Need some advice please

Serena08

Hi I think i have a virus my laptop is running very slow every web page i open is not responding in minutes and i read through some threads on here i had already down loaded malware and had it running so i paused it and tried to follow the steps but when i tried that comedian.exe link suggested and straight away i got this threat i should alos mention i have AVG and this alos takes about 4-5 hrs to complete a scna and never finds any problem my laptop is a dell inspiron 6400 home vista and is 19 m onths old so out of warranty any help will be appreciated sorry the picture won't pot

message box says residental shield alert
THREAT detected
file name C\users\mammy\appdata\local\7A4F.tmp\b2e.dll
threat name Trojan Horse Back door.SmallX.VX detected on open

ActorSeeksJob

can you post the other logs

FloatingVoter

Try downloading the Malicious Software Removal Tool from Microsoft.com and see if a quick scan with that has any effect.

Serena08

Hi thanks for replies sorry i'm having problems getting and staying online just keeps not responding ran the malware programme and got the following log

Malwarebytes' Anti-Malware 1.39
Database version: 2423
Windows 6.0.6002 Service Pack 2
14/07/2009 09:40:25
mbam-log-2009-07-14 (09-40-25).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 272609
Time elapsed: 2 hour(s), 55 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Users\mammy\AppData\Roaming\AntiSpywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
Files Infected:
c:\Windows\Tasks\AntispywareBot System Startup.job (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.

i have tried to run chkdsk and it won't run i just don't know what else to do all windows updates and scans are upto date i am going to try the malicious software remover tool now will post results if i can

Serena08

sorry forgot to say when everything is not responding i try press ctrl alt del to start task manager im getting a black scren at 1st then a x failure security options alert

logon process has failed to create the security options dialog an di have to manually restart the laptop to sht down the non responsive programmes ive tried in both browsers explorer firefox still the same results

ActorSeeksJob

hi

Download Rooter.exe to your desktop

• Then doubleclick it to start the tool
• A Notepad file containing the report will open, also found at %systemdrive%\Rooter.txt. Post that here

Serena08

Rooter.exe (v1.0.2) by Eric_71
.
The token does not have the SeDebugPrivilege privilege ! (error:1300)
Can not acquire SeDebugPrivilege !
Please run the tool as administrator ..
.
Windows Vista Home Edition (6.0.6002) Service Pack 2
[32_bits] - x86 Family 6 Model 15 Stepping 6, GenuineIntel
.
Error OpenService (wscsvc) : 6
Error OpenSCManager : 5
Error OpenService (MpsSvc) : 6
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 8.0.6001.18783
Mozilla Firefox 3.0.11 (en-GB)
.
C:\ [Fixed-NTFS] .. ( Total:99 Go - Free:40 Go )
\ [Fixed-NTFS] .. ( Total:9 Go - Free:5 Go )
E:\ [CD_Rom]
.
Scan : 00:04.38
Path : C:\Users\mammy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P03H9TS5\Rooter[1].exe
User : mammy ( Administrator -> YES )
.

---

\\ Processes
.
Locked [System Process] (0)
Locked System (4)
Locked smss.exe (416)
Locked csrss.exe (484)
Locked wininit.exe (528)
Locked csrss.exe (536)
Locked winlogon.exe (576)
Locked services.exe (680)
Locked lsass.exe (692)
Locked lsm.exe (700)
Locked svchost.exe (1020)
Locked svchost.exe (1088)
Locked svchost.exe (1120)
Locked svchost.exe (1216)
Locked svchost.exe (1252)
Locked svchost.exe (1272)
Locked audiodg.exe (1352)
Locked svchost.exe (1592)
Locked SLsvc.exe (1608)
Locked svchost.exe (1708)
Locked svchost.exe (1820)
Locked WLTRYSVC.EXE (1940)
Locked BCMWLTRY.EXE (1968)
Locked spoolsv.exe (2036)
Locked svchost.exe (212)
Locked cdrom_mon.exe (768)
Locked avgwdsvc.exe (780)
Locked svchost.exe (796)
Locked fsssvc.exe (936)
Locked avgrsx.exe (1340)
Locked avgnsx.exe (1484)
Locked svchost.exe (1952)
Locked GoogleUpdate.exe (1344)
Locked SeaPort.exe (472)
Locked sprtsvc.exe (2064)
Locked stacsv.exe (2084)
Locked svchost.exe (2172)
Locked svchost.exe (2204)
Locked WmiApSrv.exe (2260)
Locked SearchIndexer.exe (2284)
Locked avgemc.exe (2472)
Locked avgcsrvx.exe (2668)
Locked WmiPrvSE.exe (2692)
Locked taskeng.exe (3476)
______ C:\Windows\system32\Dwm.exe (3504)
______ C:\Windows\Explorer.EXE (3556)
______ C:\Windows\system32\taskeng.exe (3588)
______ C:\Program Files\Windows Defender\MSASCui.exe (3944)
______ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3992)
______ C:\Windows\WindowsMobile\wmdc.exe (2212)
______ C:\Windows\System32\WLTRAY.EXE (2356)
______ C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (492)
______ C:\Program Files\Dell\MediaDirect\PCMService.exe (2748)
______ C:\Windows\System32\hkcmd.exe (2156)
______ C:\Windows\System32\igfxpers.exe (2924)
______ C:\Program Files\Dell Support Center\bin\sprtcmd.exe (1628)
______ C:\Program Files\AVG\AVG8\avgtray.exe (1764)
______ C:\Program Files\Windows Live\Family Safety\fsui.exe (3096)
______ C:\Program Files\Java\jre6\bin\jusched.exe (3188)
______ C:\Program Files\Common Files\Real\Update_OB\realsched.exe (2652)
______ C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (2640)
______ C:\Program Files\Windows Sidebar\sidebar.exe (540)
______ C:\Windows\ehome\ehtray.exe (3216)
______ C:\Program Files\Dell\QuickSet\quickset.exe (3256)
Locked svchost.exe (3412)
______ C:\Windows\ehome\ehmsas.exe (2612)
______ C:\Program Files\Internet Explorer\iexplore.exe (3164)
______ C:\Program Files\Internet Explorer\iexplore.exe (3224)
______ C:\Program Files\Windows Live\Toolbar\wltuser.exe (3960)
______ C:\Program Files\Internet Explorer\iexplore.exe (4232)
______ C:\Windows\system32\NOTEPAD.EXE (4368)
______ C:\Users\mammy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L460F263\windows-kb890830-v2.12[1].exe (4284)
______ c:\0d4f0d3ab5d26bceb3d74365b20f\mrtstub.exe (5108)
______ C:\Users\mammy\AppData\Local\Temp\MRT.exe (2372)
Locked MRT.exe (5556)
______ C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe (4916)
______ C:\Users\mammy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P03H9TS5\Rooter[1].exe (5660)
.

---

\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:98671104)
\Device\Harddisk0\Partition2 (Start_Offset:99614720 | Length:10737418240)
\Device\Harddisk0\Partition3 --[ MBR ]-- (Start_Offset:10837032960 | Length:107048075264)
\Device\Harddisk0\Partition0 (Start_Offset:117885108224 | Length:2147483648)
\Device\Harddisk0\Partition4 (Start_Offset:117886156800 | Length:2146435072)
.

---

\\ Scheduled Tasks
.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\User_Feed_Synchronization-{54340BDA-2DEE-4A17-904D-A857094492F9}.job
.

---

\\ Registry
.
.

---

\\ Files & Folders
.

---

\\ Scan completed at 00:07.21
.
C:\Rooter$\Rooter_1.txt - (15/07/2009 | 00:07.21)


thanks

malicious software remover tool found no infection

ActorSeeksJob

really don't think this is malware related

Download Security Check here or here and save it to your Desktop.

• Unzip SecurityCheck.zip and a folder named Security Check should appear.
• Open the Security Check folder and double-click Security Check.bat
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Serena08

tried both links u left got this

Not Found

The requested URL /SecurityCheck.zip was not found on this server. screen317.spywareinfoforum.org

Multiple Choices

The document name you requested (/SecurityCheck.zip) could not be found on this server. However, we found documents with names similar to the one you requested.Available documents:

• /SecurityCheck.exe (common basename)

Please consider informing the owner of the referring page about the broken link. will i try the securitycheck.exe ?

Serena08

ok i figured you would tell me run that link so here is what i got thanks

Results of screen317's Security Check version 0.98.4
Windows Vista Service Pack 2
``````````````````````````````
Antivirus/Firewall Check:
``````````````````````````````
Windows Firewall Enabled!
AVG8.5
ECHO is off.
Error obtaining update status for antivirus!
``````````````````````````````
Anti-malware/Other Utilities Check:
``````````````````````````````
Malwarebytes' Anti-Malware
Java(TM) 6 Update 13
Java(TM) SE Runtime Environment 6
Java(TM) 6 Update 7
Out of date Java installed!
Adobe Flash Player 10
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
Windows Defender MSASCui.exe
Windows Defender MsMpEng.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
AVG avgemc.exe
``````````````````````````````
DNS Vulnerability Check:
``````````````````````````````
GREAT! (Very random)

Scan took 208809 seconds.
`````````End of Log```````````

ActorSeeksJob

hi

• Download OTL to your desktop.
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Check the boxes beside LOP Check and Purity Check.
• Under Custom Scan paste this in
  
  netsvcs
  msconfig
  safebootminimal
  safebootnetwork
  activex
  drivers32
  %systemroot%\System32\antiwpa.dll
  %systemroot%\SYSTEM32\wpa.dll
  %systemroot%\setup\scripts\biestart.exe
  %systemroot%\system32\drivers\royal.sys
  %systemroot%\system32\oobe\AntiWPA_Crypt.dll
  %TEMP%\antiwpa_crypt.dll
  %TEMP%\antiwpa.dll /s
  %PROGRAMFILES%\antiwpa.dll /s
  %systemroot%\system32\crypt.dll
  %TEMP%\crypt.dll
  %SYSTEMDRIVE%\*.
  %SYSTEMDRIVE%\*.*
  %PROGRAMFILES%\*.
  set /c
  
  
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Serena08

OTL Extras logfile created on: 16/07/2009 21:16:57 - Run 1
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\mammy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

1013.71 Mb Total Physical Memory | 267.95 Mb Available Physical Memory | 26.43% Memory free
2.24 Gb Paging File | 1.27 Gb Available in Paging File | 56.62% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.70 Gb Total Space | 41.81 Gb Free Space | 41.94% Space Free | Partition Type: NTFS
Drive | 10.00 Gb Total Space | 5.98 Gb Free Space | 59.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DEANGARLAND-PC
Current User Name: mammy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
Reg Error: Unknown registry data type File not found
Reg Error: Unknown registry data type File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36D6A89E-C39F-4EE8-9181-C13E9BC739A5}" = SweetIM Toolbar for Internet Explorer 3.2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F6594CB-DA1B-4FFB-B397-CACE3D5F668B}" = Windows Live Movie Maker Beta
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{91190409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Publisher 2003
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C5C38AA6-C887-4B31-8B76-77C1CC40FFC7}" = ZTE Mobile Connection
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2DF7839-7B71-4E34-BB8D-552E182082C9}" = Movavi Video Converter 6
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Ares" = Ares 2.1.1
"AVG8Uninstall" = AVG 8.5
"boylepoker" = Boylepoker
"Boylepoker Poker" = Boylepoker Poker
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Ladbrokes Poker" = Ladbrokes Poker
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"Navini Diagnostics" = Navini Diagnostics
"Paddy Power Poker" = Paddy Power Poker
"PokerStars" = PokerStars
"RealPlayer 6.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ToggleEN Toolbar" = ToggleEN Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Serena08

2nd report thanks for all your help

OTL Extras logfile created on: 16/07/2009 21:16:57 - Run 1
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\mammy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

1013.71 Mb Total Physical Memory | 267.95 Mb Available Physical Memory | 26.43% Memory free
2.24 Gb Paging File | 1.27 Gb Available in Paging File | 56.62% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.70 Gb Total Space | 41.81 Gb Free Space | 41.94% Space Free | Partition Type: NTFS
Drive | 10.00 Gb Total Space | 5.98 Gb Free Space | 59.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DEANGARLAND-PC
Current User Name: mammy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
Reg Error: Unknown registry data type File not found
Reg Error: Unknown registry data type File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36D6A89E-C39F-4EE8-9181-C13E9BC739A5}" = SweetIM Toolbar for Internet Explorer 3.2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F6594CB-DA1B-4FFB-B397-CACE3D5F668B}" = Windows Live Movie Maker Beta
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{91190409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Publisher 2003
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C5C38AA6-C887-4B31-8B76-77C1CC40FFC7}" = ZTE Mobile Connection
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2DF7839-7B71-4E34-BB8D-552E182082C9}" = Movavi Video Converter 6
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Ares" = Ares 2.1.1
"AVG8Uninstall" = AVG 8.5
"boylepoker" = Boylepoker
"Boylepoker Poker" = Boylepoker Poker
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Ladbrokes Poker" = Ladbrokes Poker
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"Navini Diagnostics" = Navini Diagnostics
"Paddy Power Poker" = Paddy Power Poker
"PokerStars" = PokerStars
"RealPlayer 6.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ToggleEN Toolbar" = ToggleEN Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

ActorSeeksJob

you are missing the OTListIt.Txt, its the main txt

May need two posts to fill it all in

Serena08

Hi actor sorry i realised that I had double posted 1 report and i have been tryin g to post the other 1 since then but it wont let me every time i hit send it freezez and i get a blank page.... i have no memory stick to transfer to this laptop i'm using that i only have till tomorrow... now i have been able to access my email on my owm laptop so if you don't mind i could e-mail you the report ???

Serena08

[2009/06/22 15:00:19 | 00,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2009/06/22 15:00:19 | 00,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2009/06/22 15:00:18 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2009/06/22 15:00:18 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
[2009/06/22 15:00:17 | 00,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2009/06/22 15:00:14 | 01,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appwiz.cpl
[2009/06/22 15:00:14 | 01,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2009/06/22 15:00:14 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
[2009/06/22 15:00:14 | 00,054,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\partmgr.sys
[2009/06/22 15:00:10 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2009/06/22 15:00:09 | 00,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2009/06/22 15:00:07 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
[2009/06/22 15:00:06 | 02,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2009/06/22 15:00:03 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUINotify.dll
[2009/06/22 15:00:02 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2009/06/22 15:00:02 | 00,048,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mup.sys
[2009/06/22 15:00:01 | 01,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2009/06/22 14:59:59 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2009/06/22 14:59:58 | 00,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2009/06/22 14:59:58 | 00,053,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\disk.sys
[2009/06/22 14:59:58 | 00,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2009/06/22 14:59:57 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2009/06/22 14:59:57 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2009/06/22 14:59:57 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
[2009/06/22 14:59:56 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2009/06/22 14:59:56 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2009/06/22 14:59:55 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2009/06/22 14:59:55 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2009/06/22 14:59:54 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2009/06/22 14:59:54 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2009/06/22 14:59:54 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2009/06/22 14:59:53 | 00,292,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys
[2009/06/22 14:59:53 | 00,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2009/06/22 14:59:52 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autochk.exe
[2009/06/22 14:59:52 | 00,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2009/06/22 14:59:50 | 00,226,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volsnap.sys
[2009/06/22 14:59:50 | 00,190,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fltMgr.sys
[2009/06/22 14:59:49 | 00,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printui.dll
[2009/06/22 14:59:49 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2009/06/22 14:59:48 | 00,141,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys
[2009/06/22 14:59:47 | 00,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2009/06/22 14:59:46 | 00,161,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys
[2009/06/22 14:59:45 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2009/06/22 14:59:44 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2009/06/22 14:59:44 | 00,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2009/06/22 14:59:43 | 01,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2009/06/22 14:59:43 | 00,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2009/06/22 14:59:43 | 00,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2009/06/22 14:59:42 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2009/06/22 14:59:42 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
[2009/06/22 14:59:42 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2009/06/22 14:59:41 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
[2009/06/22 14:59:41 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2009/06/22 14:59:39 | 00,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2009/06/22 14:59:39 | 00,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\atapi.sys
[2009/06/22 14:59:38 | 00,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll

Serena08

[2009/06/22 14:59:38 | 00,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
[2009/06/22 14:59:38 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2009/06/22 14:59:37 | 00,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2009/06/22 14:59:37 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbt.sys
[2009/06/22 14:59:36 | 00,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2009/06/22 14:59:36 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2009/06/22 14:59:36 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2009/06/22 14:59:35 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2009/06/22 14:59:35 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnsrslvr.dll
[2009/06/22 14:59:33 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthenum.sys
[2009/06/22 14:59:32 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2009/06/22 14:59:31 | 00,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
[2009/06/22 14:59:31 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2009/06/22 14:59:31 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2009/06/22 14:59:31 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2009/06/22 14:59:31 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2009/06/22 14:59:31 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2009/06/22 14:59:30 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2009/06/22 14:59:30 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
