OTL logfile created on: 20/04/2010 00:08:02 - Run 1 OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\Dad\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free 6.00 Gb Paging File | 4.00 Gb Available in Paging File | 66.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 581.13 Gb Total Space | 234.86 Gb Free Space | 40.41% Space Free | Partition Type: NTFS Drive D: | 15.00 Gb Total Space | 4.45 Gb Free Space | 29.70% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: | 1396.92 Gb Total Space | 1195.63 Gb Free Space | 85.59% Space Free | Partition Type: FAT32 Computer Name: DAD-PC Current User Name: Dad Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/04/20 00:05:27 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Dad\Desktop\OTL.exe PRC - [2010/04/14 17:47:08 | 002,790,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/04/14 17:47:05 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/02/03 15:38:38 | 011,136,360 | ---- | M] (GARMIN Corp.) -- C:\Garmin\ANT Agent\ANT Agent.exe PRC - [2010/01/27 01:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe PRC - [2009/11/23 16:00:31 | 000,095,232 | ---- | M] () -- C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe PRC - [2009/11/13 17:18:51 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Dad\Program Files\DNA\btdna.exe PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/10/30 07:50:54 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/07/14 02:14:23 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\mcGlidHost.exe PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/05/15 18:27:08 | 000,077,824 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe PRC - [2009/05/15 18:27:06 | 000,888,832 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe PRC - [2009/05/15 18:26:56 | 000,094,208 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe PRC - [2009/02/06 18:21:00 | 000,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2009/01/08 10:42:30 | 000,409,727 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe PRC - [2009/01/08 10:38:46 | 004,136,960 | ---- | M] () -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe PRC - [2008/12/28 09:03:49 | 000,239,216 | ---- | M] () -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe PRC - [2007/12/21 02:19:18 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2007/12/21 01:30:30 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe PRC - [2007/09/12 09:40:46 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe PRC - [2007/09/12 09:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe PRC - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe PRC - [2007/07/31 20:02:22 | 000,151,552 | ---- | M] (Dell, Inc) -- C:\Program Files\Dell\Xcelerator\bin\ehLumaQuarkD.exe PRC - [2007/07/26 20:03:46 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007/07/26 20:03:44 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007/06/27 11:18:40 | 000,215,256 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe PRC - [2007/06/27 11:18:20 | 000,293,080 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe PRC - [2007/06/27 11:18:08 | 000,223,448 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe PRC - [2007/06/27 11:17:26 | 000,272,600 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe PRC - [2007/06/27 11:14:46 | 000,317,656 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe PRC - [2007/06/27 11:14:40 | 000,439,512 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe PRC - [2007/03/15 13:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe PRC - [2007/02/13 12:43:38 | 000,715,568 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2007/02/12 12:46:34 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe PRC - [2006/11/27 10:14:52 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe PRC - [2006/11/08 16:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\ico.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/04/20 00:05:27 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Dad\Desktop\OTL.exe MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/04/14 17:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/04/14 17:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/04/14 17:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009/10/30 07:50:54 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-093009-130223) SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV) SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/01/08 10:38:46 | 004,136,960 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (WiselinkPro) SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) SRV - [2007/12/21 01:48:42 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2007/12/21 01:30:30 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service) SRV - [2007/09/12 09:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0) SRV - [2007/07/26 20:03:46 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2007/06/27 11:18:08 | 000,223,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService) Intel(R) SRV - [2007/06/27 11:17:26 | 000,272,600 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe -- (QualityManager) Intel(R) SRV - [2007/06/27 11:17:12 | 000,446,680 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service) Intel(R) SRV - [2007/06/27 11:16:02 | 000,157,912 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL) Intel(R) SRV - [2007/06/27 11:15:28 | 000,039,640 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe -- (DHTRACE) Intel(R) SRV - [2007/06/27 11:15:14 | 000,059,096 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -- (ISSM) Intel(R) SRV - [2007/06/27 11:14:46 | 000,317,656 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe -- (NMSCore) Intel(R) SRV - [2007/06/27 11:13:56 | 000,268,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server) Intel(R) Viiv(TM) SRV - [2007/03/19 13:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService) SRV - [2007/02/12 12:46:34 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: 91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2009/11/19 07:00:40 | 000,356,726 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 12237 more lines... O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll File not found O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [Bluetooth HCI Monitor] C:\Windows\System32\HCIMNTR.DLL (Logitech Inc.) O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation) O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( ) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation) O4 - HKLM..\Run: [PMX Daemon] C:\Windows\System32\ico.exe (Primax Electronics Ltd.) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd) O4 - HKCU..\Run: [ANT Agent] C:\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.) O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Dad\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.) O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () O4 - Startup: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe (Clarus, Inc.) O4 - Startup: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.) O4 - Startup: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: bupa.co.uk ([www.bupacouk.bwa.uat.internal] http in Trusted sites) O15 - HKCU\..Trusted Domains: garmin.com ([connect] http in Trusted sites) O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Domains: military.com ([shock] http in Trusted sites) O15 - HKCU\..Trusted Domains: romsite.net ([www] http in Trusted sites) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class) O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.euro.dell.com/systemprofiler/SysProExe.CAB (WMI Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futuremark.com/virtualmark/tc/FMSI.cab (Futuremark SystemInfo) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClient Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll () O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O24 - Desktop WallPaper: C:\Windows\web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\web\Wallpaper\img24.jpg O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009/02/27 01:57:36 | 000,000,120 | ---- | M] () - J:\Autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2009/07/14 03:37:08 | 000,000,000 | ---D | M] NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation) [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2010/04/20 00:05:23 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\Dad\Desktop\OTL.exe [2010/04/18 21:55:33 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010/04/18 21:50:18 | 000,162,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/04/18 21:50:18 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/04/18 21:50:17 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/04/18 21:50:17 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/04/18 21:50:17 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/04/18 21:49:48 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/04/18 21:49:48 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/04/18 21:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2010/04/18 21:49:45 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010/04/18 21:34:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/04/18 21:34:33 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/04/18 21:34:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/04/18 21:33:50 | 005,918,768 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Dad\Desktop\mbam-setup.exe [2010/04/18 21:04:04 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010/04/18 21:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2010/04/18 21:02:07 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Dad\Desktop\erunt_setup.exe [2010/04/18 20:52:54 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\Dad\Desktop\TFC.exe [2010/04/18 20:30:58 | 000,000,000 | ---D | C] -- C:\Users\Dad\AppData\Local\VS Revo Group [2010/04/18 20:30:55 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys [2010/04/18 20:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2010/04/15 19:38:43 | 000,000,000 | ---D | C] -- C:\Users\Dad\AppData\Roaming\Avira [2010/04/15 19:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010/04/15 19:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/04/13 18:24:51 | 000,000,000 | ---D | C] -- C:\Users\Dad\AppData\Roaming\BitDefender [2010/04/13 18:24:42 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender [2010/04/13 18:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender [2010/04/13 18:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender [2010/04/13 06:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Clean Expert [2010/04/08 20:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2010/04/08 20:25:06 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager [2010/04/07 19:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center [2009/04/29 22:05:17 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Dad\HJTInstall.exe [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2010/04/20 00:09:51 | 043,778,048 | -HS- | M] () -- C:\Users\Dad\ntuser.dat [2010/04/20 00:05:27 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Dad\Desktop\OTL.exe [2010/04/19 23:49:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/04/19 18:49:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/04/19 07:18:31 | 000,284,915 | ---- | M] () -- C:\Users\Dad\Desktop\gmer.zip [2010/04/18 21:50:18 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/04/18 21:50:17 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/04/18 21:47:55 | 048,417,032 | ---- | M] () -- C:\Users\Dad\Desktop\setup_av_free.exe [2010/04/18 21:34:38 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/04/18 21:33:56 | 005,918,768 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dad\Desktop\mbam-setup.exe [2010/04/18 21:14:23 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/04/18 21:14:23 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/04/18 21:11:35 | 000,001,097 | ---- | M] () -- C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk [2010/04/18 21:07:18 | 000,000,430 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2010/04/18 21:07:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/04/18 21:07:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/04/18 21:06:46 | 2414,284,800 | -HS- | M] () -- C:\hiberfil.sys [2010/04/18 21:06:10 | 002,798,966 | -H-- | M] () -- C:\Users\Dad\AppData\Local\IconCache.db [2010/04/18 21:03:37 | 000,000,932 | ---- | M] () -- C:\Users\Dad\Desktop\NTREGOPT.lnk [2010/04/18 21:03:37 | 000,000,913 | ---- | M] () -- C:\Users\Dad\Desktop\ERUNT.lnk [2010/04/18 21:02:17 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Dad\Desktop\erunt_setup.exe [2010/04/18 20:52:55 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\Dad\Desktop\TFC.exe [2010/04/18 20:48:10 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk [2010/04/18 20:30:56 | 000,001,164 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2010/04/17 11:57:23 | 000,727,362 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/04/17 11:57:23 | 000,627,974 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/04/17 11:57:23 | 000,111,414 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/04/16 20:58:28 | 000,524,288 | -HS- | M] () -- C:\Users\Dad\ntuser.dat{c68bd4b9-4983-11df-a516-00064f65c95b}.TMContainer00000000000000000002.regtrans-ms [2010/04/16 20:58:28 | 000,524,288 | -HS- | M] () -- C:\Users\Dad\ntuser.dat{c68bd4b9-4983-11df-a516-00064f65c95b}.TMContainer00000000000000000001.regtrans-ms [2010/04/16 20:58:28 | 000,065,536 | -HS- | M] () -- C:\Users\Dad\ntuser.dat{c68bd4b9-4983-11df-a516-00064f65c95b}.TM.blf [2010/04/14 17:47:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/04/14 17:47:03 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/04/14 17:35:47 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/04/14 17:35:25 | 000,162,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/04/14 17:31:39 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/04/14 17:31:23 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/04/14 17:31:01 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/04/13 06:38:48 | 022,120,925 | ---- | M] () -- C:\Users\Dad\Documents\regback.cab [2010/04/07 20:53:53 | 000,000,036 | ---- | M] () -- C:\Users\Dad\AppData\Local\housecall.guid.cache [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/04/19 07:18:29 | 000,284,915 | ---- | C] () -- C:\Users\Dad\Desktop\gmer.zip [2010/04/18 21:50:18 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/04/18 21:47:53 | 048,417,032 | ---- | C] () -- C:\Users\Dad\Desktop\setup_av_free.exe [2010/04/18 21:34:38 | 000,001,017 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/04/18 21:03:37 | 000,000,932 | ---- | C] () -- C:\Users\Dad\Desktop\NTREGOPT.lnk [2010/04/18 21:03:37 | 000,000,913 | ---- | C] () -- C:\Users\Dad\Desktop\ERUNT.lnk [2010/04/18 20:47:46 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk [2010/04/18 20:30:56 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2010/04/16 20:58:27 | 000,524,288 | -HS- | C] () -- C:\Users\Dad\ntuser.dat{c68bd4b9-4983-11df-a516-00064f65c95b}.TMContainer00000000000000000002.regtrans-ms [2010/04/16 20:58:26 | 000,524,288 | -HS- | C] () -- C:\Users\Dad\ntuser.dat{c68bd4b9-4983-11df-a516-00064f65c95b}.TMContainer00000000000000000001.regtrans-ms [2010/04/16 20:58:26 | 000,065,536 | -HS- | C] () -- C:\Users\Dad\ntuser.dat{c68bd4b9-4983-11df-a516-00064f65c95b}.TM.blf [2010/04/13 06:38:48 | 022,120,925 | ---- | C] () -- C:\Users\Dad\Documents\regback.cab [2010/04/07 20:53:53 | 000,000,036 | ---- | C] () -- C:\Users\Dad\AppData\Local\housecall.guid.cache [2010/01/26 17:20:55 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI [2009/12/22 12:55:23 | 000,007,680 | ---- | C] () -- C:\Users\Dad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/11/25 23:49:11 | 000,000,020 | -HS- | C] () -- C:\Users\Dad\ntuser.ini [2009/11/25 21:16:27 | 000,524,288 | -HS- | C] () -- C:\Users\Dad\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2009/11/25 21:16:27 | 000,524,288 | -HS- | C] () -- C:\Users\Dad\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2009/11/25 21:16:27 | 000,262,144 | -HS- | C] () -- C:\Users\Dad\ntuser.dat.LOG1 [2009/11/25 21:16:27 | 000,065,536 | -HS- | C] () -- C:\Users\Dad\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2009/11/25 21:16:27 | 000,000,000 | -HS- | C] () -- C:\Users\Dad\ntuser.dat.LOG2 [2009/11/25 21:16:26 | 043,778,048 | -HS- | C] () -- C:\Users\Dad\ntuser.dat [2009/11/06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009/10/31 11:15:52 | 000,004,454 | ---- | C] () -- C:\Windows\wininit.ini [2009/09/24 03:51:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/05/23 21:38:57 | 000,205,824 | ---- | C] () -- C:\Windows\patchw32.dll [2009/05/23 21:37:10 | 000,205,824 | ---- | C] () -- C:\Windows\System32\pw32a.dll [2009/05/23 21:37:10 | 000,205,824 | ---- | C] () -- C:\Windows\pw32a.dll [2009/04/30 15:45:54 | 000,135,985 | ---- | C] () -- C:\Users\Dad\MTS2_Dicreasy_608560_Dicreasyeyes2.rar [2009/03/11 20:40:25 | 003,903,063 | ---- | C] () -- C:\Users\Dad\English_Version3.07.rar [2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008/08/05 20:22:01 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008/06/11 18:02:09 | 000,022,328 | ---- | C] () -- C:\Users\Dad\AppData\Roaming\PnkBstrK.sys [2008/05/31 20:17:31 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2008/01/04 11:56:30 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2007/12/21 09:12:50 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll [2007/12/21 01:31:03 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll [2007/12/21 01:31:03 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll [2007/12/21 01:31:03 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini [2007/12/21 01:29:44 | 000,131,062 | ---- | C] () -- C:\Windows\System32\DellPM.ini [2007/02/13 12:14:18 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006/06/23 11:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll [2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI [2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2009/12/27 09:51:04 | 000,000,000 | ---D | M] -- C:\Users\Dad\AppData\Roaming\ABCMedia [2010/04/16 20:41:15 | 000,000,000 | ---D | M] -- C:\Users\Dad\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1 [2010/04/13 18:24:51 | 000,000,000 | ---D | M] -- C:\Users\Dad\AppData\Roaming\BitDefender [2010/04/16 20:44:06 | 000,000,000 | ---D | M] -- C:\Users\Dad\AppData\Roaming\BitTorrent [2010/04/20 00:04:11 | 000,000,000 | ---D | M] -- C:\Users\Dad\AppData\Roaming\DNA [2009/12/14 09:16:27 | 000,000,000 | ---D | M] -- C:\Users\Dad\AppData\Roaming\GARMIN [2010/04/16 20:44:06 | 000,000,000 | ---D | M] -- C:\Users\Dad\AppData\Roaming\ICAClient [2010/04/16 20:41:17 | 000,000,000 | ---D | M] -- C:\Users\Dad\AppData\Roaming\Juniper Networks [2010/04/16 20:44:08 | 000,000,000 | ---D | M] -- C:\Users\Dad\AppData\Roaming\My Battle for Middle-earth(tm) II Files [2010/04/16 20:41:22 | 000,000,000 | ---D | M] -- C:\Users\Dad\AppData\Roaming\ubi.com [2009/12/09 15:03:22 | 000,026,404 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2007/08/29 09:56:54 | 000,305,688 | ---- | M] (Intel Corporation) MD5=BDC361489A7F22E568060FA6FB3C960E -- C:\Drivers\storage\R165147\IaStor.sys [2007/07/26 20:02:44 | 000,305,688 | ---- | M] (Intel Corporation) MD5=BDC361489A7F22E568060FA6FB3C960E -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys [2007/08/29 09:56:54 | 000,305,688 | ---- | M] (Intel Corporation) MD5=BDC361489A7F22E568060FA6FB3C960E -- C:\Windows\System32\drivers\iaStor.sys [2007/08/29 09:56:54 | 000,305,688 | ---- | M] (Intel Corporation) MD5=BDC361489A7F22E568060FA6FB3C960E -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_bb085c9426a41326\iaStor.sys [2007/08/29 09:56:54 | 000,305,688 | ---- | M] (Intel Corporation) MD5=BDC361489A7F22E568060FA6FB3C960E -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_x86_neutral_820eef1d32cc056c\iaStor.sys [2007/07/26 20:03:14 | 000,381,976 | ---- | M] (Intel Corporation) MD5=D4E95DA8351AA16E627AE968FB77E6D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll [color=#A23BEC]< MD5 for: NVRAID.SYS >[/color] [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtmsft.dll [2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtrans.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /90 >[/color] [2010/04/14 17:31:01 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/04/14 17:31:23 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/04/14 17:31:39 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/04/14 17:35:25 | 000,162,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/04/14 17:35:47 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/02/27 08:32:05 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys [2010/02/27 08:32:26 | 000,221,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys [2010/02/27 08:32:12 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys [2010/03/13 20:12:00 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys < End of report >