OTL logfile created on: 10/12/2010 00:16:58 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\rusty39\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 767.00 Mb Total Physical Memory | 202.00 Mb Available Physical Memory | 26.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 137.05 Gb Total Space | 105.63 Gb Free Space | 77.08% Space Free | Partition Type: NTFS Drive E: | 76.32 Gb Total Space | 72.70 Gb Free Space | 95.26% Space Free | Partition Type: NTFS Drive F: | 7.84 Mb Total Space | 4.30 Mb Free Space | 54.81% Space Free | Partition Type: NTFS Computer Name: CHRISTINES | User Name: rusty39 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/12/10 00:16:28 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\rusty39\Desktop\OTL.exe PRC - [2010/11/29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2010/11/29 17:42:14 | 000,443,728 | ---- | M] (Malwarebytes Corporation) -- C:\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2010/06/28 14:23:54 | 000,061,440 | ---- | M] (Smart PC Utilities, Ltd.) -- C:\Program Files\Smart PC Utilities\Vista Services Optimizer\QuickControl.exe PRC - [2010/04/19 13:47:26 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2010/04/19 13:45:44 | 001,050,440 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2009/09/11 07:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009/09/11 07:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/09/30 21:25:38 | 001,699,784 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/12/10 00:16:28 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\rusty39\Desktop\OTL.exe MOD - [2010/08/31 15:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/12/08 23:06:41 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010/11/29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010/05/17 12:11:40 | 000,229,376 | ---- | M] (Puran Software) [On_Demand | Stopped] -- C:\Windows\System32\PuranDefragS.exe -- (PuranDefrag) SRV - [2010/04/28 06:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010/04/19 13:45:44 | 001,050,440 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010/04/19 13:42:36 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/09/11 07:33:18 | 000,020,680 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009/09/11 07:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009/08/10 14:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2008/09/30 21:25:38 | 001,699,784 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [On_Demand | Running] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService) SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010/07/10 05:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010/02/25 11:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009/09/11 07:26:28 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2009/09/11 07:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009/09/11 07:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon) DRV - [2009/08/07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA) DRV - [2009/08/05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2009/04/11 04:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM) DRV - [2008/01/30 10:34:20 | 002,058,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/01/21 02:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/21 02:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/21 02:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/21 02:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/21 02:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/21 02:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/21 02:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/21 02:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/21 02:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/21 02:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008/01/21 02:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/21 02:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/21 02:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/21 02:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/21 02:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/21 02:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/21 02:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/21 02:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/21 02:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/21 02:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/21 02:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/10/31 10:23:22 | 000,124,960 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32) DRV - [2007/10/31 10:23:20 | 000,115,744 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32) DRV - [2007/10/12 14:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2007/04/10 21:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000) DRV - [2006/11/02 09:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 09:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 09:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 09:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 09:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 09:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 09:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 09:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 09:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 09:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 09:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 08:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 08:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 08:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 08:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 08:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 08:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 07:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 07:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2005/09/10 09:40:28 | 000,534,784 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Bs350u2.sys -- (Cam5603C) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.koower.com/ IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB0.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.alot.com/?client_id=AC57540001CB2F291A20C2CB&install_time=2010-07-29T14:24:00Z&src_id=11719&camp_id=38&tb_version=2.5.12000.509 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 E8 24 55 38 FF CA 01 [binary data] IE - HKCU\..\URLSearchHook: {d70f2de6-51e2-42d4-9077-4ca06cafc836} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/12/05 15:56:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009/11/24 13:06:12 | 000,000,000 | ---D | M] [2008/06/30 12:44:08 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll [2008/03/24 19:21:20 | 002,889,088 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll () O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll (Vertro) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Virgin Media Toolbar) - {A057A204-BACC-4D26-CFC3-3CECC9AB2EDA} - C:\Program Files\virginmediatoolbar\virginmediatoolbar.dll ([[[COMPANYNAME]]]----------------------------) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.) O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB0.dll (Conduit Ltd.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll () O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Vertro) O3 - HKLM\..\Toolbar: (Virgin Media Toolbar) - {A057A204-BACC-4D26-CFC3-3CECC9AB2EDA} - C:\Program Files\virginmediatoolbar\virginmediatoolbar.dll ([[[COMPANYNAME]]]----------------------------) O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Virgin Media Toolbar) - {A057A204-BACC-4D26-CFC3-3CECC9AB2EDA} - C:\Program Files\virginmediatoolbar\virginmediatoolbar.dll ([[[COMPANYNAME]]]----------------------------) O3 - HKCU\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Program Files\myBabylon_English\tbmyB0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) O4 - HKCU..\Run: [Vista Services Optimizer] C:\Program Files\Smart PC Utilities\Vista Services Optimizer\QuickControl.exe (Smart PC Utilities, Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: localhost ([]http in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {FD0EBBED-0C42-4D0F-82DA-44399B5C420A} http://downloads.virginmedia.com/CST/ver1/vistainstaller.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\rusty39\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\rusty39\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010/12/08 20:57:25 | 000,048,904 | ---- | M] () - C:\autoruns.chm -- [ NTFS ] O32 - AutoRun File - [2010/12/08 20:57:25 | 000,731,000 | ---- | M] (Sysinternals - www.sysinternals.com) - C:\autoruns.exe -- [ NTFS ] O32 - AutoRun File - [2010/12/08 20:57:25 | 000,595,832 | ---- | M] (Sysinternals - www.sysinternals.com) - C:\autorunsc.exe -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\PROGRA~1\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE - File not found MsConfig - StartUpFolder: C:^Users^rusty39^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk - C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe - () MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]BJCFD[/b] - hkey= - key= - C:\Program Files\BroadJump\Client Foundation\CFD.exe () MsConfig - StartUpReg: [b]Carbonite Backup[/b] - hkey= - key= - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) MsConfig - StartUpReg: [b]ehTray.exe[/b] - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]Google Desktop Search[/b] - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe File not found MsConfig - StartUpReg: [b]Hiyo[/b] - hkey= - key= - C:\Program Files\HiYo\bin\HiYo.exe (IncrediMail, Ltd.) MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) MsConfig - StartUpReg: [b]SmpcSys[/b] - hkey= - key= - C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: [b]SweetIM[/b] - hkey= - key= - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) MsConfig - StartUpReg: [b]toolbar_eula_launcher[/b] - hkey= - key= - C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( ) MsConfig - StartUpReg: [b]VX1000[/b] - hkey= - key= - C:\Windows\vVX1000.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]Windows Defender[/b] - hkey= - key= - File not found MsConfig - State: "startup" - 1 MsConfig - State: "services" - 2 MsConfig - State: "bootini" - 2 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3 ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/12/10 00:16:28 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\rusty39\Desktop\OTL.exe [2010/12/09 22:23:13 | 000,000,000 | -HSD | C] -- C:\found.000 [2010/12/09 22:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\Smart PC Utilities [2010/12/09 22:13:02 | 000,000,000 | ---D | C] -- C:\Users\rusty39\AppData\Roaming\Smart PC Utilities [2010/12/09 21:15:33 | 000,000,000 | ---D | C] -- C:\Users\rusty39\AppData\Local\Smart_PC_Utilities,_Ltd [2010/12/09 21:13:50 | 000,000,000 | ---D | C] -- C:\Users\rusty39\Documents\Smart PC Utilities [2010/12/09 17:36:51 | 000,000,000 | ---D | C] -- C:\Users\rusty39\AppData\Roaming\Malwarebytes [2010/12/09 17:36:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/12/09 17:36:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/09 17:36:39 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware [2010/12/09 12:21:45 | 000,000,000 | ---D | C] -- C:\TweakUAC [2010/12/08 23:53:43 | 001,110,016 | ---- | C] (Puran Software) -- C:\Windows\System32\PuranFD.exe [2010/12/08 23:53:43 | 000,229,376 | ---- | C] (Puran Software) -- C:\Windows\System32\PuranDefragS.exe [2010/12/08 23:53:43 | 000,221,184 | ---- | C] (Puran Software) -- C:\Windows\System32\PuranDC.exe [2010/12/08 23:53:43 | 000,212,992 | ---- | C] (Puran Software) -- C:\Windows\System32\PuranDefrag.dll [2010/12/08 23:53:43 | 000,107,008 | ---- | C] (Puran Software) -- C:\Windows\System32\PuranDefragBT.exe [2010/12/08 23:53:42 | 000,000,000 | ---D | C] -- C:\Puran Defrag [2010/12/08 23:06:42 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2010/12/08 23:06:42 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2010/12/08 23:06:42 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2010/12/08 23:05:44 | 000,000,000 | ---D | C] -- C:\Users\rusty39\AppData\Roaming\TuneUp Software [2010/12/08 23:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010 [2010/12/08 23:04:54 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2010/12/08 23:04:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010/12/08 23:01:31 | 000,000,000 | ---D | C] -- C:\SpywareBlaster [2010/12/08 20:52:40 | 000,000,000 | ---D | C] -- C:\Users\rusty39\Desktop\Cleanup Tools [2010/12/08 20:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/12/08 17:39:53 | 000,000,000 | ---D | C] -- C:\Windows\pss [2010/12/08 17:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010/12/08 17:04:54 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2010/12/08 16:20:47 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp [2010/12/08 16:20:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2010/12/08 16:20:03 | 000,000,000 | --SD | C] -- C:\SiSoftware Sandra Lite 2011b [2010/12/05 15:55:37 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2010/11/24 10:44:50 | 000,731,000 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\autoruns.exe [2010/11/24 10:44:46 | 000,595,832 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\autorunsc.exe [2009/06/07 20:19:02 | 000,106,496 | ---- | C] ( ) -- C:\Windows\System32\VM_1.dll [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/12/10 00:19:53 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FBB76229-1519-440F-9DB3-399C9B118F65}.job [2010/12/10 00:19:53 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{08B70F37-DB8A-4D96-9ABC-0E80FA09D91D}.job [2010/12/10 00:16:28 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\rusty39\Desktop\OTL.exe [2010/12/10 00:14:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/12/09 23:09:07 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/12/09 23:09:07 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/12/09 23:04:38 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/12/09 23:04:38 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/12/09 23:04:32 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/12/09 23:04:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/12/09 22:24:59 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\WebUpdate.job [2010/12/09 22:14:06 | 000,002,229 | ---- | M] () -- C:\Users\Public\Desktop\Vista Services Optimizer.lnk [2010/12/09 19:32:42 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010/12/09 19:32:41 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010/12/09 19:30:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-rusty39.job [2010/12/09 17:36:44 | 000,000,621 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/09 17:00:02 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Program Check.job [2010/12/09 13:18:11 | 000,002,662 | ---- | M] () -- C:\Users\rusty39\Documents\cc_20101209_131807.reg [2010/12/09 13:04:37 | 000,013,046 | ---- | M] () -- C:\Users\rusty39\Documents\cc_20101209_130434.reg [2010/12/08 23:06:39 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2010/12/08 23:06:39 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk [2010/12/08 23:01:33 | 000,000,609 | ---- | M] () -- C:\Users\rusty39\Desktop\SpywareBlaster.lnk [2010/12/08 22:50:38 | 000,004,116 | ---- | M] () -- C:\Users\rusty39\Documents\cc_20101208_225034.reg [2010/12/08 20:57:25 | 000,731,000 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\autoruns.exe [2010/12/08 20:57:25 | 000,595,832 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\autorunsc.exe [2010/12/08 20:57:25 | 000,048,904 | ---- | M] () -- C:\autoruns.chm [2010/12/08 20:49:55 | 000,084,076 | ---- | M] () -- C:\Users\rusty39\Documents\cc_20101208_204936.reg [2010/12/08 18:39:17 | 000,049,152 | ---- | M] () -- C:\Windows\SPInstall.etl [2010/12/08 17:31:30 | 000,295,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/12/08 16:38:16 | 010,973,184 | ---- | M] () -- C:\ProgramData\sandra.mda [2010/12/06 19:14:21 | 000,000,194 | ---- | M] () -- C:\Users\rusty39\Desktop\Lloyds TSB - Internet Banking.url [2010/12/05 16:58:29 | 000,022,528 | ---- | M] () -- C:\Users\rusty39\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/05 15:57:03 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2010/12/05 15:55:37 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2010/12/05 07:09:59 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\SpeedyPC.job [2010/12/04 09:16:00 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/12/02 09:41:26 | 000,000,226 | ---- | M] () -- C:\Users\rusty39\Desktop\Sign in - Account - Virgin Media (2).url [2010/11/30 17:02:07 | 000,000,222 | ---- | M] () -- C:\Users\rusty39\Desktop\Past Life Therapists.url [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/11/22 08:31:10 | 000,000,172 | ---- | M] () -- C:\Users\rusty39\Desktop\Amazon.co.uk low prices in Electronics, Books, Music, DVDs & more.url [2010/11/19 09:57:15 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/12/09 22:14:06 | 000,002,229 | ---- | C] () -- C:\Users\Public\Desktop\Vista Services Optimizer.lnk [2010/12/09 22:14:00 | 000,000,402 | ---- | C] () -- C:\Windows\tasks\WebUpdate.job [2010/12/09 17:36:44 | 000,000,621 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/09 13:18:09 | 000,002,662 | ---- | C] () -- C:\Users\rusty39\Documents\cc_20101209_131807.reg [2010/12/09 13:04:36 | 000,013,046 | ---- | C] () -- C:\Users\rusty39\Documents\cc_20101209_130434.reg [2010/12/08 23:06:39 | 000,001,868 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2010/12/08 23:06:39 | 000,001,868 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk [2010/12/08 23:01:33 | 000,000,609 | ---- | C] () -- C:\Users\rusty39\Desktop\SpywareBlaster.lnk [2010/12/08 22:50:36 | 000,004,116 | ---- | C] () -- C:\Users\rusty39\Documents\cc_20101208_225034.reg [2010/12/08 20:49:41 | 000,084,076 | ---- | C] () -- C:\Users\rusty39\Documents\cc_20101208_204936.reg [2010/12/08 18:03:38 | 000,049,152 | ---- | C] () -- C:\Windows\SPInstall.etl [2010/12/08 17:34:16 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010/12/08 17:34:12 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010/12/08 16:20:07 | 010,973,184 | ---- | C] () -- C:\ProgramData\sandra.mda [2010/12/05 15:57:03 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2010/11/30 17:02:06 | 000,000,222 | ---- | C] () -- C:\Users\rusty39\Desktop\Past Life Therapists.url [2010/03/10 17:03:06 | 000,076,407 | ---- | C] () -- C:\Users\rusty39\AppData\Roaming\Smiley.ico [2009/11/23 14:42:33 | 000,005,200 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini [2009/10/20 17:00:19 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/09/29 11:18:00 | 000,000,181 | ---- | C] () -- C:\Windows\cdplayer.ini [2009/08/27 13:40:24 | 000,001,356 | ---- | C] () -- C:\Users\rusty39\AppData\Local\d3d9caps.dat [2009/08/05 17:38:22 | 000,022,528 | ---- | C] () -- C:\Users\rusty39\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/05 17:23:14 | 000,000,132 | ---- | C] () -- C:\Users\rusty39\AppData\Roaming\wklnhst.dat [2009/08/05 16:32:06 | 000,024,206 | ---- | C] () -- C:\Users\rusty39\AppData\Roaming\UserTile.png [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2007/04/10 21:46:52 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini [2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2003/09/22 11:49:36 | 000,015,190 | ---- | C] () -- C:\Windows\M1000Twn.ini [color=#E56717]========== LOP Check ==========[/color] [2009/11/09 20:43:12 | 000,000,000 | ---D | M] -- C:\Users\rusty39\AppData\Roaming\alot [2010/02/27 13:54:04 | 000,000,000 | ---D | M] -- C:\Users\rusty39\AppData\Roaming\Amazon [2009/10/11 10:13:38 | 000,000,000 | ---D | M] -- C:\Users\rusty39\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1 [2010/03/19 17:28:31 | 000,000,000 | ---D | M] -- C:\Users\rusty39\AppData\Roaming\bearsharemediabartb [2010/04/25 11:33:32 | 000,000,000 | ---D | M] -- C:\Users\rusty39\AppData\Roaming\HiYo [2009/08/03 15:33:34 | 000,000,000 | ---D | M] -- C:\Users\rusty39\AppData\Roaming\Packard Bell [2010/12/09 22:13:02 | 000,000,000 | ---D | M] -- C:\Users\rusty39\AppData\Roaming\Smart PC Utilities [2009/11/01 06:05:45 | 000,000,000 | ---D | M] -- C:\Users\rusty39\AppData\Roaming\Template [2010/12/08 23:05:44 | 000,000,000 | ---D | M] -- C:\Users\rusty39\AppData\Roaming\TuneUp Software [2010/12/09 19:30:00 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-rusty39.job [2010/12/09 23:03:38 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/12/09 17:00:02 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Program Check.job [2010/12/05 07:09:59 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC.job [2010/12/10 00:19:53 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{08B70F37-DB8A-4D96-9ABC-0E80FA09D91D}.job [2010/12/10 00:19:53 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{FBB76229-1519-440F-9DB3-399C9B118F65}.job [2010/12/09 22:24:59 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\WebUpdate.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:D1B5B4F1 < End of report >