Did you do anything about the two AV programs?
Mmm-hmm, I uninstalled Avira AntiVir. It didn't affect the CPU usage, though.
Are these screenshots taken in Normal Mode?
Yep, with difficulty...
These OTL logs, on the other hand, are from Safe Mode. I had no choice-the computer froze when I tried to
start OTL, much less run a scan. Sorry.
OTL.txt:OTL logfile created on: 24/04/2011 16:52:29 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Anna McManus\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy
1,022.00 Mb Total Physical Memory | 684.00 Mb Available Physical Memory | 67.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 4096 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.99 Gb Total Space | 6.09 Gb Free Space | 20.31% Space Free | Partition Type: NTFS
Drive D: | 107.07 Gb Total Space | 90.45 Gb Free Space | 84.48% Space Free | Partition Type: NTFS
Drive E: | 37.23 Gb Total Space | 10.37 Gb Free Space | 27.86% Space Free | Partition Type: NTFS
Drive H: | 6.00 Gb Total Space | 1.54 Gb Free Space | 25.74% Space Free | Partition Type: NTFS
Computer Name: DIMENSION-E520E | User Name: Anna McManus | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Anna McManus\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Anna McManus\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\Agnitum\Outpost Security Suite Free\wl_hook.dll (Agnitum Ltd.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
MOD - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
========== Win32 Services (SafeList) ========== SRV - (acssrv) -- C:\Program Files\Agnitum\Outpost Security Suite Free\acs.exe (Agnitum Ltd.)
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_a35e6b9.dll ()
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
========== Driver Services (SafeList) ========== DRV - (SandBox) -- C:\WINDOWS\system32\drivers\SandBox.sys (Agnitum Ltd.)
DRV - (VBFilt) -- C:\WINDOWS\system32\Filt\VBFilt.dll (Agnitum Ltd.)
DRV - (ASWFilt) -- C:\WINDOWS\system32\Filt\ASWFilt.dll (Agnitum Ltd.)
DRV - (VBEngNT) -- C:\WINDOWS\system32\drivers\VBEngNT.sys (VirusBuster Kft.)
DRV - (afwcore) -- C:\WINDOWS\system32\drivers\afwcore.sys (Agnitum Ltd.)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (afw) -- C:\WINDOWS\system32\drivers\afw.sys (Agnitum Ltd.)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (RTL8187B) -- C:\WINDOWS\system32\drivers\wg111v3.sys (Realtek Semiconductor Corporation )
DRV - (BVRPMPR5) -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.ie/webhp?rls=igIE - HKCU\..\URLSearchHook: {a386d4b0-fddb-4e1c-ae61-4f014013cd9b} - C:\Program Files\TV_Bar_1.1\prxtbTV_2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginen
ame: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaulturl: "
http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=10588"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "
http://www.google.ie/"
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {66E978CD-981F-47DF-AC42-E3CF417C1467}:0.4.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems:
[email protected]:2.1.0.1
FF - prefs.js..extensions.enabledItems: {c07d1a49-9894-49ff-a594-38960ede8fb9}:3.1.3beta1
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems:
[email protected]:200.000
FF - prefs.js..extensions.enabledItems:
[email protected]:0.2.3
FF - prefs.js..extensions.enabledItems: {BAEC7B80-9A31-47b2-A68B-DCAC8DF48E87}:0.9.1
FF - prefs.js..extensions.enabledItems:
[email protected]:1.5.0
FF - prefs.js..extensions.enabledItems: {078fac48-925f-4524-7cfe-85d44b8f4f98}:1.2
FF - prefs.js..extensions.enabledItems:
[email protected]:0.3
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {c36177c0-224a-11da-8cd6-0800200c9a91}:3.9.4
FF - prefs.js..extensions.enabledItems:
[email protected]:1.3
FF - prefs.js..extensions.enabledItems:
[email protected]:2.5.2
FF - prefs.js..extensions.enabledItems: gmailwatcher@sonthakit:1.31
FF - prefs.js..extensions.enabledItems:
[email protected]:0.1.3.1
FF - prefs.js..extensions.enabledItems: {21e48e29-f574-4619-b65d-0f00eea92e5b}:1.86
FF - prefs.js..extensions.enabledItems:
[email protected]:0.1
FF - prefs.js..extensions.enabledItems:
[email protected]:1.5.7
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.2
FF - prefs.js..extensions.enabledItems: {B71ACFF2-E436-4cc7-B5E3-0C8E2CC981BA}:1.0.7
FF - prefs.js..extensions.enabledItems: {cf47767d-5f3a-4e32-9fce-5d79565c9702}:1.1.1
FF - prefs.js..extensions.enabledItems: omfg@olive:0.6.080510
FF - prefs.js..extensions.enabledItems: pingme@arcticfire:2.7.0.2
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.1
FF - prefs.js..extensions.enabledItems: {cd617375-6743-4ee8-bac4-fbf10f35729e}:2.8.5
FF - prefs.js..extensions.enabledItems:
[email protected]:1.2.06
FF - prefs.js..extensions.enabledItems:
[email protected]:1.2
FF - prefs.js..extensions.enabledItems: siteinfo@wmtips:1.2
FF - prefs.js..extensions.enabledItems:
[email protected]:0.6
FF - prefs.js..extensions.enabledItems:
[email protected]:1.2
FF - prefs.js..extensions.enabledItems: {736048c1-a1ec-4a70-b12b-1e399e79024e}:2.1.7
FF - prefs.js..extensions.enabledItems:
[email protected]:1.1.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.13.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {6e73f6b7-b9ab-44b8-b744-6393e3c2e351}:1.1
FF - prefs.js..extensions.enabledItems: {62f82eb5-4d65-4224-983b-a09ff8b172a6}:0.7
FF - prefs.js..extensions.enabledItems: {cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}:0.6
FF - prefs.js..extensions.enabledItems: {64312dc5-3fc3-40d1-b183-0e4060fc52ac}:0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "
http://search.babylon.com/?babsrc=adbartrp&AF=10588&q="
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/23 10:38:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/23 16:17:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 16:17:16 | 000,000,000 | ---D | M]
[2009/12/15 19:09:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Extensions
[2011/04/07 20:34:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions
[2010/02/20 22:13:27 | 000,000,000 | ---D | M] (Crash Report Helper) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{078fac48-925f-4524-7cfe-85d44b8f4f98}
[2011/03/23 16:07:43 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/08/03 18:26:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/23 16:08:15 | 000,000,000 | ---D | M] ("GoogleEnhancer") -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{21e48e29-f574-4619-b65d-0f00eea92e5b}
[2010/02/20 22:13:16 | 000,000,000 | ---D | M] (WeatherBug) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{3EC9C995-8072-4fc0-953E-4F30620D17F3}
[2010/11/19 17:52:35 | 000,000,000 | ---D | M] (Gmail Notifier) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
[2010/04/21 14:24:32 | 000,000,000 | ---D | M] (Personas Windows Classic Statusbar) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{580ef9b7-8492-4844-a4f4-76bc7208fda1}
[2011/03/23 16:09:47 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/03/23 16:09:08 | 000,000,000 | ---D | M] (Sidebar Companion for Google Sidewiki) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{62f82eb5-4d65-4224-983b-a09ff8b172a6}
[2011/03/23 16:09:40 | 000,000,000 | ---D | M] (Google Minimalist) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{64312dc5-3fc3-40d1-b183-0e4060fc52ac}
[2011/03/23 16:07:41 | 000,000,000 | ---D | M] (New Tab Homepage) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}
[2011/04/07 20:27:53 | 000,000,000 | ---D | M] (Personas Rotator) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}
[2010/03/20 18:27:54 | 000,000,000 | ---D | M] ("Trustpilot Guard") -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{736048c1-a1ec-4a70-b12b-1e399e79024e}
[2010/08/16 17:06:36 | 000,000,000 | ---D | M] (Read Later) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{9783dcc8-2250-4d3b-8beb-7c2007cf5651}
[2011/03/23 16:07:55 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/02/20 22:13:27 | 000,000,000 | ---D | M] (Currency Converter) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{af5514fc-7603-4cec-9894-f07f3d8672a5}
[2011/03/23 16:08:26 | 000,000,000 | ---D | M] (LinkAndForminfo) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{B71ACFF2-E436-4cc7-B5E3-0C8E2CC981BA}
[2010/03/19 20:39:15 | 000,000,000 | ---D | M] (CheckFox) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{BAEC7B80-9A31-47b2-A68B-DCAC8DF48E87}
[2011/03/23 16:07:44 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2011/03/23 16:09:31 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
[2011/03/23 16:08:27 | 000,000,000 | ---D | M] ("RightToClick") -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}
[2011/03/23 16:07:51 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2011/03/23 16:10:07 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/03/23 16:07:56 | 000,000,000 | ---D | M] ("AlertStopper") -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:26 | 000,000,000 | ---D | M] (Expiry Canary) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2011/03/23 16:08:22 | 000,000,000 | ---D | M] (InvisibleHand) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:27 | 000,000,000 | ---D | M] (Check All) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:27 | 000,000,000 | ---D | M] (Click Info) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2011/03/23 16:08:00 | 000,000,000 | ---D | M] ("Copy Link Text") -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:27 | 000,000,000 | ---D | M] ("EAVE") -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/12/16 00:03:09 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2011/03/23 16:08:08 | 000,000,000 | ---D | M] (Ghostery) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2011/03/23 16:08:29 | 000,000,000 | ---D | M] (SimilarWeb) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2011/03/23 16:08:03 | 000,000,000 | ---D | M] (Flash Killer) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:26 | 000,000,000 | ---D | M] (Gmail Popup) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:25 | 000,000,000 | ---D | M] (Keyboard Shortcuts) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:25 | 000,000,000 | ---D | M] (Google Date) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2011/03/23 16:08:24 | 000,000,000 | ---D | M] (Kongregate Sidebar) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2011/03/23 16:08:25 | 000,000,000 | ---D | M] ("Link Alert") -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:25 | 000,000,000 | ---D | M] ("Override Mozilla Firefox Guidance") -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\omfg@olive
[2011/03/23 16:09:01 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:24 | 000,000,000 | ---D | M] (PingMe) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\pingme@arcticfire
[2010/02/20 22:13:24 | 000,000,000 | ---D | M] (Privacy Plus) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:23 | 000,000,000 | ---D | M] (Simple Links Counter) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:23 | 000,000,000 | ---D | M] (Site Information Tool) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\siteinfo@wmtips
[2011/04/07 20:34:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\staged
[2010/02/20 22:13:23 | 000,000,000 | ---D | M] ("Tab Progress Bar") -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:22 | 000,000,000 | ---D | M] (Test Extension) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:22 | 000,000,000 | ---D | M] (TimeStamp Converter) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:20 | 000,000,000 | ---D | M] (Verify Redirect) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2011/03/23 16:08:52 | 000,000,000 | ---D | M] (Wappalyzer) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected][2010/02/20 22:13:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected]\chrome
[2010/02/20 22:13:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected]\defaults
[2010/02/20 22:13:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected]\chrome
[2010/02/20 22:13:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected]\chrome
[2010/02/20 22:13:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anna McManus\Application Data\Mozilla\Firefox\Profiles\wzlavwzf.default\extensions\
[email protected]\defaults
[2011/03/23 16:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/03/04 13:45:37 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/04/23 15:46:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/02 14:26:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/02 18:16:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/28 11:54:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/05 11:14:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2010/11/23 10:38:52 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNA MCMANUS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WZLAVWZF.DEFAULT\EXTENSIONS\{C07D1A49-9894-49FF-A594-38960EDE8FB9}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNA MCMANUS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WZLAVWZF.DEFAULT\EXTENSIONS\{C36177C0-224A-11DA-8CD6-0800200C9A91}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNA MCMANUS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WZLAVWZF.DEFAULT\EXTENSIONS\{CF47767D-5F3A-4E32-9FCE-5D79565C9702}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNA MCMANUS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WZLAVWZF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNA MCMANUS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WZLAVWZF.DEFAULT\EXTENSIONS\
[email protected]() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNA MCMANUS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WZLAVWZF.DEFAULT\EXTENSIONS\
[email protected]() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANNA MCMANUS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WZLAVWZF.DEFAULT\EXTENSIONS\
[email protected][2010/04/09 16:30:13 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/18 18:57:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/12/16 00:02:57 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2011/04/21 10:04:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AutoLogin) - {598B818E-71F1-486E-A0BE-9952B5851367} - Reg Error: Value error. File not found
O2 - BHO: (TV Bar 1.1 Toolbar) - {a386d4b0-fddb-4e1c-ae61-4f014013cd9b} - C:\Program Files\TV_Bar_1.1\prxtbTV_2.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AutoLogin) - {598B818E-71F1-486E-A0BE-9952B5851367} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (TV Bar 1.1 Toolbar) - {a386d4b0-fddb-4e1c-ae61-4f014013cd9b} - C:\Program Files\TV_Bar_1.1\prxtbTV_2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (TV Bar 1.1 Toolbar) - {A386D4B0-FDDB-4E1C-AE61-4F014013CD9B} - C:\Program Files\TV_Bar_1.1\prxtbTV_2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Security Suite Free\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Security Suite Free\op_mon.exe (Agnitum Ltd.)
O4 - HKCU..\Run: [GM4IE] File not found
O4 - HKCU..\Run: [Steam] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: AutoLogin - {6CE08A84-B3F9-422a-B133-60275F605AF4} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : AutoLogin - {6CE08A84-B3F9-422a-B133-60275F605AF4} - Reg Error: Value error. File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {444785F1-DE89-4295-863A-D46C3A781394}
http://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1262022016343 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1}
https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.67.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D}
http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (DDRevision Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Security Suite Free\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (EXPLORER.EXE) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Anna McManus\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anna McManus\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/15 11:37:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{9607228d-e9a1-11de-97f0-001676dffbe0}\Shell - "" = AutoRun
O33 - MountPoints2\{9607228d-e9a1-11de-97f0-001676dffbe0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9607228d-e9a1-11de-97f0-001676dffbe0}\Shell\AutoRun\command - "" = X:\SETUP.EXE /AUTORUN
O33 - MountPoints2\{9607228d-e9a1-11de-97f0-001676dffbe0}\Shell\configure\command - "" = X:\SETUP.EXE
O33 - MountPoints2\{9607228d-e9a1-11de-97f0-001676dffbe0}\Shell\install\command - "" = X:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/04/23 20:42:22 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anna McManus\Desktop\OTL.exe
[2011/04/22 17:52:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/04/22 17:28:13 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\Anna McManus\Desktop\StartUpLite.exe
[2011/04/22 15:41:37 | 000,000,000 | ---D | C] -- C:\RootRepeal
[2011/04/21 19:22:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anna McManus\Desktop\bluescreenview
[2011/04/21 17:57:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anna McManus\Application Data\PriceGong
[2011/04/21 17:57:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/04/21 16:53:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/04/21 09:58:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/04/21 09:48:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/04/21 09:48:31 | 000,000,000 | ---D | C] -- C:\commy
[2011/04/21 09:22:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/04/19 20:49:33 | 000,242,040 | ---- | C] (VirusBuster Kft.) -- C:\WINDOWS\System32\drivers\VBEngNT.sys
[2011/04/19 20:49:32 | 000,708,760 | ---- | C] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\SandBox.sys
[2011/04/19 20:49:14 | 000,267,624 | ---- | C] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\afwcore.sys
[2011/04/19 20:48:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Agnitum
[2011/04/19 20:48:20 | 000,034,280 | ---- | C] (Agnitum Ltd.) -- C:\WINDOWS\System32\drivers\afw.sys
[2011/04/19 20:48:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Filt
[2011/04/19 20:48:01 | 000,000,000 | ---D | C] -- C:\Program Files\Agnitum
[2011/04/19 20:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anna McManus\Application Data\Agnitum
[2011/04/16 20:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anna McManus\Local Settings\Application Data\Opera
[2011/04/16 20:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anna McManus\Application Data\Opera
[2011/04/15 16:52:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anna McManus\Local Settings\Application Data\PCHealth
[2011/04/12 11:30:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/04/24 16:33:16 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/24 15:58:07 | 000,000,147 | ---- | M] () -- C:\Documents and Settings\Anna McManus\Desktop\Netopia Router.url
[2011/04/24 15:50:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/24 15:28:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/23 20:43:09 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anna McManus\Desktop\OTL.exe
[2011/04/23 09:16:01 | 000,259,156 | ---- | M] () -- C:\Documents and Settings\Anna McManus\Desktop\screenshot3.jpg
[2011/04/23 09:15:06 | 000,262,177 | ---- | M] () -- C:\Documents and Settings\Anna McManus\Desktop\screenshot2.jpg
[2011/04/22 17:28:19 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\Anna McManus\Desktop\StartUpLite.exe
[2011/04/22 15:41:02 | 000,464,491 | ---- | M] () -- C:\Documents and Settings\Anna McManus\Desktop\RootRepeal.zip
[2011/04/21 20:46:10 | 000,000,312 | -HS- | M] () -- C:\boot.ini
[2011/04/21 20:03:29 | 000,602,259 | ---- | M] () -- C:\Documents and Settings\Anna McManus\Desktop\screenshot1.jpg
[2011/04/21 19:22:22 | 000,059,456 | ---- | M] () -- C:\Documents and Settings\Anna McManus\Desktop\bluescreenview.zip
[2011/04/21 18:14:03 | 1071,599,616 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011/04/21 10:04:56 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/04/21 09:27:57 | 000,927,494 | ---- | M] () -- C:\Documents and Settings\Anna McManus\Desktop\A guide and tutorial on using ComboFix.mht
[2011/04/20 16:54:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-796845957-1177238915-1417001333-1003.job
[2011/04/20 16:53:59 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-1177238915-1417001333-1003.job
[2011/04/20 16:35:00 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1177238915-1417001333-1003UA.job
[2011/04/20 16:34:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/20 14:34:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/20 14:28:58 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9AEC4122-30F7-425A-AEE8-66CD5650F4FC}.job
[2011/04/19 21:06:16 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/04/19 20:35:01 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1177238915-1417001333-1003Core.job
[2011/04/16 13:59:50 | 000,214,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/15 22:04:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/15 22:03:23 | 000,465,072 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/15 22:03:23 | 000,078,958 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/11 17:24:01 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/04/23 09:16:00 | 000,259,156 | ---- | C] () -- C:\Documents and Settings\Anna McManus\Desktop\screenshot3.jpg
[2011/04/23 09:15:05 | 000,262,177 | ---- | C] () -- C:\Documents and Settings\Anna McManus\Desktop\screenshot2.jpg
[2011/04/22 15:41:00 | 000,464,491 | ---- | C] () -- C:\Documents and Settings\Anna McManus\Desktop\RootRepeal.zip
[2011/04/21 20:03:26 | 000,602,259 | ---- | C] () -- C:\Documents and Settings\Anna McManus\Desktop\screenshot1.jpg
[2011/04/21 19:22:21 | 000,059,456 | ---- | C] () -- C:\Documents and Settings\Anna McManus\Desktop\bluescreenview.zip
[2011/04/21 09:27:54 | 000,927,494 | ---- | C] () -- C:\Documents and Settings\Anna McManus\Desktop\A guide and tutorial on using ComboFix.mht
[2011/04/19 20:48:35 | 000,000,049 | ---- | C] () -- C:\WINDOWS\transp.gif
[2011/03/04 14:16:33 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/02/06 18:40:31 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Anna McManus\Local Settings\Application Data\fusioncache.dat
[2010/12/21 19:04:51 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010/10/11 20:36:00 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/07/30 10:58:05 | 000,000,059 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/07/15 20:30:11 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/14 15:36:27 | 000,000,080 | RHS- | C] () -- C:\WINDOWS\System32\FA057BB6C4.dll
[2010/05/06 18:03:54 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2010/04/17 21:18:04 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2010/04/07 17:14:45 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Anna McManus\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/15 19:24:58 | 000,000,772 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2010/01/12 23:04:54 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2010/01/12 23:00:42 | 000,117,671 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2009/12/25 12:32:31 | 000,041,616 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/15 19:36:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/12/15 19:09:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/12/15 18:45:51 | 000,087,808 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/12/15 11:40:25 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/12/15 11:34:59 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/12/15 11:22:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/12/15 11:21:30 | 000,214,472 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 05:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/01/15 05:31:00 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx14_ic.ini
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/05/05 11:25:27 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2005/03/21 19:48:04 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 19:48:04 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 05:59:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 05:59:59 | 000,465,072 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:59:59 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 05:59:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 05:59:59 | 000,078,958 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:59:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 05:59:59 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 05:59:59 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ========== [2011/04/19 20:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Agnitum
[2010/05/14 15:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2010/04/10 12:50:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DFX
[2010/06/13 19:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Martau
[2010/11/12 16:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/12/03 12:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/04/21 18:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Official Driver Theory Test
[2010/04/09 10:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/25 10:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/04/19 20:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\Agnitum
[2010/10/10 18:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\AnvSoft
[2010/12/16 18:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\BabylonToolbar
[2010/10/26 18:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\Bioshock
[2010/07/11 21:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\GetRightToGo
[2010/08/23 19:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\gtk-2.0
[2010/10/04 21:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\ieSpell
[2010/05/06 18:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\Image Zone Express
[2009/12/15 18:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\ImgBurn
[2009/12/15 22:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\InfraRecorder
[2010/08/23 19:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\InspireSoft
[2010/12/01 17:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\OLYMPUS
[2011/04/16 20:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\Opera
[2011/04/21 17:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\PriceGong
[2010/09/14 18:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\Sony Online Entertainment
[2010/06/07 19:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\Transcend
[2010/06/11 09:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\Uniblue
[2010/06/04 22:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\Unity
[2011/04/21 20:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\uTorrent
[2009/12/28 21:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\Windows Desktop Search
[2010/01/19 18:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\Windows Search
[2009/12/15 19:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\XnView
[2010/10/25 17:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anna McManus\Application Data\ZombieDriver
[2011/04/19 21:06:16 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010/08/31 17:50:13 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\pixillionShakeIcon.job
[2011/04/20 14:28:58 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9AEC4122-30F7-425A-AEE8-66CD5650F4FC}.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >