Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

help infected pc otl document added

Started by lynne1985 , Nov 03 2010 02:28 PM

  • Please log in to reply

#1
lynne1985
Posted 03 November 2010 - 02:28 PM

lynne1985

    New Member

  • Member
  • Pip
  • 2 posts
hi i have been having a few problems with my pc if anyone can give any help whatsever it would be appreciated i have tried to sort the problems myself but have probably ended up making it worse as im not great with computers thanks for any help there is also an extras.txt document but i cant get that one on is this needed?
lynne

Edited by lynne1985, 03 November 2010 - 02:32 PM.

  • 0

Advertisements

#2
lynne1985
Posted 03 November 2010 - 02:29 PM

lynne1985

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
otl.txt document

OTL logfile created on: 03/11/2010 20:07:38 - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = D:\Documents and Settings\Adulrs\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,023.00 Mb Total Physical Memory | 304.00 Mb Available Physical Memory | 30.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.99 Gb Total Space | 17.41 Gb Free Space | 58.06% Space Free | Partition Type: NTFS
Drive D: | 111.24 Gb Total Space | 86.50 Gb Free Space | 77.77% Space Free | Partition Type: NTFS

Computer Name: family | User Name: Adulrs | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/03 20:07:34 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Adulrs\My Documents\OTL.exe
PRC - [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/11 11:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/10/06 16:24:38 | 000,652,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/06 16:24:36 | 001,065,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/10/06 16:24:08 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/06 16:24:08 | 000,647,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/09/15 04:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/10 00:45:18 | 003,210,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgfws.exe
PRC - [2010/09/07 02:50:22 | 001,047,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2010/09/07 02:50:08 | 000,745,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2010/06/29 16:29:30 | 000,317,440 | ---- | M] () -- C:\Program Files\WebView\WebView-Process-Connector.exe
PRC - [2010/06/24 13:11:28 | 000,059,904 | ---- | M] () -- C:\Program Files\WebViewLSPService\GacelaWatchDogService.exe
PRC - [2009/02/23 11:20:24 | 000,176,128 | ---- | M] () -- C:\Program Files\WebView\WebView-Updater.exe
PRC - [2009/02/23 11:20:24 | 000,102,400 | ---- | M] () -- C:\Program Files\WebView\WebView-Reporting.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/05/17 17:42:32 | 000,933,888 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
PRC - [2005/05/11 12:52:04 | 000,737,381 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
PRC - [2005/05/11 12:52:00 | 000,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
PRC - [2005/05/11 12:50:34 | 000,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe
PRC - [2005/05/11 12:50:14 | 000,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
PRC - [2005/05/11 12:48:02 | 000,127,118 | ---- | M] (CyberLink Corp.) -- C:\APPS\Powercinema\PCMService.exe
PRC - [2005/04/23 19:12:00 | 000,802,816 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2005/03/04 02:36:46 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
PRC - [2005/01/07 11:01:52 | 000,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HidService.exe
PRC - [2004/11/26 10:43:34 | 000,090,112 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
PRC - [2004/11/19 20:50:26 | 000,069,632 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2004/09/15 10:20:40 | 002,557,952 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/09/10 17:29:00 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
PRC - [2004/04/08 07:38:26 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2004/02/26 08:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003/07/02 16:40:08 | 000,045,056 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe
PRC - [2002/04/12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe
PRC - [2001/12/13 00:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brss01a.exe


========== Modules (SafeList) ==========

MOD - [2010/11/03 20:07:34 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Adulrs\My Documents\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/06 10:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/10 00:45:18 | 003,210,176 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2010/06/14 10:59:26 | 003,043,328 | ---- | M] (nurago GmbH) [Auto | Stopped] -- C:\Program Files\WebViewLSPService\WebViewLSPService.exe -- (WebViewLSPService)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/02/23 11:20:24 | 000,176,128 | ---- | M] () [Auto | Running] -- C:\Program Files\WebView\WebView-Updater.exe -- (WebView-Update-Service)
SRV - [2009/02/23 11:20:24 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\WebView\WebView-Reporting.exe -- (WebView-Reporting-Service)
SRV - [2005/05/11 12:52:00 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/05/11 12:50:34 | 000,110,672 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/05/11 12:50:14 | 000,221,266 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2005/01/07 11:01:52 | 000,049,152 | ---- | M] () [Auto | Running] -- c:\APPS\HIDSERVICE\HidService.exe -- (GenericHidService)
SRV - [2004/04/08 07:38:26 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/02/26 08:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2003/07/02 16:40:08 | 000,045,056 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2002/04/12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\WINDOWS\system32\brsvc01a.exe -- (Brother XP spl Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\DOCUME~1\Adulrs\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2010/11/02 18:05:34 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 02:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/07 02:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 02:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 02:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/07/12 03:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010/07/12 03:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2008/04/14 00:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 00:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 22:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/04 13:47:46 | 000,026,368 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\optovcm.sys -- (optovcm)
DRV - [2008/04/04 13:47:46 | 000,018,432 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\optousb.sys -- (optousb)
DRV - [2005/08/02 15:35:00 | 003,198,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/10/15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/09/16 10:21:18 | 002,257,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/08/03 21:41:40 | 000,013,776 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2004/03/17 14:10:40 | 000,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2003/12/31 10:58:46 | 000,069,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023)
DRV - [2003/08/20 16:34:50 | 000,548,952 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2003/07/16 11:30:26 | 000,221,736 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2003/07/02 15:26:36 | 001,301,128 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/07/02 15:24:36 | 000,086,128 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2003/07/02 15:12:52 | 000,039,348 | ---- | M] (Vireo Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003/07/02 14:57:10 | 000,167,384 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2003/01/10 15:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file://C:\APPS\IE\offline\uk.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/10/25 19:11:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\WebView\ [2010/10/26 17:25:50 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (WebView) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\WebView\Gacela2.dll (nurago GmbH)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCMService] c:\Apps\Powercinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [WebViewWatchDog] C:\Program Files\WebViewLSPService\GacelaWatchDogService.exe ()
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : About WebView - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\WebView\Gacela2.dll (nurago GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\WebViewLSPService.DLL (nurago GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\WebViewLSPService.DLL (nurago GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\WebViewLSPService.DLL (nurago GmbH)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EBB176D2-AF75-4706-832F-4C8448F72757} http://www.shopandsc.../TNSClickrc.CAB (TNSClickerc.Clicker)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\windcd32: DllName - windcd32.dll - File not found
O20 - Winlogon\Notify\windnv32: DllName - windnv32.dll - C:\WINDOWS\System32\windnv32.dll ()
O24 - Desktop WallPaper: D:\Documents and Settings\Adulrs\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Adulrs\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/03 20:07:24 | 000,576,000 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Adulrs\My Documents\OTL.exe
[2010/11/03 19:59:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/11/03 19:32:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\Uwby
[2010/11/03 19:32:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\Agexfa
[2010/11/03 19:22:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/11/03 19:22:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/11/03 19:22:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/11/03 19:22:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/11/03 19:09:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/11/03 19:02:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/11/03 18:53:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/11/03 18:53:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/11/03 17:59:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/11/03 16:48:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/11/03 16:48:51 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/11/03 16:46:06 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Adulrs\Recent
[2010/11/03 15:23:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/11/03 13:19:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\Malwarebytes
[2010/11/03 13:19:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/03 13:19:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/03 13:19:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/02 19:46:24 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/11/02 18:12:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2010/11/02 18:03:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010/11/02 18:03:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\DAEMON Tools Pro
[2010/11/02 16:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/11/02 16:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/11/02 16:13:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\WinRAR
