It All started when i was browsing a a website i recieved a popup cant really remember what it was i usually close these straight away by clicking on the red x.
cant really remember what i did but i saw some java popus in the toolbar maybe the loaded something? but im not really sure.
anyways i had this antivirus action warnings so i looked it up turns out to be malware.
So i look for a removal guide and find one.
okay it says to run in safe mode my first problem. my computer wont boot into safemode keeps crashing and restarting wen trying to enter safemode.
The guide tells me to use malwearbytes so i have run that program. it deletes quite a few things. Restarts and bam windows loads but stops at desktop with background but no icons.
ohh crap i think whats wrong now.
so i have to manually shut down holding power butto power button down.
Power on again all good everything is going well all icons are there everything looks ok.
Got to use internet explorer bam no connection, try diagnose problems still cant get connected.
okay it seems that it changed something to do with a proxy any ways changed all that back no have connection.
I update my avg anti virus then run a full scan it to finds some problems and fixes them.
But the computer is still having problems.
still having computer issues starting up.
still no safemode just keeps rebooting after putting in logon password.
So i have come here for help.
here is my log
OTL logfile created on: 30/10/2010 5:43:20 PM - Run 2
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Documents and Settings\User1\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
1,023.00 Mb Total Physical Memory | 473.00 Mb Available Physical Memory | 46.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1534 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 70.32 Gb Free Space | 15.10% Space Free | Partition Type: NTFS
Drive E: | 650.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: JULLE-FD9C65E74 | User Name: User1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\User1\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
PRC - C:\WINDOWS\system32\UAService7.exe ()
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\User1\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\MsgPlusLoader.dll (Patchou)
========== Win32 Services (SafeList) ==========
SRV - (sdCoreService) -- C:\Program Files\Spyware Doctor\swdsvc.exe (PC Tools)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (ServiceLayer) -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (spupdsvc) -- C:\WINDOWS\system32\spupdsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Acronis)
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (sdAuxService) -- C:\Program Files\Spyware Doctor\svcntaux.exe (PC Tools)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe ()
SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (Perpeervc) -- C:\WINDOWS\system32\EPSTP32U.EXE (SEIKO EPSON CORPORATION)
========== Driver Services (SafeList) ==========
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (atapi) -- C:\WINDOWS\system32\DRIVERS\atapi.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows ® 2000 DDK provider)
DRV - (xusb21) -- C:\WINDOWS\system32\drivers\xusb21.sys (Microsoft Corporation)
DRV - (IKSysSec) -- C:\WINDOWS\system32\drivers\iksyssec.sys (PCTools Research Pty Ltd.)
DRV - (IkSysFlt) -- C:\WINDOWS\system32\drivers\iksysflt.sys (PCTools Research Pty Ltd.)
DRV - (IKFileSec) -- C:\WINDOWS\system32\drivers\ikfilesec.sys (PCTools Research Pty Ltd.)
DRV - (IKFileFlt) -- C:\WINDOWS\system32\drivers\ikfileflt.sys (PCTools Research Pty Ltd.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (vaxscsi) -- C:\WINDOWS\System32\Drivers\vaxscsi.sys (Alcohol Soft Co., Ltd.)
DRV - (MayPro) -- C:\WINDOWS\system32\drivers\Maypro.sys (TigerGame.,Ltd)
DRV - (dtscsi) -- C:\WINDOWS\System32\Drivers\dtscsi.sys (DT Soft Ltd.)
DRV - (EZWRIT3) -- C:\WINDOWS\system32\drivers\ezwrit3.sys (USTC)
DRV - (ASPI32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (APLOADER) -- C:\WINDOWS\system32\drivers\ApLoader.SYS (Texas Instruments)
DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (VIAudio) Vinyl AC'97 Audio Controller (WDM) -- C:\WINDOWS\system32\drivers\vinyl97.sys (VIA Technologies, Inc.)
DRV - (d347prt) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (d347bus) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (a347bus) -- C:\WINDOWS\system32\DRIVERS\a347bus.sys ( )
DRV - (a347scsi) -- C:\WINDOWS\System32\Drivers\a347scsi.sys ( )
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yukonwxp.sys (Marvell Semiconductor Inc.)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (L8042pr2) -- C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.)
