OTL logfile created on: 7/6/2012 12:56:47 AM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Min Young Pak\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.87 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 61.02% Memory free
5.74 Gb Paging File | 4.39 Gb Available in Paging File | 76.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.62 Gb Total Space | 163.58 Gb Free Space | 56.68% Space Free | Partition Type: NTFS
Drive D: | 1.56 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: DAMBAE | User Name: Min Young Pak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/06 00:48:30 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Min Young Pak\Desktop\OTL.exe
PRC - [2012/07/04 20:23:44 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/04/04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/09/17 15:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/09/17 15:36:58 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009/08/17 13:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2009/08/11 19:09:54 | 000,185,712 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe
PRC - [2009/08/11 19:09:38 | 001,324,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TEco.exe
PRC - [2009/08/11 14:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/08/10 22:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
PRC - [2009/08/06 20:05:18 | 000,583,024 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
PRC - [2009/08/06 20:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
PRC - [2009/08/05 17:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/08/05 17:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009/08/05 17:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/07/28 23:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/28 18:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009/07/28 17:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009/07/13 18:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/03/10 21:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
========== Modules (No Company Name) ==========
MOD - [2012/07/06 00:43:49 | 000,052,736 | ---- | M] () -- C:\Users\Min Young Pak\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/07/04 21:15:21 | 000,063,488 | ---- | M] () -- C:\Users\Min Young Pak\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/07/04 21:15:19 | 000,117,760 | ---- | M] () -- C:\Users\Min Young Pak\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/05/28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/09/12 01:02:40 | 000,052,224 | ---- | M] () -- C:\Users\Min Young Pak\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2009/09/17 15:36:34 | 000,079,192 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
MOD - [2009/07/29 18:35:38 | 000,014,648 | ---- | M] () -- C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll
MOD - [2009/07/25 14:07:12 | 000,058,704 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2009/07/16 18:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/16 18:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2009/06/22 18:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2009/03/12 22:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/06/28 20:27:11 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/17 19:54:18 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/02/28 14:06:56 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/02/08 16:32:52 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/17 15:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/08/17 13:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/11 19:09:54 | 000,185,712 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009/08/10 22:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2009/08/06 20:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009/08/05 17:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/07/28 18:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/10 21:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\PCTINDIS5.SYS -- (PCTINDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\MINYOU~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/07/06 00:48:07 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/11/14 23:50:16 | 000,112,096 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/11/04 03:59:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (HID)
DRV - [2009/10/02 13:33:24 | 000,862,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009/07/30 20:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/24 18:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2009/07/14 18:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 18:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 18:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/07 11:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2009/06/22 20:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009/06/19 22:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV - [2008/08/22 11:05:42 | 000,026,760 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/05/06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
IE - HKLM\..\SearchScopes,DefaultScope = {9E9F9C3A-C14B-402C-9F5F-948A1C372C45}
IE - HKLM\..\SearchScopes\{9E9F9C3A-C14B-402C-9F5F-948A1C372C45}: "URL" =
http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 89 C1 5A 0D 1B C8 5F 46 AB 8D 55 54 C4 64 35 0A [binary data]
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 89 C1 5A 0D 1B C8 5F 46 AB 8D 55 54 C4 64 35 0A [binary data]
IE - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/
IE - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 89 C1 5A 0D 1B C8 5F 46 AB 8D 55 54 C4 64 35 0A [binary data]
IE - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" =
http://search.babylon.com/?q={searc...SP_ss&mntrId=64b8faeb000000000000701a0430888e
IE - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\..\SearchScopes\{9E9F9C3A-C14B-402C-9F5F-948A1C372C45}: "URL" =
http://www.google.com/search?source...ding}&oe={outputEncoding}&rlz=1I7TSNA_enUS355
IE - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63737
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "
http://search.babylon.com/?affID=10...HP_ss&mntrId=64b8faeb000000000000701a0430888e"
FF - prefs.js..keyword.URL: "
http://search.babylon.com/?affID=10..._ss&mntrId=64b8faeb000000000000701a0430888e&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 63737
FF - prefs.js..network.proxy.no_proxies_on: "localho,t,127.0.0.1,*.local"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer,version=1.18.6: C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.1.5.22: C:\Program Files\Musicnotes\npsibelius.dll ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Min Young Pak\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Min Young Pak\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Users\Min Young Pak\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/12 22:46:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{AF7A56AE-C0BE-11E1-8270-B8AC6F996F26}: C:\Users\Min Young Pak\AppData\Local\{AF7A56AE-C0BE-11E1-8270-B8AC6F996F26}\ [2012/06/27 21:15:13 | 000,000,000 | ---D | M]
[2012/05/16 18:13:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min Young Pak\AppData\Roaming\Mozilla\Extensions
[2012/07/04 13:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min Young Pak\AppData\Roaming\Mozilla\Firefox\Profiles\nqyaul2l.default\extensions
[2012/07/04 13:26:06 | 000,000,000 | ---D | M] (DealCabby) -- C:\Users\Min Young Pak\AppData\Roaming\Mozilla\Firefox\Profiles\nqyaul2l.default\extensions\dealcabby@jetpack
[2012/07/04 13:54:11 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Min Young Pak\AppData\Roaming\Mozilla\Firefox\Profiles\nqyaul2l.default\extensions\
ffxtlbr@funmoods.com
[2012/07/04 13:25:58 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Min Young Pak\AppData\Roaming\Mozilla\Firefox\Profiles\nqyaul2l.default\extensions\
plugin@videofiledownload.com
[2012/03/12 22:46:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/27 21:15:13 | 000,000,000 | ---D | M] (Mozilla Safe Browsing) -- C:\USERS\MIN YOUNG PAK\APPDATA\LOCAL\{AF7A56AE-C0BE-11E1-8270-B8AC6F996F26}
[2012/02/16 10:40:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/05/16 18:12:38 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/02/16 06:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/16 06:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/07/06 00:25:47 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2632614555-3055429767-3190399316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
https://myed-al.wachovia.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B421E90D-DD7B-433C-8873-EFA93B9828A0}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/06 02:59:35 | 000,000,000 | ---D | C] -- C:\FRST
[2012/07/06 00:48:30 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Min Young Pak\Desktop\OTL.exe
[2012/07/06 00:25:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/06 00:24:00 | 000,000,000 | ---D | C] -- C:\windows\temp
[2012/07/06 00:24:00 | 000,000,000 | ---D | C] -- C:\Users\Min Young Pak\AppData\Local\temp
[2012/07/06 00:11:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/07/06 00:11:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/07/06 00:11:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/07/06 00:11:32 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/07/06 00:11:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/06 00:10:41 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2012/07/06 00:08:21 | 004,571,524 | R--- | C] (Swearware) -- C:\Users\Min Young Pak\Desktop\ComboFix.exe
[2012/07/05 21:09:35 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2012/07/05 20:28:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/07/04 23:18:34 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2012/07/04 23:17:14 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2012/07/04 22:42:00 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012/07/04 22:42:00 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/07/04 22:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2012/07/04 22:35:32 | 000,000,000 | ---D | C] -- C:\2706c730439a7ba63d3c0ab9c5ede187
[2012/07/04 22:34:37 | 000,000,000 | ---D | C] -- C:\1cce71c6fc50100f525eaa4014
[2012/07/04 22:30:17 | 000,000,000 | ---D | C] -- C:\fce4c6ebdadb8f16d22518ab1a
[2012/07/04 13:27:18 | 000,000,000 | ---D | C] -- C:\Users\Min Young Pak\AppData\Roaming\vlc
