:OTL IE - HKU\S-1-5-21-242384288-2432699332-1005726329-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com IE - HKU\S-1-5-21-242384288-2432699332-1005726329-1000…\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-242384288-2432699332-1005726329-1000…\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\prxtbBS_0.dll (Conduit Ltd.) FF - prefs.js…browser.search.defaultenginename: “AOL Web Search” FF - prefs.js…browser.search.defaultthis.engineName: “BS Player Customized Web Search” FF - prefs.js…browser.search.defaulturl: “http://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20110616165538458&tb_oid=16-06-2011&tb_mrud=16-06-2011&query=” FF - prefs.js…keyword.URL: “http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20110616165538458&tb_oid=16-06-2011&tb_mrud=16-06-2011&query=” [2011-08-16 10:13:13 | 000,000,000 | —D | M] (uTorrentBar Community Toolbar) – C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\7ko0c0li.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2011-04-10 18:06:12 | 000,000,000 | —D | M] (Conduit Engine) – C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\7ko0c0li.default\extensions\engine@conduit.com O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - Reg Error: Value error. File not found O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - File not found O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\prxtbBS_0.dll (Conduit Ltd.) O3:64bit: - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O3 - HKLM…\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found O3 - HKLM…\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\prxtbBS_0.dll (Conduit Ltd.) O3 - HKU.DEFAULT…\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKU.DEFAULT…\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files (x86)\BS_Player\prxtbBS_0.dll (Conduit Ltd.) O3 - HKU\S-1-5-18…\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKU\S-1-5-18…\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files (x86)\BS_Player\prxtbBS_0.dll (Conduit Ltd.) O4 - HKLM…\Run: [tray_ico] File not found O4 - HKLM…\Run: [tray_ico1] File not found O4 - HKLM…\Run: [tray_ico2] File not found O4 - HKLM…\Run: [tray_ico3] File not found O4 - HKLM…\Run: [tray_ico4] File not found O4 - HKU\S-1-5-21-242384288-2432699332-1005726329-1000…\Run: [ALLUpdate] File not found [2011-08-21 16:51:45 | 000,000,000 | -H-D | C] – C:\Windows\update.7.1 [2011-08-21 16:51:35 | 000,000,000 | -H-D | C] – C:\Windows\update.2 [2011-08-21 16:51:28 | 000,000,000 | —D | C] – C:\Windows\ufa [2011-08-21 16:51:28 | 000,000,000 | —D | C] – C:\Windows\phoenix [2011-08-21 16:49:43 | 000,000,000 | -H-D | C] – C:\Windows\update.5.0 [2011-08-21 16:47:37 | 000,000,000 | —D | C] – C:\Windows\av_ico [2011-08-21 16:46:02 | 000,000,000 | -H-D | C] – C:\Windows\update.1 [2011-08-21 16:45:59 | 000,000,000 | -H-D | C] – C:\Windows\update.tray-2-0-lnk [2011-08-21 16:45:59 | 000,000,000 | -H-D | C] – C:\Windows\update.tray-2-0 [2011-08-21 16:56:51 | 000,000,178 | ---- | M] () – C:\Windows\info1 [2011-08-21 16:52:03 | 000,000,734 | ---- | M] () – C:\Windows\SysNative\drivers\etc\hîsts [2011-08-21 16:51:27 | 005,589,370 | ---- | M] () – C:\Windows\phoenix.rar [2011-08-21 16:51:27 | 001,075,284 | ---- | M] () – C:\Windows\rpcminer.rar [2011-08-21 16:51:27 | 000,246,272 | ---- | M] () – C:\Windows\unrar.exe [2011-08-21 16:51:27 | 000,182,617 | ---- | M] () – C:\Windows\ufa.rar [2011-08-21 16:49:25 | 000,904,792 | ---- | M] () – C:\Windows\geoiplist.rar [2011-08-21 16:49:14 | 000,000,000 | ---- | M] () – C:\Windows\loader2.exe_ok [2011-08-21 16:51:27 | 005,589,370 | ---- | C] () – C:\Windows\phoenix.rar [2011-08-21 16:51:27 | 001,075,284 | ---- | C] () – C:\Windows\rpcminer.rar [2011-08-21 16:51:27 | 000,182,617 | ---- | C] () – C:\Windows\ufa.rar [2011-08-21 16:49:43 | 000,000,178 | ---- | C] () – C:\Windows\info1 [2011-08-21 16:49:26 | 004,636,907 | ---- | C] () – C:\Windows\geoiplist [2011-08-21 16:49:25 | 000,904,792 | ---- | C] () – C:\Windows\geoiplist.rar [2011-08-21 16:49:25 | 000,246,272 | ---- | C] () – C:\Windows\unrar.exe [2011-08-21 16:48:02 | 000,000,000 | ---- | C] () – C:\Windows\loader2.exe_ok [2011-07-27 07:30:57 | 000,000,000 | —D | M] – C:\Users\Acer\AppData\Roaming\EurekaLog [2011-01-19 21:12:41 | 000,000,612 | ---- | M] () – C:\Windows\Tasks{69D7FDBA-A788-4FF9-9646-FF2C635513AA}.job [2011-01-19 21:17:05 | 000,000,216 | ---- | M] () – C:\Windows\Tasks{8C710884-6F69-4634-A3C7-9E5CFF29A395}.job :Reg [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] “AlternateShell”=“cmd.exe” :Commands [emptytemp] [resethosts]