DRV - (SiSRaid) -- C:\WINDOWS\system32\DRIVERS\SiSRaid.sys (Silicon Integrated Systems)
DRV - (SISAGP) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)
DRV - (SiSide) -- C:\WINDOWS\system32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.)
DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows ® 2000 DDK provider)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (StreamDispatcher) -- C:\WINDOWS\system32\drivers\strmdisp.sys (Conexant Systems)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsear...r={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dodo.com.au/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:28091
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"
FF - prefs.js..network.proxy.http: "127.0.0.1");user_pref("network.proxy.http_port", 81);user_pref("network.proxy.type", 1
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/02/27 22:24:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/10/26 15:52:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2010/10/23 09:32:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/30 17:12:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/30 17:12:19 | 000,000,000 | ---D | M]
[2008/12/15 14:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Mozilla\Extensions
[2010/10/30 17:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\6aecx7x9.julie\extensions
[2010/10/29 15:28:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\6aecx7x9.julie\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010/08/18 15:17:13 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\6aecx7x9.julie\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010/10/29 15:28:38 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\6aecx7x9.julie\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2010/08/30 16:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\uryozul3.default\extensions
[2005/01/22 15:54:38 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\uryozul3.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/08/30 16:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\uryozul3.default\extensions\[email protected]
[2010/10/30 17:12:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2004/01/14 13:09:25 | 000,176,176 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2005/09/05 11:11:48 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
O1 HOSTS File: ([2010/10/27 19:16:28 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunServices: [CPQHotKeys] File not found
O4 - HKLM..\RunServices: [tcp checker] File not found
O4 - HKCU..\RunServices: [tcp checker] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - Reg Error: Value error. File not found
O9 - Extra Button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - C:\Program Files\PlaySushi\PSText.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {447F8438-8124-4369-905B-A249E13CBBFC} http://pickles.liveb...l/new/lgbkc.cab (LgbContent Control)
O16 - DPF: {680285A8-96D3-43DA-9D3D-51DD987D0B77} http://www.nero.com/...ckerControl.cab (NeroVersionCheckerControl Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (MsgPlusLoader.dll) - C:\WINDOWS\System32\MsgPlusLoader.dll (Patchou)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\User1\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User1\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\urqOGVnM) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/13 08:21:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/08/18 19:55:50 | 000,000,000 | R--D | M] - E:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2004/08/18 19:37:22 | 000,663,552 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2004/08/18 19:33:44 | 000,598,016 | R--- | M] () - E:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2004/08/18 19:54:43 | 000,000,083 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\User1\My Documents\User1.
[2010/10/30 12:46:03 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User1\Desktop\OTL.exe
[2010/10/30 00:24:51 | 007,462,768 | ---- | C] (AVG ) -- C:\Documents and Settings\User1\Desktop\avg_pct_stf_all_2011_22.exe
[2010/10/28 19:00:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Application Data\Bitrix Security
[2010/10/28 17:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Bitrix Security
[2010/10/28 17:47:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/10/28 17:46:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/10/27 18:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/10/27 18:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/10/26 22:44:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\Server
[2010/10/26 22:43:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Application Data\BBA3C47041CC05CF5F7CEAE09FFAF8B6
[2010/10/26 22:21:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Desktop\Y.S.v1.4.0.0
[2010/10/26 16:58:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\The Learning Company
[2010/10/25 20:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Desktop\a.b.hal.propper
[2010/10/24 00:35:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Desktop\tgatetress
[2010/10/22 00:31:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Desktop\IPOD
[2010/10/16 12:44:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Local Settings\Application Data\AVG Security Toolbar
[2010/10/16 12:35:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Application Data\AVG10
[2010/10/16 12:33:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/10/16 12:33:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/10/16 12:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/10/16 12:32:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2010/10/16 11:50:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/10/15 20:08:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Application Data\Realore_Whiterra Roads Of Rome
[2010/10/15 16:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Roads of Rome
[2010/10/15 16:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\Kate Arrow - Deserted Wood
[2010/10/15 16:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\Help Felix Find a Cure
[2010/10/15 16:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\Enlightenus II - The Timeless Tower
[2010/10/15 16:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\Dark Tales - Edgar Allan Poe's The Black Cat Collector's Edition
[2010/10/15 15:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\Columbus - Ghost of the Mystery Stone
[2010/10/12 20:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010/10/11 17:09:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Application Data\Anarchy
[2010/10/11 17:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Coffee Rush 2
[2010/10/04 13:53:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Desktop\TheIslandCastaway
[2010/10/03 13:13:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Application Data\Sahmon Games
[2009/02/04 17:45:55 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2009/02/04 17:45:55 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2008/06/05 16:34:49 | 000,403,856 | ---- | C] (Pantaray Research LTD.) -- C:\Program Files\un_Star Defender 4_26816.exe
[2005/07/25 18:37:28 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2005/07/25 18:37:28 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\User1\My Documents\User1.
[2010/10/30 17:45:44 | 000,762,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\ztkbxvda.sys
[2010/10/30 17:41:48 | 000,000,388 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2010/10/30 17:38:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TempFile
[2010/10/30 17:37:55 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/30 17:37:51 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010/10/30 17:37:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/30 17:37:16 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/30 15:37:13 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/30 15:15:59 | 098,021,486 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/10/30 14:50:26 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/30 11:04:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User1\Desktop\OTL.exe
[2010/10/30 04:43:13 | 000,000,191 | ---- | M] () -- C:\Documents and Settings\User1\Application Data\ahfg.bat
[2010/10/30 00:25:34 | 000,000,860 | ---- | M] () -- C:\Documents and Settings\User1\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2010/10/30 00:25:34 | 000,000,842 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\AVG PC Tuneup 2011.lnk
[2010/10/30 00:24:57 | 007,462,768 | ---- | M] (AVG ) -- C:\Documents and Settings\User1\Desktop\avg_pct_stf_all_2011_22.exe
[2010/10/29 23:52:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/28 09:18:26 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/28 09:00:00 | 000,000,186 | ---- | M] () -- C:\WINDOWS\tasks\C and K.job
[2010/10/27 23:04:31 | 000,452,500 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/27 23:04:31 | 000,075,314 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/27 19:16:28 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/27 07:17:58 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/26 23:11:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/26 17:00:55 | 000,000,036 | ---- | M] () -- C:\WINDOWS\Tiny_Run.ini
[2010/10/24 16:23:55 | 068,346,571 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Y.S.v1.4.0.0.rar
[2010/10/24 15:31:02 | 009,838,549 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\a.b.hal.propper.rar
[2010/10/19 21:00:41 | 111,586,305 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\s.c.v1.0.rar
[2010/10/14 03:40:00 | 000,000,372 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2010/10/12 20:36:06 | 517,080,144 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\V8 Challenge.bin
[2010/10/12 20:36:06 | 000,000,201 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\V8 Challenge.cue
[2010/10/12 20:27:45 | 000,000,090 | ---- | M] () -- C:\WINDOWS���������������������������
[2010/10/11 17:03:26 | 000,001,596 | ---- | M] () -- C:\Documents and Settings\User1\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk
[2010/10/10 22:11:24 | 000,120,129 | ---- | M] () -- C:\Documents and Settings\User1\My Documents\cover111.jpg
[2010/10/07 20:14:46 | 000,120,192 | ---- | M] () -- C:\Documents and Settings\User1\My Documents\haunted_house.jpg
[2010/10/05 22:21:55 | 000,000,083 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2010/10/04 13:58:56 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Island - Castaway.lnk
[2010/10/04 13:53:05 | 141,078,024 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\TheIslandCastaway.rar
[2010/10/01 19:41:39 | 173,817,219 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\s.b.and.s.v1.0.5.rar
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/10/30 15:15:59 | 098,021,486 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/10/30 09:04:57 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/30 04:43:13 | 000,000,191 | ---- | C] () -- C:\Documents and Settings\User1\Application Data\ahfg.bat
[2010/10/30 04:42:35 | 000,762,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\ztkbxvda.sys
[2010/10/30 00:25:49 | 000,000,388 | ---- | C] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2010/10/30 00:25:34 | 000,000,860 | ---- | C] () -- C:\Documents and Settings\User1\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2010/10/30 00:25:34 | 000,000,842 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\AVG PC Tuneup 2011.lnk
[2010/10/26 16:56:34 | 000,000,036 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini
[2010/10/24 16:23:49 | 068,346,571 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Y.S.v1.4.0.0.rar
[2010/10/24 15:31:00 | 009,838,549 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\a.b.hal.propper.rar
[2010/10/19 21:00:24 | 111,586,305 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\s.c.v1.0.rar
[2010/10/16 12:33:18 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/12 20:36:06 | 000,000,201 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\V8 Challenge.cue
[2010/10/12 20:33:53 | 517,080,144 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\V8 Challenge.bin
[2010/10/11 18:12:22 | 000,001,548 | -H-- | C] () -- C:\Documents and Settings\User1\Desktop\UltraISO.lnk
[2010/10/11 17:03:26 | 000,001,596 | ---- | C] () -- C:\Documents and Settings\User1\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk
[2010/10/10 22:11:43 | 000,120,129 | ---- | C] () -- C:\Documents and Settings\User1\My Documents\cover111.jpg
[2010/10/07 20:15:46 | 000,120,192 | ---- | C] () -- C:\Documents and Settings\User1\My Documents\haunted_house.jpg
[2010/10/04 13:58:56 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Island - Castaway.lnk
[2010/10/04 13:52:40 | 141,078,024 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\TheIslandCastaway.rar
[2010/10/01 19:41:23 | 173,817,219 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\s.b.and.s.v1.0.5.rar
[2010/09/16 19:21:41 | 000,000,083 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2010/04/29 22:41:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User1\Application Data\SuperSafer.cfg
[2010/02/03 18:22:05 | 000,000,253 | ---- | C] () -- C:\WINDOWS\Sin_setup.INI
[2009/12/13 23:42:05 | 000,359,592 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/10/28 23:14:35 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009/07/21 13:49:53 | 000,001,044 | ---- | C] () -- C:\Documents and Settings\User1\Application Data\vso_ts_preview.xml
[2009/04/26 18:49:27 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/04/18 20:13:10 | 000,000,107 | ---- | C] () -- C:\Documents and Settings\User1\Application Data\default.pls
[2009/03/14 21:19:47 | 000,009,629 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009/03/01 19:19:18 | 000,012,060 | ---- | C] () -- C:\Documents and Settings\User1\Application Data\NMM-MetaData.db
[2009/02/05 18:31:33 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\User1\Local Settings\Application Data\fusioncache.dat
[2009/02/01 11:29:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/12/31 17:04:42 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/10/23 21:26:32 | 000,000,635 | ---- | C] () -- C:\WINDOWS\Dc.INI
[2008/09/05 10:47:04 | 000,000,120 | ---- | C] () -- C:\WINDOWS\WINRESAZ.INI
[2008/09/01 14:21:46 | 000,000,121 | ---- | C] () -- C:\WINDOWS\SwDrvs.ini
[2008/09/01 14:21:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\drvxl32.INI
[2008/09/01 14:21:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\drvwd32.INI
[2008/09/01 13:20:32 | 000,000,343 | ---- | C] () -- C:\WINDOWS\9ed.ini
[2008/08/13 21:31:17 | 000,029,088 | -HS- | C] () -- C:\WINDOWS\System32\MnVGOqru.ini2
[2008/08/13 21:31:17 | 000,029,088 | -HS- | C] () -- C:\WINDOWS\System32\MnVGOqru.ini
[2008/08/03 18:24:01 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/06/09 18:43:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2008/06/05 16:34:49 | 000,006,933 | ---- | C] () -- C:\Program Files\un_Star Defender 4_26816.txt
[2008/03/08 07:44:35 | 000,000,061 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2008/03/05 12:54:19 | 000,000,000 | ---- | C] () -- C:\Program Files\temp01
[2008/03/01 22:20:38 | 003,049,984 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/03/01 22:20:38 | 000,404,480 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/03/01 22:20:38 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2008/03/01 22:20:38 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2008/01/30 14:05:30 | 000,002,568 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/01/24 15:47:46 | 000,000,052 | ---- | C] () -- C:\WINDOWS\cool.ini
[2008/01/24 15:45:27 | 000,000,011 | ---- | C] () -- C:\WINDOWS\wordpad.ini
[2007/12/20 21:45:27 | 000,000,028 | ---- | C] () -- C:\WINDOWS\v2d.INI
[2007/11/30 00:15:49 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2007/11/30 00:15:49 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dxinputdll.dll
[2007/11/26 21:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007/11/16 22:34:58 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/10/29 10:54:51 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2007/10/01 15:08:34 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2007/09/06 13:19:50 | 000,000,117 | ---- | C] () -- C:\WINDOWS\Prof.ini
[2007/09/06 00:55:21 | 000,000,447 | ---- | C] () -- C:\WINDOWS\Clony2.ini
[2007/07/26 00:24:28 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/05/28 18:21:04 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/05/28 18:21:03 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/05/23 15:56:10 | 000,000,205 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2007/04/05 00:15:37 | 000,000,397 | ---- | C] () -- C:\WINDOWS\Proxyrama.INI
[2007/03/29 22:00:40 | 000,203,264 | ---- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2007/03/10 22:51:48 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/02/28 14:33:51 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\CNCS232.DLL
[2007/02/12 17:45:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007/01/31 00:01:15 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007/01/31 00:01:15 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007/01/04 01:48:05 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\infcpy.dll
[2006/10/21 15:34:09 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2006/07/24 20:16:51 | 000,000,011 | ---- | C] () -- C:\WINDOWS\KPP.INI
[2006/07/15 10:45:10 | 000,000,019 | ---- | C] () -- C:\WINDOWS\System32\systilde32.dll
[2006/05/11 23:13:56 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/30 21:07:17 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2006/04/30 20:30:02 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/04/23 00:59:13 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2006/03/31 15:05:53 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2006/01/16 00:34:21 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2006/01/10 19:00:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDER310E.ini
[2006/01/09 12:20:04 | 000,000,073 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2005/12/23 13:15:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\RAWImage.INI
[2005/12/04 11:56:56 | 000,000,011 | ---- | C] () -- C:\WINDOWS\ABC.INI
[2005/10/27 16:41:47 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Converter.INI
[2005/10/04 10:01:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Quicktools.INI
[2005/07/25 15:41:18 | 000,000,036 | ---- | C] () -- C:\WINDOWS\ibu.dll
[2005/06/27 18:08:31 | 000,000,551 | ---- | C] () -- C:\WINDOWS\Clubhouse.ini
[2005/06/23 17:00:08 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\TTSServer.dll
[2005/06/22 10:05:22 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVSyd.DLL
[2005/06/22 10:05:13 | 000,000,599 | ---- | C] () -- C:\WINDOWS\System32\CNCMP51.INI
