OTL logfile created on: 10/9/2011 4:00:06 PM - Run 1 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Administrator\Desktop 64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 2.96 Gb Available Physical Memory | 74.13% Memory free 12.26 Gb Paging File | 11.55 Gb Available in Paging File | 94.24% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 596.17 Gb Total Space | 404.61 Gb Free Space | 67.87% Space Free | Partition Type: NTFS Drive D: | 697.65 Gb Total Space | 491.83 Gb Free Space | 70.50% Space Free | Partition Type: NTFS Computer Name: USER-14D1B69C21 | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe (Cyber Power Systems, Inc.) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Program Files\AVAST Software\Avast\defs\11100901\algo.dll () MOD - C:\Program Files\AVAST Software\Avast\defs\11100901\aswRep.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll () [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:[b]64bit:[/b] - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ppped) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe (Cyber Power Systems, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (helpsvc) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe (Microsoft Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:[b]64bit:[/b] - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (vde4odkz) -- C:\WINDOWS\SysWOW64\Drivers\vde4odkz.sys () DRV - (uze4odkz) -- C:\WINDOWS\SysWOW64\Drivers\uze4odkz.sys () DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) Server 2003 DDK provider) DRV - (ASTRA64) -- C:\Program Files (x86)\ASTRA32\astra64.sys (Licensed for Sysinfo Lab) DRV - (mnmdd) -- C:\WINDOWS\SysWow64\mnmdd.dll (Microsoft Corporation) DRV - (Aspi32) -- C:\WINDOWS\SysWow64\drivers\aspi32.sys (Adaptec) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:home IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/12 04:07:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/01 01:57:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/02 03:18:21 | 000,000,000 | ---D | M] [2011/09/24 12:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions [2011/10/06 17:01:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wvtvti0j.default\extensions [2011/09/24 12:59:52 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wvtvti0j.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/09/24 12:54:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WVTVTI0J.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WVTVTI0J.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011/10/01 01:57:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll Hosts file not found O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153 O9:[b]64bit:[/b] - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\mswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\mswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\mswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\mswsock.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\mswsock.dll File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9079FF4C-5EF8-40FC-9DC6-5DCE577D106F}: DhcpNameServer = 209.18.47.61 209.18.47.62 O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\http\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\http\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\https\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\https\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found O20:[b]64bit:[/b] - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: System - (lsass.exe) - File not found O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found O21:[b]64bit:[/b] - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found O21:[b]64bit:[/b] - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found O21:[b]64bit:[/b] - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found O21:[b]64bit:[/b] - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found O22:[b]64bit:[/b] - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found O22:[b]64bit:[/b] - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/12/03 19:08:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/10/09 15:58:19 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2011/10/07 14:38:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2011/10/06 17:44:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech [2011/10/06 17:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software [2011/10/06 17:04:51 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\Desktop\HijackThis.exe [2011/10/01 16:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.swt [2011/10/01 16:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Azureus [2011/10/01 16:52:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\vmntemplate [2011/09/28 19:11:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music [2011/09/27 14:16:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\579000 [2011/09/24 12:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla [2011/09/24 12:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011/09/16 12:59:35 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Administrator\Desktop\aswMBR.exe [2011/09/14 21:34:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2011/09/14 21:34:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2011/09/14 21:34:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2011/09/14 21:34:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2011/09/12 04:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus [2011/09/12 04:07:58 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysWow64\aswBoot.exe [2011/09/12 04:07:58 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/09/12 04:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011/09/12 04:07:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/09/12 03:54:02 | 000,000,000 | ---D | C] -- C:\Drivers [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/10/09 15:58:21 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2011/10/09 15:42:02 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1058093358-2681104663-2786989613-500.job [2011/10/09 15:41:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/10/07 21:07:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011/10/07 21:02:00 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/10/07 14:36:44 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk [2011/10/07 14:35:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt [2011/10/06 17:04:54 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\Desktop\HijackThis.exe [2011/10/04 23:59:00 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1058093358-2681104663-2786989613-500.job [2011/10/02 16:37:24 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MBR.dat [2011/09/26 13:44:57 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MBR.dat [2011/09/24 12:54:52 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/09/24 12:54:52 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2011/09/24 12:49:32 | 000,212,016 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Firefox 6.0.2 (en-US) - 2011-09-24.pcv [2011/09/23 20:39:19 | 000,065,536 | ---- | M] () -- C:\WINDOWS\TADSUINS.EXE [2011/09/21 21:16:42 | 000,002,829 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MurlocRPG2-E1-ARENA-Shaman.sav [2011/09/21 15:22:40 | 000,013,312 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\vde4odkz.sys [2011/09/21 15:22:36 | 000,011,264 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\uze4odkz.sys [2011/09/20 22:16:56 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\rtkhdaud.dat [2011/09/19 18:26:28 | 000,002,674 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MurlocRPG2-E1-Shaman.sav [2011/09/16 17:12:29 | 000,000,222 | -HS- | M] () -- C:\boot.ini [2011/09/16 12:59:48 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Administrator\Desktop\aswMBR.exe [2011/09/12 04:21:12 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011/09/12 04:08:14 | 000,001,673 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk [2011/09/12 03:54:02 | 000,001,721 | ---- | M] () -- C:\WINDOWS\Drvs.Debug [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/09/24 12:54:52 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/09/24 12:54:52 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk [2011/09/24 12:54:52 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2011/09/24 12:49:32 | 000,212,016 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Firefox 6.0.2 (en-US) - 2011-09-24.pcv [2011/09/21 15:22:40 | 000,013,312 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\vde4odkz.sys [2011/09/21 15:22:36 | 000,011,264 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\uze4odkz.sys [2011/09/20 22:16:56 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\rtkhdaud.dat [2011/09/19 18:28:16 | 000,002,829 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MurlocRPG2-E1-ARENA-Shaman.sav [2011/09/19 18:23:35 | 000,002,674 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MurlocRPG2-E1-Shaman.sav [2011/09/17 22:38:53 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MBR.dat [2011/09/12 04:08:14 | 000,001,673 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk [2011/09/12 03:54:02 | 000,001,721 | ---- | C] () -- C:\WINDOWS\Drvs.Debug [2011/09/11 20:18:21 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MBR.dat [2011/09/06 15:41:37 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WebpageIcons.db [2011/09/03 02:44:22 | 000,162,304 | ---- | C] () -- C:\WINDOWS\SysWow64\ztvunrar36.dll [2011/09/03 02:44:22 | 000,153,088 | ---- | C] () -- C:\WINDOWS\SysWow64\UNRAR3.dll [2011/09/03 02:44:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\ztvunace26.dll [2011/09/03 02:44:22 | 000,075,264 | ---- | C] () -- C:\WINDOWS\SysWow64\unacev2.dll [2011/09/01 02:18:05 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache [2011/08/30 01:14:14 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/08/01 17:45:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WinFrotz.INI [2011/08/01 17:44:23 | 000,065,536 | ---- | C] () -- C:\WINDOWS\TADSUINS.EXE [2011/02/08 17:50:59 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2011/02/08 17:50:55 | 000,020,783 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2011/02/08 17:50:53 | 000,010,296 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ASUSHWIO.SYS [2010/12/09 11:54:17 | 000,700,820 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2010/12/08 20:21:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010/12/08 17:47:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2010/12/08 17:08:34 | 000,000,664 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d9caps.dat [2010/12/07 20:35:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/12/07 20:21:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\LCDMedia.INI [2010/12/06 02:49:21 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010/12/03 21:09:37 | 000,010,240 | ---- | C] () -- C:\WINDOWS\SysWow64\vidx16.dll [2010/12/03 21:07:49 | 000,044,136 | ---- | C] () -- C:\WINDOWS\CPLUTL64.EXE [2010/12/03 19:11:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/12/02 20:13:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007/02/18 05:00:00 | 001,278,464 | ---- | C] () -- C:\WINDOWS\SysWow64\quartz.dll [2007/02/18 05:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\SysWow64\qedwipes.dll [2007/02/18 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2007/02/18 05:00:00 | 000,512,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qedit.dll [2007/02/18 05:00:00 | 000,498,742 | ---- | C] () -- C:\WINDOWS\SysWow64\dxmasf.dll [2007/02/18 05:00:00 | 000,396,288 | ---- | C] () -- C:\WINDOWS\SysWow64\encdec.dll [2007/02/18 05:00:00 | 000,385,536 | ---- | C] () -- C:\WINDOWS\SysWow64\qdvd.dll [2007/02/18 05:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2007/02/18 05:00:00 | 000,279,040 | ---- | C] () -- C:\WINDOWS\SysWow64\qdv.dll [2007/02/18 05:00:00 | 000,276,992 | ---- | C] () -- C:\WINDOWS\SysWow64\sbe.dll [2007/02/18 05:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ir32_32.dll [2007/02/18 05:00:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qcap.dll [2007/02/18 05:00:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\SysWow64\msencode.dll [2007/02/18 05:00:00 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\amstream.dll [2007/02/18 05:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\SysWow64\mciqtz32.dll [2007/02/18 05:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\devenum.dll [2007/02/18 05:00:00 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\dvdplay.exe [2007/02/18 05:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysWow64\tsd32.dll [2007/02/18 05:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\SysWow64\msdmo.dll [2007/02/18 05:00:00 | 000,012,498 | ---- | C] () -- C:\WINDOWS\SysWow64\append.exe [2007/02/18 05:00:00 | 000,004,126 | ---- | C] () -- C:\WINDOWS\SysWow64\msdxmlc.dll [2007/02/18 05:00:00 | 000,001,129 | ---- | C] () -- C:\WINDOWS\SysWow64\vwipxspx.exe [color=#E56717]========== LOP Check ==========[/color] [2011/10/02 19:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus [2011/09/08 17:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics [2010/12/16 20:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FreeStone Group [2010/12/09 17:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech [2011/08/30 15:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PFStaticIP [2011/07/29 00:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Rags [2011/09/08 00:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Simply Super Software [2011/10/09 16:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent [2011/10/01 16:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\vmntemplate [2010/12/21 15:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search [2010/12/03 23:33:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2011/09/12 04:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2010/12/09 16:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Plantronics [2011/09/03 01:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan [2011/09/07 22:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2011/09/03 02:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} [2011/09/02 15:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}(2) [2011/09/02 15:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A} [2011/10/08 03:28:34 | 000,032,606 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 < End of report >