[2009/06/22 14:59:30 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys
[2009/06/22 14:59:29 | 00,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2009/06/22 14:59:29 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2009/06/22 14:59:28 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2009/06/22 14:59:28 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2009/06/22 14:59:28 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2009/06/22 14:59:28 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2009/06/22 14:59:27 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaservc.dll
[2009/06/22 14:59:27 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys
[2009/06/22 14:59:27 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2009/06/22 14:59:26 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2009/06/22 14:59:25 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscript.exe
[2009/06/22 14:59:25 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2009/06/22 14:59:25 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/06/22 14:59:25 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/06/22 14:59:24 | 00,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2009/06/22 14:59:24 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys
[2009/06/22 14:59:23 | 00,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
[2009/06/22 14:59:23 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2009/06/22 14:59:22 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2009/06/22 14:59:22 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2009/06/22 14:59:21 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2009/06/22 14:59:21 | 00,514,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansvc.dll
[2009/06/22 14:59:21 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2009/06/22 14:59:21 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2009/06/22 14:59:19 | 01,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2009/06/22 14:59:19 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2009/06/22 14:59:18 | 00,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2009/06/22 14:59:18 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009/06/22 14:59:18 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2009/06/22 14:59:18 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2009/06/22 14:59:18 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2009/06/22 14:59:17 | 01,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2009/06/22 14:59:17 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2009/06/22 14:59:17 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys
[2009/06/22 14:59:17 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscsvc.dll
[2009/06/22 14:59:17 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2009/06/22 14:59:15 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2009/06/22 14:59:15 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2009/06/22 14:59:14 | 00,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2009/06/22 14:59:14 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regsvc.dll
[2009/06/22 14:59:13 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2009/06/22 14:59:13 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2009/06/22 14:59:13 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2009/06/22 14:59:12 | 00,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\zipfldr.dll
[2009/06/22 14:59:12 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshext.dll
[2009/06/22 14:59:11 | 02,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2009/06/22 14:59:11 | 01,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2009/06/22 14:59:10 | 00,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2009/06/22 14:59:09 | 00,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2009/06/22 14:59:09 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2009/06/22 14:59:09 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2009/06/22 14:59:09 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbehci.sys
[2009/06/22 14:59:08 | 01,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2009/06/22 14:59:08 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/06/22 14:59:07 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2009/06/22 14:59:07 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srvsvc.dll
[2009/06/22 14:59:07 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2009/06/22 14:59:07 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxsms.dll
[2009/06/22 14:59:06 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2009/06/22 14:59:06 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2009/06/22 14:59:06 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
[2009/06/22 14:59:06 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/06/22 14:59:06 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsbyuv.dll
[2009/06/22 14:59:05 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2009/06/22 14:59:05 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe
[2009/06/22 14:59:05 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2009/06/22 14:59:05 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2009/06/22 14:59:04 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2009/06/22 14:59:04 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2009/06/22 14:59:04 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2009/06/22 14:59:04 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2009/06/22 14:59:03 | 01,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2009/06/22 14:59:03 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
[2009/06/22 14:59:02 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2009/06/22 14:59:02 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2009/06/22 14:59:02 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2009/06/22 14:59:01 | 01,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2009/06/22 14:59:01 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2009/06/22 14:59:01 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3svc.dll
[2009/06/22 14:59:00 | 00,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themeui.dll
[2009/06/22 14:59:00 | 00,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2009/06/22 14:58:59 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2009/06/22 14:58:59 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys
[2009/06/22 14:58:59 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
[2009/06/22 14:58:59 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2009/06/22 14:58:58 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2009/06/22 14:58:58 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2009/06/22 14:58:57 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2009/06/22 14:58:57 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2009/06/22 14:58:57 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2009/06/22 14:58:57 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2009/06/22 14:58:56 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2009/06/22 14:58:56 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2009/06/22 14:58:56 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\BTHUSB.SYS
[2009/06/22 14:58:55 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2009/06/22 14:58:55 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2009/06/22 14:58:54 | 00,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tapisrv.dll
[2009/06/22 14:58:54 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2009/06/22 14:58:54 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2009/06/22 14:58:53 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2009/06/22 14:58:53 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009/06/22 14:58:53 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
[2009/06/22 14:58:52 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys
[2009/06/22 14:58:52 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2009/06/22 14:58:52 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
[2009/06/22 14:58:52 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2009/06/22 14:58:51 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2009/06/22 14:58:50 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2009/06/22 14:58:50 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2009/06/22 14:58:50 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2009/06/22 14:58:49 | 01,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmsys.cpl
[2009/06/22 14:58:49 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2009/06/22 14:58:49 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2009/06/22 14:58:48 | 01,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2009/06/22 14:58:47 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2009/06/22 14:58:46 | 01,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2009/06/22 14:58:46 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2009/06/22 14:58:45 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2009/06/22 14:58:45 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2009/06/22 14:58:44 | 00,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2009/06/22 14:58:43 | 00,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2009/06/22 14:58:43 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2009/06/22 14:58:43 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2009/06/22 14:58:42 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2009/06/22 14:58:42 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2009/06/22 14:58:42 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2009/06/22 14:58:42 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2009/06/22 14:58:42 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys
[2009/06/22 14:58:42 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2009/06/22 14:58:41 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2009/06/22 14:58:40 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2009/06/22 14:58:39 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2009/06/22 14:58:39 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2009/06/22 14:58:39 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2009/06/22 14:58:39 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2009/06/22 14:58:39 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2009/06/22 14:58:38 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2009/06/22 14:58:37 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2009/06/22 14:58:37 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2009/06/22 14:58:37 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2009/06/22 14:58:36 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2009/06/22 14:58:35 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
[2009/06/22 14:58:35 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll
[2009/06/22 14:58:35 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2009/06/22 14:58:35 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys
[2009/06/22 14:58:34 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2009/06/22 14:58:34 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2009/06/22 14:58:34 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\afd.sys
[2009/06/22 14:58:34 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontext.dll
[2009/06/22 14:58:33 | 01,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVidCtl.dll
[2009/06/22 14:58:32 | 00,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2009/06/22 14:58:32 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2009/06/22 14:58:32 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\npfs.sys
[2009/06/22 14:58:31 | 00,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2009/06/22 14:58:31 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2009/06/22 14:58:30 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2009/06/22 14:58:30 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2009/06/22 14:58:29 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2009/06/22 14:58:29 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2009/06/22 14:58:29 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2009/06/22 14:58:29 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2009/06/22 14:58:28 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2009/06/22 14:58:28 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys
[2009/06/22 14:58:28 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys
[2009/06/22 14:58:28 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys
[2009/06/22 14:58:27 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2009/06/22 14:58:26 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2009/06/22 14:58:26 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2009/06/22 14:58:25 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2009/06/22 14:58:24 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2009/06/22 14:58:22 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2009/06/22 14:58:21 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2009/06/22 14:58:20 | 00,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2009/06/22 14:58:20 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fastfat.sys
[2009/06/22 14:58:20 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2009/06/22 14:58:19 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2009/06/22 14:58:18 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2009/06/22 14:58:18 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
[2009/06/22 14:58:17 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netplwiz.dll
[2009/06/22 14:58:16 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2009/06/22 14:58:16 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2009/06/22 14:58:15 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certprop.dll
[2009/06/22 14:58:14 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2009/06/22 14:58:14 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2009/06/22 14:58:14 | 00,062,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ohci1394.sys
[2009/06/22 14:58:13 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcsvc.dll
[2009/06/22 14:58:13 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2009/06/22 14:58:13 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2009/06/22 14:58:12 | 00,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2009/06/22 14:58:12 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2009/06/22 14:58:12 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2009/06/22 14:58:11 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2009/06/22 14:58:11 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2009/06/22 14:58:11 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2009/06/22 14:58:10 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2009/06/22 14:58:10 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2009/06/22 14:58:08 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2009/06/22 14:58:08 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sendmail.dll
[2009/06/22 14:58:07 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2009/06/22 14:58:06 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2009/06/22 14:58:06 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys
[2009/06/22 14:58:06 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidusb.sys
[2009/06/22 14:58:05 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2009/06/22 14:58:05 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
[2009/06/22 14:58:05 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009/06/22 14:58:04 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2009/06/22 14:58:03 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\udfs.sys
[2009/06/22 14:58:03 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2009/06/22 14:58:01 | 00,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2009/06/22 14:58:00 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2009/06/22 14:58:00 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2009/06/22 14:57:59 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2009/06/22 14:57:59 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2009/06/22 14:57:59 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll
[2009/06/22 14:57:59 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2009/06/22 14:57:59 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\version.dll
[2009/06/22 14:57:59 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2009/06/22 14:57:58 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2009/06/22 14:57:57 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2009/06/22 14:57:56 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpwd.sys
[2009/06/22 14:57:56 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2009/06/22 14:57:56 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2009/06/22 14:57:55 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2009/06/22 14:57:55 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndiswan.sys
[2009/06/22 14:57:55 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2009/06/22 14:57:55 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/06/22 14:57:55 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2009/06/22 14:57:55 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2009/06/22 14:57:54 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2009/06/22 14:57:54 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2009/06/22 14:57:54 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2009/06/22 14:57:53 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2009/06/22 14:57:53 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2009/06/22 14:57:53 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll
[2009/06/22 14:57:52 | 00,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2009/06/22 14:57:52 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2009/06/22 14:57:51 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2009/06/22 14:57:51 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2009/06/22 14:57:50 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2009/06/22 14:57:50 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2009/06/22 14:57:50 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2009/06/22 14:57:50 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2009/06/22 14:57:50 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2009/06/22 14:57:49 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2009/06/22 14:57:48 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2009/06/22 14:57:47 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2009/06/22 14:57:47 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys
[2009/06/22 14:57:47 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2009/06/22 14:57:47 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2009/06/22 14:57:47 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2009/06/22 14:57:46 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2009/06/22 14:57:46 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2009/06/22 14:57:46 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2009/06/22 14:57:46 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2009/06/22 14:57:44 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2009/06/22 14:57:44 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2009/06/22 14:57:44 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2009/06/22 14:57:44 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2009/06/22 14:57:43 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2009/06/22 14:57:43 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2009/06/22 14:57:41 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2009/06/22 14:57:41 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2009/06/22 14:57:40 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys
[2009/06/22 14:57:39 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2009/06/22 14:57:39 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdrom.sys
[2009/06/22 14:57:39 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
[2009/06/22 14:57:38 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys
[2009/06/22 14:57:38 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2009/06/22 14:57:37 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2009/06/22 14:57:35 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2009/06/22 14:57:33 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2009/06/22 14:57:33 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2009/06/22 14:57:32 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2009/06/22 14:57:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2009/06/22 14:57:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2009/06/22 14:57:28 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2009/06/22 14:57:28 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2009/06/22 14:57:27 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2009/06/22 14:57:27 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2009/06/22 14:57:26 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
[2009/06/22 14:57:26 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2009/06/22 14:57:26 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2009/06/22 14:57:26 | 00,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2009/06/22 14:57:25 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
[2009/06/22 14:57:21 | 00,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2009/06/22 14:57:21 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys
[2009/06/22 14:57:20 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2009/06/22 14:57:19 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bridge.sys
[2009/06/22 14:57:18 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2009/06/22 14:57:18 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2009/06/22 14:57:17 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/06/22 14:57:17 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\raspppoe.sys
[2009/06/22 14:57:17 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2009/06/22 14:57:17 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2009/06/22 14:56:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2009/06/22 14:56:59 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2009/06/22 14:56:59 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2009/06/22 14:56:37 | 00,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2009/06/22 14:55:52 | 00,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2009/06/22 14:55:43 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2009/06/22 14:55:42 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2009/06/22 14:55:11 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2009/06/18 20:49:15 | 00,000,000 | ---D | C] -- C:\Users\mammy\AppData\Local\Apple
[2009/06/18 20:48:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple
[2009/06/18 20:48:41 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2008/04/29 18:57:07 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/12/19 13:24:58 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2007/12/19 13:24:58 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/12/19 13:24:58 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/12/19 13:24:43 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/12/19 13:24:33 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/12/19 05:51:52 | 00,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2007/07/25 15:24:30 | 01,559,040 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2006/12/12 12:13:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2006/12/12 11:02:50 | 00,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:25:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 11:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 11:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/02/26 16:08:28 | 00,585,728 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

========== Files - Modified Within 30 Days ==========

[2009/07/16 21:15:49 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\mammy\Desktop\OTL.exe
[2009/07/16 21:11:01 | 00,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/07/16 21:05:35 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/07/16 21:05:34 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/07/16 21:03:29 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/07/16 21:02:58 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/07/16 21:02:47 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/07/16 21:02:42 | 10,637,18912 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/16 19:36:53 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{54340BDA-2DEE-4A17-904D-A857094492F9}.job
[2009/07/16 18:58:37 | 00,000,000 | ---- | M] () -- C:\Users\mammy\AppData\Local\prvlcl.dat
[2009/07/16 13:13:58 | 38,217,554 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/07/16 13:13:58 | 00,032,011 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/07/16 03:40:09 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/07/16 03:39:11 | 02,896,549 | -H-- | M] () -- C:\Users\mammy\AppData\Local\IconCache.db
[2009/07/14 23:24:31 | 00,391,224 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 01:28:07 | 00,028,210 | ---- | M] () -- C:\Users\mammy\Desktop\comedian threat.jpg
[2009/07/14 00:02:15 | 00,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/13 23:10:20 | 00,004,892 | ---- | M] () -- C:\Users\mammy\AppData\Local\d3d9caps.dat
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/07/07 16:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[2009/07/06 20:18:32 | 00,001,728 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/07/03 22:54:16 | 00,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2009/07/03 22:52:31 | 00,001,442 | ---- | M] () -- C:\Users\mammy\Desktop\DivX Movies.lnk
[2009/07/03 21:27:40 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/07/03 21:27:40 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/06/30 08:42:41 | 00,463,779 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2009/06/26 13:22:35 | 00,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/06/26 13:04:07 | 00,327,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/06/26 13:04:07 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/06/26 13:04:07 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/06/23 12:42:58 | 00,701,096 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/06/23 12:42:58 | 00,605,962 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/06/23 12:42:58 | 00,111,260 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/06/18 20:19:30 | 00,067,584 | ---- | M] () -- C:\Users\mammy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2009/07/14 09:40:25 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming
[2009/01/23 13:14:40 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\Business Logic
[2008/03/02 00:09:05 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\CyberLink
[2008/02/11 19:04:07 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\Leadertech
[2009/01/24 19:31:38 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\LimeWire
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\Media Center Programs
[2009/05/19 18:30:09 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\Microgaming
[2009/05/12 17:12:25 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\MixMeister Technology
[2009/01/14 15:32:19 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\Nokia
[2009/03/20 22:54:55 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\OpenOffice.org
[2009/01/14 15:26:25 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\PC Suite
[2008/01/20 17:49:49 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\Roxio
[2008/08/02 00:07:25 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\SecondLife
[2008/11/23 21:45:47 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\Template
[2009/07/13 21:19:39 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\Uniblue
[2008/01/25 00:09:20 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\Windows Live Writer
[2009/07/16 21:03:29 | 00,000,882 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009/07/16 21:11:01 | 00,000,886 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2009/07/16 21:02:58 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/07/16 03:40:15 | 00,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/16 19:36:53 | 00,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{54340BDA-2DEE-4A17-904D-A857094492F9}.job

========== Purity Check ==========



========== Custom Scans ==========


< %systemroot%\System32\antiwpa.dll >

< %systemroot%\SYSTEM32\wpa.dll >

< %systemroot%\setup\scripts\biestart.exe >

< %systemroot%\system32\drivers\royal.sys >

< %systemroot%\system32\oobe\AntiWPA_Crypt.dll >

< %TEMP%\antiwpa_crypt.dll >

< %TEMP%\antiwpa.dll /s >

< %PROGRAMFILES%\antiwpa.dll /s >

< %systemroot%\system32\crypt.dll >

< %TEMP%\crypt.dll >

< %SYSTEMDRIVE%\*. >
[2009/07/16 21:15:45 | 00,000,000 | R--D | M] -- C:
[2009/07/14 22:29:52 | 00,000,000 | -H-D | M] -- C:\$AVG8.VAULT$
[2009/07/13 21:47:44 | 00,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2008/09/18 19:14:15 | 00,000,000 | ---D | M] -- C:\217ff292d23c71d0ded8
[2008/07/13 16:34:39 | 00,000,000 | ---D | M] -- C:\8bafe4048bb6ebcb0ca32172
[2009/06/22 19:34:02 | 00,000,000 | -HSD | M] -- C:\Boot
[2009/01/19 20:00:59 | 00,000,000 | ---D | M] -- C:\DELL
[2007/12/19 13:06:33 | 00,000,000 | ---D | M] -- C:\doctemp
[2007/12/20 10:24:05 | 00,000,000 | -HSD | M] -- C:\Documents and Settings
[2007/12/19 13:06:20 | 00,000,000 | ---D | M] -- C:\Drivers
[2008/09/16 04:03:38 | 00,000,000 | ---D | M] -- C:\e9ceb099717b4bb03bb3
[2007/12/20 10:30:38 | 00,000,000 | ---D | M] -- C:\Intel
[2009/07/16 21:04:22 | 00,000,000 | ---D | M] -- C:\MDT
[2008/03/02 00:12:19 | 00,000,000 | ---D | M] -- C:\Microgaming
[2008/04/17 19:41:26 | 00,000,000 | ---D | M] -- C:\Movavi files
[2009/02/25 17:20:41 | 00,000,000 | RH-D | M] -- C:\MSOCache
[2008/09/15 18:43:00 | 00,000,000 | ---D | M] -- C:\PerfLogs
[2009/06/10 19:32:41 | 00,000,000 | ---D | M] -- C:\Poker
[2009/07/16 02:29:39 | 00,000,000 | R--D | M] -- C:\Program Files
[2009/07/13 23:04:01 | 00,000,000 | -H-D | M] -- C:\ProgramData
[2008/06/30 17:47:49 | 00,000,000 | ---D | M] -- C:\Programs
[2009/07/15 00:07:21 | 00,000,000 | ---D | M] -- C:\Rooter$
[2009/07/16 02:29:07 | 00,000,000 | -HSD | M] -- C:\System Volume Information
[2008/01/20 17:47:14 | 00,000,000 | R--D | M] -- C:\Users
[2009/06/22 19:34:11 | 00,000,000 | ---D | M] -- C:\Windows

< %SYSTEMDRIVE%\*.* >
[2008/09/17 16:25:23 | 00,000,884 | ---- | M] () -- C:\aaw7boot.log
[2006/09/18 22:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 07:36:36 | 00,333,257 | RHS- | M] () -- C:\bootmgr
[2006/09/18 22:43:37 | 00,000,010 | ---- | M] () -- C:\config.sys
[2007/12/19 13:25:07 | 00,004,184 | RH-- | M] () -- C:\dell.sdr
[2009/07/16 21:02:42 | 10,637,18912 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/03 21:27:40 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/07/03 21:27:40 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/07/16 21:02:40 | 13,775,25760 | -HS- | M] () -- C:\pagefile.sys
[2007/12/19 05:48:44 | 00,001,940 | ---- | M] () -- C:\QuickSet.lnk
[2008/12/31 00:52:12 | 00,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2008/12/31 00:52:12 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

< %PROGRAMFILES%\*. >
[2009/07/16 02:29:39 | 00,000,000 | R--D | M] -- C:\Program Files
[2008/12/20 20:26:55 | 00,000,000 | ---D | M] -- C:\Program Files\3DLivePool_at
[2009/01/20 19:42:50 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/12/18 23:56:36 | 00,000,000 | ---D | M] -- C:\Program Files\Alex In Danger
[2009/06/18 20:48:44 | 00,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/04/27 15:28:48 | 00,000,000 | ---D | M] -- C:\Program Files\Ares
[2009/03/21 16:32:44 | 00,000,000 | ---D | M] -- C:\Program Files\AVG
[2008/09/04 21:05:33 | 00,000,000 | ---D | M] -- C:\Program Files\B2BPOKER
[2008/07/02 15:57:22 | 00,000,000 | ---D | M] -- C:\Program Files\BassTournamentTycoon_at
[2009/01/08 01:39:42 | 00,000,000 | ---D | M] -- C:\Program Files\BearShare Applications
[2009/07/02 17:40:39 | 00,000,000 | ---D | M] -- C:\Program Files\Bet24
[2008/07/02 15:55:08 | 00,000,000 | ---D | M] -- C:\Program Files\Birdies_at
[2009/07/03 21:11:16 | 00,000,000 | ---D | M] -- C:\Program Files\BrucePoker.com
[2009/01/19 18:46:18 | 00,000,000 | ---D | M] -- C:\Program Files\BugsysClub Software
[2008/09/21 15:29:28 | 00,000,000 | ---D | M] -- C:\Program Files\BurgerShop_at
[2009/07/03 22:52:34 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/04/27 15:29:03 | 00,000,000 | ---D | M] -- C:\Program Files\Conduit
[2007/12/19 06:07:13 | 00,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2008/09/21 15:30:35 | 00,000,000 | ---D | M] -- C:\Program Files\Deep Sea Tycoon_at
[2008/09/21 15:28:55 | 00,000,000 | ---D | M] -- C:\Program Files\DeerDrive_at
[2007/12/19 06:06:52 | 00,000,000 | ---D | M] -- C:\Program Files\Dell
[2007/12/19 06:04:20 | 00,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2007/12/19 05:51:44 | 00,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2009/07/03 22:53:10 | 00,000,000 | ---D | M] -- C:\Program Files\DivX
[2009/07/03 21:13:14 | 00,000,000 | ---D | M] -- C:\Program Files\DoylesRoom
[2008/09/21 15:27:48 | 00,000,000 | ---D | M] -- C:\Program Files\FeedingFrenzy2_at
[2008/09/21 15:30:55 | 00,000,000 | ---D | M] -- C:\Program Files\FishTycoon_at
[2008/09/21 15:31:13 | 00,000,000 | ---D | M] -- C:\Program Files\Flash Strike
[2009/07/03 21:15:56 | 00,000,000 | ---D | M] -- C:\Program Files\Full Tilt Poker
[2009/07/03 22:54:37 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2008/01/27 11:57:40 | 00,000,000 | ---D | M] -- C:\Program Files\Grisoft
[2008/09/21 15:31:26 | 00,000,000 | ---D | M] -- C:\Program Files\Hamsterball_at
[2008/09/21 15:31:40 | 00,000,000 | ---D | M] -- C:\Program Files\HiddenExpeditionTitanic_at
[2009/07/03 21:15:57 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/06/24 18:18:03 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/03/30 21:38:03 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2009/03/20 21:45:54 | 00,000,000 | ---D | M] -- C:\Program Files\JRE
[2009/01/19 19:07:50 | 00,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2008/09/21 15:32:03 | 00,000,000 | ---D | M] -- C:\Program Files\MadCars_at
[2008/09/21 15:26:56 | 00,000,000 | ---D | M] -- C:\Program Files\MagicBall2_at
[2009/07/14 00:03:12 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/29 23:48:47 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2009/02/25 17:28:42 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2009/02/25 17:30:12 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/02/26 19:23:34 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2007/12/20 22:54:13 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/03/30 00:02:01 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2009/06/11 18:25:30 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/02/25 17:27:40 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2007/12/19 05:51:17 | 00,000,000 | ---D | M] -- C:\Program Files\Modem Diagnostic Tool
[2008/04/17 19:39:46 | 00,000,000 | ---D | M] -- C:\Program Files\Movavi Video Converter 6
[2009/06/22 19:25:10 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/07/14 23:03:39 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2007/12/20 23:18:30 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/12/25 23:06:34 | 00,000,000 | ---D | M] -- C:\Program Files\NavDiag
[2007/12/19 05:50:10 | 00,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2008/12/19 00:48:58 | 00,000,000 | ---D | M] -- C:\Program Files\NoAdware
[2008/12/24 21:50:36 | 00,000,000 | ---D | M] -- C:\Program Files\Norton PC Checkup
[2009/01/19 19:09:53 | 00,000,000 | ---D | M] -- C:\Program Files\Norton Security Scan
[2009/03/20 21:45:49 | 00,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2009/01/18 22:04:17 | 00,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution
[2009/04/24 17:02:52 | 00,000,000 | ---D | M] -- C:\Program Files\PokerStars
[2009/07/06 20:20:13 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/06/16 20:30:39 | 00,000,000 | ---D | M] -- C:\Program Files\Real
[2009/01/12 17:59:52 | 00,000,000 | ---D | M] -- C:\Program Files\Reef Club Casino
[2009/01/01 21:16:44 | 00,000,000 | ---D | M] -- C:\Program Files\ReeferPoker
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2008/02/27 17:31:57 | 00,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade
[2008/02/28 22:05:49 | 00,000,000 | ---D | M] -- C:\Program Files\SensationalSoccer_at
[2007/12/19 05:48:46 | 00,000,000 | ---D | M] -- C:\Program Files\SigmaTel
[2009/03/10 23:04:47 | 00,000,000 | ---D | M] -- C:\Program Files\Skype
[2009/07/13 19:34:50 | 00,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2009/01/24 19:31:37 | 00,000,000 | ---D | M] -- C:\Program Files\SpywareBlaster
[2007/12/19 13:24:37 | 00,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/07/04 00:18:45 | 00,000,000 | ---D | M] -- C:\Program Files\ToggleEN
[2006/11/02 14:01:55 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/06/22 19:25:10 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/06/22 19:25:05 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/06/22 19:24:50 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/06/22 19:25:05 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/03/30 00:04:33 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/03/29 23:48:21 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2009/03/30 00:03:16 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2009/07/14 22:06:40 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/06/22 19:25:06 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/06/22 19:24:59 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/06/22 19:25:06 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2008/01/27 20:58:36 | 00,000,000 | -H-D | M] -- C:\Program Files\Zero G Registry
[2008/12/30 02:40:18 | 00,000,000 | ---D | M] -- C:\Program Files\ZTE Mobile Connection

< set /c >
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\mammy\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DEANGARLAND-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\mammy
LOCALAPPDATA=C:\Users\mammy\AppData\Local
LOGONSERVER=\\DEANGARLAND-PC
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\mammy\AppData\Local\Temp
TMP=C:\Users\mammy\AppData\Local\Temp
USERDOMAIN=deangarland-PC
USERNAME=mammy
USERPROFILE=C:\Users\mammy
windir=C:\Windows

========== Alternate Data Streams ==========

@Alternate Data Stream - 81 bytes -> C:\Program Files\DoylesRoom:MID
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:85091E5D
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:6DCB8EB8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:09C5BF6B
< End of report >

Serena08

bump

ActorSeeksJob

hi

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.






Go to Kaspersky website and perform an online antivirus scan.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
   Spyware, Adware, Dialers, and other potentially dangerous programs
   Archives
   Mail databases

[*]Click on My Computer under Scan.
[*]Once the scan is complete, it will display the results. Click on View Scan Report.
[*]You will see a list of infected items there. Click on Save Report As....
[*]Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

Serena08

---

KASPERSKY ONLINE SCANNER 7.0 REPORT
Thursday, July 23, 2009
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Wednesday, July 22, 2009 23:38:49
Records in database: 2515919

---

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
\
E:\

Scan statistics:
Files scanned: 154889
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 02:16:25


File name / Threat name / Threats count
C:\Users\dean garland\Documents\LimeWire\Saved\bob dylan huricane MTV.mp3 Infected: Trojan-Downloader.WMA.GetCodec.f 1

The selected area was scanned.


Malwarebytes' Anti-Malware 1.39
Database version: 2479
Windows 6.0.6002 Service Pack 2

22/07/2009 18:13:45
mbam-log-2009-07-22 (18-13-45).txt

Scan type: Quick Scan
Objects scanned: 85247
Time elapsed: 17 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ActorSeeksJob

delete this file

C:\Users\dean garland\Documents\LimeWire\Saved\bob dylan huricane MTV.mp3


open OTL click Quick Scan post that log

Serena08

OTL logfile created on: 23/07/2009 17:55:12 - Run 2
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\mammy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

1013.71 Mb Total Physical Memory | 151.31 Mb Available Physical Memory | 14.93% Memory free
2.24 Gb Paging File | 0.75 Gb Available in Paging File | 33.42% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.70 Gb Total Space | 42.81 Gb Free Space | 42.94% Space Free | Partition Type: NTFS
Drive | 10.00 Gb Total Space | 5.98 Gb Free Space | 59.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DEANGARLAND-PC
Current User Name: mammy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 7 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Windows\System32\WLTRYSVC.EXE ()
PRC - C:\Windows\System32\bcmwltry.exe (Dell Inc.)
PRC - C:\Windows\System32\TDSupportApp\cdrom_mon.exe ()
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Windows\System32\STacSV.exe (IDT, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WLTRAY.EXE (Dell Inc.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\Windows\System32\hkcmd.exe (Intel Corporation)
PRC - C:\Windows\System32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - c:\program files\common files\installshield\updateservice\isuspm.exe (Macrovision Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WLTRAY.EXE (Dell Inc.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\Windows\System32\igfxtray.exe (Intel Corporation)
PRC - C:\Windows\System32\hkcmd.exe (Intel Corporation)
PRC - C:\Windows\System32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - c:\program files\common files\installshield\updateservice\isuspm.exe (Macrovision Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
PRC - C:\Users\mammy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\notepad.exe (Microsoft Corporation)
PRC - C:\Windows\notepad.exe (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (Autorun CDROM Monitor [Auto | Running]) -- C:\Windows\System32\TDSupportApp\cdrom_mon.exe ()
SRV - (avg8emc [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (Eventlog [Auto | Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (fsssvc [Auto | Running]) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (gupdate1c9fc28a0b2c1d2 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (RapiMgr [Auto | Running]) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (SeaPort [Auto | Running]) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (sprtsvc_dellsupportcenter [Auto | Running]) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (STacSV [Auto | Running]) -- C:\Windows\System32\STacSV.exe (IDT, Inc.)
SRV - (stllssvr [On_Demand | Stopped]) -- File not found
SRV - (WcesComm [Auto | Running]) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (wltrysvc [Auto | Running]) -- C:\Windows\System32\WLTRYSVC.EXE ()
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (XAudioService [Auto | Stopped]) -- C:\Windows\System32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTog0.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://upc.ie/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - URLSearchHook: *{038cb5c7-48ea-4af9-94e0-a1646542e62b} - Reg Error: Key error. File not found
IE - URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q=&quot;
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.ie/&quot;
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: avg@igeared:2.506.026.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.12
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q=&quot;
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/03 21:06:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/06/26 13:11:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/06/16 20:31:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/07/21 23:18:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/22 19:58:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/22 19:58:43 | 00,000,000 | ---D | M]

[2008/09/07 19:17:32 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\mozilla\Extensions
[2008/09/07 19:17:32 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/22 22:42:39 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\mozilla\Firefox\Profiles\89kghpfd.default\extensions
[2009/07/04 00:48:44 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\mozilla\Firefox\Profiles\89kghpfd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/03/10 22:54:57 | 00,000,000 | ---D | M] -- C:\Users\mammy\AppData\Roaming\mozilla\Firefox\Profiles\89kghpfd.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2008/09/28 16:14:06 | 00,003,915 | ---- | M] () -- C:\Users\mammy\AppData\Roaming\Mozilla\FireFox\Profiles\89kghpfd.default\searchplugins\sweetim.xml
[2009/07/22 22:42:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/22 19:58:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/02/16 03:58:25 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/05 09:15:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/03/30 21:38:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/07/22 19:58:28 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/22 19:58:28 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 22:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2008/08/06 16:22:02 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009/03/09 05:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/05/12 19:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/07/22 19:58:31 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2007/03/22 20:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2007/05/10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/06/16 20:31:09 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/07/06 20:20:15 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/07/06 20:20:16 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/07/06 20:20:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/07/06 20:20:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/07/06 20:20:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/07/06 20:20:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/07/06 20:20:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/06/16 20:31:45 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2009/06/16 20:30:56 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/05/01 22:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2008/01/04 16:36:50 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2006/07/05 19:47:38 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/02 17:35:44 | 00,001,489 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
[2008/01/04 16:36:50 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2008/03/08 10:35:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/09/22 20:14:04 | 00,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2008/04/16 05:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/03/28 19:11:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/01/04 16:36:50 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTog0.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTog0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()

Serena08

O3 - HKCU\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Program Files\ToggleEN\tbTog0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.exe (Dell Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &Search - File not found
O9 - Extra Button: Canbet Poker - {13E222A8-206D-43ee-81A2-213EBF3DE13B} - C:\Microgaming\Poker\CanbetPokerMPP\MPPoker.exe File not found
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Microgaming\Poker\ladbrokesMPP\MPPoker.exe (Microgaming)
O9 - Extra Button: Boylepoker Poker - {F313D2F6-B79E-4654-BC77-D14C93FC8947} - C:\Microgaming\Poker\boylesportspokercomMPP\MPPoker.exe (Microgaming)
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/files/BeboUploader.5.1.4.cab (Bebo Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://signin2.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab (FlashXControl Object)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL File not found
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{cd3eb821-d4dc-11dd-b57f-001d09b301c0}\Shell - "" = AutoRun
O33 - MountPoints2\{cd3eb821-d4dc-11dd-b57f-001d09b301c0}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 7 Days ==========

[2009/07/23 17:07:07 | 10,637,18912 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/21 21:45:13 | 00,000,666 | ---- | C] () -- C:\Users\mammy\Desktop\Boylepoker (2).lnk
[2009/07/16 21:15:41 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\mammy\Desktop\OTL.exe

========== Files - Modified Within 7 Days ==========

[2009/07/23 17:55:13 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{54340BDA-2DEE-4A17-904D-A857094492F9}.job
[2009/07/23 17:13:42 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/07/23 17:11:25 | 39,176,704 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/07/23 17:11:25 | 00,040,789 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/07/23 17:11:07 | 00,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/07/23 17:07:32 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/07/23 17:07:32 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/07/23 17:07:24 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/07/23 17:07:12 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/07/23 17:07:08 | 10,637,18912 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/22 21:39:47 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/07/22 17:55:13 | 00,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/21 21:45:13 | 00,000,666 | ---- | M] () -- C:\Users\mammy\Desktop\Boylepoker (2).lnk
[2009/07/21 11:36:38 | 00,701,096 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/07/21 11:36:38 | 00,605,962 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/07/21 11:36:38 | 00,111,260 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/07/20 21:58:59 | 00,000,000 | ---- | M] () -- C:\Users\mammy\AppData\Local\prvlcl.dat
[2009/07/19 14:59:25 | 00,068,096 | ---- | M] () -- C:\Users\mammy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/18 14:19:26 | 00,335,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/07/17 11:14:31 | 00,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2009/07/16 21:15:49 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\mammy\Desktop\OTL.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\mammy\Documents\My Received Files:Roxio EMC Stream
< End of report >

ActorSeeksJob

Your logs are clean


Now we need to create a new System Restore point.

Click Start Menu > Run > type (or copy and paste)

%SystemRoot%\System32\restore\rstrui.exe

Press OK. Choose Create a Restore Point then click Next. Name it and click Create, when the confirmation screen shows the restore point has been created click Close.

Next goto Start Menu > Run > type

cleanmgr

Click OK, Disk Cleanup will open and start calculating the amount of space that can be freed, Once thats finished it will open the Disk Cleanup options screen, click the More Options tab then click Clean up on the system restore area and choose Yes at the confirmation window which will remove all the restore points except the one we just created.

To close Disk Cleanup and remove the Temporary Internet Files detected in the initial scan click OK then choose Yes on the confirmation window.

• Download OTC to your desktop and run it
• Click Yes to beginning the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Your using an old version of Adobe Acrobat Reader, this can leave your pc open to vulnerabilities, you can update it here :
http://www.adobe.com/products/acrobat/readstep2.html



Below I have included a number of recommendations for how to protect your computer against malware infections.

• Keep Windows updated by regularly checking their website at :
  http://windowsupdate.microsoft.com/
  This will ensure your computer has always the latest security updates available installed on your computer.
  
  
• SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.
  
  
• SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.
  
  
• Make Internet Explorer more secure
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
• TFC - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  
  
• MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.
  
  
• Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
  secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
  blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
  Here
  
  
  If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.
  • NoScript - for blocking ads and other potential website attacks
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling
  
  
• Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  
  
• ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
  
  
• FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.
  
  
• Recovery Console - Recent trends appear to indicate that future infections will include attacks to the boot sector of the computer. The installation of the Recovery Console in the computer will be our only defense against this threat. For more information and steps to install the Recovery Console see This Article. Should you need assistance in installing the Recovery Console, please do not hesitate to ask.
  
  
• Please read my guide on how to prevent malware and about safe computing here

Thank you for your patience, and performing all of the procedures requested.

Serena08

hi when i type in %SystemRoot%\System32\restore\rstrui.exe i get a message from windows saying

windows can't find 'C:\Windows\System32\restore\rstrui.exe make sure you typed it gain and try again no matter how many times i try i get the same message