Sign In
Create Account
0
recently my computer information and files and password has been comprimised and i did a hijackthis i was wondering if everything seems fine now?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:36:02 PM, on 5/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100510052343.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
--
End of file - 7071 bytes
-
This topic is locked
Back to top
#2
Posted 12 May 2010 - 06:49 AM
-
- Members
-
- 39 posts
New Member
recently m computer was affected by a worm autorun.inf in my usb it spread like mad -fire. But i installed more than 1 anti-virus to be on the safe side i was wonderlinf if my pc seems fine based on the hijacklogs
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:47:14 AM, on 5/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100510052343.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
--
End of file - 7068 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:47:14 AM, on 5/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100510052343.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
--
End of file - 7068 bytes
#3
Posted 12 May 2010 - 12:05 PM
-
- Experts
-
- 59 posts
Regular Member
- Gender:Male
- Location:Germany
- Interests:fight against malware :)
Hello, kangaroo
Welcome to the Malwarebytes Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.
Please take note of some guidelines for this fix:
Hijackthis is no longer good enough too see the newest infections, so we have to do some other scans to look deeper.
Download GMER from Here. Note the file's name and save it to your root folder, such as C:\.
Welcome to the Malwarebytes Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.
Please take note of some guidelines for this fix:
- Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
- If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
- Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
- Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
- Please set your system to show all files.
Click Start, open My Computer, select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Hijackthis is no longer good enough too see the newest infections, so we have to do some other scans to look deeper.
- Please download OTL from one of the following mirrors:
- Save it to your desktop.
- Double click on the
icon on your desktop. - Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT - Push the Quick Scan button.
- Two reports will open, copy and paste them in a reply here:
- OTL.txt <-- Will be opened
- Extra.txt <-- Will be minimized
- OTL.txt <-- Will be opened
Download GMER from Here. Note the file's name and save it to your root folder, such as C:\.
- Disconnect from the Internet and close all running programs.
- Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
- Click on this link to see a list of programs that should be disabled.
- Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
- Allow the driver to load if asked.
- You may be prompted to scan immediately if it detects rootkit activity.
- If you are prompted to scan your system click "No", save the log and post back the results.
- If not prompted, click the "Rootkit/Malware" tab.
- On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
- Select all drives that are connected to your system to be scanned.
- Click the Scan button to begin. (Please be patient as it can take some time to complete)
- When the scan is finished, click Save to save the scan results to your Desktop.
- Save the file as Results.log and copy/paste the contents in your next reply.
- Exit the program and re-enable all active protection when done.
regards,
schrauber
If I have helped you then please consider donating to continue the fight against malware
schrauber
If I have helped you then please consider donating to continue the fight against malware
#4
Posted 12 May 2010 - 12:55 PM
-
- Members
-
- 39 posts
New Member
OTL
OTL logfile created on: 5/12/2010 10:25:22 AM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\test\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 443.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 66.38 Gb Free Space | 89.07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TEST-20BFE89AFD
Current User Name: test
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/05/12 10:17:15 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/08 17:04:56 | 003,021,208 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
PRC - [2010/03/24 18:48:10 | 000,323,992 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2010/02/03 21:16:40 | 001,179,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2010/01/05 18:04:02 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2010/01/05 18:04:02 | 000,170,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2010/01/05 18:04:02 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe
PRC - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2008/07/03 04:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
========== Modules (SafeList) ==========
MOD - [2010/05/12 10:17:15 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
MOD - [2010/01/14 16:08:22 | 000,460,048 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFWAH.dll
MOD - [2008/04/14 05:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (mnmsrvc)
SRV - [2010/05/10 05:15:09 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2010/05/07 18:19:06 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/03/24 18:48:10 | 000,323,992 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2010/01/05 18:04:02 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/01/05 18:04:02 | 000,170,144 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/01/05 18:04:02 | 000,141,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2009/12/30 18:13:18 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
========== Driver Services (SafeList) ==========
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/03/10 11:36:36 | 000,217,032 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/01/14 16:08:30 | 000,059,664 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/01/14 16:08:28 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/01/14 16:08:28 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2010/01/05 18:04:02 | 000,312,584 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/01/05 18:04:02 | 000,152,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/01/05 18:04:02 | 000,088,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/01/05 18:04:02 | 000,088,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/01/05 18:04:02 | 000,083,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/01/05 18:04:02 | 000,082,952 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/01/05 18:04:02 | 000,055,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/01/05 18:04:02 | 000,051,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/01/05 17:04:02 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/01/05 17:04:02 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2008/04/14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 17:24:38 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2007/07/25 16:44:28 | 002,210,048 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2007/05/02 11:34:32 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/10/14 20:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/05/09 15:43:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/10 05:23:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/06 15:05:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2010/05/06 10:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mozilla\Extensions
[2010/05/07 08:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\6fooblzy.default\extensions
[2010/05/06 10:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/05 18:04:02 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
O1 HOSTS File: ([2010/05/12 10:21:20 | 000,392,702 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13564 more lines...
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20100510052343.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\615\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/10 15:38:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: EventSystem - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/04/10 08:04:29 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: winmgmt - File not found
Unable to start service SrService!
========== Files/Folders - Created Within 90 Days ==========
[2010/05/12 10:17:12 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
[2010/05/12 10:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Malwarebytes
[2010/05/12 05:11:48 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2010/05/12 05:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/05/12 05:11:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\61D3AAE1D5214CD7939B37813DE8F955.TMP
[2010/05/12 05:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/05/12 04:57:21 | 000,161,296 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2010/05/10 05:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/05/10 05:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2010/05/10 05:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Citrix
[2010/05/09 15:34:54 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2010/05/09 15:34:48 | 000,312,584 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2010/05/09 15:34:48 | 000,152,320 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2010/05/09 15:34:48 | 000,088,480 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2010/05/09 15:34:48 | 000,083,496 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2010/05/09 15:34:48 | 000,082,952 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2010/05/09 15:34:48 | 000,051,688 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2010/05/09 15:34:47 | 000,055,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2010/05/09 15:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Mcafee
[2010/05/09 15:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/05/09 15:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/05/09 15:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/05/07 18:27:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
[2010/05/07 18:27:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Mozilla
[2010/05/07 08:38:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\My Documents\Downloads
[2010/05/06 16:46:11 | 034,596,344 | ---- | C] (PC Tools ) -- C:\Documents and Settings\test\Desktop\7.0.0.538f-sdasetup.exe
[2010/05/06 16:40:03 | 000,000,000 | ---D | C] -- C:\New Folder
[2010/05/06 16:35:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\test
[2010/05/06 16:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010/05/06 10:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Mozilla
[2010/05/06 10:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Mozilla
[2010/05/06 10:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/05/06 07:08:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2010/05/06 07:08:33 | 000,000,000 | ---D | C] -- C:\Program Files\Autorun Eater
[2010/05/06 06:16:01 | 000,059,664 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfSysMon.sys
[2010/05/06 06:16:00 | 000,051,984 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfFsMon.sys
[2010/05/06 06:16:00 | 000,033,552 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfNetMon.sys
[2010/05/06 06:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\ThreatFire
[2010/05/05 10:21:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\test\Recent
[2010/05/05 08:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\k
[2010/05/03 21:16:51 | 000,188,416 | ---- | C] (brother) -- C:\WINDOWS\System32\Pdrvinst.dll
[2010/05/03 21:16:51 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2010/05/03 21:16:45 | 000,081,920 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll
[2010/05/03 21:16:44 | 000,065,536 | ---- | C] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE
[2010/05/03 21:09:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2010/05/03 21:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2010/05/03 21:08:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/05/03 21:07:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010/05/02 21:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2010/04/30 05:36:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010/04/27 17:42:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/04/27 10:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/23 09:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/04/23 09:29:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/04/23 09:27:09 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\test\Desktop\spybotsd162.exe
[2010/04/22 13:42:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\ESET
[2010/04/22 13:34:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/04/22 13:24:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/04/22 09:10:19 | 000,611,624 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\test\Desktop\GetSystemInfo.exe
[2010/04/20 15:11:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\GlobalSCAPE
[2010/04/20 15:11:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\GlobalSCAPE
[2010/04/20 15:11:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2010/04/20 15:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalSCAPE
[2010/04/19 11:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\ATI
[2010/04/19 11:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\ATI
[2010/04/19 11:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2010/04/19 10:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/04/19 10:51:00 | 000,000,000 | ---D | C] -- C:\DRIVERS
[2010/04/18 19:09:43 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/04/18 07:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/04/18 07:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer
[2010/04/18 07:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/04/18 06:59:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/04/18 06:59:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/04/18 06:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Adobe
[2010/04/18 06:57:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/04/16 15:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Malwarebytes
[2010/04/16 15:48:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/16 15:48:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/16 15:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/16 15:48:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/16 09:43:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\The_Cover_All_Stars-Instrumental_Tribute_To_Lady_GaGa-2010-VAG
[2010/04/15 08:29:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\Prince [2010] - Tamil Version - TamilGears.Com
[2010/04/15 04:49:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Threat Expert
[2010/04/15 04:41:47 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/04/15 04:41:45 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/04/15 04:41:45 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/04/15 04:37:05 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/04/15 04:36:51 | 000,217,032 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/04/15 04:36:51 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/04/15 04:36:36 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/04/15 04:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/04/15 04:36:23 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/04/15 04:36:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\PC Tools
[2010/04/15 04:36:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/04/15 04:35:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/13 17:22:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\fave dancehall
[2010/04/13 16:22:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\VA-Best_Of_Ragga_Dancehall-2CD-2007-H5N1
[2010/04/13 15:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\Reggae.Dancehall.Singles.Part.2.[2010]
[2010/04/13 06:56:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Identities
[2010/04/12 07:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Tracing
[2010/04/12 07:18:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/04/12 07:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2010/04/12 07:17:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/04/12 07:13:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/04/11 20:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/04/11 10:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\WMTools Downloaded Files
[2010/04/11 10:54:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/04/11 08:46:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/04/11 07:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\Jay Sean - All Or Nothing [www.worldwidedesis.com]
[2010/04/11 07:13:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\tune
[2010/04/11 05:38:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/04/11 05:29:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\Desktop\Sean_Paul-Dutty_Rock-CD-2002-JAH
[2010/04/10 17:28:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\My Documents\My Videos
[2010/04/10 17:27:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\Design Studio Inc - Reggaeton Volume 2
[2010/04/10 17:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\WinRAR
[2010/04/10 17:24:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\My Documents\My Recordings
[2010/04/10 17:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Acoustica
[2010/04/10 17:23:41 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\WINDOWS\System32\Wnaspint.dll
[2010/04/10 17:23:18 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Spin It Again
[2010/04/10 17:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Shared Effects
[2010/04/10 17:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\VST
[2010/04/10 17:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Mixcraft 5
[2010/04/10 17:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2010/04/10 17:16:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/04/10 17:13:47 | 001,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll
[2010/04/10 17:13:47 | 000,030,208 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll
[2010/04/10 17:13:45 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2010/04/10 17:13:45 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2010/04/10 17:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2010/04/10 17:13:44 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/04/10 17:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/04/10 16:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Macromedia
[2010/04/10 16:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Adobe
[2010/04/10 16:55:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/04/10 16:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/04/10 16:51:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\WLANINT2
[2010/04/10 16:50:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\ETHERNET
[2010/04/10 16:50:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\AUDIO
[2010/04/10 16:16:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Identities
[2010/04/10 16:16:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\My Documents\My Pictures
[2010/04/10 16:16:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\My Documents\My Music
[2010/04/10 16:16:12 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/04/10 16:16:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Microsoft
[2010/04/10 16:16:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\test\Application Data\Microsoft
[2010/04/10 16:16:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\test\Application Data
[2010/04/10 16:16:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\My Documents
[2010/04/10 16:16:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\Favorites
[2010/04/10 16:16:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\test\Cookies
[2010/04/10 16:16:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\test\NetHood
[2010/04/10 16:16:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\test\Local Settings
[2010/04/10 16:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop
[2010/04/10 16:15:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\test\SendTo
[2010/04/10 16:15:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\Start Menu
[2010/04/10 16:15:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\test\Templates
[2010/04/10 16:15:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\test\PrintHood
[2010/04/10 16:15:57 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/04/10 16:13:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/04/10 16:13:40 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/04/10 16:13:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/04/10 16:13:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/10 15:44:28 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/10 15:44:28 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/10 15:38:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/04/10 15:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/04/10 15:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\msn gaming zone
[2010/04/10 15:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/04/10 15:37:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/04/10 15:37:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/04/10 15:36:58 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/04/10 15:36:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/04/10 15:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/04/10 15:36:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/04/10 15:36:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/04/10 15:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/04/10 15:35:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/04/10 15:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/04/10 15:35:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/04/10 15:35:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/04/10 15:35:29 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/04/10 15:35:21 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/04/10 15:34:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/04/10 15:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/04/10 15:34:28 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/04/10 15:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/04/10 15:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/04/10 15:34:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/04/10 15:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/04/10 15:17:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/04/10 15:17:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/04/10 15:17:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/04/10 15:17:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/04/10 08:11:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/04/10 08:10:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/04/10 08:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/04/10 08:10:46 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/04/10 08:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/04/10 08:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/04/10 08:10:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/04/10 08:10:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/04/10 08:10:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/04/10 08:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/04/10 08:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/04/10 08:10:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/04/10 08:10:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/04/10 08:09:57 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/04/10 08:09:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/04/10 08:09:34 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/04/10 08:09:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/04/10 08:03:20 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/04/10 08:03:20 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/04/10 08:03:20 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/04/10 08:03:20 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/04/10 08:03:20 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/04/10 08:03:20 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\inf
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRM
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/05/12 10:21:54 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/05/12 10:21:20 | 000,392,702 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/05/12 10:21:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/12 10:21:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/12 10:20:22 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\test\ntuser.ini
[2010/05/12 10:20:21 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\test\NTUSER.DAT
[2010/05/12 10:20:19 | 002,656,656 | -H-- | M] () -- C:\Documents and Settings\test\Local Settings\Application Data\IconCache.db
[2010/05/12 10:17:15 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
[2010/05/12 05:11:52 | 000,001,971 | ---- | M] () -- C:\Documents and Settings\test\Desktop\SpyHunter.lnk
[2010/05/12 05:09:29 | 001,074,232 | ---- | M] () -- C:\Documents and Settings\test\Desktop\RootkitBuster_2.80.1077.zip
[2010/05/12 04:57:21 | 000,161,296 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2010/05/12 04:44:54 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\test\Desktop\HiJackThis.lnk
[2010/05/10 11:02:23 | 000,000,109 | ---- | M] () -- C:\Documents and Settings\test\Desktop\NoAutoRun.reg
[2010/05/10 08:50:09 | 000,000,539 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/10 08:50:09 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/10 08:50:09 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/05/09 15:47:47 | 000,001,607 | ---- | M] () -- C:\Documents and Settings\test\Desktop\McAfee AntiVirus Plus.lnk
[2010/05/09 09:26:29 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Spybot - Search & Destroy.lnk
[2010/05/06 16:46:16 | 034,596,344 | ---- | M] (PC Tools ) -- C:\Documents and Settings\test\Desktop\7.0.0.538f-sdasetup.exe
[2010/05/06 10:21:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/05/06 10:21:08 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/06 07:17:27 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\test\del
[2010/05/06 07:08:33 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/05/06 06:51:28 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\test\Desktop\untitled.bmp
[2010/05/06 06:16:02 | 000,000,621 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ThreatFire.lnk
[2010/05/05 08:53:23 | 000,680,256 | ---- | M] () -- C:\Documents and Settings\test\Desktop\[Eprouvez]'s_Keylogging_Tutorial.rar
[2010/05/05 08:35:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/04 07:42:34 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/05/03 21:21:10 | 000,000,410 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/03 21:21:10 | 000,000,034 | ---- | M] () -- C:\WINDOWS\System32\BD7020.DAT
[2010/05/03 21:17:18 | 000,000,000 | ---- | M] () -- C:\Program Files\error.dat
[2010/04/30 06:53:33 | 001,056,313 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Botnet_Tutorial.pdf
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 08:43:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/23 09:58:47 | 000,392,702 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100423-100013.backup
[2010/04/23 09:30:09 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Spybot - Search & Destroy (for blind users).lnk
[2010/04/23 09:27:20 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\test\Desktop\spybotsd162.exe
[2010/04/22 09:10:27 | 000,611,624 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\test\Desktop\GetSystemInfo.exe
[2010/04/18 19:12:03 | 000,376,958 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/18 19:12:03 | 000,371,946 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/18 19:12:03 | 000,052,870 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/18 07:00:17 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/04/16 15:48:35 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/16 09:42:22 | 045,169,122 | ---- | M] () -- C:\Documents and Settings\test\Desktop\The_Cover_All_Stars-Instrumental_Tribute_To_Lady_GaGa-2010-VAG.rar
[2010/04/15 08:29:43 | 066,808,429 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Prince_[2010]_-_Tamil_Version_-_TamilGears.Com.rar
[2010/04/15 04:36:43 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/04/13 16:32:19 | 040,138,164 | ---- | M] () -- C:\Documents and Settings\test\Desktop\VA-Best_Of_Ragga_Dancehall-2CD-2007-H5N1.part2.rar
[2010/04/13 16:21:56 | 100,431,872 | ---- | M] () -- C:\Documents and Settings\test\Desktop\VA-Best_Of_Ragga_Dancehall-2CD-2007-H5N1.part1.rar
[2010/04/13 14:27:06 | 199,229,440 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Reggae.Dancehall.Singles.Part.2._2010_.part1.rar
[2010/04/13 04:50:11 | 006,198,411 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Jay_Sean__Down_ACOUSTIC_LIVE.mp3
[2010/04/12 13:49:56 | 000,167,899 | ---- | M] () -- C:\Documents and Settings\test\Desktop\454.JPG
[2010/04/12 08:11:14 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/12 07:19:47 | 000,012,912 | ---- | M] () -- C:\Documents and Settings\test\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/12 07:03:57 | 000,957,630 | ---- | M] () -- C:\Documents and Settings\test\Desktop\screwupending.mp3
[2010/04/12 06:23:46 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/12 06:22:07 | 000,010,890 | ---- | M] () -- C:\Documents and Settings\test\Desktop\testintro.JPG
[2010/04/12 06:10:20 | 008,403,532 | ---- | M] () -- C:\Documents and Settings\test\Desktop\13_-_megamix.mp3
[2010/04/12 05:10:49 | 000,048,644 | ---- | M] () -- C:\Documents and Settings\test\Desktop\practice2.mx5
[2010/04/11 20:40:58 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\test\Desktop\CCleaner.lnk
[2010/04/11 18:42:12 | 000,714,378 | ---- | M] () -- C:\Documents and Settings\test\Desktop\test234.mp3
[2010/04/11 17:58:11 | 008,636,738 | ---- | M] () -- C:\Documents and Settings\test\Desktop\SeanPaul-Temperature.rar
[2010/04/11 17:42:51 | 000,644,788 | ---- | M] () -- C:\Documents and Settings\test\Desktop\testintromix.mp3
[2010/04/11 17:24:34 | 006,220,154 | ---- | M] () -- C:\Documents and Settings\test\Desktop\sorumixtest.mp3
[2010/04/11 10:28:35 | 000,034,624 | ---- | M] () -- C:\Documents and Settings\test\Desktop\practice.mx5
[2010/04/11 10:12:43 | 000,644,788 | ---- | M] () -- C:\Documents and Settings\test\Desktop\test.mp3
[2010/04/11 07:46:42 | 136,328,904 | ---- | M] () -- C:\Documents and Settings\test\Desktop\soccerlist.rar
[2010/04/11 07:22:15 | 012,260,807 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Yea Dushyantha - TamilWire.Com.mp3
[2010/04/11 07:21:36 | 006,203,381 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Vinnathaandi Varuvaayaa - TamilWire.Com.mp3
[2010/04/11 07:21:31 | 011,351,290 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Hosanna - TamilWire.Com.mp3
[2010/04/11 07:12:55 | 184,288,233 | ---- | M] () -- C:\Documents and Settings\test\Desktop\NxSG_HipHop_Beats_Collection.rar
[2010/04/10 17:53:01 | 107,427,278 | ---- | M] () -- C:\Documents and Settings\test\Desktop\SPDutty.rar
[2010/04/10 17:28:29 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/10 17:25:15 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mixcraft 5.lnk
[2010/04/10 17:23:41 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spin It Again.lnk
[2010/04/10 15:44:34 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/10 15:43:31 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/04/10 15:38:35 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/10 15:38:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/10 15:38:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/10 15:38:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/04/10 15:38:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/04/10 15:38:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/10 15:38:33 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/10 15:38:33 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/10 15:38:18 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/10 15:38:08 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/10 15:37:13 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/10 15:37:13 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/10 08:15:46 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/03/10 11:36:36 | 000,217,032 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/05/12 05:11:52 | 000,001,971 | ---- | C] () -- C:\Documents and Settings\test\Desktop\SpyHunter.lnk
[2010/05/12 05:09:29 | 001,074,232 | ---- | C] () -- C:\Documents and Settings\test\Desktop\RootkitBuster_2.80.1077.zip
[2010/05/11 06:03:23 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/05/10 11:02:03 | 000,000,109 | ---- | C] () -- C:\Documents and Settings\test\Desktop\NoAutoRun.reg
[2010/05/09 15:48:03 | 000,001,607 | ---- | C] () -- C:\Documents and Settings\test\Desktop\McAfee AntiVirus Plus.lnk
[2010/05/06 10:21:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/05/06 10:21:08 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/06 07:17:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\test\del
[2010/05/06 07:08:33 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/05/06 06:51:28 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\test\Desktop\untitled.bmp
[2010/05/06 06:16:02 | 000,000,621 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ThreatFire.lnk
[2010/05/05 08:53:19 | 000,680,256 | ---- | C] () -- C:\Documents and Settings\test\Desktop\[Eprouvez]'s_Keylogging_Tutorial.rar
[2010/05/03 21:17:18 | 000,000,000 | ---- | C] () -- C:\Program Files\error.dat
[2010/05/03 21:17:04 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/03 21:17:04 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD7020.DAT
[2010/04/30 06:53:31 | 001,056,313 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Botnet_Tutorial.pdf
[2010/04/27 10:18:23 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\test\Desktop\HiJackThis.lnk
[2010/04/23 10:00:13 | 000,392,702 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100423-100013.backup
[2010/04/23 09:58:47 | 000,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100423-095847.backup
[2010/04/23 09:30:09 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Spybot - Search & Destroy.lnk
[2010/04/23 09:30:09 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Spybot - Search & Destroy (for blind users).lnk
[2010/04/18 07:01:42 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/18 07:00:17 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/04/17 08:07:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/16 15:48:35 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/16 09:42:17 | 045,169,122 | ---- | C] () -- C:\Documents and Settings\test\Desktop\The_Cover_All_Stars-Instrumental_Tribute_To_Lady_GaGa-2010-VAG.rar
[2010/04/15 08:28:23 | 066,808,429 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Prince_[2010]_-_Tamil_Version_-_TamilGears.Com.rar
[2010/04/15 04:41:49 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/04/15 04:41:48 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010/04/15 04:41:47 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010/04/15 04:41:47 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010/04/15 04:41:46 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010/04/15 04:37:05 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/04/15 04:36:51 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/04/15 04:36:51 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/04/15 04:36:42 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/04/15 04:36:36 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/04/13 16:32:17 | 040,138,164 | ---- | C] () -- C:\Documents and Settings\test\Desktop\VA-Best_Of_Ragga_Dancehall-2CD-2007-H5N1.part2.rar
[2010/04/13 16:21:47 | 100,431,872 | ---- | C] () -- C:\Documents and Settings\test\Desktop\VA-Best_Of_Ragga_Dancehall-2CD-2007-H5N1.part1.rar
[2010/04/13 14:26:36 | 199,229,440 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Reggae.Dancehall.Singles.Part.2._2010_.part1.rar
[2010/04/12 13:49:56 | 000,167,899 | ---- | C] () -- C:\Documents and Settings\test\Desktop\454.JPG
[2010/04/12 06:22:07 | 000,010,890 | ---- | C] () -- C:\Documents and Settings\test\Desktop\testintro.JPG
[2010/04/12 06:20:55 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/12 06:18:45 | 000,957,630 | ---- | C] () -- C:\Documents and Settings\test\Desktop\screwupending.mp3
[2010/04/12 06:10:20 | 008,403,532 | ---- | C] () -- C:\Documents and Settings\test\Desktop\13_-_megamix.mp3
[2010/04/11 20:40:58 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\test\Desktop\CCleaner.lnk
[2010/04/11 20:12:39 | 006,198,411 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Jay_Sean__Down_ACOUSTIC_LIVE.mp3
[2010/04/11 18:26:24 | 000,714,378 | ---- | C] () -- C:\Documents and Settings\test\Desktop\test234.mp3
[2010/04/11 17:58:09 | 008,636,738 | ---- | C] () -- C:\Documents and Settings\test\Desktop\SeanPaul-Temperature.rar
[2010/04/11 17:25:13 | 000,644,788 | ---- | C] () -- C:\Documents and Settings\test\Desktop\testintromix.mp3
[2010/04/11 17:23:56 | 006,220,154 | ---- | C] () -- C:\Documents and Settings\test\Desktop\sorumixtest.mp3
[2010/04/11 16:28:40 | 000,048,644 | ---- | C] () -- C:\Documents and Settings\test\Desktop\practice2.mx5
[2010/04/11 10:00:10 | 000,644,788 | ---- | C] () -- C:\Documents and Settings\test\Desktop\test.mp3
[2010/04/11 08:38:10 | 000,034,624 | ---- | C] () -- C:\Documents and Settings\test\Desktop\practice.mx5
[2010/04/11 07:46:37 | 136,328,904 | ---- | C] () -- C:\Documents and Settings\test\Desktop\soccerlist.rar
[2010/04/11 07:22:15 | 012,260,807 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Yea Dushyantha - TamilWire.Com.mp3
[2010/04/11 07:21:35 | 006,203,381 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Vinnathaandi Varuvaayaa - TamilWire.Com.mp3
[2010/04/11 07:21:31 | 011,351,290 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Hosanna - TamilWire.Com.mp3
[2010/04/11 07:12:43 | 184,288,233 | ---- | C] () -- C:\Documents and Settings\test\Desktop\NxSG_HipHop_Beats_Collection.rar
[2010/04/10 17:52:55 | 107,427,278 | ---- | C] () -- C:\Documents and Settings\test\Desktop\SPDutty.rar
[2010/04/10 17:28:29 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/10 17:25:15 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mixcraft 5.lnk
[2010/04/10 17:23:41 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spin It Again.lnk
[2010/04/10 16:49:45 | 155,429,958 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Soca Songs 2008 - TAMILRMX.COM.rar
[2010/04/10 16:49:12 | 094,854,133 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Riddim Pack - Dj Tigga Stylez - WWW.TAMILRMX.COM.rar
[2010/04/10 16:49:05 | 018,405,240 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Riddim Fever Volume 1 - www.tamilrmx.com.rar
[2010/04/10 16:47:28 | 225,593,494 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Hindi Instrumentals - TAMILRMX.COM.rar
[2010/04/10 16:47:26 | 003,571,040 | ---- | C] () -- C:\Documents and Settings\test\Desktop\DJ TIGGA STYLEZ NU-SOUND-FX PACKAGE 2K8.rar
[2010/04/10 16:47:16 | 015,679,325 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Design Studio Inc - Reggaeton Volume 2.zip
[2010/04/10 16:16:02 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\test\ntuser.ini
[2010/04/10 16:15:59 | 006,291,456 | -H-- | C] () -- C:\Documents and Settings\test\NTUSER.DAT
[2010/04/10 16:15:59 | 000,024,576 | -H-- | C] () -- C:\Documents and Settings\test\NTUSER.DAT.LOG
[2010/04/10 15:44:34 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/10 15:43:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/04/10 15:38:35 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/10 15:38:35 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/10 15:38:35 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/10 15:38:35 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/04/10 15:38:35 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/04/10 15:38:20 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/10 15:38:20 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/10 15:38:18 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/10 15:37:13 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/10 15:37:13 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/10 15:35:58 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/04/10 15:35:58 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/04/10 08:15:46 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/04/10 08:10:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/04/10 08:10:43 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/04/10 08:10:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/04/10 08:10:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/04/10 08:10:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/04/10 08:10:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/04/10 08:10:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/04/10 08:10:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/04/10 08:10:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/04/10 08:10:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/04/10 08:10:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/04/10 08:10:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/04/10 08:10:39 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/04/10 08:10:39 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/04/10 08:10:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/04/10 08:10:37 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/04/10 08:10:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/04/10 08:10:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/04/10 08:10:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/04/10 08:10:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/04/10 08:10:33 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/04/10 08:10:20 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/04/10 08:10:20 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/04/10 08:10:19 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/04/10 08:10:19 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/04/10 08:10:19 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/04/10 08:10:19 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/04/10 08:10:19 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/04/10 08:10:19 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/04/10 08:10:19 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/04/10 08:10:19 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/04/10 08:10:19 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/04/10 08:10:19 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/04/10 08:10:19 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/04/10 08:10:19 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/04/10 08:10:19 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/04/10 08:10:19 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/04/10 08:10:19 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/04/10 08:10:18 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/04/10 08:10:18 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/04/10 08:09:33 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/10 08:08:37 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/04/10 08:08:32 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
========== LOP Check ==========
[2010/04/10 17:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2010/05/06 07:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2010/05/10 05:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/04/22 13:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/04/20 15:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2010/05/03 21:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/05/12 10:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/10 17:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Acoustica
[2010/04/20 15:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\GlobalSCAPE
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: ATAPI.SYS >
[2008/04/14 05:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 05:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008/04/16 21:50:12 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=06CF9EEDB7E827205C6948C9DAF56974 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008/04/14 05:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
Extras
OTL Extras logfile created on: 5/12/2010 10:25:22 AM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\test\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 443.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 66.38 Gb Free Space | 89.07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TEST-20BFE89AFD
Current User Name: test
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024D73F0-1C49-2340-8AC3-5234AAA560C0}" = ccc-core-static
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24F9E04D-4CD5-3979-76F9-C1C6E78471AB}" = CCC Help Italian
"{3305E24F-1192-0424-8A25-39713FD92728}" = Skins
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3DA7A736-0B03-565C-1139-83FE890F0AF3}" = CCC Help French
"{43A1FE83-D39F-3779-8D48-D6D19EE7AC48}" = CCC Help Chinese Traditional
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{57FA0525-01F9-4051-8DE9-CBF43CAC68D9}" = Catalyst Control Center - Branding
"{61D3AAE1-D521-4CD7-939B-37813DE8F955}" = SpyHunter
"{66CA5E58-0D03-A75D-16EF-68258DE0DFC3}" = CCC Help English
"{6BC292E6-5C85-4620-C1D0-A2FEAFD5D135}" = CCC Help Japanese
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7579A17B-0E6C-9EF3-D022-30729A24B399}" = CCC Help Chinese Standard
"{7BAA2000-5B8D-66DD-DBE7-089671AC118B}" = ccc-utility
"{7C2BD022-2B09-1F6D-D6C1-AD2A591E7537}" = Catalyst Control Center Core Implementation
"{806DB796-7082-C63F-284E-62245284A417}" = CCC Help Dutch
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{949DBB22-2FB7-4de1-804C-23D495A988D8}" = CuteFTP 8 Home
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3E23D97-145F-29BF-81DE-DAEC1E5AB237}" = Catalyst Control Center Graphics Full New
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8FA2AC0-3875-B59F-917F-719982FB1BE8}" = CCC Help Portuguese
"{ABE4AEFD-ADA9-4915-9AF0-B17E0713DFEC}" = Brother DCP-7020
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AE1A0B0E-2EC7-656A-711A-0E7E8D4AB5CF}" = CCC Help Spanish
"{B016DE7B-CA2D-5EFD-9591-A109E67119BD}" = CCC Help Swedish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C4A92EF9-D14C-937F-742E-D272938DC590}" = CCC Help Korean
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D702172D-8D17-D9EC-B661-42FA268575AF}" = Catalyst Control Center Localization All
"{DAA3F236-CEEC-C6CC-12C2-AB1B75C8BC09}" = CCC Help German
"{E09CEE8B-1DCD-C628-A8EA-2B56D61DDEFA}" = ccc-core-preinstall
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F3439243-1BAC-7250-D346-2642655F95ED}" = Catalyst Control Center Graphics Full Existing
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FF2AFF73-099E-0BB5-AE87-B044D3D7DE78}" = Catalyst Control Center Graphics Light
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"Autorun Eater_is1" = Autorun Eater v2.4
"Browser Defender_is1" = Browser Defender 2.0.6.15
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"GoToAssist" = GoToAssist Corporate
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft Silverlight" = Microsoft Silverlight
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSC" = McAfee AntiVirus Plus
"Spin It Again" = Spin It Again
"Spyware Doctor" = Spyware Doctor 7.0
"Unlocker" = Unlocker 1.8.9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/12/2010 9:22:30 AM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 9:22:30 AM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 11:02:30 AM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 11:02:30 AM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 12:47:30 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 12:50:43 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 1:14:27 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 1:14:27 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 1:21:18 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 1:21:18 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
[ System Events ]
Error - 5/10/2010 10:04:54 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:54 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:55 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:55 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:56 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:56 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:56 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:56 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:57 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:57 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
< End of report >
OTL logfile created on: 5/12/2010 10:25:22 AM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\test\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 443.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 66.38 Gb Free Space | 89.07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TEST-20BFE89AFD
Current User Name: test
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/05/12 10:17:15 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/08 17:04:56 | 003,021,208 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
PRC - [2010/03/24 18:48:10 | 000,323,992 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2010/02/03 21:16:40 | 001,179,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2010/01/05 18:04:02 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2010/01/05 18:04:02 | 000,170,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2010/01/05 18:04:02 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe
PRC - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2008/07/03 04:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
========== Modules (SafeList) ==========
MOD - [2010/05/12 10:17:15 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
MOD - [2010/01/14 16:08:22 | 000,460,048 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFWAH.dll
MOD - [2008/04/14 05:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (mnmsrvc)
SRV - [2010/05/10 05:15:09 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2010/05/07 18:19:06 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/03/24 18:48:10 | 000,323,992 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2010/01/05 18:04:02 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/01/05 18:04:02 | 000,170,144 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/01/05 18:04:02 | 000,141,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2009/12/30 18:13:18 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
========== Driver Services (SafeList) ==========
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/03/10 11:36:36 | 000,217,032 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/01/14 16:08:30 | 000,059,664 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/01/14 16:08:28 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/01/14 16:08:28 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2010/01/05 18:04:02 | 000,312,584 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/01/05 18:04:02 | 000,152,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/01/05 18:04:02 | 000,088,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/01/05 18:04:02 | 000,088,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/01/05 18:04:02 | 000,083,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/01/05 18:04:02 | 000,082,952 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/01/05 18:04:02 | 000,055,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/01/05 18:04:02 | 000,051,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/01/05 17:04:02 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/01/05 17:04:02 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2008/04/14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 17:24:38 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2007/07/25 16:44:28 | 002,210,048 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2007/05/02 11:34:32 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/10/14 20:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/05/09 15:43:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/10 05:23:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/06 15:05:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2010/05/06 10:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mozilla\Extensions
[2010/05/07 08:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\6fooblzy.default\extensions
[2010/05/06 10:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/05 18:04:02 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
O1 HOSTS File: ([2010/05/12 10:21:20 | 000,392,702 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13564 more lines...
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20100510052343.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\615\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/10 15:38:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: EventSystem - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/04/10 08:04:29 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: winmgmt - File not found
Unable to start service SrService!
========== Files/Folders - Created Within 90 Days ==========
[2010/05/12 10:17:12 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
[2010/05/12 10:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Malwarebytes
[2010/05/12 05:11:48 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2010/05/12 05:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/05/12 05:11:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\61D3AAE1D5214CD7939B37813DE8F955.TMP
[2010/05/12 05:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/05/12 04:57:21 | 000,161,296 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2010/05/10 05:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/05/10 05:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2010/05/10 05:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Citrix
[2010/05/09 15:34:54 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2010/05/09 15:34:48 | 000,312,584 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2010/05/09 15:34:48 | 000,152,320 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2010/05/09 15:34:48 | 000,088,480 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2010/05/09 15:34:48 | 000,083,496 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2010/05/09 15:34:48 | 000,082,952 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2010/05/09 15:34:48 | 000,051,688 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2010/05/09 15:34:47 | 000,055,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2010/05/09 15:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Mcafee
[2010/05/09 15:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/05/09 15:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/05/09 15:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/05/07 18:27:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
[2010/05/07 18:27:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Mozilla
[2010/05/07 08:38:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\My Documents\Downloads
[2010/05/06 16:46:11 | 034,596,344 | ---- | C] (PC Tools ) -- C:\Documents and Settings\test\Desktop\7.0.0.538f-sdasetup.exe
[2010/05/06 16:40:03 | 000,000,000 | ---D | C] -- C:\New Folder
[2010/05/06 16:35:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\test
[2010/05/06 16:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010/05/06 10:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Mozilla
[2010/05/06 10:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Mozilla
[2010/05/06 10:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/05/06 07:08:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2010/05/06 07:08:33 | 000,000,000 | ---D | C] -- C:\Program Files\Autorun Eater
[2010/05/06 06:16:01 | 000,059,664 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfSysMon.sys
[2010/05/06 06:16:00 | 000,051,984 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfFsMon.sys
[2010/05/06 06:16:00 | 000,033,552 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfNetMon.sys
[2010/05/06 06:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\ThreatFire
[2010/05/05 10:21:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\test\Recent
[2010/05/05 08:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\k
[2010/05/03 21:16:51 | 000,188,416 | ---- | C] (brother) -- C:\WINDOWS\System32\Pdrvinst.dll
[2010/05/03 21:16:51 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2010/05/03 21:16:45 | 000,081,920 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll
[2010/05/03 21:16:44 | 000,065,536 | ---- | C] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE
[2010/05/03 21:09:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2010/05/03 21:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2010/05/03 21:08:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/05/03 21:07:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010/05/02 21:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2010/04/30 05:36:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010/04/27 17:42:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/04/27 10:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/23 09:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/04/23 09:29:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/04/23 09:27:09 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\test\Desktop\spybotsd162.exe
[2010/04/22 13:42:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\ESET
[2010/04/22 13:34:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/04/22 13:24:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/04/22 09:10:19 | 000,611,624 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\test\Desktop\GetSystemInfo.exe
[2010/04/20 15:11:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\GlobalSCAPE
[2010/04/20 15:11:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\GlobalSCAPE
[2010/04/20 15:11:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2010/04/20 15:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalSCAPE
[2010/04/19 11:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\ATI
[2010/04/19 11:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\ATI
[2010/04/19 11:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2010/04/19 10:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/04/19 10:51:00 | 000,000,000 | ---D | C] -- C:\DRIVERS
[2010/04/18 19:09:43 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/04/18 07:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/04/18 07:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer
[2010/04/18 07:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/04/18 06:59:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/04/18 06:59:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/04/18 06:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Adobe
[2010/04/18 06:57:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/04/16 15:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Malwarebytes
[2010/04/16 15:48:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/16 15:48:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/16 15:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/16 15:48:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/16 09:43:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\The_Cover_All_Stars-Instrumental_Tribute_To_Lady_GaGa-2010-VAG
[2010/04/15 08:29:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\Prince [2010] - Tamil Version - TamilGears.Com
[2010/04/15 04:49:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Threat Expert
[2010/04/15 04:41:47 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/04/15 04:41:45 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/04/15 04:41:45 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/04/15 04:37:05 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/04/15 04:36:51 | 000,217,032 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/04/15 04:36:51 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/04/15 04:36:36 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/04/15 04:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/04/15 04:36:23 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/04/15 04:36:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\PC Tools
[2010/04/15 04:36:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/04/15 04:35:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/13 17:22:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\fave dancehall
[2010/04/13 16:22:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\VA-Best_Of_Ragga_Dancehall-2CD-2007-H5N1
[2010/04/13 15:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\Reggae.Dancehall.Singles.Part.2.[2010]
[2010/04/13 06:56:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Identities
[2010/04/12 07:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Tracing
[2010/04/12 07:18:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/04/12 07:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2010/04/12 07:17:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/04/12 07:13:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/04/11 20:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/04/11 10:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\WMTools Downloaded Files
[2010/04/11 10:54:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/04/11 08:46:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/04/11 07:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\Jay Sean - All Or Nothing [www.worldwidedesis.com]
[2010/04/11 07:13:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\tune
[2010/04/11 05:38:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/04/11 05:29:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\Desktop\Sean_Paul-Dutty_Rock-CD-2002-JAH
[2010/04/10 17:28:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\My Documents\My Videos
[2010/04/10 17:27:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\Design Studio Inc - Reggaeton Volume 2
[2010/04/10 17:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\WinRAR
[2010/04/10 17:24:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\My Documents\My Recordings
[2010/04/10 17:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Acoustica
[2010/04/10 17:23:41 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\WINDOWS\System32\Wnaspint.dll
[2010/04/10 17:23:18 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Spin It Again
[2010/04/10 17:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Shared Effects
[2010/04/10 17:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\VST
[2010/04/10 17:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Mixcraft 5
[2010/04/10 17:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2010/04/10 17:16:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/04/10 17:13:47 | 001,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll
[2010/04/10 17:13:47 | 000,030,208 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll
[2010/04/10 17:13:45 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2010/04/10 17:13:45 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2010/04/10 17:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2010/04/10 17:13:44 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/04/10 17:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/04/10 16:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Macromedia
[2010/04/10 16:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Adobe
[2010/04/10 16:55:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/04/10 16:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010/04/10 16:51:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\WLANINT2
[2010/04/10 16:50:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\ETHERNET
[2010/04/10 16:50:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop\AUDIO
[2010/04/10 16:16:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Identities
[2010/04/10 16:16:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\My Documents\My Pictures
[2010/04/10 16:16:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\My Documents\My Music
[2010/04/10 16:16:12 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/04/10 16:16:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\test\Local Settings\Application Data\Microsoft
[2010/04/10 16:16:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\test\Application Data\Microsoft
[2010/04/10 16:16:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\test\Application Data
[2010/04/10 16:16:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\My Documents
[2010/04/10 16:16:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\Favorites
[2010/04/10 16:16:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\test\Cookies
[2010/04/10 16:16:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\test\NetHood
[2010/04/10 16:16:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\test\Local Settings
[2010/04/10 16:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Desktop
[2010/04/10 16:15:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\test\SendTo
[2010/04/10 16:15:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\test\Start Menu
[2010/04/10 16:15:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\test\Templates
[2010/04/10 16:15:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\test\PrintHood
[2010/04/10 16:15:57 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/04/10 16:13:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/04/10 16:13:40 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/04/10 16:13:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/04/10 16:13:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/04/10 15:44:28 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/04/10 15:44:28 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/04/10 15:38:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/04/10 15:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/04/10 15:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\msn gaming zone
[2010/04/10 15:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/04/10 15:37:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/04/10 15:37:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/04/10 15:36:58 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/04/10 15:36:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/04/10 15:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/04/10 15:36:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/04/10 15:36:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/04/10 15:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/04/10 15:35:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/04/10 15:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/04/10 15:35:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/04/10 15:35:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/04/10 15:35:29 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/04/10 15:35:21 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/04/10 15:34:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/04/10 15:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/04/10 15:34:28 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/04/10 15:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/04/10 15:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/04/10 15:34:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/04/10 15:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/04/10 15:17:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/04/10 15:17:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/04/10 15:17:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/04/10 15:17:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/04/10 08:11:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/04/10 08:10:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/04/10 08:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/04/10 08:10:46 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/04/10 08:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/04/10 08:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/04/10 08:10:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/04/10 08:10:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/04/10 08:10:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/04/10 08:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/04/10 08:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/04/10 08:10:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/04/10 08:10:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/04/10 08:09:57 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/04/10 08:09:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/04/10 08:09:34 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/04/10 08:09:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/04/10 08:03:20 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/04/10 08:03:20 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/04/10 08:03:20 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/04/10 08:03:20 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/04/10 08:03:20 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/04/10 08:03:20 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\inf
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRM
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/04/10 08:03:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/05/12 10:21:54 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/05/12 10:21:20 | 000,392,702 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/05/12 10:21:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/12 10:21:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/12 10:20:22 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\test\ntuser.ini
[2010/05/12 10:20:21 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\test\NTUSER.DAT
[2010/05/12 10:20:19 | 002,656,656 | -H-- | M] () -- C:\Documents and Settings\test\Local Settings\Application Data\IconCache.db
[2010/05/12 10:17:15 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
[2010/05/12 05:11:52 | 000,001,971 | ---- | M] () -- C:\Documents and Settings\test\Desktop\SpyHunter.lnk
[2010/05/12 05:09:29 | 001,074,232 | ---- | M] () -- C:\Documents and Settings\test\Desktop\RootkitBuster_2.80.1077.zip
[2010/05/12 04:57:21 | 000,161,296 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2010/05/12 04:44:54 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\test\Desktop\HiJackThis.lnk
[2010/05/10 11:02:23 | 000,000,109 | ---- | M] () -- C:\Documents and Settings\test\Desktop\NoAutoRun.reg
[2010/05/10 08:50:09 | 000,000,539 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/10 08:50:09 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/10 08:50:09 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/05/09 15:47:47 | 000,001,607 | ---- | M] () -- C:\Documents and Settings\test\Desktop\McAfee AntiVirus Plus.lnk
[2010/05/09 09:26:29 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Spybot - Search & Destroy.lnk
[2010/05/06 16:46:16 | 034,596,344 | ---- | M] (PC Tools ) -- C:\Documents and Settings\test\Desktop\7.0.0.538f-sdasetup.exe
[2010/05/06 10:21:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/05/06 10:21:08 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/06 07:17:27 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\test\del
[2010/05/06 07:08:33 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/05/06 06:51:28 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\test\Desktop\untitled.bmp
[2010/05/06 06:16:02 | 000,000,621 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ThreatFire.lnk
[2010/05/05 08:53:23 | 000,680,256 | ---- | M] () -- C:\Documents and Settings\test\Desktop\[Eprouvez]'s_Keylogging_Tutorial.rar
[2010/05/05 08:35:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/04 07:42:34 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/05/03 21:21:10 | 000,000,410 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/03 21:21:10 | 000,000,034 | ---- | M] () -- C:\WINDOWS\System32\BD7020.DAT
[2010/05/03 21:17:18 | 000,000,000 | ---- | M] () -- C:\Program Files\error.dat
[2010/04/30 06:53:33 | 001,056,313 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Botnet_Tutorial.pdf
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 08:43:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/23 09:58:47 | 000,392,702 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100423-100013.backup
[2010/04/23 09:30:09 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Spybot - Search & Destroy (for blind users).lnk
[2010/04/23 09:27:20 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\test\Desktop\spybotsd162.exe
[2010/04/22 09:10:27 | 000,611,624 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\test\Desktop\GetSystemInfo.exe
[2010/04/18 19:12:03 | 000,376,958 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/18 19:12:03 | 000,371,946 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/18 19:12:03 | 000,052,870 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/18 07:00:17 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/04/16 15:48:35 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/16 09:42:22 | 045,169,122 | ---- | M] () -- C:\Documents and Settings\test\Desktop\The_Cover_All_Stars-Instrumental_Tribute_To_Lady_GaGa-2010-VAG.rar
[2010/04/15 08:29:43 | 066,808,429 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Prince_[2010]_-_Tamil_Version_-_TamilGears.Com.rar
[2010/04/15 04:36:43 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/04/13 16:32:19 | 040,138,164 | ---- | M] () -- C:\Documents and Settings\test\Desktop\VA-Best_Of_Ragga_Dancehall-2CD-2007-H5N1.part2.rar
[2010/04/13 16:21:56 | 100,431,872 | ---- | M] () -- C:\Documents and Settings\test\Desktop\VA-Best_Of_Ragga_Dancehall-2CD-2007-H5N1.part1.rar
[2010/04/13 14:27:06 | 199,229,440 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Reggae.Dancehall.Singles.Part.2._2010_.part1.rar
[2010/04/13 04:50:11 | 006,198,411 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Jay_Sean__Down_ACOUSTIC_LIVE.mp3
[2010/04/12 13:49:56 | 000,167,899 | ---- | M] () -- C:\Documents and Settings\test\Desktop\454.JPG
[2010/04/12 08:11:14 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/12 07:19:47 | 000,012,912 | ---- | M] () -- C:\Documents and Settings\test\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/12 07:03:57 | 000,957,630 | ---- | M] () -- C:\Documents and Settings\test\Desktop\screwupending.mp3
[2010/04/12 06:23:46 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/12 06:22:07 | 000,010,890 | ---- | M] () -- C:\Documents and Settings\test\Desktop\testintro.JPG
[2010/04/12 06:10:20 | 008,403,532 | ---- | M] () -- C:\Documents and Settings\test\Desktop\13_-_megamix.mp3
[2010/04/12 05:10:49 | 000,048,644 | ---- | M] () -- C:\Documents and Settings\test\Desktop\practice2.mx5
[2010/04/11 20:40:58 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\test\Desktop\CCleaner.lnk
[2010/04/11 18:42:12 | 000,714,378 | ---- | M] () -- C:\Documents and Settings\test\Desktop\test234.mp3
[2010/04/11 17:58:11 | 008,636,738 | ---- | M] () -- C:\Documents and Settings\test\Desktop\SeanPaul-Temperature.rar
[2010/04/11 17:42:51 | 000,644,788 | ---- | M] () -- C:\Documents and Settings\test\Desktop\testintromix.mp3
[2010/04/11 17:24:34 | 006,220,154 | ---- | M] () -- C:\Documents and Settings\test\Desktop\sorumixtest.mp3
[2010/04/11 10:28:35 | 000,034,624 | ---- | M] () -- C:\Documents and Settings\test\Desktop\practice.mx5
[2010/04/11 10:12:43 | 000,644,788 | ---- | M] () -- C:\Documents and Settings\test\Desktop\test.mp3
[2010/04/11 07:46:42 | 136,328,904 | ---- | M] () -- C:\Documents and Settings\test\Desktop\soccerlist.rar
[2010/04/11 07:22:15 | 012,260,807 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Yea Dushyantha - TamilWire.Com.mp3
[2010/04/11 07:21:36 | 006,203,381 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Vinnathaandi Varuvaayaa - TamilWire.Com.mp3
[2010/04/11 07:21:31 | 011,351,290 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Hosanna - TamilWire.Com.mp3
[2010/04/11 07:12:55 | 184,288,233 | ---- | M] () -- C:\Documents and Settings\test\Desktop\NxSG_HipHop_Beats_Collection.rar
[2010/04/10 17:53:01 | 107,427,278 | ---- | M] () -- C:\Documents and Settings\test\Desktop\SPDutty.rar
[2010/04/10 17:28:29 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/10 17:25:15 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mixcraft 5.lnk
[2010/04/10 17:23:41 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spin It Again.lnk
[2010/04/10 15:44:34 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/10 15:43:31 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/04/10 15:38:35 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/10 15:38:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/10 15:38:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/10 15:38:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/04/10 15:38:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/04/10 15:38:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/10 15:38:33 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/10 15:38:33 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/10 15:38:18 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/10 15:38:08 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/10 15:37:13 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/10 15:37:13 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/10 08:15:46 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/03/10 11:36:36 | 000,217,032 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/05/12 05:11:52 | 000,001,971 | ---- | C] () -- C:\Documents and Settings\test\Desktop\SpyHunter.lnk
[2010/05/12 05:09:29 | 001,074,232 | ---- | C] () -- C:\Documents and Settings\test\Desktop\RootkitBuster_2.80.1077.zip
[2010/05/11 06:03:23 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/05/10 11:02:03 | 000,000,109 | ---- | C] () -- C:\Documents and Settings\test\Desktop\NoAutoRun.reg
[2010/05/09 15:48:03 | 000,001,607 | ---- | C] () -- C:\Documents and Settings\test\Desktop\McAfee AntiVirus Plus.lnk
[2010/05/06 10:21:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/05/06 10:21:08 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/06 07:17:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\test\del
[2010/05/06 07:08:33 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/05/06 06:51:28 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\test\Desktop\untitled.bmp
[2010/05/06 06:16:02 | 000,000,621 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ThreatFire.lnk
[2010/05/05 08:53:19 | 000,680,256 | ---- | C] () -- C:\Documents and Settings\test\Desktop\[Eprouvez]'s_Keylogging_Tutorial.rar
[2010/05/03 21:17:18 | 000,000,000 | ---- | C] () -- C:\Program Files\error.dat
[2010/05/03 21:17:04 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/05/03 21:17:04 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD7020.DAT
[2010/04/30 06:53:31 | 001,056,313 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Botnet_Tutorial.pdf
[2010/04/27 10:18:23 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\test\Desktop\HiJackThis.lnk
[2010/04/23 10:00:13 | 000,392,702 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100423-100013.backup
[2010/04/23 09:58:47 | 000,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100423-095847.backup
[2010/04/23 09:30:09 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Spybot - Search & Destroy.lnk
[2010/04/23 09:30:09 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Spybot - Search & Destroy (for blind users).lnk
[2010/04/18 07:01:42 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/18 07:00:17 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/04/17 08:07:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/16 15:48:35 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/16 09:42:17 | 045,169,122 | ---- | C] () -- C:\Documents and Settings\test\Desktop\The_Cover_All_Stars-Instrumental_Tribute_To_Lady_GaGa-2010-VAG.rar
[2010/04/15 08:28:23 | 066,808,429 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Prince_[2010]_-_Tamil_Version_-_TamilGears.Com.rar
[2010/04/15 04:41:49 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/04/15 04:41:48 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010/04/15 04:41:47 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010/04/15 04:41:47 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010/04/15 04:41:46 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010/04/15 04:37:05 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/04/15 04:36:51 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/04/15 04:36:51 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/04/15 04:36:42 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/04/15 04:36:36 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/04/13 16:32:17 | 040,138,164 | ---- | C] () -- C:\Documents and Settings\test\Desktop\VA-Best_Of_Ragga_Dancehall-2CD-2007-H5N1.part2.rar
[2010/04/13 16:21:47 | 100,431,872 | ---- | C] () -- C:\Documents and Settings\test\Desktop\VA-Best_Of_Ragga_Dancehall-2CD-2007-H5N1.part1.rar
[2010/04/13 14:26:36 | 199,229,440 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Reggae.Dancehall.Singles.Part.2._2010_.part1.rar
[2010/04/12 13:49:56 | 000,167,899 | ---- | C] () -- C:\Documents and Settings\test\Desktop\454.JPG
[2010/04/12 06:22:07 | 000,010,890 | ---- | C] () -- C:\Documents and Settings\test\Desktop\testintro.JPG
[2010/04/12 06:20:55 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/12 06:18:45 | 000,957,630 | ---- | C] () -- C:\Documents and Settings\test\Desktop\screwupending.mp3
[2010/04/12 06:10:20 | 008,403,532 | ---- | C] () -- C:\Documents and Settings\test\Desktop\13_-_megamix.mp3
[2010/04/11 20:40:58 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\test\Desktop\CCleaner.lnk
[2010/04/11 20:12:39 | 006,198,411 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Jay_Sean__Down_ACOUSTIC_LIVE.mp3
[2010/04/11 18:26:24 | 000,714,378 | ---- | C] () -- C:\Documents and Settings\test\Desktop\test234.mp3
[2010/04/11 17:58:09 | 008,636,738 | ---- | C] () -- C:\Documents and Settings\test\Desktop\SeanPaul-Temperature.rar
[2010/04/11 17:25:13 | 000,644,788 | ---- | C] () -- C:\Documents and Settings\test\Desktop\testintromix.mp3
[2010/04/11 17:23:56 | 006,220,154 | ---- | C] () -- C:\Documents and Settings\test\Desktop\sorumixtest.mp3
[2010/04/11 16:28:40 | 000,048,644 | ---- | C] () -- C:\Documents and Settings\test\Desktop\practice2.mx5
[2010/04/11 10:00:10 | 000,644,788 | ---- | C] () -- C:\Documents and Settings\test\Desktop\test.mp3
[2010/04/11 08:38:10 | 000,034,624 | ---- | C] () -- C:\Documents and Settings\test\Desktop\practice.mx5
[2010/04/11 07:46:37 | 136,328,904 | ---- | C] () -- C:\Documents and Settings\test\Desktop\soccerlist.rar
[2010/04/11 07:22:15 | 012,260,807 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Yea Dushyantha - TamilWire.Com.mp3
[2010/04/11 07:21:35 | 006,203,381 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Vinnathaandi Varuvaayaa - TamilWire.Com.mp3
[2010/04/11 07:21:31 | 011,351,290 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Hosanna - TamilWire.Com.mp3
[2010/04/11 07:12:43 | 184,288,233 | ---- | C] () -- C:\Documents and Settings\test\Desktop\NxSG_HipHop_Beats_Collection.rar
[2010/04/10 17:52:55 | 107,427,278 | ---- | C] () -- C:\Documents and Settings\test\Desktop\SPDutty.rar
[2010/04/10 17:28:29 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/04/10 17:25:15 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mixcraft 5.lnk
[2010/04/10 17:23:41 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spin It Again.lnk
[2010/04/10 16:49:45 | 155,429,958 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Soca Songs 2008 - TAMILRMX.COM.rar
[2010/04/10 16:49:12 | 094,854,133 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Riddim Pack - Dj Tigga Stylez - WWW.TAMILRMX.COM.rar
[2010/04/10 16:49:05 | 018,405,240 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Riddim Fever Volume 1 - www.tamilrmx.com.rar
[2010/04/10 16:47:28 | 225,593,494 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Hindi Instrumentals - TAMILRMX.COM.rar
[2010/04/10 16:47:26 | 003,571,040 | ---- | C] () -- C:\Documents and Settings\test\Desktop\DJ TIGGA STYLEZ NU-SOUND-FX PACKAGE 2K8.rar
[2010/04/10 16:47:16 | 015,679,325 | ---- | C] () -- C:\Documents and Settings\test\Desktop\Design Studio Inc - Reggaeton Volume 2.zip
[2010/04/10 16:16:02 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\test\ntuser.ini
[2010/04/10 16:15:59 | 006,291,456 | -H-- | C] () -- C:\Documents and Settings\test\NTUSER.DAT
[2010/04/10 16:15:59 | 000,024,576 | -H-- | C] () -- C:\Documents and Settings\test\NTUSER.DAT.LOG
[2010/04/10 15:44:34 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/04/10 15:43:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/04/10 15:38:35 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/10 15:38:35 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/10 15:38:35 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/10 15:38:35 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/04/10 15:38:35 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/04/10 15:38:20 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/04/10 15:38:20 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/04/10 15:38:18 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/04/10 15:37:13 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/04/10 15:37:13 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/04/10 15:37:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/04/10 15:35:58 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/04/10 15:35:58 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/04/10 08:15:46 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/04/10 08:10:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/04/10 08:10:43 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/04/10 08:10:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/04/10 08:10:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/04/10 08:10:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/04/10 08:10:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/04/10 08:10:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/04/10 08:10:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/04/10 08:10:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/04/10 08:10:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/04/10 08:10:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/04/10 08:10:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/04/10 08:10:39 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/04/10 08:10:39 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/04/10 08:10:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/04/10 08:10:37 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/04/10 08:10:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/04/10 08:10:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/04/10 08:10:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/04/10 08:10:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/04/10 08:10:33 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/04/10 08:10:20 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/04/10 08:10:20 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/04/10 08:10:19 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/04/10 08:10:19 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/04/10 08:10:19 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/04/10 08:10:19 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/04/10 08:10:19 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/04/10 08:10:19 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/04/10 08:10:19 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/04/10 08:10:19 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/04/10 08:10:19 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/04/10 08:10:19 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/04/10 08:10:19 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/04/10 08:10:19 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/04/10 08:10:19 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/04/10 08:10:19 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/04/10 08:10:19 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/04/10 08:10:18 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/04/10 08:10:18 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/04/10 08:09:33 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/10 08:08:37 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/04/10 08:08:32 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
========== LOP Check ==========
[2010/04/10 17:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2010/05/06 07:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2010/05/10 05:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/04/22 13:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/04/20 15:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2010/05/03 21:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/05/12 10:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/10 17:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Acoustica
[2010/04/20 15:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\GlobalSCAPE
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: ATAPI.SYS >
[2008/04/14 05:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 05:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008/04/16 21:50:12 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=06CF9EEDB7E827205C6948C9DAF56974 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008/04/14 05:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
Extras
OTL Extras logfile created on: 5/12/2010 10:25:22 AM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\test\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 443.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 66.38 Gb Free Space | 89.07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TEST-20BFE89AFD
Current User Name: test
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024D73F0-1C49-2340-8AC3-5234AAA560C0}" = ccc-core-static
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24F9E04D-4CD5-3979-76F9-C1C6E78471AB}" = CCC Help Italian
"{3305E24F-1192-0424-8A25-39713FD92728}" = Skins
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3DA7A736-0B03-565C-1139-83FE890F0AF3}" = CCC Help French
"{43A1FE83-D39F-3779-8D48-D6D19EE7AC48}" = CCC Help Chinese Traditional
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{57FA0525-01F9-4051-8DE9-CBF43CAC68D9}" = Catalyst Control Center - Branding
"{61D3AAE1-D521-4CD7-939B-37813DE8F955}" = SpyHunter
"{66CA5E58-0D03-A75D-16EF-68258DE0DFC3}" = CCC Help English
"{6BC292E6-5C85-4620-C1D0-A2FEAFD5D135}" = CCC Help Japanese
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7579A17B-0E6C-9EF3-D022-30729A24B399}" = CCC Help Chinese Standard
"{7BAA2000-5B8D-66DD-DBE7-089671AC118B}" = ccc-utility
"{7C2BD022-2B09-1F6D-D6C1-AD2A591E7537}" = Catalyst Control Center Core Implementation
"{806DB796-7082-C63F-284E-62245284A417}" = CCC Help Dutch
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{949DBB22-2FB7-4de1-804C-23D495A988D8}" = CuteFTP 8 Home
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3E23D97-145F-29BF-81DE-DAEC1E5AB237}" = Catalyst Control Center Graphics Full New
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8FA2AC0-3875-B59F-917F-719982FB1BE8}" = CCC Help Portuguese
"{ABE4AEFD-ADA9-4915-9AF0-B17E0713DFEC}" = Brother DCP-7020
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AE1A0B0E-2EC7-656A-711A-0E7E8D4AB5CF}" = CCC Help Spanish
"{B016DE7B-CA2D-5EFD-9591-A109E67119BD}" = CCC Help Swedish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C4A92EF9-D14C-937F-742E-D272938DC590}" = CCC Help Korean
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D702172D-8D17-D9EC-B661-42FA268575AF}" = Catalyst Control Center Localization All
"{DAA3F236-CEEC-C6CC-12C2-AB1B75C8BC09}" = CCC Help German
"{E09CEE8B-1DCD-C628-A8EA-2B56D61DDEFA}" = ccc-core-preinstall
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F3439243-1BAC-7250-D346-2642655F95ED}" = Catalyst Control Center Graphics Full Existing
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FF2AFF73-099E-0BB5-AE87-B044D3D7DE78}" = Catalyst Control Center Graphics Light
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"Autorun Eater_is1" = Autorun Eater v2.4
"Browser Defender_is1" = Browser Defender 2.0.6.15
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"GoToAssist" = GoToAssist Corporate
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft Silverlight" = Microsoft Silverlight
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSC" = McAfee AntiVirus Plus
"Spin It Again" = Spin It Again
"Spyware Doctor" = Spyware Doctor 7.0
"Unlocker" = Unlocker 1.8.9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/12/2010 9:22:30 AM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 9:22:30 AM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 11:02:30 AM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 11:02:30 AM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 12:47:30 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 12:50:43 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 1:14:27 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 1:14:27 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 1:21:18 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
Error - 5/12/2010 1:21:18 PM | Computer Name = TEST-20BFE89AFD | Source = Userenv | ID = 1090
Description = Windows couldn't log the RSoP (Resultant Set of Policies) session
status. An attempt to connect to WMI failed. No more RSoP logging will be done for
this application of policy.
[ System Events ]
Error - 5/10/2010 10:04:54 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:54 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:55 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:55 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:56 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:56 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:56 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:56 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:57 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
Error - 5/10/2010 10:04:57 AM | Computer Name = TEST-20BFE89AFD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service McNaiAnn with
arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
< End of report >
#7
Posted 13 May 2010 - 12:14 PM
-
- Experts
-
- 59 posts
Regular Member
- Gender:Male
- Location:Germany
- Interests:fight against malware :)
You are missing the Gmer logfile, please post it in your next answer.
regards,
schrauber
If I have helped you then please consider donating to continue the fight against malware
schrauber
If I have helped you then please consider donating to continue the fight against malware
#8
Posted 13 May 2010 - 09:12 PM
-
- Members
-
- 39 posts
New Member
I know i mighyt not have a virus just to confirm because i used a cd to burn xp and that pc where i burned had a usb virus that spreads througnh any usb being injected but i did install malwarebytes but it removed autorun.inf etc.... but just to be on the safe side i posted logs here
#10
Posted 15 May 2010 - 04:35 AM
-
- Experts
-
- 59 posts
Regular Member
- Gender:Male
- Location:Germany
- Interests:fight against malware :)
Gmer log looks clean, how is it running ?
regards,
schrauber
If I have helped you then please consider donating to continue the fight against malware
schrauber
If I have helped you then please consider donating to continue the fight against malware
#11
Posted 20 May 2010 - 01:24 AM
-
- Moderators
-
- 13,173 posts
Eradicator de logiciels malveillants
- Gender:Male
- Location:USA
- Interests:Security, Windows, Windows Update, malware prevention
@kangaroo ( a.k.a. marfia )
You have posted this same issue on the same pc at Bleepingcomputer.
REFERENCE http://www.bleepingc...opic316387.html
Are you going to advise BC forum that you are getting help here?
One or the other of the forums needs to close a topic. You cannot be helped at both places at once.
By multi-posting to more than 1 forum you are wasting valuable time of our helpers, and in this instance, you are disabusing Schrauber's time and trust.
You have posted this same issue on the same pc at Bleepingcomputer.
REFERENCE http://www.bleepingc...opic316387.html
Are you going to advise BC forum that you are getting help here?
One or the other of the forums needs to close a topic. You cannot be helped at both places at once.
By multi-posting to more than 1 forum you are wasting valuable time of our helpers, and in this instance, you are disabusing Schrauber's time and trust.
~Maurice Naggar
I close my threads if there is 5 days without a response.
I close my threads if there is 5 days without a response.
#12
Posted 20 May 2010 - 05:49 AM
-
- Members
-
- 39 posts
New Member
i am very sorry for my action its just that i wanted help as fast as i can but that is very selfvious anyways i won't be posting no more about a virus as i came up to a conclusion i do have a worm virus due to some investigation i did on myself luckly i solved it 
. not solved but confirmed i have a virus as a result i will be reformating my pc. here is the confirmation
C:\WINDOWS\udp.zip
i googled it and found out its a worm i thank all the mods and admin for taking the time to help me.
. not solved but confirmed i have a virus as a result i will be reformating my pc. here is the confirmationC:\WINDOWS\udp.zip
i googled it and found out its a worm i thank all the mods and admin for taking the time to help me.
#13
Posted 20 May 2010 - 09:49 AM
-
- Moderators
-
- 13,173 posts
Eradicator de logiciels malveillants
- Gender:Male
- Location:USA
- Interests:Security, Windows, Windows Update, malware prevention
If you have decided to reformat and do a clean new install of Windows, you must advise your helper at Bleepingcomputer forum.
The safest thing in the long term is to reformat and do a clean install.
The rough outline of how to do a clean install is noted below. If you do not know how (and their's no shame if you do not) take the system to a local pc repair shop (not a Big Store) and have them do it.
Disconnect this system from the internet right away.
I suggest a clean (new) Windows XP Install:
Before you do that, make sure you have at hand the Windows XP CD and also, a fresh new copy of your antivirus that is downloaded from a clean pc and saved on transportable-media (CD-DVD or clean thumb drive).
When you are at point of re-installing o.s., I'd recommend you have the pc disconnected from internet until after the o.s. is installed, plus the antivirus is fully setup and running.
See Windows XP Clean Installation - Partitioning and Formatting using Windows XP CD by Ramesh Srinivasan, MS-MVP & AumHa VSOP
Also Clean Install Windows by Michael Stevens, MS-MVP
I would urge you to follow the directions very carefully.
You will loose your documents so if you have some to save, offload them to a separate offline media. And later on insure you do a full scan of them by running your antivirus.
This topic is now closed.
The safest thing in the long term is to reformat and do a clean install.
The rough outline of how to do a clean install is noted below. If you do not know how (and their's no shame if you do not) take the system to a local pc repair shop (not a Big Store) and have them do it.
Disconnect this system from the internet right away.
I suggest a clean (new) Windows XP Install:
Before you do that, make sure you have at hand the Windows XP CD and also, a fresh new copy of your antivirus that is downloaded from a clean pc and saved on transportable-media (CD-DVD or clean thumb drive).
When you are at point of re-installing o.s., I'd recommend you have the pc disconnected from internet until after the o.s. is installed, plus the antivirus is fully setup and running.
See Windows XP Clean Installation - Partitioning and Formatting using Windows XP CD by Ramesh Srinivasan, MS-MVP & AumHa VSOP
Also Clean Install Windows by Michael Stevens, MS-MVP
I would urge you to follow the directions very carefully.
You will loose your documents so if you have some to save, offload them to a separate offline media. And later on insure you do a full scan of them by running your antivirus.
This topic is now closed.
~Maurice Naggar
I close my threads if there is 5 days without a response.
I close my threads if there is 5 days without a response.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
