msn messenger

[zzzim]

Hi there,

My friend complaining that my msn messenger keep on sending link to them (but actually i didn't).

Can u help me to solve this problem?

thax

=)

Here is my hijacthis log file


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:21:13 PM, on 14/7/2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TrueSuite Access Manager\usbnotify.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Thunder Network\Thunder\Program\Thunder.exe
C:\Windows\system32\wuauclt.exe
c:\program files\common files\thunder network\tp\ver1\1.1.2.46_1111\thunderplatform.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\User\Desktop\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pp250.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDMediaDetector5.9.22.1466.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [FingerPrintNotifer] "C:\Program Files\TrueSuite Access Manager\FpNotifier.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [UsbMonitor] "C:\Program Files\TrueSuite Access Manager\usbnotify.exe"
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UUSeeMediaCenter] "C:\PROGRA~1\COMMON~1\uusee\UUSeeMediaCenter.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [PPAP] "C:\Program Files\Common Files\PPLiveNetwork\PPAP.EXE"  -background
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Cgrwry] C:\Users\User\AppData\Roaming\Cgrwry.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O8 - Extra context menu item: ʹÓÃUUSee¼ÓËÙ²¥·Å - C:\Program Files\uusee\geturltoplay.htm
O8 - Extra context menu item: ʹÓÃUUSeeÏÂÔØ - C:\Program Files\uusee\geturltodown.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\BHO\GetAllUrl.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ²é¿´Íøҳȫ²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm
O9 - Extra 'Tools' menuitem: ²é¿´Íøҳȫ²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe
O9 - Extra button: СÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} - http://www.ugege.com/ (file missing)
O9 - Extra 'Tools' menuitem: СÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} - http://www.ugege.com/ (file missing)
O9 - Extra button: Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe
O9 - Extra 'Tools' menuitem: Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA2A7C06-0B16-40F4-8A8D-A55C9FC2FE40}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Authentec memory manager service (Authentec memory manager) - AuthenTec Inc. - C:\Windows\system32\TAMSvr.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcr_device -   - C:\Windows\system32\lxcrcoms.exe
O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2011 Job Manager (mitsijm2011) - Unknown owner - C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: XLDoctor Services - ShenZhen Xunlei Networking Technologies,LTD - C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 13029 bytes

[guestolo]

hi zzzim, can you do the following please

Download [color="#FF0000"]OTL.exe[/color][/url] by OldTimer to your Desktop.

• Right click on OTL.exe and choose to "Run as Administrator"
• Click Run Scan and let the program run uninterrupted.
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
  

[zzzim]

Here is the 2 log file that u ask me to post


OTL logfile created on: 15/7/2011 12:53:06 PM - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\User\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy
 
2.97 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 55.49% Memory free
5.93 Gb Paging File | 4.44 Gb Available in Paging File | 74.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 53.11 Gb Free Space | 18.50% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2011/07/14 22:58:35 | 000,135,168 | -HS- | M] () -- C:\Users\User\AppData\Roaming\windows.exe
PRC - [2011/07/04 18:51:46 | 000,517,496 | ---- | M] (UUSEE) -- C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe
PRC - [2011/06/24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/06/24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/06/09 11:14:38 | 000,439,744 | ---- | M] (PPLive Corporation) -- C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/21 18:52:26 | 000,038,704 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) -- C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe
PRC - [2010/12/21 18:51:40 | 000,946,480 | ---- | M] (深圳市迅雷网络技术有限公司) -- C:\Program Files\Thunder Network\Thunder\Program\Thunder.exe
PRC - [2010/12/21 18:51:20 | 000,157,488 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) -- c:\Program Files\Common Files\Thunder Network\TP\Ver1\1.1.2.46_1111\ThunderPlatform.exe
PRC - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
PRC - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/11/16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/07/14 09:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/05/01 13:52:24 | 000,082,600 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2400 Series\ezprint.exe
PRC - [2009/05/01 13:52:22 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/09/03 13:47:00 | 000,712,704 | ---- | M] (AuthenTec, Inc) -- C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
PRC - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) -- C:\Windows\System32\TAMSvr.exe
PRC - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/07/25 15:41:56 | 000,094,208 | ---- | M] () -- C:\Program Files\TrueSuite Access Manager\usbnotify.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/04/25 04:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/03/20 05:35:44 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2008/02/07 05:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/09/29 08:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/06/16 13:01:58 | 000,448,080 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe
PRC - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
MOD - [2009/07/14 09:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] --  -- (WPFFontCache_v0400)
SRV - [2011/06/30 09:27:39 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/22 22:34:49 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/21 18:52:26 | 000,038,704 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) [Auto | Running] -- C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe -- (XLDoctor Services)
SRV - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe -- (mitsijm2011)
SRV - [2009/11/16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) [Auto | Running] -- C:\Windows\System32\TAMSvr.exe -- (Authentec memory manager)
SRV - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/05/29 07:20:16 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/12 03:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)
SRV - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/06/02 13:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/06/02 13:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/06/02 13:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011/06/02 13:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/12/21 18:51:38 | 000,008,488 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Thunder Network\Thunder\XLDoctor\7.1.4.2104_1\Program\tcphoc.sys -- (tcphoc)
DRV - [2010/12/21 13:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/12/20 14:42:04 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/11/24 08:55:50 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/11/24 08:55:50 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/11/24 08:55:50 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/02/16 23:02:02 | 000,021,504 | ---- | M] (http://www.atmel.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2009/11/16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/11/16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/11/16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/07/14 09:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 09:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 09:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 07:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 07:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 06:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/14 06:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 06:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2008/08/14 09:52:00 | 000,146,944 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2008/07/25 15:41:36 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/07/16 11:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/15 10:13:14 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008/03/04 10:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/12/15 02:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/10 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/17 07:36:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/10/24 08:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://redirecturls.info/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrlPlugin: C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(500).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/03/14 15:47:54 | 000,000,000 | ---D | M]
 
[2010/09/10 14:19:24 | 000,305,152 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npuuseep.dll
 
