Below is OTL.Txt
OTL logfile created on: 4/27/2011 10:29:51 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 81.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 94.61 Gb Free Space | 20.31% Space Free | Partition Type: NTFS
Drive D: | 702.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: WOS-1394F7D3658 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Muiltmedia keyboard utility\1.1\KBDAP32A.EXE ()
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
PRC - C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Mindjet\MindManager 8\MmReminderService.exe (Mindjet)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe ()
PRC - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe ()
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - C:\Program Files\Mindjet\MindManager 8\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (PCToolsFirewallPlus) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (getPlus(R) Helper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (bepldr) -- C:\Program Files\Common Files\BCL Technologies\NitroPDF5\bepldr.exe ()
SRV - (MA_CMIDI_InstallerService) -- C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe ()
========== Driver Services (SafeList) ========== DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (PCTAppEvent) -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools)
DRV - (pctplfw) -- C:\WINDOWS\system32\drivers\pctplfw.sys (PC Tools)
DRV - (PCTFW-PacketFilter) -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys (PC Tools)
DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)
DRV - (pctNdisMP) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)
DRV - (pctNdis) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (gstkserd) -- C:\WINDOWS\system32\drivers\gstkserd.sys (MCCI)
DRV - (gstkbus) 3Gstick USB Composite Device (WDM) -- C:\WINDOWS\system32\drivers\gstkbus.sys (MCCI)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech QuickCam S5500(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (USB28xxBGA) -- C:\WINDOWS\system32\drivers\emBDA.sys (eMPIA Technology, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (USB28xxOEM) -- C:\WINDOWS\system32\drivers\emOEM.sys (eMPIA Technology, Inc.)
DRV - (MA_CMIDI) -- C:\WINDOWS\system32\drivers\ma_cmidi.sys (M-Audio)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
www.google.com"
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems:
[email protected]:7
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems:
[email protected]:20110101
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.90
FF - prefs.js..network.proxy.autoconfig_url: "
http://proxy.rice.edu/proxy.pac"
FF - HKLM\software\mozilla\Firefox\extensions\\
[email protected]: C:\PROGRA~1\AVASTS~1\Avast\WebRep\FF [2011/04/23 11:00:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/24 22:47:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/24 22:47:52 | 000,000,000 | ---D | M]
[2009/03/30 21:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/04/26 10:21:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\uijvqo7y.default\extensions
[2010/03/25 20:56:10 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\uijvqo7y.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2011/04/20 18:45:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\uijvqo7y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/26 10:21:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\uijvqo7y.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/03/31 12:06:42 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\uijvqo7y.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2011/04/24 14:13:18 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\uijvqo7y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/04/24 22:47:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/23 23:07:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/03/15 17:24:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2009/07/22 11:16:19 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOVE NETWORKS
[2011/04/23 11:00:24 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRA~1\AVASTS~1\AVAST\WEBREP\FF
[2010/04/23 23:07:40 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/18 07:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2008/09/03 14:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/12/31 22:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
O1 HOSTS File: ([2010/06/28 18:09:57 | 000,408,553 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14129 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FLMK08KB] C:\Program Files\Muiltmedia keyboard utility\1.1\MMKEYBD.EXE ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MMReminderService] C:\Program Files\Mindjet\MindManager 8\MmReminderService.exe (Mindjet)
O4 - HKLM..\Run: [Nitro PDF Printer Monitor] C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238481082031 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/30 17:22:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/04/26 10:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\GooredFix Backups
[2011/04/25 10:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Yahoo
[2011/04/25 01:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2011/04/25 01:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Yahoo!
[2011/04/25 01:08:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/04/25 01:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2011/04/24 14:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2011/04/24 12:17:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/04/24 10:49:44 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/04/24 01:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/04/24 01:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/04/23 18:59:17 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2011/04/23 18:59:17 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2011/04/23 15:44:44 | 000,472,064 | ---- | C] ( ) -- C:\RootRepeal.exe
[2011/04/23 14:43:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/04/23 13:51:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/04/23 12:42:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Avira
[2011/04/23 12:14:02 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/04/23 11:57:10 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/04/23 11:57:10 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/04/23 11:57:10 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/04/23 11:57:10 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/04/23 11:55:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/04/23 11:52:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/04/23 11:43:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/04/23 11:43:10 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/04/23 11:43:09 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/04/23 11:43:09 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/04/23 11:43:09 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/04/23 11:43:09 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/04/23 11:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/04/23 11:43:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/04/23 11:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2011/04/23 11:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/04/23 11:00:46 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/04/23 11:00:46 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/04/23 11:00:43 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/04/23 11:00:43 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/04/23 11:00:42 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/04/23 11:00:41 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/04/23 11:00:41 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/04/23 11:00:41 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/04/23 11:00:32 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/04/23 11:00:23 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/04/23 11:00:22 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/04/23 11:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/04/23 11:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/04/23 03:21:20 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/04/23 03:21:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\HiJackThis
[2011/04/23 02:54:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/04/23 02:52:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/23 02:52:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/23 02:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/04/23 02:52:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/23 02:52:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/23 00:08:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2011/04/22 23:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/04/22 23:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/04/22 22:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/04/22 14:52:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Muiltmedia keyboard utility 1.1
[2011/04/22 14:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\Muiltmedia keyboard utility
[2011/04/21 12:04:48 | 010,687,672 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Owner\My Documents\fffram.exe
[2011/04/21 11:56:32 | 035,624,744 | ---- | C] (Apple Inc.) -- C:\Documents and Settings\Owner\My Documents\SafariSetup.exe
[2011/04/21 03:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/04/21 03:19:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2011/04/21 03:10:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/04/20 22:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\PCToolsFirewallPlus
[2011/04/20 22:42:20 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011/04/20 22:42:20 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011/04/20 22:42:18 | 000,249,616 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011/04/20 22:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/04/20 22:41:25 | 000,089,192 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2011/04/20 22:41:25 | 000,057,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2011/04/20 22:41:25 | 000,032,808 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2011/04/20 22:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Firewall Plus
[2011/04/20 22:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/04/20 22:41:24 | 000,124,992 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2011/04/20 22:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus
[2011/04/17 20:00:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\vlc
[2011/04/17 10:32:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\My Maps
[2011/04/16 15:14:11 | 000,000,000 | ---D | C] -- C:\Vids 2 b transferred
[2011/04/16 15:11:00 | 000,000,000 | ---D | C] -- C:\Recovered
[2011/04/16 14:39:23 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2011/04/16 12:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Recuva
[2011/04/16 12:51:05 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011/04/15 11:30:31 | 000,000,000 | ---D | C] -- C:\pics
[2011/04/14 18:11:06 | 000,000,000 | ---D | C] -- C:\ITunes Music
[2011/04/08 19:33:56 | 000,000,000 | ---D | C] -- C:\dvd rips
[2011/04/07 15:42:18 | 000,000,000 | ---D | C] -- C:\YT Ready
[2011/04/05 23:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2011/04/05 14:50:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\WMTools Downloaded Files
[2011/04/05 12:05:49 | 000,000,000 | ---D | C] -- C:\DVR *censored*
[2011/04/05 11:51:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\VHS to DVD
[2011/04/05 11:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\HTVideoEditor
[2011/04/05 11:39:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\VHS to DVD
[2011/04/05 11:37:09 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MPE.sys
[2011/04/05 11:37:09 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2011/04/05 11:36:58 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2011/04/05 11:36:58 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BdaPlgIn.ax
[2011/04/05 11:36:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\BdaSup.sys
[2011/04/05 11:36:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2011/04/05 11:28:10 | 000,479,232 | ---- | C] (eMPIA Technology, Inc.) -- C:\WINDOWS\System32\drivers\emBDA.sys
[2011/04/05 11:28:10 | 000,106,496 | ---- | C] (eMPIA Technology, Inc.) -- C:\WINDOWS\System32\emPRP.ax
[2011/04/05 11:28:10 | 000,061,440 | ---- | C] (eMPIA Technology, Inc.) -- C:\WINDOWS\emMON.exe
[2011/04/05 11:28:10 | 000,028,288 | ---- | C] (eMPIA Technology, Inc.) -- C:\WINDOWS\System32\drivers\emOEM.sys
[2011/04/05 11:28:08 | 000,000,000 | ---D | C] -- C:\Program Files\VIDBOX NW03
[2011/04/05 11:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\honestech
[2011/04/05 11:25:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\honestech VHS to DVD 4.0 Plus
[2011/04/05 11:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\honestech VHS to DVD 4.0 Plus
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/04/27 10:12:17 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/27 10:01:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/26 10:28:48 | 000,000,289 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to GooredFix.lnk
[2011/04/25 13:38:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/04/25 11:38:26 | 000,002,052 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/04/25 01:08:15 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/04/25 01:08:15 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/04/25 00:49:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/24 22:47:56 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/24 22:47:55 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/04/24 11:04:45 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to esetsmartinstaller_enu.lnk
[2011/04/23 15:45:02 | 000,000,000 | ---- | M] () -- C:\settings.dat
[2011/04/23 12:14:08 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/04/23 11:43:25 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/04/23 11:10:20 | 000,513,008 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\avinstall.exe
[2011/04/23 11:00:42 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/04/23 10:19:30 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat
[2011/04/23 04:18:11 | 000,432,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/23 04:18:11 | 000,067,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/23 03:23:27 | 000,000,836 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to sniper.exe.lnk
[2011/04/23 03:22:25 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\sniper.exe (2).lnk
[2011/04/23 03:21:20 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\sniper.exe.lnk
[2011/04/23 02:52:53 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/22 23:18:54 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/04/21 19:45:51 | 000,002,048 | ---- | M] () -- C:\Uninstall.dat
[2011/04/21 12:04:48 | 010,687,672 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Owner\My Documents\fffram.exe
[2011/04/21 11:56:33 | 035,624,744 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Owner\My Documents\SafariSetup.exe
[2011/04/21 03:10:34 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/04/20 22:35:43 | 000,019,184 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\avg scan.csv
[2011/04/19 18:13:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/18 07:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/04/18 07:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/04/18 07:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/04/18 07:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/04/18 07:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/04/18 07:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/04/18 07:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/04/18 07:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/04/18 07:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/04/18 07:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/04/16 12:51:07 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Recuva.lnk
[2011/04/16 10:32:42 | 002,818,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/05 11:25:51 | 000,001,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\honestech VHS to DVD 4.0 Plus.lnk
[2011/04/05 11:25:51 | 000,001,746 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\honestech VHS to DVD 4.0 Plus User Guide.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/04/26 10:28:48 | 000,000,289 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to GooredFix.lnk
[2011/04/25 11:40:48 | 000,513,008 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\avinstall.exe
[2011/04/25 01:08:15 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/04/25 01:08:15 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/04/24 22:47:55 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/24 22:47:55 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/04/24 11:04:45 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to esetsmartinstaller_enu.lnk
[2011/04/23 15:45:02 | 000,000,000 | ---- | C] () -- C:\settings.dat
[2011/04/23 12:14:08 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/04/23 12:14:05 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/04/23 11:57:10 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/04/23 11:57:10 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/04/23 11:57:10 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/04/23 11:57:10 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/04/23 11:57:10 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/23 11:43:25 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/04/23 10:28:43 | 000,002,052 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/04/23 03:23:27 | 000,000,836 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to sniper.exe.lnk
[2011/04/23 03:22:25 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\sniper.exe (2).lnk
[2011/04/23 03:21:20 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\sniper.exe.lnk
[2011/04/23 02:52:53 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/22 23:18:54 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/04/21 03:36:51 | 000,002,048 | ---- | C] () -- C:\Uninstall.dat
[2011/04/21 03:10:34 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/04/20 22:35:43 | 000,019,184 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\avg scan.csv
[2011/04/16 12:51:07 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Recuva.lnk
[2011/04/05 11:36:58 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011/04/05 11:36:58 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011/04/05 11:36:58 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\MSDvbNP.ax
[2011/04/05 11:36:58 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011/04/05 11:36:58 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\PsisRndr.ax
[2011/04/05 11:36:58 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011/04/05 11:28:10 | 000,016,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\merlinC.rom
[2011/04/05 11:25:51 | 000,001,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\honestech VHS to DVD 4.0 Plus.lnk
[2011/04/05 11:25:51 | 000,001,746 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\honestech VHS to DVD 4.0 Plus User Guide.lnk
[2011/03/15 19:08:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011/03/15 19:08:44 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011/03/15 19:08:44 | 000,203,331 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011/03/15 19:08:44 | 000,000,003 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011/03/15 19:08:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2011/03/15 19:08:24 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2011/03/15 17:32:37 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/03/15 17:32:34 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/03/15 17:32:34 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/03/15 17:32:27 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011/03/07 22:58:41 | 000,000,623 | ---- | C] () -- C:\WINDOWS\System32\Franklin Access Manager.ini
[2010/06/09 22:04:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe
[2009/12/18 01:23:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat
[2009/11/01 21:46:56 | 000,145,852 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/14 15:44:13 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/05/01 13:58:02 | 000,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/04/12 22:30:58 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/31 19:42:27 | 000,066,482 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/03/31 11:51:15 | 000,050,176 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/31 11:50:00 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/03/31 11:49:59 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/03/31 11:49:59 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/31 11:49:59 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/31 11:49:58 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/03/30 21:51:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/30 20:21:08 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009/03/30 18:54:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/03/30 18:45:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/03/30 17:24:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/30 17:20:50 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/30 07:11:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/30 07:10:35 | 002,818,496 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/07/26 08:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2005/03/22 08:48:43 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 08:48:43 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 00:00:00 | 000,432,686 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 00:00:00 | 000,067,516 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 00:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ========== [2011/04/23 11:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/04/23 10:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/15 19:34:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/04/01 12:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/03/22 23:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mindjet
[2009/09/14 15:38:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2009/03/31 14:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2011/04/27 10:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/31 13:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/10/10 18:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/01 13:35:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/04/07 20:07:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/12/13 12:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2009/05/10 17:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Binary Fortress Software
[2011/04/23 09:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitTorrent
[2009/03/31 12:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/04/01 12:59:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\EPSON
[2009/07/02 22:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FileZilla
[2010/01/21 15:33:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ImgBurn
[2009/03/31 19:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2009/09/14 15:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nitro PDF
[2009/09/14 13:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OpenOffice.org
[2011/04/20 22:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PCToolsFirewallPlus
[2009/03/31 14:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Propellerhead Software
[2011/04/25 16:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2011/04/25 13:38:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
< End of report >