[2010/11/02 16:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/11/02 16:00:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2010/11/02 16:00:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Application Data\Real
[2010/11/02 15:59:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/11/02 15:51:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\My Documents\Downloads
[2010/11/02 15:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/11/02 15:50:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\uTorrent
[2010/11/02 15:39:41 | 000,258,048 | ---- | C] (Brother Industries, Ltd) -- C:\WINDOWS\System32\bsplmf01.dll
[2010/11/02 15:39:41 | 000,131,072 | ---- | C] (Brother Industries,ltd) -- C:\WINDOWS\System32\bsplmf01.exe
[2010/11/02 15:39:41 | 000,121,856 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia05a.dll
[2010/11/02 15:39:41 | 000,037,888 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUSi05a.dll
[2010/11/02 15:39:39 | 000,057,344 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\brsvc01a.exe
[2010/11/02 15:39:39 | 000,045,056 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\brss01a.exe
[2010/11/02 15:39:39 | 000,015,295 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrScnUsb.sys
[2010/11/02 15:39:37 | 000,052,224 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll
[2010/11/02 15:39:34 | 000,188,416 | ---- | C] (brother) -- C:\WINDOWS\System32\PDRVINST.DLL
[2010/11/02 15:39:34 | 000,081,920 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll
[2010/11/02 15:39:34 | 000,065,536 | ---- | C] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE
[2010/11/02 15:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2010/11/02 15:39:31 | 000,147,456 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll
[2010/11/02 15:39:31 | 000,000,000 | ---D | C] -- C:\Brother
[2010/11/02 15:28:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Application Data\Sun
[2010/11/02 11:11:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Local Settings\Application Data\Identities
[2010/10/31 21:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/10/31 21:24:07 | 000,026,368 | ---- | C] (OPTO ELECTRONICS CO.,LTD.) -- C:\WINDOWS\System32\drivers\optovcm.sys
[2010/10/31 21:24:07 | 000,018,432 | ---- | C] (OPTO ELECTRONICS CO.,LTD.) -- C:\WINDOWS\System32\drivers\optousb.sys
[2010/10/31 21:24:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/10/31 21:24:01 | 000,000,000 | ---D | C] -- C:\opticon_driver
[2010/10/31 19:07:31 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\OD2
[2010/10/31 19:07:29 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Adulrs\My Documents\My Videos
[2010/10/30 19:04:31 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Local Settings\Application Data\Identities
[2010/10/30 19:04:30 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Application Data\Identities
[2010/10/28 10:20:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\AdobeUM
[2010/10/28 10:20:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\Idveu
[2010/10/28 10:20:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\Ezgye
[2010/10/28 10:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\windows
[2010/10/28 10:20:27 | 000,000,000 | ---D | C] -- C:\Program Files\riv87
[2010/10/28 10:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/10/27 11:12:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Application Data\Real
[2010/10/27 11:11:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Application Data\Sun
[2010/10/27 08:28:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/10/27 08:18:11 | 000,284,672 | ---- | C] (nurago GmbH) -- C:\WINDOWS\System32\WebViewLSPService.DLL
[2010/10/26 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\WebViewLSPService
[2010/10/26 17:20:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Application Data\Adobe
[2010/10/26 17:00:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\Ulead Systems
[2010/10/26 16:54:36 | 000,000,000 | ---D | C] -- C:\Program Files\WebView
[2010/10/26 16:32:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/10/26 15:26:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/10/25 21:23:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Local Settings\Application Data\Adobe
[2010/10/25 21:23:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\Adobe
[2010/10/25 21:23:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\Sun
[2010/10/25 21:23:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/10/25 19:56:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/10/25 19:21:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\AVG
[2010/10/25 19:13:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Adulrs\Application Data\AVG10
[2010/10/25 19:12:05 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Application Data\Common Files
[2010/10/25 19:11:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/10/25 19:11:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\AVG10
[2010/10/25 19:11:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2010/10/25 19:10:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/10/25 18:48:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\MFAData
[2010/10/25 18:36:37 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Adulrs\PrivacIE
[2010/10/25 18:35:16 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Adulrs\IETldCache
[2010/10/25 18:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/10/25 18:30:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/10/25 18:29:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/10/25 18:29:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2005/10/25 03:58:06 | 000,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[1979/12/31 23:00:00 | 001,301,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[1979/12/31 23:00:00 | 000,548,952 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[1979/12/31 23:00:00 | 000,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[1979/12/31 23:00:00 | 000,167,384 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[1979/12/31 23:00:00 | 000,086,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/03 20:07:34 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Adulrs\My Documents\OTL.exe
[2010/11/03 20:03:04 | 000,464,478 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/03 20:03:04 | 000,079,218 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/03 20:01:35 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/03 20:01:21 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/11/03 20:00:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/03 19:59:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/03 19:59:17 | 000,250,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/03 19:59:16 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/03 19:30:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Setup my PC.job
[2010/11/03 19:00:46 | 000,250,048 | ---- | M] () -- C:\NTLDR
[2010/11/03 18:48:34 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/03 18:37:31 | 000,071,680 | ---- | M] () -- C:\WINDOWS\System32\windnv32.dll
[2010/11/03 17:29:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\Windows Update.job
[2010/11/03 15:23:51 | 000,000,812 | ---- | M] () -- D:\Documents and Settings\Adulrs\Desktop\Spybot - Search & Destroy.lnk
[2010/11/03 14:35:57 | 098,303,171 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/11/03 13:19:13 | 000,000,581 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/03 11:39:05 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\scud.udf
[2010/11/02 18:05:34 | 000,697,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/11/02 17:31:05 | 000,000,692 | ---- | M] () -- D:\Documents and Settings\Adulrs\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/02 15:51:23 | 000,000,543 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/11/02 15:41:20 | 000,001,613 | ---- | M] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Status Monitor.lnk
[2010/11/02 15:40:43 | 000,000,419 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/11/02 15:40:43 | 000,000,030 | ---- | M] () -- C:\WINDOWS\System32\brss01a.ini
[2010/11/02 15:40:43 | 000,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2010/11/02 15:40:42 | 000,000,184 | ---- | M] () -- C:\WINDOWS\System32\brsvc01a.bsi
[2010/11/02 15:39:58 | 000,000,050 | ---- | M] () -- C:\WINDOWS\System32\bridf05a.dat
[2010/10/31 19:07:25 | 000,000,675 | ---- | M] () -- D:\Documents and Settings\Adulrs\Desktop\Windows Media Player.lnk
[2010/10/31 19:07:25 | 000,000,675 | ---- | M] () -- D:\Documents and Settings\Adulrs\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/10/31 19:07:01 | 000,007,168 | ---- | M] () -- D:\Documents and Settings\Adulrs\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/28 09:39:43 | 000,000,607 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/27 09:15:34 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/10/27 09:15:34 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/10/26 17:02:57 | 000,000,262 | ---- | M] () -- D:\Documents and Settings\Adulrs\Application Data\wklnhst.dat
[2010/10/25 20:13:08 | 000,033,699 | ---- | M] () -- C:\WINDOWS\AVG Shortcut 2.ico
[2010/10/25 19:19:40 | 000,625,796 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/03 19:02:03 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/11/03 19:01:59 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/11/03 19:01:53 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/11/03 18:37:31 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\windnv32.dll
[2010/11/03 17:28:31 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\Windows Update.job
[2010/11/03 15:23:51 | 000,000,812 | ---- | C] () -- D:\Documents and Settings\Adulrs\Desktop\Spybot - Search & Destroy.lnk
[2010/11/03 14:35:57 | 098,303,171 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/11/03 13:19:13 | 000,000,581 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/03 11:39:05 | 000,000,042 | ---- | C] () -- C:\WINDOWS\System32\scud.udf
[2010/11/02 18:05:31 | 000,697,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/11/02 15:51:23 | 000,000,543 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/11/02 15:41:20 | 000,001,613 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Status Monitor.lnk
[2010/11/02 15:40:43 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/11/02 15:40:43 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2010/11/02 15:40:43 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010/11/02 15:40:42 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\brsvc01a.bsi
[2010/11/02 15:39:58 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf05a.dat
[2010/11/02 15:39:31 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.BMP
[2010/10/31 19:07:25 | 000,000,675 | ---- | C] () -- D:\Documents and Settings\Adulrs\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/10/27 09:15:34 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/10/27 09:15:34 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/10/27 08:19:53 | 000,000,236 | ---- | C] () -- C:\WINDOWS\tasks\Setup my PC.job
[2010/10/26 17:20:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/26 17:01:42 | 000,000,262 | ---- | C] () -- D:\Documents and Settings\Adulrs\Application Data\wklnhst.dat
[2010/10/26 16:59:31 | 000,007,168 | ---- | C] () -- D:\Documents and Settings\Adulrs\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/25 20:13:08 | 000,033,699 | ---- | C] () -- C:\WINDOWS\AVG Shortcut 2.ico
[2010/10/25 19:19:40 | 000,625,796 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2010/10/25 19:11:44 | 000,000,607 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/06/14 10:59:26 | 000,002,696 | ---- | C] () -- C:\WINDOWS\System32\WebViewLSPService.ini
[2010/06/14 10:59:26 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\WebViewLSPServiceOff.ini
[2009/10/09 09:06:22 | 000,012,953 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\lakavela.ban
[2008/10/29 14:39:02 | 000,005,087 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\ywasvxup.hvs
[2007/10/12 14:57:57 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2007/07/10 17:37:03 | 000,000,063 | -H-- | C] () -- D:\Documents and Settings\All Users\Application Data\Ts_infos.ini
[2005/10/25 04:34:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/25 04:23:28 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005/10/25 04:19:52 | 000,000,514 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2005/10/25 04:14:11 | 000,007,576 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2005/10/25 04:03:31 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2005/10/25 04:03:31 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/10/25 03:58:06 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2005/10/25 03:58:06 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2005/10/25 03:58:06 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2005/05/20 13:05:02 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 16:13:32 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 15:48:11 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/06/23 13:14:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[1979/12/31 23:00:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[1979/12/31 23:00:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[1979/12/31 23:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[1979/12/31 23:00:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[1979/12/31 23:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[1979/12/31 23:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[1979/12/31 23:00:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[1979/12/31 23:00:00 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[1979/12/31 23:00:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll

========== LOP Check ==========

[2010/11/03 19:32:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\Agexfa
[2010/10/25 21:23:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\Ataf
[2010/10/25 19:32:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\AVG
[2010/10/25 19:13:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\AVG10
[2010/11/02 18:13:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\DAEMON Tools Pro
[2010/11/03 14:25:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\Ezgye
[2010/11/03 14:25:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\Idveu
[2010/10/31 19:07:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\OD2
[2010/10/25 21:23:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\Owmiu
[2010/10/26 17:00:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\Ulead Systems
[2010/11/03 19:45:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\uTorrent
[2010/11/03 19:32:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Adulrs\Application Data\Uwby
[2009/11/10 07:14:13 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\All Users\Application Data\9ba2a1a
[2010/06/13 21:25:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/10/28 12:35:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/10/27 11:17:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVG10
[2010/06/13 20:25:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\avg9
[2008/02/09 22:24:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Azureus
[2010/10/25 19:12:05 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\Common Files
[2010/02/24 11:31:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/11/02 18:04:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010/02/24 20:20:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2007/02/20 21:18:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Kontiki
[2010/10/25 19:10:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MFAData
[2005/10/24 21:18:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\OD2
[2008/02/04 17:26:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Participatory Culture Foundation
[2010/11/03 17:59:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2006/04/10 21:26:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\pixelStorm
[2010/02/24 23:41:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\RegCure
[2009/03/05 09:41:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/04/24 10:13:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Sports Interactive
[2010/11/02 17:32:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2008/09/02 12:06:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Tick Find Close Surf
[2010/08/18 15:32:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ubisoft
[2005/10/24 21:21:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/10/24 21:13:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/01/25 23:34:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\vsosdk
[2008/10/04 15:30:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/10/01 18:48:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/08/22 15:11:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2005/01/04 19:30:46 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 1.job
[2005/01/04 19:30:47 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2005/01/04 19:30:47 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job
[2010/11/03 19:30:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Setup my PC.job
[2010/11/03 17:29:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\Windows Update.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 114 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP