Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware/Spyware

Started by jojobo36 , Nov 10 2010 09:41 AM

  • Please log in to reply

#1
jojobo36
Posted 10 November 2010 - 09:41 AM

jojobo36

    Member

  • Member
  • PipPip
  • 97 posts
Good Morning,

I've been experiencing a major slow down on my system. All applications that I click on to open will take minutes to actually open. Not sure if I required a virus, or if it is malware or spyware. I have ran several scans to try to improve the computers preformance, but having no luck. Some of the scans that I have used have been, 1st- TFC, 2nd- Malwarebytes, 3rd- SuperAntispyware. Nothing appears to be picking up a solution. Please advise if you have other scans you can run to help me with this issue.
operating system- Windows Vista
virus scanner - AVG

Here is the OTL log- I did receieve another log, Extras.txt, I did not include this log Please advise if needed.

OTL logfile created on: 11/10/2010 9:22:52 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Wes Cornwell\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.00 Mb Total Physical Memory | 158.00 Mb Available Physical Memory | 16.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 39.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 167.76 Gb Free Space | 75.30% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.36 Gb Free Space | 63.61% Space Free | Partition Type: NTFS

Computer Name: WESCORNWELL-PC | User Name: Wes Cornwell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/10 09:22:18 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Wes Cornwell\Desktop\OTL.exe
PRC - [2010/11/09 11:42:41 | 002,069,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/09 11:38:31 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/10/10 22:14:54 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe
PRC - [2010/09/20 10:48:45 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/21 09:20:47 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/06/25 00:22:40 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/06/25 00:17:17 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/06/25 00:05:02 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/06/25 00:04:58 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/05/28 05:04:52 | 000,911,920 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2009/06/18 15:41:50 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/05/21 09:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2007/12/05 05:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/06/26 05:56:08 | 000,098,952 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\dldfserv.exe
PRC - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) -- C:\Windows\System32\dldfcoms.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe


========== Modules (SafeList) ==========

MOD - [2010/11/10 09:22:18 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Wes Cornwell\Desktop\OTL.exe
MOD - [2010/08/31 09:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010/06/25 00:22:40 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/06 10:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/07/21 09:20:47 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/06/25 00:17:17 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/29 07:51:54 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/24 19:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/06/18 15:41:50 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 05:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/06/26 05:56:08 | 000,098,952 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldfcoms.exe -- (dldf_device)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\WESCOR~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/06/25 00:22:47 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/25 00:05:10 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/17 01:18:28 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/05/31 10:43:22 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/05/28 05:04:52 | 000,014,896 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/04 18:45:23 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/03/04 12:32:36 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/02/22 23:22:52 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/22 23:22:52 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/08/02 05:56:10 | 000,735,232 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/07/14 17:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/13 14:47:44 | 000,026,416 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/05/13 14:47:44 | 000,024,880 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/11/11 12:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 12:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbgps.sys -- (UsbGps)
DRV - [2008/11/11 12:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 12:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008/01/24 10:06:40 | 002,054,872 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/10/26 14:09:16 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007/10/26 14:09:16 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/10/26 14:09:16 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/03/15 07:57:30 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/01/05 20:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 03:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 03:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 03:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 03:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 03:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 03:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 03:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 03:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 03:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 03:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 03:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 03:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 03:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 03:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 01:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 01:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/11/02 01:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/10/18 12:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 12:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/18 12:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 18:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [1999/08/10 12:51:58 | 000,034,916 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/10/26 11:44:21 | 000,000,000 | ---D | M]

[2010/10/27 11:42:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/18 02:20:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/27 11:27:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O15 - HKCU\..Trusted Domains: worldwinner.com ([www] https in Trusted sites)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.94.172.166 209.94.172.167
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/10 09:22:04 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Wes Cornwell\Desktop\OTL.exe
[2010/11/10 09:02:13 | 000,000,000 | ---D | C] -- C:\4e969994d6401595f7eed9c7621289
[2010/11/03 23:28:57 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/10/27 11:33:42 | 000,000,000 | ---D | C] -- C:\Users\Wes Cornwell\AppData\Local\AVG Security Toolbar
[2007/10/31 16:48:05 | 000,434,176 | ---- | C] ( ) -- C:\Windows\System32\dldfhcp.dll
[2007/10/31 16:48:02 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\dldfinpa.dll
[2007/10/31 16:48:02 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldfiesc.dll
[2007/10/31 16:48:00 | 001,200,128 | ---- | C] ( ) -- C:\Windows\System32\dldfserv.dll
[2007/10/31 16:48:00 | 000,950,272 | ---- | C] ( ) -- C:\Windows\System32\dldfusb1.dll
[2007/10/31 16:47:58 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldfprox.dll
[2007/10/31 16:47:57 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\dldfpmui.dll
[2007/10/31 16:47:57 | 000,565,248 | ---- | C] ( ) -- C:\Windows\System32\dldflmpm.dll
[2007/10/31 16:47:50 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldfhbn3.dll
[2007/10/31 16:47:42 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldfcomm.dll
[2007/10/31 16:47:41 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\dldfcomc.dll
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/10 09:22:18 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Wes Cornwell\Desktop\OTL.exe
[2010/11/10 07:35:52 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/10 07:35:52 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/10 05:00:16 | 067,442,503 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/11/09 15:46:11 | 000,608,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/09 15:46:11 | 000,105,908 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/09 11:35:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/16 12:22:42 | 000,321,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/05 15:50:37 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2010/03/04 12:32:35 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010/01/29 20:15:54 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/09/18 11:39:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008/05/16 02:02:58 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2007/11/11 19:36:53 | 000,032,662 | ---- | C] () -- C:\ProgramData\dldf
[2007/10/31 17:57:49 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007/10/31 17:57:49 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\73B486E930.sys
[2007/10/31 17:49:58 | 000,374,784 | ---- | C] () -- C:\Windows\3dg32.dll
[2007/10/31 17:49:57 | 000,000,250 | ---- | C] () -- C:\Windows\3dr.ini
[2007/10/31 16:52:35 | 001,377,872 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe
[2007/10/31 16:51:10 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLDFPMON.DLL
[2007/10/31 16:51:10 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLDFFXPU.DLL
[2007/10/31 16:50:50 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dldfoem.dll
[2007/10/31 16:50:50 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DLDFPMRC.DLL
[2007/10/31 16:48:07 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldfinst.dll
[2007/10/31 16:48:01 | 000,499,712 | ---- | C] () -- C:\Windows\System32\dldfutil.dll
[2007/10/31 16:47:57 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldfjswr.dll
[2007/10/31 16:47:56 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldfinsb.dll
[2007/10/31 16:47:55 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldfins.dll
[2007/10/31 16:47:55 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldfinsr.dll
[2007/10/31 16:47:49 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldfgrd.dll
[2007/10/31 16:47:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldfcub.dll
[2007/10/31 16:47:44 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldfcu.dll
[2007/10/31 16:47:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldfcur.dll
[2007/10/31 16:47:36 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldfcfg.dll
[2007/10/31 14:18:40 | 000,000,152 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2007/10/31 14:14:51 | 000,000,784 | ---- | C] () -- C:\Users\Wes Cornwell\AppData\Roaming\wklnhst.dat
[2007/10/30 22:33:44 | 000,013,312 | ---- | C] () -- C:\Users\Wes Cornwell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/22 13:17:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dldfcaps.dll
[2007/05/08 17:48:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dldfdrs.dll
[2007/05/03 18:50:10 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldfcoin.dll
[2007/03/19 04:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007/03/19 04:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007/03/19 04:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007/03/19 04:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007/03/19 04:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007/03/19 04:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007/03/19 04:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2007/03/12 21:17:08 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldfcnv4.dll
[2006/11/07 13:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 04:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/08/01 04:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldfvs.dll
[1997/08/13 23:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
[1997/08/13 23:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
[1997/08/13 23:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997/08/13 23:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL

========== LOP Check ==========

[2009/04/18 12:52:58 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\948 Series
[2009/08/23 00:01:25 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Alawar
[2009/09/09 12:40:47 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Artogon
[2010/03/16 21:27:01 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\AVG9
[2009/08/04 00:51:27 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\BloodTies
[2009/11/06 01:49:45 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/05/14 14:45:33 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\EA
[2009/11/14 21:19:49 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\ElementalsTheMagicKey
[2010/03/08 03:43:18 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\FixCleaner
[2009/11/14 21:58:03 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Freezetag
[2009/10/04 18:16:09 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Friday's games
[2009/10/15 15:53:09 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\funkitron
[2009/06/07 19:18:19 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Gogii Games
[2009/07/14 21:21:08 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\ImperialCity
[2007/12/09 13:41:16 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\IsolatedStorage
[2008/06/07 16:29:15 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\LimeWire
[2009/10/15 12:56:44 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\md studio
[2009/05/14 13:39:48 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Meridian93
[2007/11/16 20:57:03 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\MusicNet
[2009/05/24 00:30:02 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Oberonv1001
[2009/05/04 11:48:05 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Oberonv1002
[2009/08/09 11:49:22 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Oberonv1005
[2009/08/19 00:37:43 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\PlayFirst
[2009/10/15 11:55:34 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Playrix Entertainment
[2009/11/14 22:58:37 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\PoBros
[2009/05/14 17:03:03 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Pogo Games
[2009/08/23 13:36:39 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Righteous Kill
[2009/05/23 23:22:52 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\SpinTop Games
[2007/10/31 17:17:36 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Template
[2009/08/05 00:59:11 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\TheScruffs
[2010/11/09 02:20:41 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:CD2ECCEC
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:1AE68282
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:FB384C06
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:72E546C1
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:618BF152
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:3BAD46F6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:0E660858
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:BD8705CE
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:D09AEE3D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:B1C68614
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:6E5C36BA
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:C17FCA88
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:9CD61266
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:A118E9A3
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E8A39657
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:6A7B7A50
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:864A52B8
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:0A404476
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:4EFDF5FB
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E8F2B426
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:CCF42AF8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:B156F3F2
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:74B502CB
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:8599F087
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:1A3FC1C4
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:E90251A2
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:1B1330FD
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:D091E13E
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:CF2C26D2
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:B42328DE
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:8750DCE4
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:001F2DD1
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:DD831FA6
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:49F896E9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:D6BE1CEA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:20FFCF0B
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:1B79AEF3
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:FC89CE5A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:A39CF033
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:687D1056
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:FEF919E6
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E6427C0F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0DA384B0
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:2FAFBD6A
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C40E212B
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:76C67845
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:0D31DA45
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A73EAFFB
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:9B7E8561
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:FE4E15B1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:DEC7E19B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:54997B77
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:389D51A1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C4F37A10
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:B17C9C5E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:68E05C43
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:ECD1173C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:444169A0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:E1982A23
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:DA5FD7CF
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:DB365884
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:E35A81F4
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:541F9F51
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:2411B07C
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:685CA1CF

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP