WiredWX Hobby Weather ToolsLog in

 


translation toolbar installed dropper and trojans

2 posters

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans4th January 2011, 10:16 pm

more_horiz
Hello.

Please run OTLPE.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O4 - HKU\.DEFAULT..\Run: [JP595IR86O] C:\Windows\TEMP\Phv.exe File not found

    :commands
    [emptytemp]
    [resethosts]
    [reboot]


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans5th January 2011, 5:16 am

more_horiz
========== COMMANDS ==========

[EMPTYTEMP]
Empty user temp failed. Cannot find local settings folders.
Empty user temp failed. Cannot find local settings folders.
Empty user temp failed. Cannot find local settings folders.
Empty user temp failed. Cannot find local settings folders.
Empty user temp failed. Cannot find local settings folders.

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes

Total Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTLPE by OldTimer - Version 3.1.43.0 log created on 01052011_001349

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans6th January 2011, 12:46 am

more_horiz
Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans7th January 2011, 7:25 pm

more_horiz
tried to boot into win7pro and it only reboots when it gets to the desktop. I can't get into windows and I'm getting an error saying my S.M.A.R.T on my secondary slave is now bad backup and remove drive ... this is getting crazy is there any thing else I can DO ... or should I scrap this installation and do a clean install ?

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans8th January 2011, 11:03 pm

more_horiz
That choice is upto you, if you feel it's easier and quicker than this, then go for it.

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans9th January 2011, 10:13 pm

more_horiz
I would like to save this install. what is next ?

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans9th January 2011, 11:50 pm

more_horiz
We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.

Download the OTLPE Standard REATOGO Windows Recovery Environment.

  • Place a blank CD-R disc in to your CD burning drive.
  • Download OTLPEStd.exe and double-click on it to burn to a CD using ISO Burner.
  • Reboot your system using the boot CD you just created.

    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings

  • Change Drivers to Non-Microsoft
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\_OTL\MovedFiles
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Please post the contents of the OTL.txt file in your reply.

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans9th January 2011, 11:50 pm

more_horiz
We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.

Download the OTLPE Standard REATOGO Windows Recovery Environment.

  • Place a blank CD-R disc in to your CD burning drive.
  • Download OTLPEStd.exe and double-click on it to burn to a CD using ISO Burner.
  • Reboot your system using the boot CD you just created.

    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings

  • Change Drivers to Non-Microsoft
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\_OTL\MovedFiles
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Please post the contents of the OTL.txt file in your reply.

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans10th January 2011, 12:27 am

more_horiz
OTL logfile created on: 1/9/2011 7:19:35 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Professional (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 481.52 Gb Free Space | 51.69% Space Free | Partition Type: NTFS
Drive D: | 72.57 Gb Total Space | 9.38 Gb Free Space | 12.92% Space Free | Partition Type: NTFS
Drive J: | 7.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive X: | 282.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/10/26 08:58:08 | 000,203,264 | ---- | M] (AMD) [Auto] -- D:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/21 13:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto] -- D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2010/02/24 18:46:30 | 001,255,736 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2009/07/13 20:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/13 20:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\umpo.dll -- (Power)
SRV:64bit: - [2009/07/13 20:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 20:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 20:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 20:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/13 20:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 20:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/13 20:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/13 20:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/13 20:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/13 20:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/13 20:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 20:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 20:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 20:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/13 20:39:56 | 001,525,248 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2009/07/13 20:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/13 20:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/13 20:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\FXSSVC.exe -- (Fax)
SRV:64bit: - [2006/10/11 17:36:58 | 000,561,152 | ---- | M] ( ) [Auto] -- D:\Windows\System32\dlcxcoms.exe -- (dlcx_device)
SRV - [2010/12/10 18:57:21 | 000,267,944 | ---- | M] (Avira GmbH) [Auto] -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/11/02 21:16:37 | 000,135,336 | ---- | M] (Avira GmbH) [Auto] -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/10/20 17:41:22 | 000,067,904 | ---- | M] (Nalpeiron Ltd.) [Auto] -- D:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- D:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/06/14 14:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand] -- D:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/18 13:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/13 20:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 20:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 15:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/06/10 15:30:59 | 000,042,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/06/10 15:30:45 | 000,856,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009/02/23 00:21:06 | 000,069,632 | ---- | M] () [Auto] -- D:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2009/01/12 07:15:52 | 000,071,096 | ---- | M] () [Auto] -- D:\Program Files (x86)\BurnAware Free\NMSAccess32.exe -- (NMSAccess)
SRV - [2006/10/11 16:48:50 | 000,532,480 | ---- | M] ( ) [Auto] -- D:\Windows\SysWow64\dlcxcoms.exe -- (dlcx_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/11/22 09:42:32 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010/10/26 09:23:32 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/10/26 09:23:32 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/10/26 08:22:36 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/08/16 02:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/03/02 11:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010/02/26 13:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010/02/26 13:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010/02/26 13:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010/02/26 13:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010/01/28 09:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/11 05:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/10/28 11:40:58 | 002,018,080 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RTKVHD64.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV:64bit: - [2009/09/26 01:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/07/23 18:07:34 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- D:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/07/13 20:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV:64bit: - [2009/07/13 20:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2009/07/13 20:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV:64bit: - [2009/07/13 20:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV:64bit: - [2009/07/13 20:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- D:\Windows\System32\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV:64bit: - [2009/07/13 20:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2009/07/13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV:64bit: - [2009/07/13 20:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV:64bit: - [2009/07/13 20:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2009/07/13 20:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2009/07/13 20:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV:64bit: - [2009/07/13 20:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV:64bit: - [2009/07/13 20:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/13 20:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 20:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 20:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/13 20:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/13 20:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2009/07/13 20:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/13 20:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 20:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV:64bit: - [2009/07/13 20:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV:64bit: - [2009/07/13 20:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/13 20:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2009/07/13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV:64bit: - [2009/07/13 20:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2009/07/13 20:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 20:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV:64bit: - [2009/07/13 20:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/13 20:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:64bit: - [2009/07/13 19:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 19:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 19:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/13 19:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 19:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 19:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 19:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/13 19:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/07/13 19:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 19:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/07/13 19:06:28 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2009/07/13 19:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 19:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/13 19:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 19:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/13 18:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/13 18:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/13 18:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/13 18:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/13 18:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 18:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 18:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 18:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/13 18:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/07/13 18:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/06/10 15:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:64bit: - [2009/06/10 15:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:64bit: - [2009/06/10 15:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:64bit: - [2009/06/10 15:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV:64bit: - [2009/06/10 15:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand] -- D:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 22:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/03/05 03:33:22 | 000,014,136 | R--- | M] (BIOSTAR Group) [Kernel | System] -- D:\Windows\System32\drivers\BIOS64.sys -- (BIOS)
DRV:64bit: - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand] -- D:\Windows\System32\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/03/05 03:33:22 | 000,014,136 | R--- | M] (BIOSTAR Group) [Kernel | System] -- D:\Windows\SysWOW64\drivers\BIOS64.sys -- (BIOS)
DRV - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- D:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/23 00:21:54 | 000,014,904 | ---- | M] () [Kernel | On_Demand] -- D:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys -- (AODDriver)
DRV - [1999/09/10 18:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto] -- D:\Windows\SysWow64\drivers\aspi32.BAK -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z007&form=ZGAPHP
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.bing.com/?pc=Z007&form=ZGAPHP
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:59274


IE - HKU\Makotochan_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\Makotochan_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\Makotochan_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 34 52 2C E3 9A CB 01 [binary data]
IE - HKU\Makotochan_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Makotochan_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local
IE - HKU\Makotochan_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555




[2010/12/30 02:44:49 | 000,000,000 | ---D | M] -- D:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/28 11:20:21 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/22 00:19:21 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/12 15:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
[2010/12/10 21:18:00 | 000,001,919 | ---- | M] () -- D:\Program Files (x86)\Mozilla Firefox\searchplugins\bing-zugo.xml

O1 HOSTS File: ([2011/01/05 00:13:50 | 000,000,098 | ---- | M]) - D:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O3 - HKU\Makotochan_ON_D\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [DLCXCATS] D:\Windows\System32\spool\DRIVERS\x64\3\DLCXtime.DLL ()
O4:64bit: - HKLM..\Run: [dlcxmon.exe] D:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4:64bit: - HKLM..\Run: [MemoryCardManager] D:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATICustomerCare] D:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] D:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [iTunesHelper] E:\Program Files (x86)\iTunesHelper.exe File not found
O4 - HKLM..\Run: [StartCCC] D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] D:\Program Files (x86)\Real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [JP595IR86O] D:\Windows\TEMP\Phv.exe File not found
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Makotochan_ON_D..\Run: [PC Suite Tray] D:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\Makotochan_ON_D..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] D:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] D:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\Makotochan_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - D:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - D:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - D:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - D:\Windows\System32\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (pku2u) - D:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - D:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/16 17:13:07 | 001,246,440 | R--- | M] (BioWare) - J:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/04/13 22:17:18 | 000,000,058 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 60 Days ==========

[2011/01/04 23:55:40 | 000,553,984 | R--- | C] (OldTimer Tools) -- D:\OTLPE.exe
[2011/01/04 23:55:36 | 000,000,000 | ---D | C] -- D:\_OTL
[2010/12/31 01:25:05 | 000,000,000 | R--D | C] -- D:\32788R22FWJFW
[2010/12/22 00:19:18 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\SysWow64\javaws.exe
[2010/12/22 00:19:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\SysWow64\javaw.exe
[2010/12/22 00:19:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\SysWow64\java.exe
[2010/12/15 03:36:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tzres.dll
[2010/12/15 03:35:59 | 001,169,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskschd.dll
[2010/12/15 03:35:59 | 000,524,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmicmiplugin.dll
[2010/12/15 03:35:59 | 000,464,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskeng.exe
[2010/12/15 03:35:58 | 000,496,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\taskschd.dll
[2010/12/15 03:35:58 | 000,473,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskcomp.dll
[2010/12/15 03:35:58 | 000,305,152 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\taskcomp.dll
[2010/12/15 03:35:58 | 000,285,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\schtasks.exe
[2010/12/15 03:35:58 | 000,179,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\schtasks.exe
[2010/12/15 03:35:55 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\System32\atmfd.dll
[2010/12/15 03:35:54 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\atmfd.dll
[2010/12/15 03:35:54 | 000,046,080 | ---- | C] (Adobe Systems) -- D:\Windows\System32\atmlib.dll
[2010/12/15 03:35:54 | 000,034,304 | ---- | C] (Adobe Systems) -- D:\Windows\SysWow64\atmlib.dll
[2010/12/15 03:35:49 | 000,395,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\webio.dll
[2010/12/15 03:35:49 | 000,314,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\webio.dll
[2010/12/15 03:35:43 | 000,112,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\consent.exe
[2010/12/15 03:35:30 | 002,447,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iertutil.dll
[2010/12/15 03:35:30 | 002,063,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iertutil.dll
[2010/12/15 03:35:29 | 001,026,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mstime.dll
[2010/12/15 03:35:28 | 000,606,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mstime.dll
[2010/12/15 03:35:26 | 001,194,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wininet.dll
[2010/12/15 03:35:25 | 000,978,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wininet.dll
[2010/12/15 03:35:25 | 000,703,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2010/12/15 03:35:24 | 000,599,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2010/12/15 03:35:24 | 000,445,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iedkcs32.dll
[2010/12/15 03:35:24 | 000,381,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iedkcs32.dll
[2010/12/15 03:35:24 | 000,256,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2010/12/15 03:35:24 | 000,247,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2010/12/15 03:35:24 | 000,185,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2010/12/15 03:35:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2010/12/15 03:35:24 | 000,097,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2010/12/15 03:35:24 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2010/12/15 03:35:23 | 001,638,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtml.tlb
[2010/12/15 03:35:23 | 000,482,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2010/12/15 03:35:23 | 000,386,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2010/12/15 03:35:23 | 000,082,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedsbs.dll
[2010/12/15 03:35:23 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedsbs.dll
[2010/12/15 03:35:23 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jsproxy.dll
[2010/12/15 03:35:23 | 000,057,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2010/12/15 03:35:23 | 000,048,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jsproxy.dll
[2010/12/15 03:35:23 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2010/12/15 03:35:23 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2010/12/15 03:35:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2010/12/13 11:14:55 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_42.dll
[2010/12/10 19:08:14 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\QuickTime
[2010/12/05 14:48:50 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\xing shared
[2010/12/05 14:48:44 | 000,199,904 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\SysWow64\rmoc3260.dll
[2010/12/05 14:48:39 | 000,272,896 | ---- | C] (Progressive Networks) -- D:\Windows\SysWow64\pncrt.dll
[2010/12/05 14:48:39 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\SysWow64\pndx5016.dll
[2010/12/05 14:48:39 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\SysWow64\pndx5032.dll
[2010/11/29 17:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- D:\Windows\SysWow64\QuickTimeVR.qtx
[2010/11/29 17:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- D:\Windows\SysWow64\QuickTime.qts
[2010/11/26 12:40:16 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- D:\Windows\System32\GEARAspi64.dll
[2010/11/26 12:40:16 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- D:\Windows\SysWow64\GEARAspi.dll
[2010/11/26 12:40:01 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes
[2010/11/26 12:40:01 | 000,000,000 | ---D | C] -- D:\Program Files\iPod
[2010/11/26 12:38:08 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Apple Software Update
[2010/11/26 12:37:24 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Apple
[2010/11/26 12:37:09 | 000,000,000 | ---D | C] -- D:\Program Files\Bonjour
[2010/11/26 12:37:09 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Bonjour
[2010/11/18 01:37:47 | 000,028,992 | ---- | C] (Nitro PDF Software) -- D:\Windows\System32\nitrolocalmon.dll
[2010/11/18 01:37:47 | 000,017,216 | ---- | C] (Nitro PDF Software) -- D:\Windows\System32\nitrolocalui.dll
[2010/11/18 00:55:06 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\O Imaging Corporation
[2010/11/18 00:28:02 | 000,112,056 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\acaptuser32.dll
[2010/11/17 21:47:12 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\SimpleOCR
[2010/11/17 21:16:15 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Acro Software
[2010/11/13 21:13:51 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Google
[2010/11/12 02:21:05 | 000,000,000 | ---D | C] -- D:\Windows\SysWow64\URTTEMP
[2010/11/11 22:40:09 | 000,626,688 | ---- | C] (On2.com) -- D:\Windows\SysWow64\vp7vfw.dll
[2010/11/11 22:40:09 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\SysWow64\drv43260.dll
[2010/11/11 22:40:09 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\SysWow64\drv33260.dll
[2010/11/11 22:40:09 | 000,176,165 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\SysWow64\drv23260.dll
[2010/11/11 22:40:09 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\SysWow64\sipr3260.dll
[2010/11/11 22:40:09 | 000,065,602 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\SysWow64\cook3260.dll
[2010/11/11 22:40:08 | 001,184,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wvc1dmod.dll
[2010/11/11 22:40:08 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\VSO
[2010/11/11 20:58:41 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Pando Networks
[2010/02/10 19:31:14 | 001,224,704 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxserv.dll
[2010/02/10 19:31:14 | 000,991,232 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxusb1.dll
[2010/02/10 19:31:14 | 000,696,320 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxhbn3.dll
[2010/02/10 19:31:14 | 000,684,032 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxcomc.dll
[2010/02/10 19:31:14 | 000,643,072 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxpmui.dll
[2010/02/10 19:31:14 | 000,585,728 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxlmpm.dll
[2010/02/10 19:31:14 | 000,421,888 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxcomm.dll
[2010/02/10 19:31:14 | 000,413,696 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxinpa.dll
[2010/02/10 19:31:14 | 000,397,312 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxiesc.dll
[2010/02/10 19:31:14 | 000,163,840 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxprox.dll
[2010/02/10 19:31:14 | 000,094,208 | ---- | C] ( ) -- D:\Windows\SysWow64\dlcxpplc.dll

========== Files - Modified Within 60 Days ==========

[2011/01/09 17:04:45 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2011/01/09 17:04:26 | 334,995,455 | -HS- | M] () -- D:\hiberfil.sys
[2011/01/05 00:13:50 | 000,000,098 | ---- | M] () -- D:\Windows\System32\drivers\etc\Hosts
[2010/12/30 02:18:33 | 000,014,864 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/30 02:18:33 | 000,014,864 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/30 02:14:12 | 000,632,708 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2010/12/30 02:14:12 | 000,110,342 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- D:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
[2010/12/16 03:22:18 | 000,292,912 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2010/12/10 21:18:30 | 000,000,000 | ---- | M] () -- D:\Windows\nsreg.dat
[2010/12/10 21:17:43 | 000,001,112 | ---- | M] () -- D:\Windows\SysWow64\Improve Your PC.lnk
[2010/12/05 14:48:44 | 000,199,904 | ---- | M] (RealNetworks, Inc.) -- D:\Windows\SysWow64\rmoc3260.dll
[2010/12/05 14:48:39 | 000,272,896 | ---- | M] (Progressive Networks) -- D:\Windows\SysWow64\pncrt.dll
[2010/12/05 14:48:39 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- D:\Windows\SysWow64\pndx5016.dll
[2010/12/05 14:48:39 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- D:\Windows\SysWow64\pndx5032.dll
[2010/12/05 14:48:35 | 000,499,712 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msvcp71.dll
[2010/12/05 14:48:35 | 000,348,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msvcr71.dll
[2010/11/29 17:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- D:\Windows\SysWow64\QuickTimeVR.qtx
[2010/11/29 17:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- D:\Windows\SysWow64\QuickTime.qts
[2010/11/22 09:42:32 | 000,083,120 | ---- | M] (Avira GmbH) -- D:\Windows\System32\drivers\avgntflt.sys
[2010/11/18 09:37:27 | 000,002,560 | ---- | M] () -- D:\Windows\_MSRSTRT.EXE
[2010/11/12 18:53:20 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- D:\Windows\SysWow64\javaws.exe
[2010/11/12 18:53:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- D:\Windows\SysWow64\javaw.exe
[2010/11/12 18:53:18 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- D:\Windows\SysWow64\java.exe
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Windows\SysWow64\deployJava1.dll
[2010/11/12 02:22:38 | 000,755,554 | ---- | M] () -- D:\Windows\SysWow64\PerfStringBackup.INI

