VIPRE premium checked for rootkits so I should use GMER too?
ETA: Here is the Minimal Output scan.
OTL logfile created on: 5/27/2010 10:45:28 PM - Run 4
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\test\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 43.09 Gb Free Space | 38.55% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: BABY
Current User Name: test
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\test\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe (Sunbelt Software)
PRC - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe (Sunbelt Software)
PRC - C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe (Sunbelt Software)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\test\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe ()
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
PRC - C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
PRC - C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
PRC - C:\Program Files\Common Files\aol\1227796052\ee\aolsoftware.exe (AOL LLC)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Southwest Airlines\Ding\Ding.exe (Southwest Airlines)
PRC - C:\Program Files\Logitech\Video\CameraAssistant.exe (Logitech Inc.)
PRC - c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\WINDOWS\system32\ElkCtrl.exe (Logitech Inc.)
PRC - C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe (Hewlett-Packard )
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\test\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Documents and Settings\test\Local Settings\Temp\IadHide5.dll (BackWeb)
MOD - C:\WINDOWS\system32\ksuser.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Program Files\Sunbelt Software\VIPRE\oehook.dll (Nektra S.A.)
MOD - C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Inc.)
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)
========== Win32 Services (SafeList) ========== SRV - (WRConsumerService) -- File not found
SRV - (CLTNetCnService) -- File not found
SRV - (SBAMSvc) -- C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe (Sunbelt Software)
SRV - (SBPIMSvc) -- C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe (Sunbelt Software)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
SRV - (LVPrcSrv) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
========== Driver Services (SafeList) ========== DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (Sunbelt Software, Inc.)
DRV - (SbTis) -- C:\WINDOWS\system32\drivers\sbtis.sys (Sunbelt Software, Inc.)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (Sunbelt Software, Inc.)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
DRV - (sbapifs) -- C:\WINDOWS\system32\drivers\sbapifs.sys (Sunbelt Software)
DRV - (sbaphd) -- C:\WINDOWS\system32\drivers\sbaphd.sys (Sunbelt Software)
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREDrv.sys (Sunbelt Software)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) QuickCam for Notebooks Pro(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (lvmvdrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys ()
DRV - (LVPrcMon) -- C:\WINDOWS\system32\drivers\LVPrcMon.sys ()
DRV - (Lvckap) -- C:\WINDOWS\system32\drivers\Lvckap.sys ()
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (CAMCHALA) -- C:\WINDOWS\system32\drivers\camchal.sys (Conexant Systems Inc.)
DRV - (CAMCAUD) -- C:\WINDOWS\system32\drivers\camcaud.sys (Conexant Systems Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (WIDCOMM, Inc.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (WIDCOMM, Inc.)
DRV - (eabfiltr) -- C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Company)
DRV - (TIEHDUSB) -- C:\WINDOWS\system32\drivers\tiehdusb.sys (Texas Instruments Incorporated)
DRV - (eabusb) -- C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Company)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://my.aol.com/?n...s00050000000002 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.realarcade.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {6847DFAE-037A-400c-A524-27F0A281B692}:2.0.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.2
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: paypalfirefoxplugin@orbiscom:2.2.26.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.5.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.80
FF - HKLM\software\mozilla\Firefox\extensions\\paypalfirefoxplugin@orbiscom: C:\Program Files\PayPal\PayPal Plug-In [2009/06/06 13:27:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/23 17:34:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/21 19:31:21 | 000,000,000 | ---D | M]
[2009/03/15 20:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mozilla\Extensions
[2009/03/15 20:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mozilla\Extensions\
[email protected][2010/05/27 19:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\9913ls39.default\extensions
[2010/05/22 22:13:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\9913ls39.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/22 03:51:06 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\9913ls39.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/05/22 03:52:00 | 000,000,000 | ---D | M] (Big Fish Games Toolbar) -- C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\9913ls39.default\extensions\{6847DFAE-037A-400c-A524-27F0A281B692}
[2010/05/26 17:48:44 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\9913ls39.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/10/09 17:41:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\9913ls39.default\extensions\
[email protected][2008/11/27 14:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\9913ls39.default\extensions\
[email protected][2010/05/22 22:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\9913ls39.default\extensions\
[email protected][2010/05/27 19:39:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/06/18 01:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2009/03/30 17:13:54 | 000,098,304 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npraclient.dll
[2005/04/27 15:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
O1 HOSTS File: ([2009/11/21 16:55:48 | 000,290,007 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 10013 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (jZip Webmail plugin) - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files\jZip\WebmailPlugin.dll (Discordia Limited)
O2 - BHO: (Big Fish Games Toolbar) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files\BfgBar\bfg.dll ()
O2 - BHO: (OToolbarHelper Class) - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll ()
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Big Fish Games Toolbar) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files\BfgBar\bfg.dll ()
O3 - HKLM\..\Toolbar: (PayPal Plug-In) - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1227796052\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe (Sunbelt Software)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -Mozilla\5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit\532.0_(KHTML,_like_Gecko)_Chrome\3.0.195.38_Safari\532.0 - File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\test\Start Menu\Programs\Startup\DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe (Southwest Airlines)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send To &Bluetooth - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE}
http://apps.corel.co...IEGetPlugin.ocx (get_atlcom Class)
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3}
http://www.gamehouse.../DinerDash2.cab (CPlayFirstDinerDash2Control Object)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862}
https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.micros...b?1228158980281 (MUWebControl Class)
O16 - DPF: {74EF5274-F439-2168-B543-14745B625C72}
http://www.gamehouse...eddingDash2.cab (CPlayFirstWeddingDasControl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429}
http://www.gamehouse...GamesPlayer.cab (GoBit Games Player)
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19}
http://www.gamehouse...erDashFloGo.cab (CPlayFirstddfotgControl Object)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1
O18 - Protocol\Handler\bw+0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw+0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0 {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0s {53c3009a-875e-4094-9bf4-ee1b1e55afaf} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\offline-8876480 {53C3009A-875E-4094-9BF4-EE1B1E55AFAF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\BTXPPanel.dll (WIDCOMM, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Blue Sonic.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Blue Sonic.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/11/19 10:51:51 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17465059307421696)
========== Files/Folders - Created Within 90 Days ========== [2010/05/27 19:18:08 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
[2010/05/27 19:08:01 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\TFC.exe
[2010/05/26 18:20:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/26 18:19:59 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/05/26 17:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\SUPERAntiSpyware.com
[2010/05/26 17:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/05/26 17:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/05/26 17:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/05/24 21:03:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\My Documents\Warnings at Waverly Academy
[2010/05/23 15:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/05/23 15:31:39 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/05/22 22:20:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/22 22:20:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/22 22:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/22 10:46:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/05/22 10:45:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/05/22 09:51:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
[2010/05/22 09:33:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/05/22 09:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/05/22 09:19:05 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/05/21 18:08:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Malwarebytes
[2010/05/21 18:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/21 18:07:55 | 000,069,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\sbapifs.sys
[2010/05/21 18:07:54 | 000,013,400 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\sbaphd.sys
[2010/05/21 17:55:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Application Data\Sunbelt
[2010/05/21 17:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sunbelt
[2010/05/21 17:46:44 | 000,086,232 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\sbhips.sys
[2010/05/21 17:46:42 | 000,204,632 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\sbtis.sys
[2010/05/21 17:46:05 | 000,067,800 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFwIm.sys
[2010/05/21 17:46:03 | 000,322,904 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFw.sys
[2010/05/21 17:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sunbelt Software
[2010/04/30 12:31:00 | 000,027,984 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe
[2010/04/26 17:59:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/26 17:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/03/30 17:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2004/09/14 17:25:10 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
========== Files - Modified Within 90 Days ========== [2010/05/27 22:39:51 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/27 22:39:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/27 22:39:46 | 1340,657,664 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/27 22:34:10 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\test\Desktop\gmer.exe
[2010/05/27 21:54:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1410243565-529883314-1269684793-1006UA.job
[2010/05/27 19:18:16 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\OTL.exe
[2010/05/27 19:14:38 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Microsoft Office Outlook 2003.lnk
[2010/05/27 19:12:10 | 008,912,896 | -H-- | M] () -- C:\Documents and Settings\test\NTUSER.DAT
[2010/05/27 19:11:57 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\test\ntuser.ini
[2010/05/27 19:08:10 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\test\Desktop\TFC.exe
[2010/05/27 19:05:24 | 000,278,912 | ---- | M] () -- C:\Documents and Settings\test\My Documents\8oz. label.pspimage
[2010/05/27 18:52:32 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Microsoft Office Word 2003.lnk
[2010/05/27 18:46:16 | 000,001,838 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/05/26 22:54:03 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1410243565-529883314-1269684793-1006Core.job
[2010/05/26 20:39:46 | 000,003,675 | ---- | M] () -- C:\Documents and Settings\test\My Documents\7513-0002Template.pdf
[2010/05/26 19:18:27 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Mystery Case Files - Return to Ravenhearst.lnk
[2010/05/26 19:18:27 | 000,001,240 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2010/05/26 19:06:55 | 000,001,876 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Mystery Case Files - Dire Grove Collector's Edition.lnk
[2010/05/26 18:43:05 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/05/26 18:19:59 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\test\Desktop\NTREGOPT.lnk
[2010/05/26 18:19:59 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\test\Desktop\ERUNT.lnk
[2010/05/26 18:17:59 | 000,000,930 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/26 17:58:27 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\test\Desktop\SpywareBlaster.lnk
[2010/05/26 17:58:16 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/05/24 21:59:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Waverly.INI
[2010/05/24 17:57:33 | 000,001,578 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk
[2010/05/23 17:43:14 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/05/23 16:51:56 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/23 15:12:07 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/05/22 22:20:13 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/22 21:59:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/22 11:36:07 | 000,513,282 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/22 11:36:07 | 000,436,268 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/22 11:36:07 | 000,068,616 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/22 11:33:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/22 09:29:06 | 000,001,578 | ---- | M] () -- C:\Documents and Settings\test\My Documents\LimeWire 5.5.8.lnk
[2010/05/21 19:31:40 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/21 17:46:02 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VIPRE.lnk
[2010/04/30 17:57:17 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Google Chrome.lnk
[2010/04/30 12:31:00 | 000,027,984 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/28 15:12:40 | 000,322,904 | ---- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFw.sys
[2010/04/28 15:12:40 | 000,204,632 | ---- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\sbtis.sys
[2010/04/28 15:12:40 | 000,086,232 | ---- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\sbhips.sys
[2010/04/26 17:40:37 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\test\My Documents\QuickTime Player.lnk
[2010/04/17 02:27:13 | 001,576,797 | ---- | M] () -- C:\Documents and Settings\test\My Documents\Image1.pspimage
[2010/04/16 17:56:09 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\test\My Documents\Adobe Reader 9.lnk
[2010/04/03 20:36:20 | 000,870,128 | ---- | M] () -- C:\Documents and Settings\test\Application Data\mcs.rma
[2010/04/03 20:36:20 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\test\Application Data\D50AC5
[2010/03/28 16:31:49 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\test\Desktop\Microsoft Office Excel 2003.lnk
[2010/03/25 21:55:37 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\test\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/14 14:16:46 | 000,000,164 | ---- | M] () -- C:\WINDOWS\install.dat
[2010/03/12 17:12:56 | 000,379,679 | ---- | M] () -- C:\Documents and Settings\test\My Documents\bodywash.pspimage
[2010/03/12 17:11:55 | 000,614,264 | ---- | M] () -- C:\Documents and Settings\test\My Documents\4oz. label.pspimage
========== Files Created - No Company Name ========== [2010/05/26 20:57:50 | 000,278,912 | ---- | C] () -- C:\Documents and Settings\test\My Documents\8oz. label.pspimage
[2010/05/26 20:39:46 | 000,003,675 | ---- | C] () -- C:\Documents and Settings\test\My Documents\7513-0002Template.pdf
[2010/05/26 19:18:27 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Mystery Case Files - Return to Ravenhearst.lnk
[2010/05/26 19:18:27 | 000,001,240 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2010/05/26 19:06:55 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Mystery Case Files - Dire Grove Collector's Edition.lnk
[2010/05/26 18:19:59 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\test\Desktop\NTREGOPT.lnk
[2010/05/26 18:19:59 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\test\Desktop\ERUNT.lnk
[2010/05/26 17:58:27 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\test\Desktop\SpywareBlaster.lnk
[2010/05/26 17:58:16 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/05/24 21:59:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Waverly.INI
[2010/05/24 17:57:33 | 000,001,578 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk
[2010/05/23 17:44:57 | 1340,657,664 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/22 22:20:13 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/22 21:59:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/22 11:35:04 | 000,873,374 | ---- | C] () -- C:\WINDOWS\System32\oem57.inf
[2010/05/22 11:28:00 | 000,746,096 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/22 09:34:39 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/05/22 09:29:06 | 000,001,578 | ---- | C] () -- C:\Documents and Settings\test\My Documents\LimeWire 5.5.8.lnk
[2010/05/21 19:31:40 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/21 17:46:01 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VIPRE.lnk
[2010/04/17 02:27:09 | 001,576,797 | ---- | C] () -- C:\Documents and Settings\test\My Documents\Image1.pspimage
[2010/01/10 03:14:39 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/10/23 20:23:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ransom.INI
[2009/10/22 19:59:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ResortingToDanger.INI
[2009/10/11 03:49:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CastleMalloy.INI
[2009/07/09 19:13:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Curses.INI
[2009/01/06 00:06:24 | 000,000,658 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2008/12/30 02:17:23 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008/12/30 00:40:46 | 000,001,838 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/11/30 00:02:24 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
[2008/11/30 00:02:24 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
[2008/11/30 00:02:24 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll
[2008/11/29 23:52:38 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008/11/29 23:52:38 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008/11/27 21:17:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhantomOfVenice.INI
[2008/11/27 19:09:24 | 000,010,238 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/11/27 18:20:41 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2008/11/27 18:04:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008/11/27 17:25:08 | 000,003,399 | R--- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2008/11/27 17:25:08 | 000,000,458 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2005/09/01 14:11:52 | 001,912,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys
[2005/09/01 14:11:52 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2005/09/01 14:09:28 | 002,169,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2004/11/19 12:29:57 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/11/19 12:29:57 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/11/19 12:29:57 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/11/19 12:29:57 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/11/19 12:29:57 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/11/19 12:29:57 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/11/19 12:11:34 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/19 12:01:16 | 000,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/09/14 16:35:22 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/08/16 07:42:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/07 08:16:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 08:10:08 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/06/02 20:28:30 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2004/01/13 13:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/01/07 18:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/16 02:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 21:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 16:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
========== LOP Check ========== [2010/05/23 15:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/10/01 18:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
[2009/09/16 18:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3
[2009/09/02 21:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2009/10/21 18:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2009/09/15 18:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2009/07/03 23:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2009/11/19 22:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Islands
[2009/12/24 10:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2009/10/22 19:05:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2004/11/19 13:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/06/23 22:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/12/24 10:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2008/11/29 23:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel
[2009/10/09 22:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/10/15 19:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[2010/05/27 22:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/27 09:28:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/04/08 12:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/04/26 18:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/11 22:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/06/03 22:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/10/21 21:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Alawar
[2010/03/18 22:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\BfgBar
[2009/07/08 19:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Boolat Games
[2009/09/27 11:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Camel101
[2009/04/23 17:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\CoreFTP
[2009/12/24 10:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\DivoGames
[2009/11/20 18:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\EleFun Games
[2009/02/14 18:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Endicia
[2008/12/22 19:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Eyeblaster
[2009/09/02 21:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Flood Light Games
[2009/10/15 20:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\funkitron
[2009/10/20 18:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Gaijin Ent
[2009/06/23 22:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\GameHouse
[2009/09/16 19:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\GraveyardShift
[2008/11/13 12:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\InterVideo
[2008/12/30 03:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Jasc
[2008/11/14 17:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Leadertech
[2009/12/24 10:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Ludia
[2009/10/22 19:05:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Merscom
[2009/12/24 10:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\PlayFirst
[2009/11/14 21:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Playrix Entertainment
[2009/10/09 23:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Southwest Airlines
[2009/10/11 14:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Sudden Games
[2009/10/15 19:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\SulusGames
[2009/10/17 22:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\TheScruffs
[2009/07/19 13:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\yoclient
[2009/09/27 18:32:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\YoudaGames
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2008/11/13 12:48:12 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2009/01/10 18:44:18 | 000,216,036 | ---- | M] () -- C:\coreuninstall.log
[2009/09/05 16:01:24 | 000,000,191 | ---- | M] () -- C:\DownloadLog.txt
[2010/05/27 22:39:46 | 1340,657,664 | -HS- | M] () -- C:\hiberfil.sys
[2009/01/29 18:24:19 | 000,000,164 | ---- | M] () -- C:\install.dat
[2004/08/04 03:00:00 | 000,047,564 | RHS- | M] () -- C:\ntdetect.com
[2008/11/27 18:26:20 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/05/27 22:39:45 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2009/09/09 20:55:04 | 000,059,862 | ---- | M] () -- C:\playground.log
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav >[2004/08/07 00:45:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/07 00:45:26 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/07 00:45:26 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\drivers\*.sys /90 >[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
[2010/04/28 15:12:40 | 000,322,904 | ---- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\system32\drivers\SbFw.sys
[2010/04/28 15:12:40 | 000,086,232 | ---- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\system32\drivers\sbhips.sys
[2010/04/28 15:12:40 | 000,204,632 | ---- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\system32\drivers\sbtis.sys
========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7920E530
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:038ACE45
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED810E46
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:059167AF
@Alternate Data Stream - 237 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:04CE8640
@Alternate Data Stream - 234 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:55374FBA
@Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D8F9D810
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:33384BC0
@Alternate Data Stream - 223 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AE2EA3C2
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F403D65
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80E965A3
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:517B507A
@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDF08FAF
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0EB1DE
@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A936202
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10F6E97E
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1D597D0
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94878DD7
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B51C28F
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADE67221
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:55C54F7C
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E22C5DB
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FAFEC4B9
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A26AFC00
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF1334B0
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D52F295
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1F96ED45
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E0AE69BE
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8BCF4DE2
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38E2864F
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EEB25EAE
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4A2862FF
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:260575F1
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9857FAE3
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8140CB50
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5335CE76
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:417B6FAC
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98F6F85C
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EA701346
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B1FBBD09
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56C17A93
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2032EBB
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3790BACD
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1713795
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0FEE2B
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78E0DF72
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8F2382B
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4673E9EA
< End of report >
Edited by Varayana, 27 May 2010 - 09:52 PM.