[2005/05/25 10:04:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2005/05/25 09:57:09 | 000,000,111 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/05/11 14:01:36 | 000,001,125 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2005/04/08 14:38:48 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\tmpid.dll
[2005/04/05 18:41:14 | 000,000,397 | ---- | C] () -- C:\WINDOWS\MYOBP.INI
[2005/04/05 18:41:14 | 000,000,039 | ---- | C] () -- C:\WINDOWS\MYOB.INI
[2005/02/09 12:59:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/01/30 10:22:58 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005/01/29 11:25:02 | 008,956,040 | ---- | C] () -- C:\Program Files\InstallSnSBingo.exe
[2005/01/26 16:50:53 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2005/01/26 16:50:53 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2005/01/26 05:25:04 | 000,247,808 | ---- | C] () -- C:\Documents and Settings\User1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/01/22 04:00:05 | 000,000,712 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/01/22 04:00:03 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ka.ini
[2005/01/20 09:32:33 | 000,000,855 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2005/01/20 06:23:29 | 000,000,700 | ---- | C] () -- C:\WINDOWS\disney.ini
[2005/01/19 12:26:31 | 000,000,119 | ---- | C] () -- C:\WINDOWS\compedia.ini
[2005/01/13 08:36:54 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\property.dll
[2005/01/13 08:33:58 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2005/01/13 00:10:32 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004/08/04 23:00:00 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2004/04/22 13:58:26 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2003/07/14 12:20:16 | 000,000,025 | R--- | C] () -- C:\WINDOWS\MPower23.ini
[2003/04/09 07:21:50 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\trayocx.dll
[2002/11/04 15:09:46 | 000,000,025 | R--- | C] () -- C:\WINDOWS\MPowerK1.ini
[2002/10/16 09:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2000/01/31 09:02:00 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll
[1999/01/23 08:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/04/01 00:00:00 | 001,664,272 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1997/04/01 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/04/01 00:00:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1997/04/01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
========== LOP Check ==========
[2008/06/26 20:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activision
[2010/10/23 16:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Artist Colony
[2010/10/16 12:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/10/30 09:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/10/16 11:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2008/03/07 16:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Awem
[2005/05/25 09:58:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2010/10/16 12:33:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2007/03/12 14:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dslic
[2007/03/12 14:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dslicense
[2008/05/29 18:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EdAlive
[2008/06/23 12:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum
[2009/08/30 20:08:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\F1E9A331CBDB4A7EBD262857943DCAB7
[2010/03/07 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy-PizzaParty
[2010/04/22 17:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
[2010/04/25 17:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_America
[2010/05/27 17:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_Arctica
[2008/09/21 19:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2007/08/20 10:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FloodLightGames
[2007/08/26 19:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreshGames
[2010/06/13 19:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2008/09/15 22:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GeoVid
[2010/04/26 16:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2008/11/17 11:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HiddenSecretsNightmare
[2006/12/21 14:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Imaginext
[2009/02/27 23:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2007/04/24 21:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterAction studios
[2007/01/04 01:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LearningPOWER
[2008/06/23 14:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/07/16 17:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2005/04/25 12:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010/10/16 11:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/02/02 21:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2009/11/28 16:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/04/19 23:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2010/08/29 14:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyVirtualHome
[2007/07/06 20:11:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/02/27 23:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/12/04 15:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2008/01/11 21:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/08/13 17:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/01/16 18:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayPond
[2010/04/26 19:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2009/08/09 04:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/01/12 20:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Princess Isabella
[2010/07/21 19:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008/05/22 18:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2007/05/11 19:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2009/04/22 23:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra
[2009/07/08 09:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2010/04/29 22:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spotmau
[2010/06/14 20:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[2010/10/30 17:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/10/26 16:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Learning Company
[2006/01/10 19:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2005/11/29 11:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2006/12/06 12:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/02/14 15:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualFarm
[2005/12/17 13:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2009/07/22 10:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2008/10/20 23:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vuvyrglo
[2007/10/09 13:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XemiComputers
[2007/05/15 01:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/07/19 20:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/08/02 06:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006/02/09 17:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\.bittorrent
[2010/07/07 14:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\abgx360
[2007/04/11 15:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Alawar
[2010/10/11 17:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Anarchy
[2010/10/16 12:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\AVG10
[2010/04/19 20:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\AVG9
[2010/10/23 16:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Azureus
[2010/10/26 22:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\BBA3C47041CC05CF5F7CEAE09FFAF8B6
[2010/01/17 21:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\bfgbar
[2010/06/03 17:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Big Fish Games
[2010/10/28 19:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Bitrix Security
[2008/11/17 15:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Boomzap
[2007/02/25 18:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Canon
[2010/01/16 16:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Cloanto
[2010/08/16 20:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\com.gog.downloader.87F90EC6C28C7E479115BE2E026DB87A08BC420D.1
[2008/04/27 01:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\DAEMON Tools Pro
[2007/05/23 17:00:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Disney Interactive Studios
[2008/11/16 15:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\DiVision Studios XAvenger
[2009/12/25 19:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\EleFun Games
[2007/07/20 18:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Eyeblaster
[2008/09/21 19:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Flood Light Games
[2007/08/20 10:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\FloodLightGames
[2008/10/13 13:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\ForgottenRiddles
[2009/11/28 12:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Friday's games
[2007/07/22 20:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\GameHouse
[2008/09/15 22:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\GeoVid
[2007/11/13 13:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\GetRight
[2010/02/06 18:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\GetRightToGo
[2007/08/22 13:57:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\GrabIt
[2006/01/27 14:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Imageview
[2009/08/31 07:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\ImgBurn
[2005/01/21 07:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\InterTrust
[2007/08/24 18:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\iWin
[2007/11/30 00:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\KALiNKOsoft
[2006/01/08 15:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Leadertech
[2008/06/23 14:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Ludia
[2007/07/02 00:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Magic Academy
[2010/06/04 15:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\MagicIndie
[2010/07/16 17:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Merscom
[2007/07/06 20:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\My Games
[2010/09/13 01:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\NewsLeecher
[2010/08/29 11:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nokia
[2009/02/27 22:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nokia Multimedia Player
[2009/12/13 21:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nseries
[2005/12/11 18:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Opera
[2009/12/04 15:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\PC Suite
[2010/09/03 23:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\PeaceCraft2
[2007/10/19 18:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\PgcEdit
[2010/08/13 17:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\PlayFirst
[2008/03/18 14:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\PSPDocMaker
[2009/05/26 10:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\RipIt4Me
[2009/11/01 12:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\runic games
[2010/10/03 13:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Sahmon Games
[2008/01/11 12:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\SecondLife
[2005/02/26 11:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\SEGA
[2010/06/14 20:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\SulusGames
[2009/02/01 19:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\TeamViewer
[2008/05/06 20:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\The Labyrinth Plus! Edition
[2009/03/29 22:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\The Path
[2007/04/28 13:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\tunebite
[2005/11/22 14:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Ulead Systems
[2007/08/26 10:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\VeniceMysteryData
[2007/06/23 22:30:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Viewpoint
[2009/07/23 09:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Vso
[2005/03/08 02:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\WholeSecurity
[2008/08/02 20:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Xbins
[2007/10/09 13:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\XemiComputers
[2007/06/29 22:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Zylom
[2010/10/30 17:41:48 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
[2010/10/28 09:00:00 | 000,000,186 | ---- | M] () -- C:\WINDOWS\Tasks\C and K.job
[2010/10/30 17:37:51 | 000,000,438 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2010/10/14 03:40:00 | 000,000,372 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 48 bytes -> C:\WINDOWS:8D09A0EF29FDE6E4
@Alternate Data Stream - 40 bytes -> C:\WINDOWS\system32:7170a6db.zreglib
@Alternate Data Stream - 239 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:178093AE
@Alternate Data Stream - 238 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B722BCE5
@Alternate Data Stream - 237 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38FF076E
@Alternate Data Stream - 236 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BF6C81B2
@Alternate Data Stream - 236 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A02025CE
@Alternate Data Stream - 234 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC51BA36
@Alternate Data Stream - 234 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F43B7E8F
@Alternate Data Stream - 234 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:864881BF
@Alternate Data Stream - 230 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D6EAEC3
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:22741C1F
@Alternate Data Stream - 227 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00811B66
@Alternate Data Stream - 224 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CEE4A457
@Alternate Data Stream - 224 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:99AC3203
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8C81B36D
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:008586AE
@Alternate Data Stream - 219 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D055FC10
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6FD36C4B
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3942462
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED9B661E
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DB6F365
@Alternate Data Stream - 214 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8140CB50
@Alternate Data Stream - 214 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80E965A3
@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56C17A93
@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:109734F6
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC2381A4
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A0CB43B2
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC0528D9
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BFAD7A5D
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:15752405
@Alternate Data Stream - 203 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F11C259D
@Alternate Data Stream - 202 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:76A59E49
@Alternate Data Stream - 201 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F0762150
@Alternate Data Stream - 201 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC7C9796
@Alternate Data Stream - 201 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:66AA0486
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC0A74A1
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D507B5A8
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57CC1FDC
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7A0EFE63
@Alternate Data Stream - 191 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:59846E5E
@Alternate Data Stream - 190 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC4EA67C
@Alternate Data Stream - 189 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3063E0E
@Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98F0614F
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED51D3ED
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80EA2EA3
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07D9FF25
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7ADA8871
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A235FA9E
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:151760F0
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3BF63E4A
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B4123E9
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57B4E612
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9857FAE3
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1B7E2022
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3D36932D
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ABE30DDB
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AEBFFE08
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEBD9BCF
< End of report >
Any help greatly appreciated
Regards
tonyjh
Edited by tonyjh, 30 October 2010 - 01:06 AM.