========== Files Created - No Company Name ==========

[2010/12/10 21:18:30 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2010/12/10 21:17:43 | 000,001,112 | ---- | C] () -- D:\Windows\SysWow64\Improve Your PC.lnk
[2010/11/18 09:37:27 | 000,002,560 | ---- | C] () -- D:\Windows\_MSRSTRT.EXE
[2010/11/12 02:21:37 | 000,755,554 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2010/02/10 19:31:14 | 000,454,656 | ---- | C] () -- D:\Windows\SysWow64\dlcxutil.dll
[2010/02/10 19:31:14 | 000,274,432 | ---- | C] () -- D:\Windows\SysWow64\dlcxinst.dll
[2010/02/10 19:31:14 | 000,176,128 | ---- | C] () -- D:\Windows\SysWow64\dlcxinsb.dll
[2010/02/10 19:31:14 | 000,176,128 | ---- | C] () -- D:\Windows\SysWow64\dlcxins.dll
[2010/02/10 19:31:14 | 000,139,264 | ---- | C] () -- D:\Windows\SysWow64\dlcxjswr.dll
[2010/02/10 19:31:14 | 000,106,496 | ---- | C] () -- D:\Windows\SysWow64\dlcxinsr.dll
[2010/02/10 19:31:14 | 000,086,016 | ---- | C] () -- D:\Windows\SysWow64\dlcxcub.dll
[2010/02/10 19:31:14 | 000,073,728 | ---- | C] () -- D:\Windows\SysWow64\dlcxcu.dll
[2010/02/10 19:31:14 | 000,073,728 | ---- | C] () -- D:\Windows\SysWow64\DLCXcfg.dll
[2010/02/10 19:31:14 | 000,036,864 | ---- | C] () -- D:\Windows\SysWow64\dlcxcur.dll
[2010/02/07 23:10:28 | 000,000,025 | ---- | C] () -- D:\Windows\cdplayer.ini
[2010/02/06 01:30:01 | 000,085,504 | ---- | C] () -- D:\Windows\SysWow64\ff_vfw.dll
[2009/09/16 18:27:58 | 000,508,224 | ---- | C] () -- D:\Windows\SysWow64\ICCProfiles.dll
[2009/07/13 19:02:54 | 000,245,248 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- D:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelFrench.dll
[2002/10/01 19:38:34 | 000,011,616 | R--- | C] () -- D:\Windows\SysWow64\drivers\SECDRV.SYS

========== LOP Check ==========

[2010/12/20 14:26:16 | 000,032,534 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> D:\Windows:nlsPreferences
< End of report >

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans11th January 2011, 12:25 am

more_horiz
Bear in mind we may not be able to fix this if the HDD is bad, and you may need to buy a new one, or format if system files are damaged.

Remove the Proxy setting in Internet Explorer and/or in FireFox.

    In Internet Explorer
  1. Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

    In Firefox
  1. Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection > Choose "No Proxy"
  2. Click the apply button and restart that computer in normal mode.

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans11th January 2011, 6:14 am

more_horiz
tried to get into windows 7 pro then it crashed saying MBR corrupted.. figured I'm done with this.. inserted Win7 pro disk and said install .sorry but thank you for all the help.

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans24th January 2011, 8:31 pm

more_horiz
thank you for all the help . I did a full clean install and immediately put avira on the system then ran MBAM to make sure nothing was picked up in the span of time it took me to get the latest version downloaded and everything is ok. thank you for your help .

descriptiontranslation toolbar installed dropper and trojans - Page 3 EmptyRe: translation toolbar installed dropper and trojans

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum