My computer reboots every 2 hours, upon starting up again I get an eroor report saying that I should update the BIOS. I deleted all the Malware/spyware from my computer. Everytime I'm in the middle of a virus scan the computer reboots itself. Can you help please? Thanks
Computer Reboots Every 2 hours
Started by
oatlefebvre
, Dec 27 2010 08:09 PM
-
This topic is locked
#1
Posted 27 December 2010 - 08:09 PM
oatlefebvre
-
- Member
-
- 4 posts
New Member
My computer reboots every 2 hours, upon starting up again I get an eroor report saying that I should update the BIOS. I deleted all the Malware/spyware from my computer. Everytime I'm in the middle of a virus scan the computer reboots itself. Can you help please? Thanks
#2
Posted 03 January 2011 - 10:19 AM
michaelg9
-
- Malware Removal
-
- 2,949 posts
Trusted Helper
Hi 
. My name is Michael and I am here to help you fix your computer. 
If you have already received help elsewhere please inform me so that this topic can be closed.
If you haven't, please keep reading:
Note: Before we start the process you should:
Download OTL to your Desktop
Download the GMER Rootkit Scanner. Unzip it to your Desktop.
Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries
Please copy and paste the report into your Post.
. My name is Michael and I am here to help you fix your computer. If you have already received help elsewhere please inform me so that this topic can be closed.
If you haven't, please keep reading:
Note: Before we start the process you should:
- POST your logs, don't attach them, as it makes it harder to read.
- Save or print these instructions as a part of the fix will be in safe mode where you will not be able to access the internet.
- Disable ANY programs that offer real-time protection features while executing my instructions. That includes your antivirus, antispyware, windows defender or any other program that offers protection. When you're clean or waiting for my next set of instructions, re-enable them .If you need any help disabling them, ask.
- Each time I instruct you to download a file to use it, please do it even if I have told you before to download it again. This is because these tools are frequently updated to detect newer infections.
- Last, as most of the tools we use here need administrative rights in order to function properly, I expect that you will be running them from an administrator account.
Download OTL to your Desktop
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Click on Minimal Output at the top
- Download the following file scan.txt to your Desktop. Click here to download it. You may need to right click on it and select "Save"
- Double click inside the Custom Scan box at the bottom
- A window will appear saying "Click Ok to load a custom scan from a file or Cancel to cancel"
- Click the Ok button and navigate to the file scan.txt which we just saved to your desktop
- Select scan.txt and click Open. Writing will now appear under the Custom Scan box
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic
Download the GMER Rootkit Scanner. Unzip it to your Desktop.
Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
- Double click GMER.exe.
- If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
- In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
- IAT/EAT
- Drives/Partition other than Systemdrive (typically C:\)
- Show All (don't miss this one)
Click the image to enlarge it
- Then click the Scan button & wait for it to finish.
- Once done click on the [Save..] button, and in the File name area, type in "ark.txt"
- Save the log where you can easily find it, such as your desktop.
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries
Please copy and paste the report into your Post.
#3
Posted 03 January 2011 - 07:39 PM
oatlefebvre
- Topic Starter
-
- Member
-
- 4 posts
New Member
OTL Extras logfile created on: 1/3/2011 8:29:01 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\pat\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
735.00 Mb Total Physical Memory | 509.00 Mb Available Physical Memory | 69.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1104 2208 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.09 Gb Free Space | 16.35% Space Free | Partition Type: NTFS
Computer Name: PAT-QGTWD5N9RTB | User Name: pat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"ANTIVIRUSDISABLENOTIFY" = 0
"FIREWALLDISABLENOTIFY" = 0
"UPDATESDISABLENOTIFY" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"80:TCP" = 80:TCP:*:Enabled:websrvx
"7171:TCP" = 7171:TCP:*:Enabled:SYSDLL
"53:TCP" = 53:TCP:*:Enabled:websrvx
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Enabled:Windows Remote Management
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus -- File not found
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- File not found
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Logitech\Logitech Vid\Vid.exe" = C:\Program Files\Logitech\Logitech Vid\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}" = Symantec AntiVirus Client
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 23
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{568F7478-DE5E-488F-B782-3538D8FF2D86}" = HELP
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}" = LogMeIn
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_7" = AIM 7
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"P4M266" = ProSavageDDR and Utilities
"RadialpointSecurityAdvisorService_is1" = Radialpoint Security Advisor 2.5.10
"RealPlayer 12.0" = RealPlayer
"S3Display" = S3Display
"S3Gamma2" = S3Gamma2
"S3Info2" = S3Info2
"S3Overlay" = S3Overlay
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.4
"vShare" = vShare Plugin
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/13/2010 10:42:14 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6328
Error - 8/13/2010 10:42:14 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6328
Error - 8/13/2010 10:42:17 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/13/2010 10:42:17 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9500
Error - 8/13/2010 10:42:17 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9500
Error - 8/14/2010 8:58:37 AM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/14/2010 8:58:37 AM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 36989344
Error - 8/14/2010 8:58:37 AM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 36989344
Error - 8/15/2010 12:48:36 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x00000200.
Error - 8/15/2010 12:49:25 PM | Computer Name = PAT-QGTWD5N9RTB | Source = JavaQuickStarterService | ID = 1
Description =
[ System Events ]
Error - 1/3/2011 7:32:05 PM | Computer Name = PAT-QGTWD5N9RTB | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service iPod Service
with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
Error - 1/3/2011 7:42:26 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 1/3/2011 7:42:26 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 1/3/2011 7:42:26 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
< End of report >
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\pat\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
735.00 Mb Total Physical Memory | 509.00 Mb Available Physical Memory | 69.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1104 2208 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.09 Gb Free Space | 16.35% Space Free | Partition Type: NTFS
Computer Name: PAT-QGTWD5N9RTB | User Name: pat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"ANTIVIRUSDISABLENOTIFY" = 0
"FIREWALLDISABLENOTIFY" = 0
"UPDATESDISABLENOTIFY" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"80:TCP" = 80:TCP:*:Enabled:websrvx
"7171:TCP" = 7171:TCP:*:Enabled:SYSDLL
"53:TCP" = 53:TCP:*:Enabled:websrvx
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Enabled:Windows Remote Management
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus -- File not found
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- File not found
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Logitech\Logitech Vid\Vid.exe" = C:\Program Files\Logitech\Logitech Vid\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}" = Symantec AntiVirus Client
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 23
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{568F7478-DE5E-488F-B782-3538D8FF2D86}" = HELP
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}" = LogMeIn
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_7" = AIM 7
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"P4M266" = ProSavageDDR and Utilities
"RadialpointSecurityAdvisorService_is1" = Radialpoint Security Advisor 2.5.10
"RealPlayer 12.0" = RealPlayer
"S3Display" = S3Display
"S3Gamma2" = S3Gamma2
"S3Info2" = S3Info2
"S3Overlay" = S3Overlay
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.4
"vShare" = vShare Plugin
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/13/2010 10:42:14 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6328
Error - 8/13/2010 10:42:14 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6328
Error - 8/13/2010 10:42:17 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/13/2010 10:42:17 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9500
Error - 8/13/2010 10:42:17 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9500
Error - 8/14/2010 8:58:37 AM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/14/2010 8:58:37 AM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 36989344
Error - 8/14/2010 8:58:37 AM | Computer Name = PAT-QGTWD5N9RTB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 36989344
Error - 8/15/2010 12:48:36 PM | Computer Name = PAT-QGTWD5N9RTB | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x00000200.
Error - 8/15/2010 12:49:25 PM | Computer Name = PAT-QGTWD5N9RTB | Source = JavaQuickStarterService | ID = 1
Description =
[ System Events ]
Error - 1/3/2011 7:32:05 PM | Computer Name = PAT-QGTWD5N9RTB | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service iPod Service
with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
Error - 1/3/2011 7:42:26 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 1/3/2011 7:42:26 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 1/3/2011 7:42:26 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 1/3/2011 7:42:54 PM | Computer Name = PAT-QGTWD5N9RTB | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
< End of report >
#4
Posted 04 January 2011 - 01:36 PM
oatlefebvre
- Topic Starter
-
- Member
-
- 4 posts
New Member
OTL logfile created on: 1/3/2011 8:29:01 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\pat\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
735.00 Mb Total Physical Memory | 509.00 Mb Available Physical Memory | 69.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1104 2208 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.09 Gb Free Space | 16.35% Space Free | Partition Type: NTFS
Computer Name: PAT-QGTWD5N9RTB | User Name: pat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\pat\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
PRC - C:\Program Files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\pat\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll (Adobe Systems, Inc.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Norton AntiVirus Server) -- C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (DefWatch) -- C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe File not found
SRV - (LMIRescue_1f854bc2-499a-4fb6-bd02-0e0dc8a0ddbc) LogMeIn Rescue (1f854bc2-499a-4fb6-bd02-0e0dc8a0ddbc) -- C:\WINDOWS\LMIA.tmp\LMI_InstantChat_srv.exe (LogMeIn, Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
========== Driver Services (SafeList) ==========
DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS File not found
DRV - (NAVAPEL) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS File not found
DRV - (NAVAP) -- C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAP.sys File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (LVUVC) Logitech Webcam 250(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090604.002\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090604.002\NAVENG.SYS (Symantec Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (VIAudio) Vinyl AC'97 Audio Controller (WDM) -- C:\WINDOWS\system32\drivers\vinyl97.sys (VIA Technologies, Inc.)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (viaagp1) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (S3Psddr) -- C:\WINDOWS\system32\drivers\s3gnbm.sys (S3 Graphics, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local;;<local>
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/13 18:42:55 | 000,000,000 | ---D | M]
[2010/12/21 11:20:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pat\Application Data\Mozilla\Extensions
[2009/02/14 18:45:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pat\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2001/08/23 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1293204452781 (MUCatalogWebControl Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1211773420062 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1211898792015 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/25 21:51:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: LanmanWorkstation - File not found
NetSvcs: Messenger - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
MsConfig - Services: "LMIRescue_1f854bc2-499a-4fb6-bd02-0e0dc8a0ddbc"
MsConfig - Services: "WMPNetworkSvc"
MsConfig - Services: "Viewpoint Manager Service"
MsConfig - Services: "SeaPort"
MsConfig - Services: "LVPrcSrv"
MsConfig - Services: "JavaQuickStarterService"
MsConfig - Services: "iPod Service"
MsConfig - Services: "idsvc"
MsConfig - Services: "gupdate"
MsConfig - Services: "DefWatch"
MsConfig - Services: "avast! Web Scanner"
MsConfig - Services: "avast! Mail Scanner"
MsConfig - Services: "avast! Antivirus"
MsConfig - Services: "Apple Mobile Device"
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: DWQueuedReporting - hkey= - key= - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: Logitech Vid - hkey= - key= - C:\Program Files\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Netlogon - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Browser - Service
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: LanmanWorkstation - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOS - Service
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Netlogon - Service
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NtLmSsp - Service
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: %GUIDFalse% - InstallX Component
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8D3032AF-2CBA-11D2-8277-00104BC7DE21} - InstallX Component
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E401ED70-118D-11D4-A3CB-00E029174AAD} - Vidéotron Customization
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{E401ED72-118D-11D4-A3CB-00E029174AAD}S02728 - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
========== Files/Folders - Created Within 30 Days ==========
[2011/01/03 20:06:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/01 22:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/01 22:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\vShare
[2010/12/24 13:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HELP
[2010/12/23 21:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/12/23 16:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/12/23 16:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/23 16:23:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/12/23 16:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/23 16:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/23 16:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/12/21 21:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\ApplicationHistory
[2010/12/21 21:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/12/21 20:55:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010/12/21 20:55:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010/12/21 20:55:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/12/21 20:55:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010/12/21 20:50:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010/12/21 20:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/12/21 20:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\Avira
[2010/12/21 20:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2010/12/21 20:27:44 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/12/21 20:27:37 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/21 20:27:37 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/21 20:27:37 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/12/21 20:27:37 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/12/21 20:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/12/21 18:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Start Menu\Programs\SUPERAntiSpyware
[2010/12/21 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/12/20 14:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn
[2010/12/20 14:40:25 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/20 14:40:25 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2010/12/20 14:40:25 | 000,029,568 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/12/20 14:40:07 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/20 14:39:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/20 14:39:34 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2010/12/20 14:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\ICS
[2010/12/20 14:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Rescue Calling Card
[2010/12/20 13:36:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/12/20 12:58:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\LMIA.tmp
[2010/12/20 12:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\Deployment
[2010/12/19 10:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\Mozilla
[2010/12/18 22:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2010/12/16 16:20:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\pat\Recent
[2010/12/15 08:33:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\pat\Start Menu\Programs\Administrative Tools
[2010/12/06 09:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/06 09:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ludia
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:49:47 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:05 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/12/24 12:52:45 | 000,002,543 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/23 16:25:54 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/21 18:45:05 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:03 | 000,001,024 | ---- | C] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/19 10:37:35 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2010/12/18 11:15:40 | 082,672,720 | ---- | C] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/06/24 11:34:37 | 000,026,286 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/14 16:56:06 | 010,871,128 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 16:55:58 | 000,316,248 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/12/13 12:47:33 | 000,000,724 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/06/22 10:22:47 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2008/05/27 19:17:42 | 000,120,832 | ---- | C] () -- C:\Documents and Settings\pat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/25 23:48:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/05/25 23:44:31 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/05/25 23:42:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/05/25 23:35:27 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/05/25 17:41:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/05/21 00:19:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll
[2001/07/07 02:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ==========
[2009/01/23 10:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\10177
[2009/01/27 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\191B2
[2009/01/30 17:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1A36B
[2009/02/05 12:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2B6D
[2009/02/04 13:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A1D4
[2009/01/25 22:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/05/19 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/07/09 19:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/05/27 16:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/01/22 16:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CDA
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/13 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/08/17 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/22 12:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Videotron
[2009/07/02 15:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/04 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/05/27 11:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\acccore
[2010/09/12 16:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Azureus
[2010/07/14 17:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Costco Photo Viewer CA-FR
[2009/01/18 23:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\FrostWire
[2010/02/15 20:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Image Zone Express
[2010/06/24 11:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Leadertech
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/04/22 12:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Videotron
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C6F032
< End of report >
[2011/01/03 20:32:30 | 000,106,496 | -H-- | M] () -- C:\Documents and Settings\pat\NTUSER.DAT.LOG
[2011/01/03 20:32:28 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2011/01/03 20:32:28 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\pat\Recent
[2011/01/03 20:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Desktop
[2011/01/03 20:30:39 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\pat\Cookies
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 19:45:40 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/01/02 22:59:18 | 006,553,600 | -H-- | M] () -- C:\Documents and Settings\pat\NTUSER.DAT
[2011/01/02 22:59:18 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\pat\ntuser.ini
[2011/01/02 22:59:10 | 001,576,658 | -H-- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\IconCache.db
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/01 22:05:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\pat\Application Data
[2011/01/01 22:05:49 | 000,000,000 | ---D | M] -- C:\Program Files\vShare
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/28 19:06:21 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Favorites
[2010/12/27 16:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Deployment
[2010/12/26 14:49:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2010/12/24 13:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 13:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:53:59 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn Rescue Calling Card
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\HELP
[2010/12/24 12:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Desktop
[2010/12/24 12:49:47 | 000,000,568 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/12/24 12:49:47 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/12/24 10:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Microsoft
[2010/12/24 10:13:47 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\Startup
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/12/23 16:36:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\DRM
[2010/12/23 16:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:25:48 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/12/23 16:24:08 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/12/23 16:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Apple
[2010/12/23 16:17:49 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/23 16:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/23 16:14:16 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/12/22 12:38:02 | 000,021,552 | ---- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:57:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\ApplicationHistory
[2010/12/21 21:43:07 | 000,559,224 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 21:27:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/12/21 21:16:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\pat\Application Data\Microsoft
[2010/12/21 21:02:25 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\LogiShrd
[2010/12/21 21:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:56:16 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2010/12/21 20:51:11 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2010/12/21 20:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Avira
[2010/12/21 20:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:42 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2010/12/21 18:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/21 18:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\SUPERAntiSpyware
[2010/12/21 11:49:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/12/21 11:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Mozilla
[2010/12/20 14:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn
[2010/12/20 14:39:42 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn
[2010/12/20 14:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\ICS
[2010/12/19 17:25:15 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Symantec Shared
[2010/12/19 17:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Temp
[2010/12/19 17:00:48 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/19 10:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Mozilla
[2010/12/18 22:14:44 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/18 11:15:40 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\My Documents
[2010/12/18 11:14:57 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2010/12/18 10:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/12/17 22:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2010/12/17 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Tracing
[2010/12/16 22:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Skype
[2010/12/16 20:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\skypePM
[2010/12/16 18:58:16 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/12/15 10:45:15 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/12/15 08:33:41 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\Administrative Tools
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/12/06 10:03:46 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/11/02 12:28:30 | 000,120,832 | ---- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/08 19:21:09 | 000,021,936 | ---- | M] () -- C:\Documents and Settings\pat\Application Data\GDIPFONTCACHEV1.DAT
[2008/05/25 23:53:43 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/05/25 17:41:11 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\pat\Application Data\desktop.ini
[2008/05/25 17:41:11 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/03 20:32:28 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:49:47 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:05 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== LOP Check ==========
[2009/01/23 10:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\10177
[2009/01/27 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\191B2
[2009/01/30 17:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1A36B
[2009/02/05 12:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2B6D
[2009/02/04 13:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A1D4
[2009/01/25 22:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/05/19 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/07/09 19:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/05/27 16:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/01/22 16:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CDA
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/13 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/08/17 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/22 12:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Videotron
[2009/07/02 15:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/04 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/05/27 11:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\acccore
[2010/09/12 16:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Azureus
[2010/07/14 17:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Costco Photo Viewer CA-FR
[2009/01/18 23:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\FrostWire
[2010/02/15 20:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Image Zone Express
[2010/06/24 11:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Leadertech
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/04/22 12:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Videotron
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C6F032
< End of report >
[2011/01/03 20:32:35 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\pat\NTUSER.DAT.LOG
[2011/01/03 20:32:28 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2011/01/03 20:32:28 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\pat\Recent
[2011/01/03 20:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Desktop
[2011/01/03 20:30:39 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\pat\Cookies
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 19:45:40 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/01/02 22:59:18 | 006,553,600 | -H-- | M] () -- C:\Documents and Settings\pat\NTUSER.DAT
[2011/01/02 22:59:18 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\pat\ntuser.ini
[2011/01/02 22:59:10 | 001,576,658 | -H-- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\IconCache.db
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/01 22:05:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\pat\Application Data
[2011/01/01 22:05:49 | 000,000,000 | ---D | M] -- C:\Program Files\vShare
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/28 19:06:21 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Favorites
[2010/12/27 16:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Deployment
[2010/12/26 14:49:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2010/12/24 13:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 13:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:53:59 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn Rescue Calling Card
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\HELP
[2010/12/24 12:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Desktop
[2010/12/24 12:49:47 | 000,000,568 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/12/24 12:49:47 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/12/24 10:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Microsoft
[2010/12/24 10:13:47 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\Startup
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/12/23 16:36:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\DRM
[2010/12/23 16:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:25:48 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/12/23 16:24:08 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/12/23 16:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Apple
[2010/12/23 16:17:49 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/23 16:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/23 16:14:16 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/12/22 12:38:02 | 000,021,552 | ---- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:57:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\ApplicationHistory
[2010/12/21 21:43:07 | 000,559,224 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 21:27:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/12/21 21:16:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\pat\Application Data\Microsoft
[2010/12/21 21:02:25 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\LogiShrd
[2010/12/21 21:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:56:16 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2010/12/21 20:51:11 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2010/12/21 20:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Avira
[2010/12/21 20:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:42 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2010/12/21 18:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/21 18:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\SUPERAntiSpyware
[2010/12/21 11:49:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/12/21 11:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Mozilla
[2010/12/20 14:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn
[2010/12/20 14:39:42 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn
[2010/12/20 14:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\ICS
[2010/12/19 17:25:15 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Symantec Shared
[2010/12/19 17:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Temp
[2010/12/19 17:00:48 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/19 10:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Mozilla
[2010/12/18 22:14:44 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/18 11:15:40 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\My Documents
[2010/12/18 11:14:57 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2010/12/18 10:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/12/17 22:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2010/12/17 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Tracing
[2010/12/16 22:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Skype
[2010/12/16 20:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\skypePM
[2010/12/16 18:58:16 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/12/15 10:45:15 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/12/15 08:33:41 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\Administrative Tools
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/12/06 10:03:46 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/11/02 12:28:30 | 000,120,832 | ---- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/08 19:21:09 | 000,021,936 | ---- | M] () -- C:\Documents and Settings\pat\Application Data\GDIPFONTCACHEV1.DAT
[2008/05/25 23:53:43 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/05/25 17:41:11 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\pat\Application Data\desktop.ini
[2008/05/25 17:41:11 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/03 20:32:28 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:49:47 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:05 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== LOP Check ==========
[2009/01/23 10:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\10177
[2009/01/27 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\191B2
[2009/01/30 17:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1A36B
[2009/02/05 12:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2B6D
[2009/02/04 13:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A1D4
[2009/01/25 22:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/05/19 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/07/09 19:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/05/27 16:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/01/22 16:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CDA
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/13 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/08/17 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/22 12:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Videotron
[2009/07/02 15:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/04 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/05/27 11:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\acccore
[2010/09/12 16:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Azureus
[2010/07/14 17:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Costco Photo Viewer CA-FR
[2009/01/18 23:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\FrostWire
[2010/02/15 20:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Image Zone Express
[2010/06/24 11:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Leadertech
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/04/22 12:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Videotron
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C6F032
< End of report >
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/13 18:42:55 | 000,000,000 | ---D | M]
[2010/12/21 11:20:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pat\Application Data\Mozilla\Extensions
[2009/02/14 18:45:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pat\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2001/08/23 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1293204452781 (MUCatalogWebControl Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1211773420062 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1211898792015 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/25 21:51:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/01/03 20:06:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/01 22:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/01 22:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\vShare
[2010/12/24 13:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HELP
[2010/12/23 21:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/12/23 16:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/12/23 16:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/23 16:23:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/12/23 16:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/23 16:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/23 16:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/12/21 21:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\ApplicationHistory
[2010/12/21 21:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/12/21 20:55:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010/12/21 20:55:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010/12/21 20:55:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/12/21 20:55:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010/12/21 20:50:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010/12/21 20:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/12/21 20:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\Avira
[2010/12/21 20:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2010/12/21 20:27:44 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/12/21 20:27:37 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/21 20:27:37 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/21 20:27:37 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/12/21 20:27:37 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/12/21 20:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/12/21 18:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Start Menu\Programs\SUPERAntiSpyware
[2010/12/21 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/12/20 14:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn
[2010/12/20 14:40:25 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/20 14:40:25 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2010/12/20 14:40:25 | 000,029,568 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/12/20 14:40:07 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/20 14:39:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/20 14:39:34 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2010/12/20 14:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\ICS
[2010/12/20 14:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Rescue Calling Card
[2010/12/20 13:36:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/12/20 12:58:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\LMIA.tmp
[2010/12/20 12:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\Deployment
[2010/12/19 10:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\Mozilla
[2010/12/18 22:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2010/12/16 18:58:19 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/16 18:58:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/16 18:58:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/16 16:20:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\pat\Recent
[2010/12/15 09:47:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/12/15 09:45:58 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/15 08:33:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\pat\Start Menu\Programs\Administrative Tools
[2010/12/06 09:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/06 09:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ludia
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/03 20:32:28 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:49:47 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:05 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/01/03 20:32:27 | 000,288,107 | ---- | C] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2010/12/24 12:52:45 | 000,002,543 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/23 16:25:54 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/21 18:45:05 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:03 | 000,001,024 | ---- | C] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/19 10:37:35 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2010/12/18 11:15:40 | 082,672,720 | ---- | C] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/06/24 11:34:37 | 000,026,286 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/14 16:56:06 | 010,871,128 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 16:55:58 | 000,316,248 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/12/13 12:47:33 | 000,000,724 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/06/22 10:22:47 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2008/05/27 19:17:42 | 000,120,832 | ---- | C] () -- C:\Documents and Settings\pat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/25 23:48:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/05/25 23:44:31 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/05/25 23:42:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/05/25 23:35:27 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/05/25 17:41:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/05/21 00:19:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll
[2001/07/07 02:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ==========
[2009/01/23 10:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\10177
[2009/01/27 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\191B2
[2009/01/30 17:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1A36B
[2009/02/05 12:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2B6D
[2009/02/04 13:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A1D4
[2009/01/25 22:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/05/19 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/07/09 19:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/05/27 16:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/01/22 16:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CDA
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/13 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/08/17 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/22 12:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Videotron
[2009/07/02 15:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/04 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/05/27 11:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\acccore
[2010/09/12 16:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Azureus
[2010/07/14 17:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Costco Photo Viewer CA-FR
[2009/01/18 23:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\FrostWire
[2010/02/15 20:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Image Zone Express
[2010/06/24 11:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Leadertech
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/04/22 12:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Videotron
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C6F032
< End of report >
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\pat\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
735.00 Mb Total Physical Memory | 509.00 Mb Available Physical Memory | 69.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1104 2208 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.09 Gb Free Space | 16.35% Space Free | Partition Type: NTFS
Computer Name: PAT-QGTWD5N9RTB | User Name: pat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\pat\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
PRC - C:\Program Files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\pat\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll (Adobe Systems, Inc.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Norton AntiVirus Server) -- C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (DefWatch) -- C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe File not found
SRV - (LMIRescue_1f854bc2-499a-4fb6-bd02-0e0dc8a0ddbc) LogMeIn Rescue (1f854bc2-499a-4fb6-bd02-0e0dc8a0ddbc) -- C:\WINDOWS\LMIA.tmp\LMI_InstantChat_srv.exe (LogMeIn, Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
========== Driver Services (SafeList) ==========
DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS File not found
DRV - (NAVAPEL) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS File not found
DRV - (NAVAP) -- C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAP.sys File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (LVUVC) Logitech Webcam 250(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090604.002\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090604.002\NAVENG.SYS (Symantec Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (VIAudio) Vinyl AC'97 Audio Controller (WDM) -- C:\WINDOWS\system32\drivers\vinyl97.sys (VIA Technologies, Inc.)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (viaagp1) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (S3Psddr) -- C:\WINDOWS\system32\drivers\s3gnbm.sys (S3 Graphics, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local;;<local>
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/13 18:42:55 | 000,000,000 | ---D | M]
[2010/12/21 11:20:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pat\Application Data\Mozilla\Extensions
[2009/02/14 18:45:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pat\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2001/08/23 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1293204452781 (MUCatalogWebControl Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1211773420062 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1211898792015 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/25 21:51:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: LanmanWorkstation - File not found
NetSvcs: Messenger - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
MsConfig - Services: "LMIRescue_1f854bc2-499a-4fb6-bd02-0e0dc8a0ddbc"
MsConfig - Services: "WMPNetworkSvc"
MsConfig - Services: "Viewpoint Manager Service"
MsConfig - Services: "SeaPort"
MsConfig - Services: "LVPrcSrv"
MsConfig - Services: "JavaQuickStarterService"
MsConfig - Services: "iPod Service"
MsConfig - Services: "idsvc"
MsConfig - Services: "gupdate"
MsConfig - Services: "DefWatch"
MsConfig - Services: "avast! Web Scanner"
MsConfig - Services: "avast! Mail Scanner"
MsConfig - Services: "avast! Antivirus"
MsConfig - Services: "Apple Mobile Device"
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: DWQueuedReporting - hkey= - key= - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: Logitech Vid - hkey= - key= - C:\Program Files\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Netlogon - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Browser - Service
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: LanmanWorkstation - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOS - Service
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Netlogon - Service
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NtLmSsp - Service
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: %GUIDFalse% - InstallX Component
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8D3032AF-2CBA-11D2-8277-00104BC7DE21} - InstallX Component
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E401ED70-118D-11D4-A3CB-00E029174AAD} - Vidéotron Customization
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{E401ED72-118D-11D4-A3CB-00E029174AAD}S02728 - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
========== Files/Folders - Created Within 30 Days ==========
[2011/01/03 20:06:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/01 22:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/01 22:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\vShare
[2010/12/24 13:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HELP
[2010/12/23 21:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/12/23 16:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/12/23 16:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/23 16:23:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/12/23 16:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/23 16:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/23 16:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/12/21 21:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\ApplicationHistory
[2010/12/21 21:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/12/21 20:55:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010/12/21 20:55:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010/12/21 20:55:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/12/21 20:55:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010/12/21 20:50:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010/12/21 20:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/12/21 20:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\Avira
[2010/12/21 20:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2010/12/21 20:27:44 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/12/21 20:27:37 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/21 20:27:37 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/21 20:27:37 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/12/21 20:27:37 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/12/21 20:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/12/21 18:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Start Menu\Programs\SUPERAntiSpyware
[2010/12/21 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/12/20 14:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn
[2010/12/20 14:40:25 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/20 14:40:25 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2010/12/20 14:40:25 | 000,029,568 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/12/20 14:40:07 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/20 14:39:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/20 14:39:34 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2010/12/20 14:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\ICS
[2010/12/20 14:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Rescue Calling Card
[2010/12/20 13:36:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/12/20 12:58:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\LMIA.tmp
[2010/12/20 12:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\Deployment
[2010/12/19 10:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\Mozilla
[2010/12/18 22:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2010/12/16 16:20:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\pat\Recent
[2010/12/15 08:33:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\pat\Start Menu\Programs\Administrative Tools
[2010/12/06 09:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/06 09:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ludia
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:49:47 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:05 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/12/24 12:52:45 | 000,002,543 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/23 16:25:54 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/21 18:45:05 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:03 | 000,001,024 | ---- | C] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/19 10:37:35 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2010/12/18 11:15:40 | 082,672,720 | ---- | C] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/06/24 11:34:37 | 000,026,286 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/14 16:56:06 | 010,871,128 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 16:55:58 | 000,316,248 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/12/13 12:47:33 | 000,000,724 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/06/22 10:22:47 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2008/05/27 19:17:42 | 000,120,832 | ---- | C] () -- C:\Documents and Settings\pat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/25 23:48:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/05/25 23:44:31 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/05/25 23:42:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/05/25 23:35:27 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/05/25 17:41:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/05/21 00:19:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll
[2001/07/07 02:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ==========
[2009/01/23 10:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\10177
[2009/01/27 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\191B2
[2009/01/30 17:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1A36B
[2009/02/05 12:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2B6D
[2009/02/04 13:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A1D4
[2009/01/25 22:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/05/19 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/07/09 19:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/05/27 16:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/01/22 16:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CDA
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/13 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/08/17 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/22 12:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Videotron
[2009/07/02 15:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/04 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/05/27 11:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\acccore
[2010/09/12 16:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Azureus
[2010/07/14 17:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Costco Photo Viewer CA-FR
[2009/01/18 23:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\FrostWire
[2010/02/15 20:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Image Zone Express
[2010/06/24 11:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Leadertech
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/04/22 12:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Videotron
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C6F032
< End of report >
[2011/01/03 20:32:30 | 000,106,496 | -H-- | M] () -- C:\Documents and Settings\pat\NTUSER.DAT.LOG
[2011/01/03 20:32:28 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2011/01/03 20:32:28 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\pat\Recent
[2011/01/03 20:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Desktop
[2011/01/03 20:30:39 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\pat\Cookies
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 19:45:40 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/01/02 22:59:18 | 006,553,600 | -H-- | M] () -- C:\Documents and Settings\pat\NTUSER.DAT
[2011/01/02 22:59:18 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\pat\ntuser.ini
[2011/01/02 22:59:10 | 001,576,658 | -H-- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\IconCache.db
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/01 22:05:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\pat\Application Data
[2011/01/01 22:05:49 | 000,000,000 | ---D | M] -- C:\Program Files\vShare
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/28 19:06:21 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Favorites
[2010/12/27 16:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Deployment
[2010/12/26 14:49:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2010/12/24 13:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 13:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:53:59 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn Rescue Calling Card
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\HELP
[2010/12/24 12:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Desktop
[2010/12/24 12:49:47 | 000,000,568 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/12/24 12:49:47 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/12/24 10:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Microsoft
[2010/12/24 10:13:47 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\Startup
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/12/23 16:36:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\DRM
[2010/12/23 16:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:25:48 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/12/23 16:24:08 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/12/23 16:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Apple
[2010/12/23 16:17:49 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/23 16:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/23 16:14:16 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/12/22 12:38:02 | 000,021,552 | ---- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:57:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\ApplicationHistory
[2010/12/21 21:43:07 | 000,559,224 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 21:27:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/12/21 21:16:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\pat\Application Data\Microsoft
[2010/12/21 21:02:25 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\LogiShrd
[2010/12/21 21:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:56:16 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2010/12/21 20:51:11 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2010/12/21 20:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Avira
[2010/12/21 20:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:42 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2010/12/21 18:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/21 18:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\SUPERAntiSpyware
[2010/12/21 11:49:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/12/21 11:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Mozilla
[2010/12/20 14:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn
[2010/12/20 14:39:42 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn
[2010/12/20 14:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\ICS
[2010/12/19 17:25:15 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Symantec Shared
[2010/12/19 17:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Temp
[2010/12/19 17:00:48 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/19 10:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Mozilla
[2010/12/18 22:14:44 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/18 11:15:40 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\My Documents
[2010/12/18 11:14:57 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2010/12/18 10:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/12/17 22:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2010/12/17 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Tracing
[2010/12/16 22:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Skype
[2010/12/16 20:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\skypePM
[2010/12/16 18:58:16 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/12/15 10:45:15 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/12/15 08:33:41 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\Administrative Tools
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/12/06 10:03:46 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/11/02 12:28:30 | 000,120,832 | ---- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/08 19:21:09 | 000,021,936 | ---- | M] () -- C:\Documents and Settings\pat\Application Data\GDIPFONTCACHEV1.DAT
[2008/05/25 23:53:43 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/05/25 17:41:11 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\pat\Application Data\desktop.ini
[2008/05/25 17:41:11 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/03 20:32:28 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:49:47 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:05 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== LOP Check ==========
[2009/01/23 10:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\10177
[2009/01/27 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\191B2
[2009/01/30 17:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1A36B
[2009/02/05 12:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2B6D
[2009/02/04 13:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A1D4
[2009/01/25 22:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/05/19 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/07/09 19:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/05/27 16:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/01/22 16:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CDA
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/13 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/08/17 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/22 12:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Videotron
[2009/07/02 15:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/04 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/05/27 11:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\acccore
[2010/09/12 16:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Azureus
[2010/07/14 17:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Costco Photo Viewer CA-FR
[2009/01/18 23:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\FrostWire
[2010/02/15 20:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Image Zone Express
[2010/06/24 11:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Leadertech
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/04/22 12:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Videotron
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C6F032
< End of report >
[2011/01/03 20:32:35 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\pat\NTUSER.DAT.LOG
[2011/01/03 20:32:28 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2011/01/03 20:32:28 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\pat\Recent
[2011/01/03 20:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Desktop
[2011/01/03 20:30:39 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\pat\Cookies
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 19:45:40 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/01/02 22:59:18 | 006,553,600 | -H-- | M] () -- C:\Documents and Settings\pat\NTUSER.DAT
[2011/01/02 22:59:18 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\pat\ntuser.ini
[2011/01/02 22:59:10 | 001,576,658 | -H-- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\IconCache.db
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/01 22:05:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\pat\Application Data
[2011/01/01 22:05:49 | 000,000,000 | ---D | M] -- C:\Program Files\vShare
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/28 19:06:21 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Favorites
[2010/12/27 16:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Deployment
[2010/12/26 14:49:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2010/12/24 13:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 13:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:53:59 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn Rescue Calling Card
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\HELP
[2010/12/24 12:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Desktop
[2010/12/24 12:49:47 | 000,000,568 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/12/24 12:49:47 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/12/24 10:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Microsoft
[2010/12/24 10:13:47 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\Startup
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/12/23 16:36:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\DRM
[2010/12/23 16:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:25:48 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/12/23 16:24:08 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/12/23 16:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Apple
[2010/12/23 16:17:49 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/23 16:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/23 16:14:16 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/12/22 12:38:02 | 000,021,552 | ---- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:57:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\ApplicationHistory
[2010/12/21 21:43:07 | 000,559,224 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 21:27:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/12/21 21:16:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\pat\Application Data\Microsoft
[2010/12/21 21:02:25 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\LogiShrd
[2010/12/21 21:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:56:16 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2010/12/21 20:51:11 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2010/12/21 20:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Avira
[2010/12/21 20:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:42 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2010/12/21 18:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/21 18:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\SUPERAntiSpyware
[2010/12/21 11:49:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/12/21 11:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Mozilla
[2010/12/20 14:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn
[2010/12/20 14:39:42 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn
[2010/12/20 14:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\ICS
[2010/12/19 17:25:15 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Symantec Shared
[2010/12/19 17:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Temp
[2010/12/19 17:00:48 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/19 10:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Local Settings\Application Data\Mozilla
[2010/12/18 22:14:44 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/18 11:15:40 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\My Documents
[2010/12/18 11:14:57 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2010/12/18 10:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/12/17 22:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2010/12/17 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Tracing
[2010/12/16 22:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Skype
[2010/12/16 20:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\skypePM
[2010/12/16 18:58:16 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/12/15 10:45:15 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/12/15 08:33:41 | 000,000,000 | R--D | M] -- C:\Documents and Settings\pat\Start Menu\Programs\Administrative Tools
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/12/06 10:03:46 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/11/02 12:28:30 | 000,120,832 | ---- | M] () -- C:\Documents and Settings\pat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/08 19:21:09 | 000,021,936 | ---- | M] () -- C:\Documents and Settings\pat\Application Data\GDIPFONTCACHEV1.DAT
[2008/05/25 23:53:43 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/05/25 17:41:11 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\pat\Application Data\desktop.ini
[2008/05/25 17:41:11 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/03 20:32:28 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:49:47 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:05 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== LOP Check ==========
[2009/01/23 10:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\10177
[2009/01/27 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\191B2
[2009/01/30 17:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1A36B
[2009/02/05 12:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2B6D
[2009/02/04 13:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A1D4
[2009/01/25 22:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/05/19 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/07/09 19:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/05/27 16:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/01/22 16:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CDA
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/13 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/08/17 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/22 12:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Videotron
[2009/07/02 15:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/04 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/05/27 11:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\acccore
[2010/09/12 16:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Azureus
[2010/07/14 17:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Costco Photo Viewer CA-FR
[2009/01/18 23:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\FrostWire
[2010/02/15 20:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Image Zone Express
[2010/06/24 11:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Leadertech
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/04/22 12:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Videotron
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C6F032
< End of report >
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/13 18:42:55 | 000,000,000 | ---D | M]
[2010/12/21 11:20:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pat\Application Data\Mozilla\Extensions
[2009/02/14 18:45:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pat\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2001/08/23 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1293204452781 (MUCatalogWebControl Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1211773420062 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1211898792015 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/25 21:51:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/01/03 20:06:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/01 22:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/01 22:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\vShare
[2010/12/24 13:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn Rescue Calling Card
[2010/12/24 12:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HELP
[2010/12/23 21:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/12/23 16:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/12/23 16:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/23 16:23:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/12/23 16:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/23 16:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/23 16:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/12/21 21:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\ApplicationHistory
[2010/12/21 21:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/12/21 20:55:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010/12/21 20:55:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010/12/21 20:55:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/12/21 20:55:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010/12/21 20:50:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010/12/21 20:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/12/21 20:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\Avira
[2010/12/21 20:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2010/12/21 20:27:44 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/12/21 20:27:37 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/21 20:27:37 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/21 20:27:37 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/12/21 20:27:37 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/12/21 20:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/12/21 20:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/12/21 18:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/21 18:45:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Start Menu\Programs\SUPERAntiSpyware
[2010/12/21 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/12/20 14:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\LogMeIn
[2010/12/20 14:40:25 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/20 14:40:25 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2010/12/20 14:40:25 | 000,029,568 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/12/20 14:40:07 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/20 14:39:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/20 14:39:34 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2010/12/20 14:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\ICS
[2010/12/20 14:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Rescue Calling Card
[2010/12/20 13:36:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/12/20 12:58:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\LMIA.tmp
[2010/12/20 12:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\Deployment
[2010/12/19 10:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Local Settings\Application Data\Mozilla
[2010/12/18 22:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2010/12/16 18:58:19 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/16 18:58:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/16 18:58:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/16 16:20:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\pat\Recent
[2010/12/15 09:47:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/12/15 09:45:58 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/15 08:33:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\pat\Start Menu\Programs\Administrative Tools
[2010/12/06 09:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/06 09:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ludia
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/03 20:32:28 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2011/01/03 20:27:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:27:57 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2011/01/03 20:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pat\Desktop\OTL.exe
[2011/01/03 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/03 18:31:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/03 18:31:29 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/03 17:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/03 17:57:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/01 15:52:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/31 10:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/24 12:53:04 | 000,002,543 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/24 12:49:47 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/12/23 16:25:54 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/22 10:45:14 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/21 21:43:07 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/21 21:43:07 | 000,079,016 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/21 20:56:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 20:07:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/21 19:01:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/21 18:45:05 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:05 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/12/18 11:15:57 | 082,672,720 | ---- | M] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/01/03 20:32:27 | 000,288,107 | ---- | C] () -- C:\Documents and Settings\pat\Desktop\gmer.zip
[2010/12/24 12:52:45 | 000,002,543 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HELP.lnk
[2010/12/23 16:25:54 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/23 16:17:35 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/21 18:45:05 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\pat\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/20 14:40:03 | 000,001,024 | ---- | C] () -- C:\.rnd
[2010/12/19 10:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/19 10:37:35 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-2111687655-725345543-1003.job
[2010/12/18 11:15:40 | 082,672,720 | ---- | C] () -- C:\Documents and Settings\pat\My Documents\12182010.reg
[2010/06/24 11:34:37 | 000,026,286 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/14 16:56:06 | 010,871,128 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 16:55:58 | 000,316,248 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/12/13 12:47:33 | 000,000,724 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/06/22 10:22:47 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2008/05/27 19:17:42 | 000,120,832 | ---- | C] () -- C:\Documents and Settings\pat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/25 23:48:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/05/25 23:44:31 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/05/25 23:42:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/05/25 23:35:27 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/05/25 17:41:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/05/21 00:19:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll
[2001/07/07 02:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ==========
[2009/01/23 10:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\10177
[2009/01/27 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\191B2
[2009/01/30 17:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1A36B
[2009/02/05 12:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2B6D
[2009/02/04 13:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A1D4
[2009/01/25 22:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/05/19 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/07/09 19:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/05/27 16:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/01/22 16:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CDA
[2011/01/03 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/12/23 21:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/13 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/08/17 10:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/12/06 09:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/22 12:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Videotron
[2009/07/02 15:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/04 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/05/27 11:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\acccore
[2010/09/12 16:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Azureus
[2010/07/14 17:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Costco Photo Viewer CA-FR
[2009/01/18 23:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\FrostWire
[2010/02/15 20:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Image Zone Express
[2010/06/24 11:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Leadertech
[2010/12/06 09:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Ludia
[2010/12/22 22:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\uTorrent
[2010/04/22 12:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\Videotron
[2011/01/01 22:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/03 18:31:40 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C6F032
< End of report >
#5
Posted 05 January 2011 - 08:52 AM
michaelg9
-
- Malware Removal
-
- 2,949 posts
Trusted Helper
Nice, waiting for the GMER log 
#6
Posted 05 January 2011 - 10:41 AM
oatlefebvre
- Topic Starter
-
- Member
-
- 4 posts
New Member
Everytimg I do the GMER Scan, my computer reboots. What do I do?
#7
Posted 06 January 2011 - 08:33 AM
michaelg9
-
- Malware Removal
-
- 2,949 posts
Trusted Helper
Hey,
Ok then:
Run OTL
Create a folder on your desktop. Label that folder avz4. Download avz4.exe from HERE and save it in the avz4 folder.
When restarted
Attach both virusinfo_syscure.zip and virusinfo_syscheck.zip to your next post
To attach a file, do the following:
Please uninstall the following:
vShare Plugin
Viewpoint Media Player
Ok then:
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
[2011/01/01 22:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pat\Application Data\vShare
[2011/01/01 22:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\vShare
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
:Services
:Reg
:Files
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot] - Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again.
- Under the Custom Scans/Fixes box at the bottom, paste in the following
C:\Documents and Settings\All Users\Application Data\10177\*.* /s C:\Documents and Settings\All Users\Application Data\191B2\*.* /s C:\Documents and Settings\All Users\Application Data\1A36B\*.* /s C:\Documents and Settings\All Users\Application Data\2B6D\*.* /s C:\Documents and Settings\All Users\Application Data\A1D4\*.* /s
- Click the Run Scan button. Post the log it produces in your next reply.
Create a folder on your desktop. Label that folder avz4. Download avz4.exe from HERE and save it in the avz4 folder.
- Double click on AVZ.exe to run it.
- Run an update by clicking the Auto Update button on the Right of the Log window:
- Click Start to begin the update
- Start AVZ.
- Choose from the menu "File" => "Standard scripts " and mark the "Advanced System Analysis with malware removal mode enabled" check box.
- Click on the “Execute selected scripts”.
- Automatic scanning, healing and system check will be executed.
- A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip.
- It is necessary to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan.
- All applications will work properly after the system restart.
When restarted
- Start AVZ.
- Choose from the menu "File" => "Standard scripts " and mark the “Advanced System Analysis" check box.
- Click on the "Execute selected scripts".
- A system check will be automatically performed, and the created logfile (avz_sysinfo.htm) will be saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip.
Attach both virusinfo_syscure.zip and virusinfo_syscheck.zip to your next post
To attach a file, do the following:
- Click Add Reply
- Under the reply panel is the Attachments Panel
- Browse for the attachment file you want to upload, then click the green Upload button
- Once it has uploaded, click the Manage Current Attachments drop down box
- Click on
to insert the attachment into your post
Please uninstall the following:
vShare Plugin
Viewpoint Media Player
#8
Posted 10 January 2011 - 12:00 PM
michaelg9
-
- Malware Removal
-
- 2,949 posts
Trusted Helper
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
