OTL logfile created on: 15/02/2010 11:43:34 PM - Run 1 OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\James\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 78.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 138.31 Gb Total Space | 70.58 Gb Free Space | 51.03% Space Free | Partition Type: NTFS Drive D: | 9.28 Gb Total Space | 3.89 Gb Free Space | 41.98% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: AWESOMENESS-PC Current User Name: James Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/02/15 23:41:27 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.exe PRC - [2010/02/06 00:24:07 | 000,007,168 | ---- | M] () -- C:\Program Files\Ad Muncher\AdMunch.exe PRC - [2010/02/05 18:36:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010/01/18 23:07:00 | 000,884,736 | ---- | M] () -- C:\Users\James\AppData\Local\TVersity\Media Server\MediaServer.exe PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010/01/05 07:56:02 | 002,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe PRC - [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe PRC - [2009/11/24 23:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009/11/24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009/11/24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009/11/24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009/11/24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/10/16 12:59:58 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2009/08/18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009/08/18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/07/14 01:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/07/14 01:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe PRC - [2009/04/30 15:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe PRC - [2009/04/22 16:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2009/04/22 16:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/02/15 23:41:27 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.exe MOD - [2009/12/08 13:12:24 | 000,014,544 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll MOD - [2009/07/14 01:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009/07/14 01:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 01:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009/07/14 01:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 01:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009/07/14 01:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009/07/14 01:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009/07/14 01:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 01:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 01:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009/07/14 01:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2004/08/27 07:26:22 | 000,417,280 | ---- | M] () -- C:\Program Files\Ad Muncher\AdMunch.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/01/18 23:07:00 | 000,884,736 | ---- | M] () [Auto | Running] -- C:\Users\James\AppData\Local\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer) SRV - [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2009/11/24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009/11/24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009/11/24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009/11/24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009/10/16 12:59:58 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2009/08/18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/07/14 01:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009/07/14 01:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009/07/14 01:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009/07/14 01:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009/07/14 01:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009/07/14 01:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009/07/14 01:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009/07/14 01:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/07/14 01:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009/07/14 01:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/07/14 01:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009/07/14 01:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009/07/14 01:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009/07/14 01:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV) SRV - [2009/07/14 01:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009/07/14 01:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009/04/30 15:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2009/01/29 23:00:14 | 000,074,392 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (SureThing Labelflash service) SRV - [2005/04/03 23:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://livefooty.doctor-serv.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B 01 42 6C DF 13 CA 01 [binary data] IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AIM Search" FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?o=13920&l=dis" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.5.1 FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.5.2 FF - prefs.js..extensions.enabledItems: {47624dda-b77e-4feb-820a-e4f077d5d4ca}:9.8.6 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.10 FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query=" FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/02/08 11:01:50 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\K-Meleon\Extensions\\Plugins: C:\Program Files\K-Meleon\Plugins [2010/02/11 23:37:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\K-Meleon\Extensions\\Components: C:\Program Files\K-Meleon\Components [2010/01/31 01:28:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/28 22:06:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/11 23:37:06 | 000,000,000 | ---D | M] [2009/08/24 21:16:21 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Extensions [2009/08/23 12:15:46 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2010/02/09 03:04:31 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\b845qwpj.default\extensions [2010/02/09 03:04:46 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\b845qwpj.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010/02/06 21:06:17 | 000,000,000 | ---D | M] (Boost for Facebook) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\b845qwpj.default\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca} [2009/12/16 02:01:03 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\b845qwpj.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760} [2010/02/09 03:04:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\b845qwpj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009/12/31 15:01:48 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\b845qwpj.default\extensions\autofillForms@blueimp.net [2010/02/08 11:08:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009/07/30 22:24:36 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2009/07/30 22:24:36 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2009/07/30 22:24:36 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2009/07/30 22:24:36 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: ([2010/01/31 03:45:52 | 000,001,249 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 ad.doubleclick.com O1 - Hosts: 127.0.0.1 doubleclick.com O1 - Hosts: 127.0.0.1 doubleclick.net O1 - Hosts: 127.0.0.1 searchinvented.com O1 - Hosts: 127.0.0.1 atdmt.com O1 - Hosts: 127.0.0.1 clk.atdmt.com O1 - Hosts: 127.0.0.1 switch.atdmt.com O1 - Hosts: 127.0.0.1 view.atdmt.com O1 - Hosts: 127.0.0.1 https://www.google.com/adsense O1 - Hosts: 127.0.0.1 clicksor.com O1 - Hosts: 127.0.0.1 serw.clicksor.com O1 - Hosts: 127.0.0.1 shots.snap.com O1 - Hosts: 127.0.0.1 prepspeed.com O1 - Hosts: 127.0.0.1 adonion.com O1 - Hosts: 127.0.0.1 yieldmanager.com O1 - Hosts: 127.0.0.1 herowerbung.de O1 - Hosts: 127.0.0.1 jvoamkvyxv.info O1 - Hosts: 127.0.0.1 thebestadv.com O1 - Hosts: 127.0.0.1 contextweb.com O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found. O4 - HKLM..\Run: [Ad Muncher] C:\Program Files\Ad Muncher\AdMunch.exe () O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [S3Funkey] C:\Windows\System32\S3Funkey.exe (S3 Graphics Co., Ltd.) O4 - HKLM..\Run: [S3Trayp] C:\Windows\System32\s3trayp.exe (S3 Graphics Co., Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Microgaming\Poker\ladbrokesMPP\MPPoker.exe (Microgaming) O13 - gopher Prefix: missing O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (Reg Error: Key error.) O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\CDCheck.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2009/07/14 02:37:08 | 000,000,000 | ---D | M] NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation) [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2010/02/15 23:41:25 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.exe [2010/02/15 16:53:37 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Hardcore_Homecoming_cd1.part1_recovered [2010/02/15 16:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\ARAR [2010/02/15 03:58:13 | 000,000,000 | ---D | C] -- C:\Program Files\Recovery Toolbox for RAR [2010/02/14 06:12:51 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\The Rise and Fall of ECW Extras [2010/02/14 03:38:01 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Emmure - The Respect Issue [2010/02/13 22:44:24 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\SUPERAntiSpyware.com [2010/02/13 22:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010/02/13 22:37:50 | 000,000,000 | ---D | C] -- C:\VundoFix Backups [2010/02/13 17:25:04 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Boring [2010/02/11 23:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\iDownload [2010/02/11 23:31:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe [2010/02/10 00:35:43 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\WWE The Music Volume 10 - A New Day [2010/02/09 21:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\TVersity Codec Pack [2010/02/09 21:18:14 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\TVersity [2010/02/09 02:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad Muncher [2010/02/08 12:38:00 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\City Of God [2010/02/08 11:08:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010/02/08 11:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010/02/07 03:38:10 | 000,000,000 | ---D | C] -- C:\Users\James\AbiSuite [2010/02/07 03:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\AbiWord [2010/02/06 05:14:20 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\vlc [2010/02/06 03:51:55 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Theme Files [2010/02/06 03:35:15 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Theme [2010/02/05 23:39:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ad Muncher [2009/09/25 13:29:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\James\AppData\Roaming\pcouffin.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2010/02/15 23:47:56 | 002,883,584 | -HS- | M] () -- C:\Users\James\ntuser.dat [2010/02/15 23:41:27 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.exe [2010/02/15 23:20:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-627779662-797267458-3237740319-1000UA.job [2010/02/15 22:52:18 | 000,023,184 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/02/15 22:52:18 | 000,023,184 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/02/15 22:47:00 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/02/15 22:46:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/02/15 22:46:42 | 2012,078,080 | -HS- | M] () -- C:\hiberfil.sys [2010/02/15 22:44:51 | 001,956,102 | -H-- | M] () -- C:\Users\James\AppData\Local\IconCache.db [2010/02/15 20:17:20 | 000,000,939 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/02/15 18:20:00 | 000,000,854 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-627779662-797267458-3237740319-1000Core.job [2010/02/15 03:24:37 | 367,445,106 | ---- | M] () -- C:\Users\James\Desktop\Lost.S06E03.HDTV.XviD-2HD.avi [2010/02/15 02:02:10 | 183,513,092 | ---- | M] () -- C:\Users\James\Desktop\American Dad.S05E12.HDTV.XviD-P0W4.avi [2010/02/14 00:03:26 | 000,001,999 | ---- | M] () -- C:\Users\James\Desktop\HijackThis.lnk [2010/02/13 22:59:09 | 000,727,362 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/02/13 22:59:09 | 000,627,974 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/02/13 22:59:09 | 000,111,414 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/02/13 22:09:52 | 000,003,072 | ---- | M] () -- C:\Users\James\Desktop\KOS.html [2010/02/13 18:33:32 | 000,012,060 | -HS- | M] () -- C:\Users\James\Desktop\Folder.jpg [2010/02/13 18:33:32 | 000,012,060 | -HS- | M] () -- C:\Users\James\Desktop\AlbumArt_{4D979741-89D4-4645-97FD-2CCB3DA078D9}_Large.jpg [2010/02/13 18:33:27 | 000,002,971 | -HS- | M] () -- C:\Users\James\Desktop\AlbumArtSmall.jpg [2010/02/13 18:33:27 | 000,002,971 | -HS- | M] () -- C:\Users\James\Desktop\AlbumArt_{4D979741-89D4-4645-97FD-2CCB3DA078D9}_Small.jpg [2010/02/13 18:06:55 | 000,010,073 | -HS- | M] () -- C:\Users\James\Desktop\AlbumArt_{FF1D2E96-DE54-444F-B327-0339F70B3F0E}_Large.jpg [2010/02/13 18:06:55 | 000,002,614 | -HS- | M] () -- C:\Users\James\Desktop\AlbumArt_{FF1D2E96-DE54-444F-B327-0339F70B3F0E}_Small.jpg [2010/02/13 18:06:42 | 011,381,171 | ---- | M] () -- C:\Users\James\Desktop\Black Eyed Peas - Meet Me Halfway.mp3 [2010/02/11 23:42:50 | 114,547,202 | ---- | M] () -- C:\Users\James\Desktop\Snog Marry Avoid - Series 3 - Episode 2.mp4 [2010/02/11 03:03:33 | 937,147,256 | ---- | M] () -- C:\Users\James\Desktop\Lord of the Rings Return of the King.avi [2010/02/11 02:13:38 | 835,975,602 | ---- | M] () -- C:\Users\James\Desktop\Lord of the Rings Two Towers.avi [2010/02/11 01:56:34 | 830,304,650 | ---- | M] () -- C:\Users\James\Desktop\Lord of the Rings Fellowship of the Ring.avi [2010/02/10 01:08:38 | 009,678,420 | ---- | M] () -- C:\Users\James\Desktop\Killing In The Name.mp3 [2010/02/10 01:07:39 | 000,047,764 | -HS- | M] () -- C:\Users\James\Desktop\AlbumArt_{8E6D4DC1-D9B1-4902-93DA-73304C1AC434}_Large.jpg [2010/02/10 01:07:39 | 000,009,018 | -HS- | M] () -- C:\Users\James\Desktop\AlbumArt_{8E6D4DC1-D9B1-4902-93DA-73304C1AC434}_Small.jpg [2010/02/09 21:26:05 | 000,002,439 | ---- | M] () -- C:\Users\James\Desktop\TVersity.lnk [2010/02/09 03:28:15 | 000,524,288 | -HS- | M] () -- C:\Users\James\ntuser.dat{6c57e31d-1525-11df-9c4c-001558941bea}.TMContainer00000000000000000002.regtrans-ms [2010/02/09 03:28:15 | 000,524,288 | -HS- | M] () -- C:\Users\James\ntuser.dat{6c57e31d-1525-11df-9c4c-001558941bea}.TMContainer00000000000000000001.regtrans-ms [2010/02/09 03:28:15 | 000,065,536 | -HS- | M] () -- C:\Users\James\ntuser.dat{6c57e31d-1525-11df-9c4c-001558941bea}.TM.blf [2010/02/08 13:40:46 | 000,000,362 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2010/02/07 16:28:38 | 000,105,784 | ---- | M] () -- C:\Users\James\AppData\Local\GDIPFONTCACHEV1.DAT [2010/02/07 08:20:23 | 000,415,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/02/07 04:20:19 | 000,000,020 | ---- | M] () -- C:\Windows\´ô) [2010/02/07 04:06:18 | 000,000,387 | ---- | M] () -- C:\Windows\win.ini [2010/02/06 04:09:49 | 000,016,462 | ---- | M] () -- C:\Users\James\.recently-used.xbel [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/02/15 20:17:20 | 000,000,939 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/02/15 04:07:08 | 183,513,092 | ---- | C] () -- C:\Users\James\Desktop\American Dad.S05E12.HDTV.XviD-P0W4.avi [2010/02/15 02:22:30 | 732,659,712 | ---- | C] () -- C:\Users\James\Desktop\Hardcore Homecoming cd2.avi [2010/02/14 23:25:18 | 367,445,106 | ---- | C] () -- C:\Users\James\Desktop\Lost.S06E03.HDTV.XviD-2HD.avi [2010/02/14 00:03:26 | 000,001,999 | ---- | C] () -- C:\Users\James\Desktop\HijackThis.lnk [2010/02/13 22:09:52 | 000,003,072 | ---- | C] () -- C:\Users\James\Desktop\KOS.html [2010/02/13 18:33:32 | 000,012,060 | -HS- | C] () -- C:\Users\James\Desktop\AlbumArt_{4D979741-89D4-4645-97FD-2CCB3DA078D9}_Large.jpg [2010/02/13 18:33:32 | 000,002,971 | -HS- | C] () -- C:\Users\James\Desktop\AlbumArt_{4D979741-89D4-4645-97FD-2CCB3DA078D9}_Small.jpg [2010/02/13 18:06:56 | 000,010,073 | -HS- | C] () -- C:\Users\James\Desktop\AlbumArt_{FF1D2E96-DE54-444F-B327-0339F70B3F0E}_Large.jpg [2010/02/13 18:06:55 | 000,002,614 | -HS- | C] () -- C:\Users\James\Desktop\AlbumArt_{FF1D2E96-DE54-444F-B327-0339F70B3F0E}_Small.jpg [2010/02/13 18:02:58 | 011,381,171 | ---- | C] () -- C:\Users\James\Desktop\Black Eyed Peas - Meet Me Halfway.mp3 [2010/02/11 23:39:44 | 114,547,202 | ---- | C] () -- C:\Users\James\Desktop\Snog Marry Avoid - Series 3 - Episode 2.mp4 [2010/02/10 01:07:39 | 000,047,764 | -HS- | C] () -- C:\Users\James\Desktop\AlbumArt_{8E6D4DC1-D9B1-4902-93DA-73304C1AC434}_Large.jpg [2010/02/10 01:07:39 | 000,012,060 | -HS- | C] () -- C:\Users\James\Desktop\Folder.jpg [2010/02/10 01:07:39 | 000,009,018 | -HS- | C] () -- C:\Users\James\Desktop\AlbumArt_{8E6D4DC1-D9B1-4902-93DA-73304C1AC434}_Small.jpg [2010/02/10 01:07:39 | 000,002,971 | -HS- | C] () -- C:\Users\James\Desktop\AlbumArtSmall.jpg [2010/02/10 00:12:29 | 937,147,256 | ---- | C] () -- C:\Users\James\Desktop\Lord of the Rings Return of the King.avi [2010/02/10 00:07:29 | 835,975,602 | ---- | C] () -- C:\Users\James\Desktop\Lord of the Rings Two Towers.avi [2010/02/09 23:58:29 | 830,304,650 | ---- | C] () -- C:\Users\James\Desktop\Lord of the Rings Fellowship of the Ring.avi [2010/02/09 21:26:05 | 000,002,439 | ---- | C] () -- C:\Users\James\Desktop\TVersity.lnk [2010/02/09 03:06:28 | 000,524,288 | -HS- | C] () -- C:\Users\James\ntuser.dat{6c57e31d-1525-11df-9c4c-001558941bea}.TMContainer00000000000000000002.regtrans-ms [2010/02/09 03:06:27 | 000,524,288 | -HS- | C] () -- C:\Users\James\ntuser.dat{6c57e31d-1525-11df-9c4c-001558941bea}.TMContainer00000000000000000001.regtrans-ms [2010/02/09 03:06:27 | 000,065,536 | -HS- | C] () -- C:\Users\James\ntuser.dat{6c57e31d-1525-11df-9c4c-001558941bea}.TM.blf [2010/02/07 04:20:16 | 000,000,020 | ---- | C] () -- C:\Windows\´ô) [2010/02/06 04:09:49 | 000,016,462 | ---- | C] () -- C:\Users\James\.recently-used.xbel [2010/02/06 03:59:04 | 000,449,520 | ---- | C] () -- C:\Users\James\Desktop\COPYdefault.dll [2010/02/06 00:24:07 | 000,181,760 | ---- | C] () -- C:\Windows\System32\AM-Install.exe [2009/12/26 19:26:22 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll [2009/10/31 22:34:45 | 000,007,609 | ---- | C] () -- C:\Users\James\AppData\Local\Resmon.ResmonCfg [2009/10/13 03:49:32 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009/10/13 03:49:32 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2009/10/08 17:52:16 | 000,000,398 | ---- | C] () -- C:\Windows\AudioConverter.INI [2009/10/05 02:36:52 | 000,000,067 | ---- | C] () -- C:\Windows\Easy Video to MP4 Converter.INI [2009/10/04 20:31:32 | 000,000,706 | ---- | C] () -- C:\Users\James\AppData\Roaming\medit.state [2009/10/04 02:22:59 | 000,008,704 | ---- | C] () -- C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/25 13:29:19 | 000,087,608 | ---- | C] () -- C:\Users\James\AppData\Roaming\inst.exe [2009/09/25 13:29:19 | 000,007,887 | ---- | C] () -- C:\Users\James\AppData\Roaming\pcouffin.cat [2009/09/25 13:29:19 | 000,001,144 | ---- | C] () -- C:\Users\James\AppData\Roaming\pcouffin.inf [2009/09/24 22:32:50 | 000,001,044 | ---- | C] () -- C:\Users\James\AppData\Roaming\vso_ts_preview.xml [2009/09/24 22:29:25 | 000,000,055 | ---- | C] () -- C:\Users\James\AppData\Roaming\pcouffin.log [2009/09/17 17:49:02 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll [2009/09/17 17:44:38 | 000,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll [2009/09/17 17:44:20 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll [2009/09/09 18:18:50 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2009/09/08 16:46:57 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI [2009/08/30 09:54:26 | 000,000,571 | ---- | C] () -- C:\Users\James\AppData\Roaming\AutoGK.ini [2009/08/17 21:15:39 | 000,000,017 | ---- | C] () -- C:\Users\James\AppData\Local\RT61_{9A838CD3-04F5-4B99-B7B1-3636F64E8628}_sta [2009/08/12 18:17:06 | 000,001,001 | ---- | C] () -- C:\Users\James\AppData\Local\RT61_{9A838CD3-04F5-4B99-B7B1-3636F64E8628}_wsc [2009/08/09 13:17:52 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini [2009/08/05 13:27:54 | 000,000,362 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/08/03 22:32:14 | 000,000,022 | ---- | C] () -- C:\Windows\pspvc_path.ini [2009/08/03 14:26:13 | 000,000,093 | ---- | C] () -- C:\Users\James\AppData\Local\fusioncache.dat [2009/08/03 02:37:22 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2009/07/13 23:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/05/08 09:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll [2009/04/30 15:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2009/01/25 21:10:48 | 000,179,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009/01/08 23:01:22 | 000,629,760 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008/07/26 13:42:52 | 000,066,482 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2002/10/15 22:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll [color=#E56717]========== LOP Check ==========[/color] [2010/01/13 19:06:02 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\abgx360 [2009/12/05 02:55:08 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\acccore [2009/12/27 15:35:24 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Amazon [2009/08/25 14:14:53 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1 [2009/12/27 15:37:27 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\DMCache [2010/02/01 18:02:36 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\gtk-2.0 [2009/11/10 16:28:36 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\ImgBurn [2009/10/05 02:20:50 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\ImTOO Software Studio [2010/01/31 01:28:32 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\K-Meleon [2009/09/21 21:14:32 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\KC Softwares [2009/10/04 20:31:32 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\medit [2009/08/03 15:11:29 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Megaupload [2010/01/14 21:27:06 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Microgaming [2009/10/19 00:20:23 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Opera [2009/10/01 22:38:56 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Stardock [2009/09/27 20:04:03 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Thinstall [2010/01/10 02:53:21 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Uniblue [2010/02/15 22:44:55 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\uTorrent [2009/10/26 18:52:13 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Vso [2010/01/06 23:57:57 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\X-Chat 2 [2009/09/25 09:35:29 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Yamb [2009/10/26 18:41:28 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [2009/12/31 07:46:23 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2009/10/26 18:40:05 | 000,002,460 | ---- | M] () -- C:\aaw7boot.log [2010/01/09 20:24:34 | 000,000,122 | ---- | M] () -- C:\aswBoot.log [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/06/10 21:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2010/02/15 22:46:42 | 2012,078,080 | -HS- | M] () -- C:\hiberfil.sys [2009/08/03 12:42:32 | 000,000,132 | ---- | M] () -- C:\httpdwl.dat [2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe [2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2009/08/03 02:26:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/12/05 02:52:58 | 000,000,348 | -H-- | M] () -- C:\IPH.PH [2009/08/03 02:26:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010/02/15 22:46:43 | 2682,773,504 | -HS- | M] () -- C:\pagefile.sys [2009/08/07 20:36:05 | 000,000,685 | ---- | M] () -- C:\Status_Log.txt [2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI [2010/02/13 22:56:35 | 000,000,138 | ---- | M] () -- C:\VundoFix.txt [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2009/07/14 01:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 01:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys [2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/07/14 01:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll [2009/07/14 01:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys [2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2009/07/14 01:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll [2009/07/14 01:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [color=#A23BEC]< c:\windows\system32\*.dll /lockedfiles >[/color] [2009/08/18 01:37:02 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ATIDEMGX.dll [2009/07/14 01:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\wsock32.dll [color=#A23BEC]< c:\windows\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] < End of report >