This topic is locked
Last night I stopped being able to access my website for which I have a Filezilla client shortcut on my desktop, although any other computer could acces it fine. That was the first problem
Then a few hours later I started getting tons of Avast warnings for ExeDropper and Win32:Ramnit every few seconds.
Then when I tried running Malwarebytes, I kept getting an error message when I tried to update the definitions. Avast had frequent problems connecting to the server when I would try to update.
Then I stopped being able to access the Avast forum domain on IE, although other websites worked. Same with sites to download MWB again.
I set the max size of my virus chest in Avast to 0 as was suggested on the Avast forum (which I was browsing on a borrowed computer). However, whenever I try a boot time scan, it can't complete because when trying to move files to chest it says that the disk is full (which it is not).
I run the Free version of Avast.
I would be very grateful if someone could help me; I run my business from my infected computer and am lost without it.
Thanks,
Jason
Here is the OTL.txt:
OTL logfile created on: 03/11/2010 2:01:52 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = D:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): D:\pagefile.sys 1024 1024 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 4.50 Gb Total Space | 3.00 Gb Free Space | 66.66% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 0.98 Gb Free Space | 6.53% Space Free | Partition Type: NTFS
Drive E: | 67.25 Gb Total Space | 13.38 Gb Free Space | 19.89% Space Free | Partition Type: NTFS
Drive F: | 5.00 Gb Total Space | 4.32 Gb Free Space | 86.46% Space Free | Partition Type: NTFS
Computer Name: RONSOCO | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/11/03 14:00:48 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2010/09/07 08:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- D:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 08:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/05/18 13:23:54 | 000,389,120 | R--- | M] (Teleca) -- D:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/03/17 16:22:52 | 001,019,904 | R--- | M] (Teleca Sweden AB) -- D:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
PRC - [2010/03/17 16:08:22 | 000,253,952 | R--- | M] (TODO: <Company name>) -- D:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
PRC - [2010/03/17 16:08:04 | 000,462,848 | R--- | M] (Teleca AB) -- D:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
PRC - [2009/12/11 15:50:34 | 000,557,056 | R--- | M] (Teleca AB) -- D:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2009/11/19 17:19:48 | 000,598,016 | R--- | M] (Teleca Sweden AB) -- D:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
PRC - [2009/06/03 10:25:16 | 000,106,496 | R--- | M] (Popwire AB) -- D:\Program Files\Common Files\Teleca Shared\logger.exe
PRC - [2009/04/14 13:14:26 | 000,139,264 | ---- | M] (Teleca Sweden AB) -- D:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006/03/24 17:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- D:\WINDOWS\stsystra.exe
PRC - [2005/11/07 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- D:\WINDOWS\system32\DLA\DLACTRLW.EXE
========== Modules (SafeList) ==========
MOD - [2010/11/03 14:00:48 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Owner\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Unknown | Stopped] -- -- (Macromedia Licensing Service)
SRV - File not found [On_Demand | Stopped] -- D:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Unknown | Stopped] -- -- (Adobe LM Service)
SRV - [2010/09/07 08:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 08:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 08:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\WINDOWS\System32\drivers\UIUSys.sys -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\WINDOWS\System32\DRIVERS\ctpdusb.sys -- (Jukebox3)
DRV - [2010/09/07 07:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 07:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 07:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 07:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- D:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 07:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- D:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 07:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009/06/10 00:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008/04/13 11:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 11:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 09:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/10/15 22:15:44 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2006/10/12 23:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/03/24 17:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/08 12:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/11/18 12:02:50 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/11/18 12:02:10 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/11/07 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- D:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/11/07 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- D:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/11/07 05:20:00 | 000,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- D:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/11/07 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- D:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/11/07 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- D:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/11/07 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- D:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/11/07 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- D:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/09/12 03:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/08/12 05:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/08/05 11:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 11:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 11:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 11:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/07/14 18:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/07/14 17:28:38 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/07/12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2004/10/14 15:33:26 | 000,024,576 | ---- | M] (BridgeCo AG) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ps_avs.sys -- (ps_avs)
DRV - [2004/10/14 15:33:22 | 000,097,152 | ---- | M] (BridgeCo AG) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ps_1394.sys -- (ps_1394)
DRV - [2004/03/11 17:19:36 | 000,346,560 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\PRISMA02.sys -- (PRISM_A02) D-Link Wireless 802.11b/g Driver (USB)
DRV - [2003/05/05 19:25:48 | 000,028,205 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- D:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010/06/01 20:14:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010/06/02 06:47:37 | 000,000,000 | ---D | M]
[2010/04/30 21:49:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/09/22 23:37:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkentt2s.default\extensions
[2010/05/02 09:04:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkentt2s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/22 23:37:18 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2004/08/04 03:00:00 | 000,000,734 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - D:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O4 - HKLM..\Run: [avast5] D:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] D:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DLA] D:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [Mobile Connectivity Suite] D:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [SigmatelSysTrayApp] D:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Lookup on Merriam Webster - D:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - D:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - D:\Program Files\ieSpell\iespell.dll File not found
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - D:\Program Files\ieSpell\iespell.dll File not found
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - D:\Program Files\ieSpell\iespell.dll File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://westmap.westv...er/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1263243885500 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1271281110234 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.128,93.188.160.208
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - D:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: D:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/10/14 00:26:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3319cc92-b74b-11dc-8674-0015c5b8b783}\Shell - "" = AutoRun
O33 - MountPoints2\{3319cc92-b74b-11dc-8674-0015c5b8b783}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /M:121cc0430) - D:\WINDOWS\System32\aswBoot.exe (AVAST Software)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/11/03 14:00:45 | 000,576,000 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/11/03 10:07:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Local Settings\Application Data\ICS
[2010/11/03 10:06:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\LMI15.tmp
[2010/11/02 21:39:42 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft
[2010/10/19 08:01:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Desktop\Tree at Ryan and Karens
[2010/10/16 18:44:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\Teleca
[2010/10/16 18:44:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Local Settings\Application Data\HTC
[2010/10/16 18:44:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\HTC
[2010/10/16 18:43:58 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Teleca Shared
[2010/10/16 18:43:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Teleca
[2010/10/16 18:43:21 | 000,024,576 | ---- | C] (HTC, Corporation) -- D:\WINDOWS\System32\drivers\ANDROIDUSB.sys
[2010/10/16 18:43:16 | 000,000,000 | ---D | C] -- D:\Program Files\Spirent Communications
[2010/10/16 18:43:12 | 000,000,000 | ---D | C] -- D:\Program Files\HTC
[2010/10/16 18:41:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\Downloaded Installations
[2010/10/04 21:52:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Desktop\longboard craigslist
[2006/12/07 10:30:44 | 000,017,920 | ---- | C] ( ) -- D:\WINDOWS\System32\ShellLnk.dll
[2006/12/07 10:30:43 | 000,018,944 | ---- | C] ( ) -- D:\WINDOWS\System32\Implode.dll
[8 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/11/03 14:03:00 | 000,000,422 | -H-- | M] () -- D:\WINDOWS\tasks\User_Feed_Synchronization-{60208E93-38E5-48D3-87A5-A4ABA6A99286}.job
[2010/11/03 14:00:48 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/11/03 13:41:46 | 000,436,470 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010/11/03 13:41:46 | 000,069,008 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010/11/03 13:38:03 | 000,000,880 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/03 13:37:35 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010/11/03 13:19:40 | 000,002,626 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010/11/03 11:32:00 | 000,000,884 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/03 11:12:00 | 000,000,978 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-789336058-725345543-1003UA.job
[2010/11/03 10:52:41 | 000,000,016 | ---- | M] () -- D:\WINDOWS\System32\dmlconf.dat
[2010/11/02 19:28:00 | 000,000,926 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-789336058-725345543-1003Core1cb668fc6642740.job
[2010/10/19 08:06:27 | 001,197,118 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\greenhouse window.jpg
[2010/10/17 18:07:47 | 000,002,513 | ---- | M] () -- D:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2003.lnk
[2010/10/17 00:17:05 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2010/10/17 00:17:04 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/10/11 07:30:59 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[8 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/11/02 21:39:42 | 000,000,016 | ---- | C] () -- D:\WINDOWS\System32\dmlconf.dat
[2010/10/19 08:06:27 | 001,197,118 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\greenhouse window.jpg
[2010/10/17 00:17:05 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2010/10/17 00:17:04 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/10/07 19:23:20 | 000,000,926 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-789336058-725345543-1003Core1cb668fc6642740.job
[2010/09/11 23:13:10 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\Owner\Application Data\AVSDVDPlayer.m3u
[2010/02/04 19:49:03 | 000,176,235 | ---- | C] () -- D:\WINDOWS\System32\Primomonnt.dll
[2009/08/03 12:17:56 | 000,000,101 | ---- | C] () -- D:\WINDOWS\lexstat.ini
[2009/08/03 12:17:29 | 000,077,824 | ---- | C] () -- D:\WINDOWS\System32\LXBKLCNP.DLL
[2009/08/03 12:17:29 | 000,040,960 | ---- | C] () -- D:\WINDOWS\System32\lxbkvs.dll
[2009/08/03 12:17:10 | 000,000,266 | ---- | C] () -- D:\WINDOWS\System32\lxbkcoin.ini
[2009/07/30 18:58:42 | 000,000,314 | ---- | C] () -- D:\WINDOWS\primopdf.ini
[2007/02/20 23:37:50 | 000,006,656 | ---- | C] () -- D:\WINDOWS\System32\CNMVS58.DLL
[2007/01/22 21:29:38 | 000,777,728 | ---- | C] () -- D:\WINDOWS\System32\SSLSVC.DLL
[2007/01/22 21:29:38 | 000,069,632 | ---- | C] () -- D:\WINDOWS\System32\xmltok.dll
[2007/01/22 21:29:38 | 000,040,960 | ---- | C] () -- D:\WINDOWS\System32\cfmsg.dll
[2007/01/22 21:29:38 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\xmlparse.dll
[2007/01/22 21:29:37 | 000,114,688 | ---- | C] () -- D:\WINDOWS\System32\lang_cfml.dll
[2007/01/22 21:29:37 | 000,028,672 | ---- | C] () -- D:\WINDOWS\System32\xml_datagrove.dll
[2006/12/07 11:58:43 | 000,210,944 | ---- | C] () -- D:\WINDOWS\System32\MSVCRT10.DLL
[2006/11/26 00:25:17 | 000,000,112 | ---- | C] () -- D:\WINDOWS\ActiveSkin.INI
[2006/11/17 22:58:08 | 000,000,032 | ---- | C] () -- D:\WINDOWS\CD_Start.INI
[2006/11/08 21:25:42 | 000,001,376 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/10/15 22:15:44 | 000,033,824 | ---- | C] () -- D:\WINDOWS\System32\drivers\oreans32.sys
[2006/10/15 22:15:22 | 000,524,288 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2006/10/15 22:15:22 | 000,139,264 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2006/10/15 20:08:35 | 000,068,608 | ---- | C] () -- D:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/15 10:24:30 | 000,000,376 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2006/10/14 10:39:48 | 000,000,000 | ---- | C] () -- D:\WINDOWS\iPlayer.INI
[2006/10/14 10:28:04 | 000,000,698 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2006/10/14 10:06:21 | 000,016,480 | ---- | C] () -- D:\WINDOWS\System32\rixdicon.dll
[2006/10/14 09:52:24 | 000,757,760 | ---- | C] () -- D:\WINDOWS\System32\bcm1xsup.dll
[2006/10/14 09:52:23 | 000,086,016 | ---- | C] () -- D:\WINDOWS\System32\preflib.dll
[2006/10/13 17:14:03 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2005/11/28 17:11:07 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\px.ini
[2003/01/07 07:05:08 | 000,002,695 | ---- | C] () -- D:\WINDOWS\System32\OUTLPERF.INI
[2001/11/27 17:59:52 | 000,483,405 | ---- | C] () -- D:\WINDOWS\System32\Taper.dll
========== LOP Check ==========
[2010/05/15 09:55:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
[2007/10/30 22:01:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2010/10/16 18:44:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\HTC
[2006/10/14 19:58:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/10/16 18:44:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Teleca
[2009/04/29 18:50:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006/11/20 23:28:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Cycling '74
[2010/05/04 21:17:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\FileZilla
[2010/05/20 12:13:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\ieSpell
[2010/10/27 21:27:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\PrimoPDF
[2010/02/04 19:57:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Softland
[2006/10/16 21:18:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Steinberg
[2010/10/17 00:17:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Teleca
[2010/11/03 14:03:00 | 000,000,422 | -H-- | M] () -- D:\WINDOWS\Tasks\User_Feed_Synchronization-{60208E93-38E5-48D3-87A5-A4ABA6A99286}.job
========== Purity Check ==========
< End of report >
Sign In
Create Account
