:30 | 00,000,048 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2003/05/27 14:49:00 | 00,041,984 | ---- | C] () -- C:\WINDOWS\System32\AQalphaGL.dll
[2003/05/19 09:12:28 | 00,061,678 | ---- | C] () -- C:\Documents and Settings\Others\Application Data\PFP100JPR.{PB
[2003/05/19 09:12:28 | 00,012,358 | ---- | C] () -- C:\Documents and Settings\Others\Application Data\PFP100JCM.{PB
[2003/05/14 19:48:08 | 00,000,068 | ---- | C] () -- C:\WINDOWS\FastAIT.INI
[2003/05/05 10:31:44 | 00,001,663 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2003/05/01 20:01:48 | 00,000,424 | ---- | C] () -- C:\WINDOWS\NJCOM.INI
[2003/05/01 12:15:04 | 00,000,023 | ---- | C] () -- C:\WINDOWS\NtsUninstall.ini
[2003/05/01 11:39:32 | 00,000,068 | ---- | C] () -- C:\WINDOWS\XDICT.INI
[2003/04/25 14:17:43 | 00,194,560 | ---- | C] () -- C:\Documents and Settings\Others\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/04/13 17:47:44 | 00,000,095 | ---- | C] () -- C:\WINDOWS\ntsautodial.ini
[2003/03/31 02:02:18 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Others\Application Data\DESKTOP.INI
[2003/03/31 02:02:09 | 00,058,504 | ---- | C] () -- C:\Documents and Settings\Others\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2003/03/19 01:01:19 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/03/19 00:46:32 | 00,000,185 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2003/03/19 00:46:28 | 00,000,779 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/03/19 00:34:19 | 00,000,892 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/03/19 00:06:10 | 00,000,310 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/09/04 00:39:08 | 00,056,880 | ---- | C] () -- C:\WINDOWS\System32\scvideo.dll
[2002/09/03 22:59:58 | 00,000,999 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2002/09/03 22:50:58 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/09/03 22:50:46 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\DESKTOP.INI
[2002/03/21 15:39:02 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2001/10/08 18:59:28 | 00,000,821 | ---- | C] () -- C:\WINDOWS\txp-lcn.ini
[2001/10/08 13:24:26 | 00,148,544 | ---- | C] () -- C:\WINDOWS\System32\msvdm.dll
[2001/10/08 12:59:46 | 00,016,960 | ---- | C] () -- C:\WINDOWS\System32\mag.dll
[2000/11/24 18:05:06 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\Cpuinfo2.dll
[1999/03/16 17:32:33 | 00,000,136 | ---- | C] () -- C:\WINDOWS\System32\mstraps.dll
[1999/01/22 11:46:56 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1996/04/04 03:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 284 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 182 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:28BB1CE8
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D74B6CF5
< End of report >

    Advertisements

Register to Remove


#32 oldman960

oldman960

    Forum God

  • Classroom Teacher
  • 14,755 posts

Posted 05 November 2009 - 12:32 AM

Hi Tom,

If no other problems, we can clean up our tools.

From your desktop, please delete
  • any notepads/logs that we created
  • SystemLook.exe
  • Win32kDiag.exe
  • Rooter.exe
In windows explorer, delete this folder C:\Rooter$

Next

Click the Start button, click Run. Copy and paste the following line into the run box and click OK
Combofix /uninstall

Open OTL then click the Clean Up button. You may get prompted by your firewall that OTL wants to contact the internet - allow this. A cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will do some clean up tasks and delete some of the tools you have downloaded plus itself.

Don't forget to re-enable SpywareGuard when you are done.

I suggest yo keep MBAM as an on demand scanner. Keep it updated and use it regularly.

Some Recommendations and prevention tips

Basic security consists of 1 antivirus program, 1 resident antispyware program, 1 on demand antispyware program and a firewall. You have those already.

You have a pretty secure computer with a layered defence. Just stay away from the cracks.

-Secure your Internet Explorer

From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.

- Keeping your Windows up-to-date is crucial to your computer's security. Please go to the Windows Update Site (using Internet Explorer) and download and install all critical updates on a regular basis

- Ensure that Automatic Update is turned on so you get all the latest patches.
Click start, control panel, click Security Center.

- Keep your antivirus program updated, as well as any other security programs you have.

-Check this site out to check for out of date programs
Secunia Personal Software Inspector (PSI) 1.0

-More tips and programs can be found HERE

- You may also want to read this article By Tony Klein
http://www.freedomli...pic.php?t=22879

We will keep this thread open for a couple of days. Please post back if you have any problems or questions. Please post back when you have finished so this thread can be marked "Resolved".

Take care :adios:

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation Posted Image
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Posted Image

Threads will be closed if no response after 5 days.

#33 Tom_q2356

Tom_q2356

    Authentic Member

  • Authentic Member
  • PipPip
  • 178 posts

Posted 05 November 2009 - 03:23 AM

Thanks so much, Oldman960! My Zonealarm, Avast Virus scanner and Spywareguard are all functioning well. So do you think it is ok to start using this computer with all the new passwords I changed on another computer? Do you think Bagle is now completely gone from my computer? Thanks! Also, if you were born on September of 1960, you are still a youngman. So thanks Youngman960!!! :)

#34 oldman960

oldman960

    Forum God

  • Classroom Teacher
  • 14,755 posts

Posted 05 November 2009 - 07:30 AM

Hi Tom, All the scans we have done show your computer to be clean, so go ahead and use your computer. You are welcome, glad to have been of assistance. Take care and keep safe.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation Posted Image
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Posted Image

Threads will be closed if no response after 5 days.

#35 Tom_q2356

Tom_q2356

    Authentic Member

  • Authentic Member
  • PipPip
  • 178 posts

Posted 05 November 2009 - 11:29 AM

Thanks Yougman, great to have you here! thanks a million!!! Chao!

Malwarebytes' Anti-Malware 1.41
Database version: 3103
Windows 5.1.2600 Service Pack 3

11/5/2009 7:25:43 AM
mbam-log-2009-11-05 (07-25-43).txt

Scan type: Full Scan (C:\|)
Objects scanned: 259655
Time elapsed: 7 hour(s), 48 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#36 oldman960

oldman960

    Forum God

  • Classroom Teacher
  • 14,755 posts

Posted 05 November 2009 - 06:57 PM

Hi Tom, Well no malware there. :thumbup:

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation Posted Image
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Posted Image

Threads will be closed if no response after 5 days.

#37 oldman960

oldman960

    Forum God

  • Classroom Teacher
  • 14,755 posts

Posted 08 November 2009 - 01:45 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation Posted Image
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Posted Image

Threads will be closed if no response after 5 days.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users