O1 HOSTS File: ([2006/09/19 05:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (ѸÀ×Á÷ýÌå̽²âIEÖ§³Ö) - {01443AEC-0FD1-40fd-9C87-E93D1494C233} -  File not found
O2 - BHO: (ѸÀ×ÏÂÔØÖ§³Ö) - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll (深圳市迅雷网络技术有限公司)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FingerPrintNotifer] C:\Program Files\TrueSuite Access Manager\FpNotifier.exe (AuthenTec, Inc)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LXCRCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [UsbMonitor] C:\Program Files\TrueSuite Access Manager\usbnotify.exe ()
O4 - HKLM..\Run: [UUSeeMediaCenter] C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe (UUSEE)
O4 - HKCU..\Run: [Cgrwry]  File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [PPAP] C:\Program Files\Common Files\PPLiveNetwork\PPAP.EXE (PPLive Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\Run: [Windows Login access] C:\Users\User\AppData\Roaming\windows.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm ()
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\BHO\getAllurl.htm ()
O8 - Extra context menu item: ʹÓÃUUSee¼ÓËÙ²¥·Å - C:\Program Files\uusee\geturltoplay.htm ()
O8 - Extra context menu item: ʹÓÃUUSeeÏÂÔØ - C:\Program Files\uusee\geturltodown.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: ²é¿´Íøҳȫ²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra 'Tools' menuitem : ²é¿´Íøҳȫ²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra Button: СÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} -  File not found
O9 - Extra 'Tools' menuitem : СÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} -  File not found
O9 - Extra Button: Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe ()
O9 - Extra 'Tools' menuitem : Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe ()
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/14 14:43:09 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell - "" = AutoRun
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/07/15 12:52:37 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2011/07/14 22:14:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{04102DC3-B938-4A5C-B989-D32D43F64E8D}
[2011/07/14 11:53:39 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Trend Micro
[2011/07/14 11:53:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/07/14 11:20:04 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Law
[2011/07/14 09:59:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E82959BC-2872-41B8-9013-4429065CEABA}
[2011/07/13 21:58:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0F2C00B8-1E51-44BD-86FC-EF1F02EDF528}
[2011/07/13 09:09:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B5DB8918-EA86-4647-A959-DCF098FA7BC4}
[2011/07/12 21:08:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{528B3375-EDEE-4747-A5D5-81B8E4D969F1}
[2011/07/12 09:08:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{00D010EC-C2D6-4068-8796-6BD54EFD9A7D}
[2011/07/11 21:07:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{79FF6CD7-BF7E-417F-B26A-20B49B9507C1}
[2011/07/11 09:07:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{25727E4C-4DE5-450E-B968-61E2255350F7}
[2011/07/10 21:58:25 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\New folder
[2011/07/10 14:38:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{43F9A9EC-DCC9-4EE5-A7D7-3F6D14389F9B}
[2011/07/09 23:08:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C37D2A23-5355-4B2B-BFAD-8A01F38EEFC7}
[2011/07/09 10:43:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C1D932B0-2005-4A55-846A-D117BDC732F6}
[2011/07/08 22:24:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Facebook
[2011/07/08 21:49:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{458C3C56-507A-477E-BC3B-CA38083F4A13}
[2011/07/08 08:01:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{561C9EA4-F2A4-4C0F-9EF7-1EE6D5BFEFD6}
[2011/07/07 19:56:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{321CCB63-3AE3-4398-8EA2-5F605BE383D7}
[2011/07/07 10:21:21 | 000,000,000 | R--D | C] -- C:\Users\User\Documents\Scanned Documents
[2011/07/07 10:21:21 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Fax
[2011/07/07 07:55:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CAACA370-812A-4F2F-AB96-D577802DFE56}
[2011/07/06 11:09:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AD154FAE-88C5-4342-831E-8ED4B83C8AB5}
[2011/07/05 22:16:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{34389F44-EC3A-4D3B-B04D-C0E9756F9BD3}
[2011/07/05 10:15:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0F6A88D5-A1D4-460F-BD1D-5E560A0C7CB5}
[2011/07/04 22:15:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3D0BEF60-2DAD-4E08-B473-7E2B8D67D7A2}
[2011/07/04 10:15:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C0116305-49C6-4534-BFF5-68B3F21CAC35}
[2011/07/03 22:04:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FF05CD1C-BBE9-4C36-9711-A146C831AC68}
[2011/07/02 19:19:39 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/07/02 19:19:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/07/02 19:19:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/07/02 17:52:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5FB1FFDD-499C-4BBA-987E-2FE2774AE286}
[2011/07/01 11:46:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{088F47F5-8BD0-4709-B229-3F9D33BB3D65}
[2011/06/30 21:15:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DC810AED-C3E7-4546-ADEF-D8D9B07FD6F5}
[2011/06/30 09:15:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4122331A-FE66-45CE-90FE-5481D1F9A416}
[2011/06/30 08:27:27 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/29 21:19:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Samsung
[2011/06/29 21:15:08 | 000,136,808 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdm.sys
[2011/06/29 21:15:08 | 000,121,064 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadbus.sys
[2011/06/29 21:15:08 | 000,114,280 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadserd.sys
[2011/06/29 21:15:08 | 000,030,312 | ---- | C] (Google Inc) -- C:\Windows\System32\drivers\ssadadb.sys
[2011/06/29 21:15:08 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdfl.sys
[2011/06/29 21:15:08 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcmnt.sys
[2011/06/29 21:15:08 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcm.sys
[2011/06/29 21:15:08 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwhnt.sys
[2011/06/29 21:15:08 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwh.sys
[2011/06/29 21:13:54 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2011/06/29 21:13:43 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2011/06/29 21:09:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Downloaded Installations
[2011/06/29 09:14:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A1128B04-7D38-4437-AD8F-D1D96324BD19}
[2011/06/28 21:14:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4FE80DCA-3E55-41EA-9DE9-86482F20F07D}
[2011/06/28 09:14:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{72DD4C4C-A9F1-40F0-9407-4AF92AE3F22F}
[2011/06/27 21:13:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{927FC774-F2DA-411E-BF77-24E77884889A}
[2011/06/27 09:13:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{74643326-B01C-4067-A086-CB370DCCD5FA}
[2011/06/26 15:58:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{13C2DE01-265B-48B1-BC23-71D4F17418CF}
[2011/06/25 15:33:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4F7C8D03-A0BF-4B3C-90D9-C3EAD837014C}
[2011/06/25 01:04:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{54674965-D6B1-4B49-AD6B-0420F4439025}
[2011/06/24 09:15:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{91BEBD01-527D-4878-B38E-244A71C2F60C}
[2011/06/23 21:15:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E45BE562-D9E0-451E-AD91-F7602C1C2FA7}
[2011/06/23 11:25:25 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/06/23 09:14:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{260E5311-50F6-4B00-9569-A7EAD59165E2}
[2011/06/22 21:14:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{787C0372-ED3A-4FF9-B7AD-6097F6E4EEE4}
[2011/06/22 09:13:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D3FEBD3A-D4C2-4A66-811C-D06D829BEED9}
[2011/06/21 21:13:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{08A546A2-161B-4D34-BAEC-A1D6E2121F70}
[2011/06/21 09:13:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B6838110-F542-421B-B6EE-80FBE71B5030}
[2011/06/20 20:42:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B11AD6AE-8398-4BA4-9C9A-62479C4F7DDA}
[2011/06/20 12:00:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{26E805D7-6EC2-4A6C-8658-15A4824BA907}
[2011/06/20 00:00:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{47A34675-A7E0-47AE-9AA6-DF42E535095C}
[2011/06/19 13:11:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011/06/19 11:59:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{784B8043-91A0-44D4-8C93-88CEB1340B39}
[2011/06/19 11:40:05 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Dirt 3
[2011/06/19 11:23:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Autodesk,_Inc
[2011/06/19 10:52:26 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Autodesk
[2011/06/19 10:44:25 | 000,000,000 | ---D | C] -- C:\MITSI 2011 Temporary Files
[2011/06/19 10:43:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Chart Controls
[2011/06/19 10:13:49 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Inventor
[2011/06/18 23:58:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{82A7AF34-FB4B-4777-A71B-CC56A395F8CF}
[2011/06/18 11:58:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{688CEC2D-DA16-40D9-938F-5A1332D9DF75}
[2011/06/18 01:21:05 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\NFS Most Wanted
[2011/06/17 21:48:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E4F7566E-E8FD-47B1-9513-34616EE156A0}
[2011/06/17 09:47:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B3337826-69DE-418A-9B9A-2431EB62B96E}
[2011/06/16 21:47:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E79D3D19-2F7E-4765-81A3-D83E2D42725C}
[2011/06/16 12:41:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Leadertech
[2011/06/16 12:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2011/06/16 11:33:11 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/06/16 11:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\Magical Jelly Bean
[2011/06/16 11:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/06/16 11:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011/06/16 09:46:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{30F7E7E9-D323-4F61-B471-19B94F267608}
[2011/06/15 21:46:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0AD799EF-74F2-423B-8433-5D7D818CA32C}
[2011/03/17 09:09:51 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2011/03/17 09:09:51 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2011/03/17 09:09:51 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2011/03/17 09:09:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2011/03/17 09:09:51 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2011/03/17 09:09:51 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2011/03/17 09:09:51 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2011/03/17 09:09:51 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2011/03/17 09:09:51 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2011/03/17 09:09:51 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2011/03/17 09:09:51 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2011/03/17 09:09:51 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2011/03/17 09:09:51 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
[2 C:\Users\User\AppData\Roaming\*.tmp files -> C:\Users\User\AppData\Roaming\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2011/07/15 12:52:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/15 12:20:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/15 10:42:19 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/15 10:39:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/15 08:53:10 | 000,002,234 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk
[2011/07/15 08:53:10 | 000,002,111 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/15 07:55:28 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/15 07:55:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/15 07:55:05 | 2388,287,488 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/15 02:30:38 | 000,005,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 02:30:38 | 000,005,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 00:32:20 | 003,950,612 | ---- | M] () -- C:\Users\User\Desktop\graphic method 001.jpg
[2011/07/14 22:58:35 | 000,135,168 | -HS- | M] () -- C:\Users\User\AppData\Roaming\windows.exe
[2011/07/14 20:39:22 | 001,340,701 | ---- | M] () -- C:\Users\User\Desktop\TOM2 001.jpg
[2011/07/14 20:38:22 | 001,244,017 | ---- | M] () -- C:\Users\User\Desktop\TOM1 001.jpg
[2011/07/14 20:37:29 | 000,151,552 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/14 19:52:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/14 19:26:12 | 020,350,781 | ---- | M] () -- C:\Users\User\Desktop\IMG (2).pdf
[2011/07/14 11:53:39 | 000,002,969 | ---- | M] () -- C:\Users\User\Desktop\HiJackThis.lnk
[2011/07/14 11:20:58 | 000,721,876 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/14 11:20:58 | 000,145,776 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/13 17:18:17 | 002,280,398 | ---- | M] () -- C:\Users\User\Desktop\IMG (1).pdf
[2011/07/05 22:55:29 | 001,203,718 | ---- | M] () -- C:\Users\User\Desktop\IMG.pdf
[2011/07/05 19:38:43 | 000,029,097 | ---- | M] () -- C:\Users\User\Desktop\EME3066 Midterm Test Arrangement.pdf
[2011/06/30 08:27:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/29 21:13:58 | 000,001,934 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/06/26 21:43:41 | 000,000,204 | ---- | M] () -- C:\Windows\struct~.ini
[2011/06/23 11:25:23 | 417,266,955 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/19 19:25:43 | 000,542,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/19 15:52:02 | 000,001,520 | ---- | M] () -- C:\Users\User\Desktop\DiRT 3.lnk
[2011/06/19 10:51:39 | 000,002,230 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Inventor Professional 2011.lnk
[2 C:\Users\User\AppData\Roaming\*.tmp files -> C:\Users\User\AppData\Roaming\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/07/15 00:33:21 | 003,950,612 | ---- | C] () -- C:\Users\User\Desktop\graphic method 001.jpg
[2011/07/14 22:58:45 | 000,135,168 | -HS- | C] () -- C:\Users\User\AppData\Roaming\windows.exe
[2011/07/14 20:39:22 | 001,340,701 | ---- | C] () -- C:\Users\User\Desktop\TOM2 001.jpg
[2011/07/14 20:38:22 | 001,244,017 | ---- | C] () -- C:\Users\User\Desktop\TOM1 001.jpg
[2011/07/14 19:21:42 | 020,350,781 | ---- | C] () -- C:\Users\User\Desktop\IMG (2).pdf
[2011/07/14 11:53:39 | 000,002,969 | ---- | C] () -- C:\Users\User\Desktop\HiJackThis.lnk
[2011/07/13 17:16:48 | 002,280,398 | ---- | C] () -- C:\Users\User\Desktop\IMG (1).pdf
[2011/07/08 22:24:17 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/08 22:24:17 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/05 22:48:50 | 001,203,718 | ---- | C] () -- C:\Users\User\Desktop\IMG.pdf
[2011/07/05 19:38:44 | 000,029,097 | ---- | C] () -- C:\Users\User\Desktop\EME3066 Midterm Test Arrangement.pdf
[2011/06/29 21:13:58 | 000,001,934 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/06/26 21:43:40 | 000,000,204 | ---- | C] () -- C:\Windows\struct~.ini
[2011/06/23 11:25:23 | 417,266,955 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/19 15:52:02 | 000,001,520 | ---- | C] () -- C:\Users\User\Desktop\DiRT 3.lnk
[2011/06/19 10:51:39 | 000,002,230 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Inventor Professional 2011.lnk
[2011/06/18 01:27:27 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/13 21:06:13 | 000,007,606 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2011/06/07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/06/07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/06/07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/06/07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/06/07 11:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/05/29 23:44:54 | 000,000,204 | ---- | C] () -- C:\Windows\System32\bdsecustat.dat
[2011/04/05 23:50:19 | 000,002,358 | ---- | C] () -- C:\Windows\SIM8052.INI
[2011/03/29 21:05:48 | 000,709,992 | ---- | C] () -- C:\Windows\System32\kindling.dll
[2011/03/17 09:09:51 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCRinst.dll
[2011/03/14 17:25:34 | 000,151,552 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/14 16:16:33 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011/03/14 15:43:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/14 15:43:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/03/08 18:00:55 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/03/08 18:00:46 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/03/08 18:00:46 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/03/08 18:00:46 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/03/04 14:31:10 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/03/04 14:31:10 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/03/04 13:09:37 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/03/04 12:45:03 | 000,000,020 | ---- | C] () -- C:\Windows\System32\pub_store.dat
[2011/03/03 23:59:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/03/02 08:19:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2011/03/02 08:19:25 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2011/03/02 08:19:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2011/03/02 08:19:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2011/03/02 08:19:25 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2011/03/02 08:19:25 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2011/03/02 08:17:20 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2011/03/02 08:17:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2011/03/02 08:17:20 | 000,009,484 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2011/03/02 08:17:20 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2011/03/02 08:13:21 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/11/06 19:29:28 | 000,073,344 | ---- | C] () -- C:\Windows\System32\gtapi_signed.dll
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/07/14 12:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 12:33:53 | 000,542,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 10:05:48 | 000,721,876 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 10:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 10:05:48 | 000,145,776 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 10:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 10:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 10:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 08:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 07:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/14 07:36:08 | 000,193,024 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/04 17:50:32 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsis_loader.dll
[2008/05/01 10:47:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/05/01 04:36:47 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/12/22 08:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/30 12:32:52 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcrcoin.dll
[2006/08/14 17:01:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxcrcaps.dll
[2006/08/08 15:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxcrdrs.dll
[2006/03/23 04:33:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcrvs.dll
[2005/12/20 12:54:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcrcnv4.dll
[2005/07/23 13:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
 
========== Files - Unicode (All) ==========
[2011/03/04 13:03:41 | 000,001,719 | ---- | M] ()(C:\Users\User\Desktop\?.lnk) -- C:\Users\User\Desktop\千千静听.lnk
[2011/03/04 13:03:41 | 000,001,719 | ---- | C] ()(C:\Users\User\Desktop\?.lnk) -- C:\Users\User\Desktop\千千静听.lnk

< End of report >


Here is another


OTL Extras logfile created on: 15/7/2011 12:53:06 PM - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\User\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy
 
2.97 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 55.49% Memory free
5.93 Gb Paging File | 4.44 Gb Available in Paging File | 74.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 53.11 Gb Free Space | 18.50% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- "C:\Program Files\SogouExplorer\SogouExplorer.exe" "%1"
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\SogouExplorer\SogouExplorer.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Playback] -- "C:\Program Files\TTPlayer\TTPlayer.exe" "%1" (Alen Soft)
Directory [PlayList] -- "C:\Program Files\TTPlayer\TTPlayer.exe" /a "%1" (Alen Soft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uusee\UUSeePlayer.exe" = C:\Program Files\uusee\UUSeePlayer.exe:*:Enabled:UUPlayer -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{08233ADA-AA4C-A977-58FD-DB6C684BE010}" = Catalyst Control Center Localization Norwegian
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B4C7D42-323A-F3FD-5B18-0222082E6FDD}" = Catalyst Control Center Localization Dutch
"{0D348034-9CBE-19FC-19B0-B2CDC78E50F1}" = ccc-core-static
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{10B35323-BE1A-61FB-C4D1-E88F24147617}" = Catalyst Control Center Localization Thai
"{11FC2772-F7FD-21FD-614F-CE58BF52C398}" = Catalyst Control Center Localization Chinese Standard
"{12911298-DDB4-AD44-E530-AEB8127503C9}" = CCC Help Italian
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{156E98D0-1AEC-4013-A41A-94A1A01BFD68}" = O2Micro Flash Memory Card Reader Driver (x86)
"{1714616C-61CE-44D5-AF0B-53404D7FA83A}" = Catalyst Control Center Localization Korean
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18625A47-84A9-6F6C-3780-79221B6095C3}" = CCC Help Norwegian
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C3F57C7-8474-DF38-8F9F-0EBFB554FD56}" = Catalyst Control Center Localization Hungarian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{264324EA-35F7-AD77-CC96-F9F47A9A6284}" = Catalyst Control Center Localization Czech
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 26
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2A6F930B-12DA-AD4F-C4A4-E008F73A8016}" = CCC Help English
"{2AEC1EC0-0C01-8831-B04F-41FB4A92B677}" = Catalyst Control Center Localization Spanish
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{31326B80-1D01-4DBA-1DCA-A0731182A2E6}" = CCC Help Korean
"{31DD9FF4-23CD-7898-0305-70D806E2F7DB}" = CCC Help Japanese
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33AC44A1-81C2-0A61-0EC0-59EFC503A1EA}" = Catalyst Control Center Localization Danish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{374E3A6E-A243-461D-BC0F-8B183A9950C5}" = FET@51
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DFE65B6-3AC9-C44A-1160-A449E0DFFE94}" = CCC Help Greek
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS En

[guestolo]

I want to check a couple of files if they are around
Please set your computer show hidden files and folders
The link will explain
http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/

Go to this link
http://www.virustotal.com/

Use the browse button and navigate to this file on your hard disk
C:\Users\User\AppData\Roaming\windows.exe<--this file

Right click on the file and choose Select
Then use the Submit button
Let it finish scanning
Could you post back the results of the scan back here please
Or just post the link to the results page

Do the same for the next file if it's found
C:\Users\User\AppData\Roaming\Cgrwry.exe

NOTE: I may not see your reply till tomorrow as it's time for some shuteye

[zzzim]

Here the link:
https://www.virustotal.com/file-scan/reanalysis.html?id=8aa9b9c970a58505b71c5b2ddbcb3916eec6fd9d11f0d8152026c7b0d33f23a8-1310707927

I cant found C:\Users\User\AppData\Roaming\Cgrwry.exe


[size="2"][color="#1c2837"]Thanks again and have a good rest [/color][/size]
[size="2"][color="#1c2837"]=)[/color][/size]

[guestolo]

Sorry for the delay
Can you do the following:

Right click on OTl.exe and choose to "Run as Admin"

• Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
  

  :OTL
  O2 - BHO: (ѸÀ×Á÷ýÌå̽²âIEÖ§³Ö) - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - File not found
  O4 - HKCU..\Run: [Cgrwry] File not found
  O4 - HKCU..\Run: [Windows Login access] C:\Users\User\AppData\Roaming\windows.exe ()
  :Files
  C:\Users\User\AppData\Roaming\Cgrwry.exe
  ipconfig /flushdns /c
  :Commands
  [EmptyFlash]
  [EmptyTemp]
  

  
  
• Then click the [color="#FF0000"]Run Fix[/color] button at the top
  
• Let the program run unhindered, reboot the PC when it is done

On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder

In addition:
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.    
• If an update is found, it will download and install the latest version.    
• Once the program has loaded, select "Perform Quick Scan", then click Scan.    
  
• The scan may take some time to finish,so please be patient.    
• When the scan is complete, click OK, then Show Results to view the results.    
  
• Make sure that everything is checked, and click Remove Selected.
      * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)    
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.    
• Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

[zzzim]

Here is the log file generated from OTL

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01443AEC-0FD1-40fd-9C87-E93D1494C233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01443AEC-0FD1-40fd-9C87-E93D1494C233}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Cgrwry deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Login access deleted successfully.
C:\Users\User\AppData\Roaming\windows.exe moved successfully.
========== FILES ==========
File\Folder C:\Users\User\AppData\Roaming\Cgrwry.exe not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\User\Desktop\cmd.bat deleted successfully.
C:\Users\User\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: User
->Flash cache emptied: 116382 bytes
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: User
->Temp folder emptied: 694785411 bytes
->Temporary Internet Files folder emptied: 138715812 bytes
->Java cache emptied: 203575 bytes
->Google Chrome cache emptied: 437313576 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3657113779 bytes
RecycleBin emptied: 1793185 bytes
 
Total Files Cleaned = 4,702.00 mb
 
 
OTL by OldTimer - Version 3.2.26.1 log created on 07182011_195803

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[zzzim]

Here's another log file


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7189

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18/7/2011 8:21:32 PM
mbam-log-2011-07-18 (20-21-32).txt

Scan type: Quick scan
Objects scanned: 183875
Time elapsed: 6 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{87CA3845-37FE-414C-81CF-E08A7D0F6779} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{988934A4-064B-11D3-BB80-00104B35E7F9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SogouExplorer.AssocFile.HTM (Adware.Sogou) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SogouExplorer.HTTP (Adware.Sogou) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SogouExplorerHTML (Adware.Sogou) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\thunder (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SogouExplorer.exe (Adware.Sogou) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://redirecturls.info/) Good: (http://www.google.com) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files\thunder network\Thunder\ComDlls\xunleibho_now.dll (Trojan.BHO) -> Quarantined and deleted successfully.
c:\Users\User\AppData\Roaming\489B.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\Users\User\AppData\Roaming\9F07.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\Users\User\favorites\СÓÎÏ·.lnk (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\User\AppData\Roaming\microsoft\internet explorer\quick launch\æô¶¯ internet explorer ä¯ààæ÷.lhk (Hijack.Trace) -> Quarantined and deleted successfully.

[guestolo]

Can you reopen OTL.exe
Run a Quick Scan and post the new log that opens when it's done
Keep me informed how things are now running please

[zzzim]

I started to use back my msn and so far so good. No complaint from my friends.

OTL logfile created on: 19/7/2011 1:06:08 PM - Run 2
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\User\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy
 
2.97 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 46.47% Memory free
5.93 Gb Paging File | 4.06 Gb Available in Paging File | 68.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 49.04 Gb Free Space | 17.09% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/07/15 16:56:08 | 000,517,496 | ---- | M] (UUSEE) -- C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe
PRC - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/06/24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/06/09 11:14:38 | 000,439,744 | ---- | M] (PPLive Corporation) -- C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/21 18:52:26 | 000,038,704 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) -- C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe
PRC - [2010/12/21 18:51:40 | 000,946,480 | ---- | M] (深圳市迅雷网络技术有限公司) -- C:\Program Files\Thunder Network\Thunder\Program\Thunder.exe
PRC - [2010/12/21 18:51:20 | 000,157,488 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) -- c:\Program Files\Common Files\Thunder Network\TP\Ver1\1.1.2.46_1111\ThunderPlatform.exe
PRC - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
PRC - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/11/16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/07/14 09:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/05/01 13:52:24 | 000,082,600 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2400 Series\ezprint.exe
PRC - [2009/05/01 13:52:22 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/09/03 13:47:00 | 000,712,704 | ---- | M] (AuthenTec, Inc) -- C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
PRC - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) -- C:\Windows\System32\TAMSvr.exe
PRC - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/07/25 15:41:56 | 000,094,208 | ---- | M] () -- C:\Program Files\TrueSuite Access Manager\usbnotify.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/04/25 04:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/03/20 05:35:44 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2008/02/07 05:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/09/29 08:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/06/16 13:01:58 | 000,448,080 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe
PRC - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
MOD - [2009/07/14 09:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] --  -- (WPFFontCache_v0400)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/30 09:27:39 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/22 22:34:49 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/21 18:52:26 | 000,038,704 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) [Auto | Running] -- C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe -- (XLDoctor Services)
SRV - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe -- (mitsijm2011)
SRV - [2009/11/16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) [Auto | Running] -- C:\Windows\System32\TAMSvr.exe -- (Authentec memory manager)
SRV - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/05/29 07:20:16 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/12 03:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)
SRV - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/06/02 13:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/06/02 13:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/06/02 13:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011/06/02 13:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/12/21 18:51:38 | 000,008,488 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Thunder Network\Thunder\XLDoctor\7.1.4.2104_1\Program\tcphoc.sys -- (tcphoc)
DRV - [2010/12/21 13:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/12/20 14:42:04 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/11/24 08:55:50 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/11/24 08:55:50 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/11/24 08:55:50 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/02/16 23:02:02 | 000,021,504 | ---- | M] (http://www.atmel.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2009/11/16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/11/16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/11/16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/07/14 09:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 09:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 09:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 07:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 07:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 06:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/14 06:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 06:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2008/08/14 09:52:00 | 000,146,944 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2008/07/25 15:41:36 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/07/16 11:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/15 10:13:14 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008/03/04 10:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/12/15 02:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/10 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/17 07:36:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/10/24 08:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrlPlugin: C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(500).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/03/14 15:47:54 | 000,000,000 | ---D | M]
 
[2010/09/10 14:19:24 | 000,305,152 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npuuseep.dll
 
O1 HOSTS File: ([2006/09/19 05:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (ѸÀ×ÏÂÔØÖ§³Ö) - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll (深圳市迅雷网络技术有限公司)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FingerPrintNotifer] C:\Program Files\TrueSuite Access Manager\FpNotifier.exe (AuthenTec, Inc)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LXCRCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [UsbMonitor] C:\Program Files\TrueSuite Access Manager\usbnotify.exe ()
O4 - HKLM..\Run: [UUSeeMediaCenter] C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe (UUSEE)
O4 - HKCU..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm ()
O8 - Extra context menu item: ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\BHO\getAllurl.htm ()
O8 - Extra context menu item: ʹÓÃUUSee¼ÓËÙ²¥·Å - C:\Program Files\uusee\geturltoplay.htm ()
O8 - Extra context menu item: ʹÓÃUUSeeÏÂÔØ - C:\Program Files\uusee\geturltodown.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: ²é¿´Íøҳȫ²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra 'Tools' menuitem : ²é¿´Íøҳȫ²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra Button: СÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} -  File not found
O9 - Extra 'Tools' menuitem : СÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} -  File not found
O9 - Extra Button: Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe ()
O9 - Extra 'Tools' menuitem : Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe ()
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/14 14:43:09 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell - "" = AutoRun
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/07/19 09:40:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DCEBBD9A-74E2-409B-99EA-12E321A5AFD2}
[2011/07/19 08:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/07/18 20:37:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A2E68B35-F78B-468E-A8EF-48A8313CD28F}
[2011/07/18 20:12:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2011/07/18 20:11:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/07/18 20:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/18 20:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/18 20:11:43 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/07/18 20:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/18 20:07:00 | 009,466,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\User\Desktop\mbam-setup-1.51.1.1800.exe
[2011/07/18 19:58:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/17 20:18:52 | 000,000,000 | ---D | C] -- C:\FavoriteVideo
[2011/07/16 22:19:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{16030DCA-6C9C-4BBE-841E-BD05EE208014}
[2011/07/15 12:52:37 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2011/07/14 22:14:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{04102DC3-B938-4A5C-B989-D32D43F64E8D}
[2011/07/14 11:53:39 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Trend Micro
[2011/07/14 11:53:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/07/14 11:20:04 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Law
[2011/07/14 09:59:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E82959BC-2872-41B8-9013-4429065CEABA}
[2011/07/13 21:58:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0F2C00B8-1E51-44BD-86FC-EF1F02EDF528}
[2011/07/13 09:09:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B5DB8918-EA86-4647-A959-DCF098FA7BC4}
[2011/07/12 21:08:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{528B3375-EDEE-4747-A5D5-81B8E4D969F1}
[2011/07/12 09:08:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{00D010EC-C2D6-4068-8796-6BD54EFD9A7D}
[2011/07/11 21:07:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{79FF6CD7-BF7E-417F-B26A-20B49B9507C1}
[2011/07/11 09:07:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{25727E4C-4DE5-450E-B968-61E2255350F7}
[2011/07/10 21:58:25 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\New folder
[2011/07/10 14:38:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{43F9A9EC-DCC9-4EE5-A7D7-3F6D14389F9B}
[2011/07/09 23:08:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C37D2A23-5355-4B2B-BFAD-8A01F38EEFC7}
[2011/07/09 10:43:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C1D932B0-2005-4A55-846A-D117BDC732F6}
[2011/07/08 22:24:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Facebook
[2011/07/08 21:49:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{458C3C56-507A-477E-BC3B-CA38083F4A13}
[2011/07/08 08:01:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{561C9EA4-F2A4-4C0F-9EF7-1EE6D5BFEFD6}
[2011/07/07 19:56:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{321CCB63-3AE3-4398-8EA2-5F605BE383D7}
[2011/07/07 10:21:21 | 000,000,000 | R--D | C] -- C:\Users\User\Documents\Scanned Documents
[2011/07/07 10:21:21 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Fax
[2011/07/07 07:55:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CAACA370-812A-4F2F-AB96-D577802DFE56}
[2011/07/06 11:09:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AD154FAE-88C5-4342-831E-8ED4B83C8AB5}
[2011/07/05 22:16:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{34389F44-EC3A-4D3B-B04D-C0E9756F9BD3}
[2011/07/05 10:15:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0F6A88D5-A1D4-460F-BD1D-5E560A0C7CB5}
[2011/07/04 22:15:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3D0BEF60-2DAD-4E08-B473-7E2B8D67D7A2}
[2011/07/04 10:15:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C0116305-49C6-4534-BFF5-68B3F21CAC35}
[2011/07/03 22:04:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FF05CD1C-BBE9-4C36-9711-A146C831AC68}
[2011/07/02 17:52:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5FB1FFDD-499C-4BBA-987E-2FE2774AE286}
[2011/07/01 11:46:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{088F47F5-8BD0-4709-B229-3F9D33BB3D65}
[2011/06/30 21:15:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DC810AED-C3E7-4546-ADEF-D8D9B07FD6F5}
[2011/06/30 09:15:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4122331A-FE66-45CE-90FE-5481D1F9A416}
[2011/06/29 21:19:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Samsung
[2011/06/29 21:15:08 | 000,136,808 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdm.sys
[2011/06/29 21:15:08 | 000,121,064 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadbus.sys
[2011/06/29 21:15:08 | 000,114,280 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadserd.sys
[2011/06/29 21:15:08 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdfl.sys
[2011/06/29 21:15:08 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcmnt.sys
[2011/06/29 21:15:08 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcm.sys
[2011/06/29 21:15:08 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwhnt.sys
[2011/06/29 21:15:08 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwh.sys
[2011/06/29 21:13:54 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2011/06/29 21:13:43 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2011/06/29 21:09:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Downloaded Installations
[2011/06/29 09:14:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A1128B04-7D38-4437-AD8F-D1D96324BD19}
[2011/06/28 21:14:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4FE80DCA-3E55-41EA-9DE9-86482F20F07D}
[2011/06/28 09:14:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{72DD4C4C-A9F1-40F0-9407-4AF92AE3F22F}
[2011/06/27 21:13:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{927FC774-F2DA-411E-BF77-24E77884889A}
[2011/06/27 09:13:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{74643326-B01C-4067-A086-CB370DCCD5FA}
[2011/06/26 15:58:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{13C2DE01-265B-48B1-BC23-71D4F17418CF}
[2011/06/25 15:33:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4F7C8D03-A0BF-4B3C-90D9-C3EAD837014C}
[2011/06/25 01:04:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{54674965-D6B1-4B49-AD6B-0420F4439025}
[2011/06/24 09:15:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{91BEBD01-527D-4878-B38E-244A71C2F60C}
[2011/06/23 21:15:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E45BE562-D9E0-451E-AD91-F7602C1C2FA7}
[2011/06/23 11:25:25 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/06/23 09:14:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{260E5311-50F6-4B00-9569-A7EAD59165E2}
[2011/06/22 21:14:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{787C0372-ED3A-4FF9-B7AD-6097F6E4EEE4}
[2011/06/22 09:13:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D3FEBD3A-D4C2-4A66-811C-D06D829BEED9}
[2011/06/21 21:13:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{08A546A2-161B-4D34-BAEC-A1D6E2121F70}
[2011/06/21 09:13:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B6838110-F542-421B-B6EE-80FBE71B5030}
[2011/06/20 20:42:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B11AD6AE-8398-4BA4-9C9A-62479C4F7DDA}
[2011/06/20 12:00:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{26E805D7-6EC2-4A6C-8658-15A4824BA907}
[2011/06/20 00:00:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{47A34675-A7E0-47AE-9AA6-DF42E535095C}
[2011/06/19 13:11:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011/03/17 09:09:51 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2011/03/17 09:09:51 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2011/03/17 09:09:51 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2011/03/17 09:09:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2011/03/17 09:09:51 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2011/03/17 09:09:51 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2011/03/17 09:09:51 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2011/03/17 09:09:51 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2011/03/17 09:09:51 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2011/03/17 09:09:51 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2011/03/17 09:09:51 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2011/03/17 09:09:51 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2011/03/17 09:09:51 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/07/19 12:52:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/19 12:27:46 | 000,005,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/19 12:27:46 | 000,005,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/19 12:20:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/19 10:39:15 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/19 10:39:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/19 08:28:53 | 000,107,705 | ---- | M] () -- C:\Users\User\Desktop\A- Cylindrical and Spherical Coordinates.pdf
[2011/07/19 08:28:28 | 000,064,949 | ---- | M] () -- C:\Users\User\Desktop\Appendix of the Midterm Test.pdf
[2011/07/19 08:26:26 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/19 08:26:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/19 08:26:05 | 2388,287,488 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/19 08:22:36 | 000,000,000 | ---- | M] () -- C:\Users\User\AppData\Local\{CD19F5DD-0ED7-4320-8952-27689F7A390D}
[2011/07/18 22:17:23 | 000,049,701 | ---- | M] () -- C:\Users\User\Desktop\Chapter 3 - Balancing_5 - selected examples.pdf
[2011/07/18 20:11:47 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/18 20:11:18 | 009,466,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\User\Desktop\mbam-setup-1.51.1.1800.exe
[2011/07/18 19:52:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/18 19:48:48 | 000,063,258 | ---- | M] () -- C:\Users\User\Desktop\More Exact Solutions.pdf
[2011/07/18 12:38:59 | 001,018,443 | ---- | M] () -- C:\Users\User\Desktop\Tutorial-6-RC_WR.pdf
[2011/07/17 20:49:04 | 000,165,888 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/17 20:48:25 | 000,721,876 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/17 20:48:25 | 000,145,776 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/17 20:12:06 | 000,013,040 | ---- | M] () -- C:\Users\User\Desktop\Midterm list.pdf
[2011/07/16 22:56:48 | 000,008,511 | ---- | M] () -- C:\Users\User\Desktop\Outline of EME3026 Fluid Dynamics.pdf
[2011/07/16 07:58:58 | 000,214,016 | ---- | M] () -- C:\Users\User\Desktop\1407.Q16.1081100873.Eric Sim Chee Gee.ipt
[2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2011/07/15 08:53:10 | 000,002,234 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk
[2011/07/15 08:53:10 | 000,002,111 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/14 11:53:39 | 000,002,969 | ---- | M] () -- C:\Users\User\Desktop\HiJackThis.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/07/05 22:55:29 | 001,203,718 | ---- | M] () -- C:\Users\User\Desktop\IMG.pdf
[2011/06/29 21:13:58 | 000,001,934 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/06/26 21:43:41 | 000,000,204 | ---- | M] () -- C:\Windows\struct~.ini
[2011/06/23 11:25:23 | 417,266,955 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/19 19:25:43 | 000,542,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/19 15:52:02 | 000,001,520 | ---- | M] () -- C:\Users\User\Desktop\DiRT 3.lnk
 
========== Files Created - No Company Name ==========
 
[2011/07/19 08:28:55 | 000,107,705 | ---- | C] () -- C:\Users\User\Desktop\A- Cylindrical and Spherical Coordinates.pdf
[2011/07/19 08:28:31 | 000,064,949 | ---- | C] () -- C:\Users\User\Desktop\Appendix of the Midterm Test.pdf
[2011/07/19 08:22:36 | 000,000,000 | ---- | C] () -- C:\Users\User\AppData\Local\{CD19F5DD-0ED7-4320-8952-27689F7A390D}
[2011/07/18 22:17:25 | 000,049,701 | ---- | C] () -- C:\Users\User\Desktop\Chapter 3 - Balancing_5 - selected examples.pdf
[2011/07/18 20:11:47 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/18 19:48:49 | 000,063,258 | ---- | C] () -- C:\Users\User\Desktop\More Exact Solutions.pdf
[2011/07/18 12:39:01 | 001,018,443 | ---- | C] () -- C:\Users\User\Desktop\Tutorial-6-RC_WR.pdf
[2011/07/17 20:12:08 | 000,013,040 | ---- | C] () -- C:\Users\User\Desktop\Midterm list.pdf
[2011/07/16 22:56:49 | 000,008,511 | ---- | C] () -- C:\Users\User\Desktop\Outline of EME3026 Fluid Dynamics.pdf
[2011/07/16 07:58:28 | 000,214,016 | ---- | C] () -- C:\Users\User\Desktop\1407.Q16.1081100873.Eric Sim Chee Gee.ipt
[2011/07/14 11:53:39 | 000,002,969 | ---- | C] () -- C:\Users\User\Desktop\HiJackThis.lnk
[2011/07/08 22:24:17 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/08 22:24:17 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/05 22:48:50 | 001,203,718 | ---- | C] () -- C:\Users\User\Desktop\IMG.pdf
[2011/06/29 21:13:58 | 000,001,934 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/06/26 21:43:40 | 000,000,204 | ---- | C] () -- C:\Windows\struct~.ini
[2011/06/23 11:25:23 | 417,266,955 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/19 15:52:02 | 000,001,520 | ---- | C] () -- C:\Users\User\Desktop\DiRT 3.lnk
[2011/06/13 21:06:13 | 000,007,606 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2011/06/07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/06/07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/06/07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/06/07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/06/07 11:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/05/29 23:44:54 | 000,000,204 | ---- | C] () -- C:\Windows\System32\bdsecustat.dat
[2011/04/05 23:50:19 | 000,002,358 | ---- | C] () -- C:\Windows\SIM8052.INI
[2011/03/29 21:05:48 | 000,709,992 | ---- | C] () -- C:\Windows\System32\kindling.dll
[2011/03/17 09:09:51 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCRinst.dll
[2011/03/14 17:25:34 | 000,165,888 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/14 16:16:33 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011/03/14 15:43:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/14 15:43:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/03/08 18:00:55 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/03/08 18:00:46 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/03/08 18:00:46 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/03/08 18:00:46 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/03/04 14:31:10 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/03/04 14:31:10 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/03/04 13:09:37 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/03/04 12:45:03 | 000,000,020 | ---- | C] () -- C:\Windows\System32\pub_store.dat
[2011/03/03 23:59:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/03/02 08:19:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2011/03/02 08:19:25 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2011/03/02 08:19:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2011/03/02 08:19:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2011/03/02 08:19:25 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2011/03/02 08:19:25 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2011/03/02 08:17:20 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2011/03/02 08:17:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2011/03/02 08:17:20 | 000,009,484 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2011/03/02 08:17:20 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2011/03/02 08:13:21 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/11/06 19:29:28 | 000,073,344 | ---- | C] () -- C:\Windows\System32\gtapi_signed.dll
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/07/14 12:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 12:33:53 | 000,542,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 10:05:48 | 000,721,876 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 10:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 10:05:48 | 000,145,776 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 10:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 10:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 10:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 08:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 07:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/14 07:36:08 | 000,193,024 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/04 17:50:32 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsis_loader.dll
[2008/05/01 10:47:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/05/01 04:36:47 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/12/22 08:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/30 12:32:52 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcrcoin.dll
[2006/08/14 17:01:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxcrcaps.dll
[2006/08/08 15:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxcrdrs.dll
[2006/03/23 04:33:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcrvs.dll
[2005/12/20 12:54:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcrcnv4.dll
[2005/07/23 13:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
 
========== LOP Check ==========
 
[2011/06/21 16:07:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Autodesk
[2011/06/16 12:41:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2011/03/14 16:07:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Maxthon3
[2011/03/27 13:35:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PPLive
[2011/06/29 21:11:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Samsung
[2011/05/29 20:10:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SE_logs
[2011/06/12 01:34:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SogouExplorer
[2011/03/14 16:07:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TTPlayer
[2011/03/01 17:42:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WildTangent
[2011/03/14 16:07:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Windows Live Writer
[2011/07/19 10:39:00 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/19 10:39:15 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/05/28 11:28:45 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011/03/04 13:03:41 | 000,001,719 | ---- | M] ()(C:\Users\User\Desktop\?.lnk) -- C:\Users\User\Desktop\千千静听.lnk
[2011/03/04 13:03:41 | 000,001,719 | ---- | C] ()(C:\Users\User\Desktop\?.lnk) -- C:\Users\User\Desktop\千千静听.lnk

< End of report >

[guestolo]

If everything is still running good
Right click on OTL.exe and choose to "Run as Admin"
when it opens
Click on the CLEANUP button
Follow the prompts and reboot the computer afterwards

That should do it