[2012/07/04 13:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/07/04 13:26:49 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/07/04 13:26:06 | 000,000,000 | ---D | C] -- C:\Users\Min Young Pak\AppData\Local\dealcabby
[2012/07/04 13:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\OApps
[2012/07/04 13:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Funmoods
[2012/06/28 20:37:20 | 000,000,000 | -HSD | C] -- C:\windows\System32\%APPDATA%
[2012/06/27 21:15:13 | 000,000,000 | ---D | C] -- C:\Users\Min Young Pak\AppData\Local\{AF7A56AE-C0BE-11E1-8270-B8AC6F996F26}
[2011/09/18 15:37:12 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Users\Min Young Pak\taskmgr.exe
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/06 00:50:48 | 000,015,792 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/06 00:50:48 | 000,015,792 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/06 00:48:30 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Min Young Pak\Desktop\OTL.exe
[2012/07/06 00:48:07 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2012/07/06 00:47:20 | 000,629,334 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/07/06 00:47:20 | 000,108,518 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/07/06 00:42:45 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/07/06 00:42:39 | 2312,097,792 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/06 00:27:13 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/07/06 00:25:47 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2012/07/06 00:07:02 | 004,571,524 | R--- | M] (Swearware) -- C:\Users\Min Young Pak\Desktop\ComboFix.exe
[2012/07/05 21:31:56 | 000,001,281 | ---- | M] () -- C:\Users\Min Young Pak\Desktop\shutdown.lnk
[2012/07/05 21:28:46 | 000,000,190 | ---- | M] () -- C:\Users\Min Young Pak\Desktop\New shortcut.lnk
[2012/07/05 20:29:33 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2012/07/05 18:00:34 | 000,447,744 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/07/04 13:25:55 | 000,031,465 | ---- | M] () -- C:\Users\Min Young Pak\AppData\Local\funmoods.crx
[2012/07/04 13:22:41 | 004,450,756 | ---- | M] () -- C:\Users\Min Young Pak\Desktop\IMG_0490.MOV
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/06 00:11:40 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/07/06 00:11:40 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/07/06 00:11:40 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/07/06 00:11:40 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/07/06 00:11:40 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/07/05 21:31:43 | 000,001,281 | ---- | C] () -- C:\Users\Min Young Pak\Desktop\shutdown.lnk
[2012/07/05 21:28:46 | 000,000,190 | ---- | C] () -- C:\Users\Min Young Pak\Desktop\New shortcut.lnk
[2012/07/05 20:29:15 | 000,001,886 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/07/04 13:25:56 | 000,031,465 | ---- | C] () -- C:\Users\Min Young Pak\AppData\Local\funmoods.crx
[2012/07/04 13:22:38 | 004,450,756 | ---- | C] () -- C:\Users\Min Young Pak\Desktop\IMG_0490.MOV
[2011/11/09 19:42:03 | 000,000,296 | -H-- | C] () -- C:\ProgramData\~oLDwSazUxSJuJi
[2011/11/09 19:42:03 | 000,000,216 | -H-- | C] () -- C:\ProgramData\~oLDwSazUxSJuJir
[2011/11/09 19:41:58 | 000,000,440 | -H-- | C] () -- C:\ProgramData\oLDwSazUxSJuJi
[2011/03/18 18:54:38 | 000,384,508 | -H-- | C] () -- C:\Users\Min Young Pak\Virgin Blue Airpass Itinerary.mht
[2010/07/01 20:13:11 | 000,000,036 | -H-- | C] () -- C:\Users\Min Young Pak\AppData\Roaming\skynet.dat
[2010/07/01 20:13:11 | 000,000,009 | ---- | C] () -- C:\Users\Min Young Pak\AppData\Roaming\nuar.old
[2010/05/20 18:24:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== LOP Check ==========
[2012/05/16 18:12:34 | 000,000,000 | ---D | M] -- C:\Users\Min Young Pak\AppData\Roaming\Babylon
[2012/05/16 18:12:48 | 000,000,000 | ---D | M] -- C:\Users\Min Young Pak\AppData\Roaming\BabylonToolbar
[2010/06/15 00:21:48 | 000,000,000 | -H-D | M] -- C:\Users\Min Young Pak\AppData\Roaming\Camfrog
[2009/12/29 18:22:45 | 000,000,000 | -H-D | M] -- C:\Users\Min Young Pak\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/05/17 19:52:58 | 000,000,000 | ---D | M] -- C:\Users\Min Young Pak\AppData\Roaming\DAEMON Tools Lite
[2011/11/10 20:59:30 | 000,000,000 | ---D | M] -- C:\Users\Min Young Pak\AppData\Roaming\Juniper Networks
[2012/05/16 18:14:55 | 000,000,000 | ---D | M] -- C:\Users\Min Young Pak\AppData\Roaming\Media Finder
[2009/12/07 21:46:40 | 000,000,000 | -H-D | M] -- C:\Users\Min Young Pak\AppData\Roaming\Sierra Wireless
[2010/07/01 21:58:23 | 000,000,000 | -H-D | M] -- C:\Users\Min Young Pak\AppData\Roaming\Sysinternals Antivirus
[2011/11/10 20:57:43 | 000,000,000 | ---D | M] -- C:\Users\Min Young Pak\AppData\Roaming\Trillian
[2009/11/28 16:04:53 | 000,000,000 | -H-D | M] -- C:\Users\Min Young Pak\AppData\Roaming\WildTangent
[2009/11/27 19:25:08 | 000,000,000 | -H-D | M] -- C:\Users\Min Young Pak\AppData\Roaming\WinBatch
[2012/05/09 23:15:41 | 000,000,000 | ---D | M] -- C:\Users\Min Young Pak\AppData\Roaming\Windows Live Writer
[2011/04/24 13:27:59 | 000,032,590 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >