I am pasting the OTL logs below and appreciate any help you can offer.
Thanks in advance!
OTL logfile created on: 8/1/2011 6:07:04 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\LC\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.23 Mb Total Physical Memory | 200.01 Mb Available Physical Memory | 19.55% Memory free
1.66 Gb Paging File | 1.00 Gb Available in Paging File | 60.47% Paging File free
Paging file location(s): C:\pagefile.sys 768 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.28 Gb Total Space | 26.44 Gb Free Space | 69.07% Space Free | Partition Type: NTFS
Drive D: | 3.74 Gb Total Space | 0.96 Gb Free Space | 25.80% Space Free | Partition Type: FAT32
Computer Name: BREACHED-NET | User Name: LC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/08/01 17:49:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LC\Desktop\OTL.exe
PRC - [2011/07/27 19:46:30 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/08/01 17:49:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LC\Desktop\OTL.exe
MOD - [2011/04/28 20:29:01 | 000,413,112 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\5.1.0.29\asOEHook.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 03:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\5.1.0.29\Microsoft.VC90.CRT\msvcr90.dll
MOD - [2009/07/12 03:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\5.1.0.29\Microsoft.VC90.CRT\msvcp90.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (WUSB54GSCSVC)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (EraserSvc11113)
========== Driver Services (SafeList) ==========
DRV - [2011/08/01 15:00:34 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/07/31 01:00:00 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110801.005\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/07/31 01:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/07/31 01:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110801.005\NAVENG.SYS -- (NAVENG)
DRV - [2011/07/29 07:58:06 | 000,355,256 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20110729.030\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/07/23 00:32:12 | 000,815,736 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20110723.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/03/30 23:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 23:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 20:39:49 | 000,369,784 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/03/14 22:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 02:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/27 01:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2005/09/15 12:07:38 | 000,157,824 | R--- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-823518204-1035525444-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.tuxend...353e26c&aff=189
IE - HKU\S-1-5-21-823518204-1035525444-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.tuxend...353e26c&aff=189
IE - HKU\S-1-5-21-823518204-1035525444-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://search.tuxend...353e26c&aff=189
IE - HKU\S-1-5-21-823518204-1035525444-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.tuxend...353e26c&aff=189
IE - HKU\S-1-5-21-823518204-1035525444-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.tuxend...353e26c&aff=189
IE - HKU\S-1-5-21-823518204-1035525444-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.order.1: "Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.5.10.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.0.8
FF - prefs.js..keyword.URL: "http://search.intern...10101138100&s="
FF - user.js..browser.search.selectedEngine: "Search"
FF - user.js..browser.search.order.1: "Search"
FF - user.js..keyword.URL: "http://search.intern...10101138100&s="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2011/08/01 15:29:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_0_8 [2011/08/01 15:28:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/27 19:46:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/27 19:46:47 | 000,000,000 | ---D | M]
[2008/08/31 02:18:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\LC\Application Data\Mozilla\Extensions
[2011/08/01 16:45:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\LC\Application Data\Mozilla\Firefox\Profiles\53hdbwgn.default\extensions
[2010/09/25 11:37:50 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Documents and Settings\LC\Application Data\Mozilla\Firefox\Profiles\53hdbwgn.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/04/29 02:24:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\LC\Application Data\Mozilla\Firefox\Profiles\53hdbwgn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/28 11:12:58 | 000,000,000 | ---D | M] ("Tree Style Tab") -- C:\Documents and Settings\LC\Application Data\Mozilla\Firefox\Profiles\53hdbwgn.default\extensions\[email protected]
[2011/08/01 15:44:14 | 000,002,469 | ---- | M] () -- C:\Documents and Settings\LC\Application Data\Mozilla\Firefox\Profiles\53hdbwgn.default\searchplugins\safesearch.xml
[2011/07/31 21:20:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/01 15:28:52 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\COFFPLGN_2011_7_0_8
[2011/08/01 15:29:16 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPLGN
[2010/01/06 18:11:45 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/05/15 23:30:12 | 000,002,223 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\websearch.xml
Hosts file not found
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-823518204-1035525444-725345543-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-823518204-1035525444-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\LC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\LC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/31 01:40:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (bootdelete) - C:\WINDOWS\System32\bootdelete.exe (SurfRight B.V.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "C:\Documents and Settings\LC\Local Settings\Application Data\sar.exe" -a "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "C:\Documents and Settings\LC\Local Settings\Application Data\sar.exe" -a "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/08/01 17:50:01 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Documents and Settings\LC\Desktop\aswMBR.exe
[2011/08/01 17:49:43 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\LC\Desktop\OTL.exe
[2011/08/01 16:08:57 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2011/08/01 16:00:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/08/01 15:22:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\My Documents\Symantec
[2011/08/01 15:00:34 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/08/01 15:00:34 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/08/01 15:00:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/08/01 15:00:33 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/08/01 14:59:25 | 000,744,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymEFA.sys
[2011/08/01 14:59:25 | 000,369,784 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdi.sys
[2011/08/01 14:59:25 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymDS.sys
[2011/08/01 14:59:25 | 000,331,384 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdiv.sys
[2011/08/01 14:59:25 | 000,296,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnets.sys
[2011/08/01 14:59:24 | 000,516,216 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.sys
[2011/08/01 14:59:24 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Ironx86.sys
[2011/08/01 14:59:24 | 000,050,168 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.sys
[2011/08/01 14:58:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2011/08/01 14:58:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0501000.01D
[2011/08/01 14:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2011/08/01 14:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton 360
[2011/08/01 14:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2011/07/31 22:24:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Application Data\GameInvest
[2011/07/31 21:31:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Application Data\Games
[2011/07/31 20:23:24 | 001,404,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\LC\Desktop\TDSSKiller.exe
[2011/07/31 20:21:29 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/31 20:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/31 20:21:25 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/31 20:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/31 20:09:04 | 000,000,000 | ---D | C] -- C:\Program Files\Tool
[2011/07/28 16:20:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011/07/28 15:36:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Desktop\Downloads
[2011/07/28 15:29:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Desktop\Demonoid
[2011/07/28 13:08:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/07/28 12:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Application Data\Malwarebytes
[2011/07/28 12:51:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/07/28 00:35:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WSTB
[2011/07/27 20:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/27 19:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/07/27 19:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/07/24 21:48:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Application Data\Friday's games
[2011/07/24 21:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\AlawarWrapper
[2011/07/24 21:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2011/07/24 21:16:12 | 000,000,000 | ---D | C] -- C:\Program Files\PuTTY
[2011/07/24 20:49:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Gourmania 3 - Zoo Zoom
[2011/07/24 20:47:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Silent Evil - Kates Rescue
[2011/07/24 20:46:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Something Wicked - A Ghastly Glen Mystery
[2011/07/24 20:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\LeeGT-Games
[2011/07/24 20:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Crop Busters
[2011/07/24 20:44:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Desktop\Games
[2011/07/24 20:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Calibre Library
[2011/07/24 20:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Application Data\calibre
[2011/07/24 20:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Calibre2
[2011/07/24 20:22:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\calibre - E-book Management
[2011/07/24 20:19:23 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/07/24 20:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Local Settings\Application Data\uTorrent
[2011/07/24 20:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LC\Application Data\uTorrent
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/08/01 17:51:00 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Documents and Settings\LC\Desktop\aswMBR.exe
[2011/08/01 17:49:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LC\Desktop\OTL.exe
[2011/08/01 17:35:00 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\VersionCheck.job
[2011/08/01 16:08:58 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2011/08/01 16:08:57 | 000,000,190 | ---- | M] () -- C:\WINDOWS\System32\bootdelete.lst
[2011/08/01 16:01:05 | 000,021,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/08/01 15:29:44 | 000,272,291 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/08/01 15:29:25 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011/08/01 15:28:49 | 000,002,048 | -HS- | M] () -- C:\WINDOWS\System32\c_65621.nl_
[2011/08/01 15:28:37 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\tasks\DTZWZG.job
[2011/08/01 15:28:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/01 15:28:26 | 1073,008,640 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/01 15:01:57 | 000,663,562 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Cat.DB
[2011/08/01 15:00:34 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/08/01 15:00:34 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011/08/01 15:00:34 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011/08/01 15:00:33 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/08/01 14:59:31 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2011/08/01 14:58:02 | 000,000,816 | ---- | M] () -- C:\Documents and Settings\LC\Desktop\Norton Installation Files.lnk
[2011/07/31 22:24:11 | 000,004,096 | ---- | M] () -- C:\WINDOWS\d3dx.dat
[2011/07/31 20:21:31 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/31 19:20:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/29 17:26:08 | 001,404,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\LC\Desktop\TDSSKiller.exe
[2011/07/28 15:26:31 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/28 14:42:35 | 000,015,650 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\y1bey2j6x1n8n3i061280ivc5rn3p1o6c4h5e147k467
[2011/07/28 14:42:34 | 000,015,650 | -HS- | M] () -- C:\Documents and Settings\LC\Local Settings\Application Data\y1bey2j6x1n8n3i061280ivc5rn3p1o6c4h5e147k467
[2011/07/28 13:24:41 | 000,015,646 | -HS- | M] () -- C:\Documents and Settings\LC\Local Settings\Application Data\1202346271
[2011/07/28 13:24:35 | 000,015,680 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2837452202
[2011/07/28 13:24:35 | 000,015,638 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1202346271
[2011/07/28 13:24:34 | 000,015,680 | -HS- | M] () -- C:\Documents and Settings\LC\Local Settings\Application Data\2837452202
[2011/07/28 12:59:21 | 000,063,488 | RHS- | M] () -- C:\WINDOWS\System32\OpenCL1.dll
[2011/07/28 12:43:57 | 000,264,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/26 17:08:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/24 22:18:09 | 000,435,304 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/24 22:18:09 | 000,068,200 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/24 20:25:17 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\calibre - E-book management.lnk
[2011/07/24 20:19:31 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\LC\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/07/24 20:19:29 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2011/07/24 20:09:15 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2011/07/24 20:09:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2011/07/22 19:24:30 | 000,074,292 | ---- | M] () -- C:\Documents and Settings\LC\Application Data\Setup.1.2.exe
[2011/07/08 07:55:36 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/08 07:55:36 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/08/01 16:08:57 | 000,000,190 | ---- | C] () -- C:\WINDOWS\System32\bootdelete.lst
[2011/08/01 16:01:04 | 000,021,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/08/01 15:01:45 | 000,663,562 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Cat.DB
[2011/08/01 15:00:34 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011/08/01 15:00:34 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011/08/01 14:59:31 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2011/08/01 14:59:25 | 000,000,000 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymDS.cat
[2011/08/01 14:58:30 | 000,001,474 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymNetV.inf
[2011/08/01 14:58:29 | 000,003,373 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymEFA.inf
[2011/08/01 14:58:29 | 000,002,792 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymDS.inf
[2011/08/01 14:58:29 | 000,001,446 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymNet.inf
[2011/08/01 14:58:29 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.inf
[2011/08/01 14:58:29 | 000,001,383 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.inf
[2011/08/01 14:58:29 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\Iron.inf
[2011/08/01 14:58:20 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnetv.cat
[2011/08/01 14:58:20 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\iron.cat
[2011/08/01 14:58:20 | 000,007,458 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymNet.cat
[2011/08/01 14:58:20 | 000,007,456 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\SymEFA.cat
[2011/08/01 14:58:20 | 000,007,454 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.cat
[2011/08/01 14:58:20 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.cat
[2011/08/01 14:58:18 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\isolate.ini
[2011/08/01 14:50:07 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\LC\Desktop\Norton Installation Files.lnk
[2011/07/31 22:24:11 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011/07/31 20:29:26 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\System32\c_65621.nl_
[2011/07/31 20:21:31 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/28 15:26:31 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/28 12:59:26 | 000,000,302 | -HS- | C] () -- C:\WINDOWS\tasks\DTZWZG.job
[2011/07/28 12:59:21 | 000,063,488 | RHS- | C] () -- C:\WINDOWS\System32\OpenCL1.dll
[2011/07/28 12:44:51 | 000,015,656 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\y1bey2j6x1n8n3i061280ivc5rn3p1o6c4h5e147k467
[2011/07/28 01:07:39 | 000,015,646 | -HS- | C] () -- C:\Documents and Settings\LC\Local Settings\Application Data\1202346271
[2011/07/28 01:07:39 | 000,015,638 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1202346271
[2011/07/28 00:58:29 | 000,015,680 | -HS- | C] () -- C:\Documents and Settings\LC\Local Settings\Application Data\2837452202
[2011/07/28 00:58:29 | 000,015,680 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2837452202
[2011/07/28 00:35:46 | 000,000,410 | ---- | C] () -- C:\WINDOWS\tasks\VersionCheck.job
[2011/07/28 00:35:42 | 000,015,650 | -HS- | C] () -- C:\Documents and Settings\LC\Local Settings\Application Data\y1bey2j6x1n8n3i061280ivc5rn3p1o6c4h5e147k467
[2011/07/28 00:35:42 | 000,015,650 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\y1bey2j6x1n8n3i061280ivc5rn3p1o6c4h5e147k467
[2011/07/24 20:25:13 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\calibre - E-book management.lnk
[2011/07/24 20:19:29 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\LC\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/07/24 20:19:28 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2011/07/24 20:09:15 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2011/07/24 20:09:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2011/07/22 19:24:30 | 000,074,292 | ---- | C] () -- C:\Documents and Settings\LC\Application Data\Setup.1.2.exe
[2010/09/01 00:42:02 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\LC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/31 06:19:00 | 000,134,116 | ---- | C] () -- C:\WINDOWS\ColorPic Uninstaller.exe
[2010/01/06 18:55:25 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2010/01/06 18:55:23 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2010/01/06 18:55:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2010/01/06 18:55:17 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2010/01/06 18:55:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2010/01/06 18:55:16 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2010/01/06 18:55:16 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2010/01/06 18:55:16 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2010/01/06 17:28:51 | 002,293,286 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2008/08/31 18:18:18 | 000,103,509 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2008/08/31 18:18:18 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2008/08/31 17:34:21 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2008/08/31 17:31:07 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2008/08/31 17:20:37 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/08/31 17:20:20 | 000,000,609 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2008/08/31 02:18:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/08/31 01:43:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/08/31 01:36:20 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/08/31 00:59:09 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/08/31 00:56:06 | 000,264,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,435,304 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,068,200 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011/07/24 21:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2011/08/01 16:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/08/01 14:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2011/07/27 20:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/28 15:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WSTB
[2010/06/22 14:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Windows Desktop Search
[2011/07/24 20:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LC\Application Data\calibre
[2010/01/06 18:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LC\Application Data\DAEMON Tools
[2011/07/24 21:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LC\Application Data\Friday's games
[2011/07/31 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LC\Application Data\GameInvest
[2011/07/31 21:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LC\Application Data\Games
[2011/08/01 14:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LC\Application Data\uTorrent
[2011/08/01 15:28:37 | 000,000,302 | -HS- | M] () -- C:\WINDOWS\Tasks\DTZWZG.job
[2011/08/01 17:35:00 | 000,000,410 | ---- | M] () -- C:\WINDOWS\Tasks\VersionCheck.job
[2011/08/01 15:29:25 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 8/1/2011 6:07:04 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\LC\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.23 Mb Total Physical Memory | 200.01 Mb Available Physical Memory | 19.55% Memory free
1.66 Gb Paging File | 1.00 Gb Available in Paging File | 60.47% Paging File free
Paging file location(s): C:\pagefile.sys 768 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.28 Gb Total Space | 26.44 Gb Free Space | 69.07% Space Free | Partition Type: NTFS
Drive D: | 3.74 Gb Total Space | 0.96 Gb Free Space | 25.80% Space Free | Partition Type: FAT32
Computer Name: BREACHED-NET | User Name: LC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- "C:\Documents and Settings\LC\Local Settings\Application Data\sar.exe" -a "%1" %*
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- "C:\Documents and Settings\LC\Local Settings\Application Data\sar.exe" -a "%1" %*
[HKEY_USERS\S-1-5-21-823518204-1035525444-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{157F58B7-9109-406C-B0FE-C511F06FBF2E}" = calibre
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{5EA4DF76-40AA-483C-8918-9FE0ED8D36DB}" = Crop Busters
"{65563451-00B6-458C-9F9A-03A7757355A6}" = Compact Wireless-G USB Network Adapter with SpeedBooster
"{66A9D30D-1464-4C7F-B2F3-507DADAF2595}" = Microsoft IntelliPoint 6.3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EF1F85F1-CF00-4928-9D36-B300D3EA7011}" = Gourmania 3 - Zoo Zoom
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"C-Media Audio" = C-Media 3D Audio
"ColorPic" = ColorPic
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"N360" = Norton 360
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"uTorrent" = µTorrent
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
========== Last 10 Event Log Errors ==========
[ OSession Events ]
Error - 2/27/2010 4:01:09 AM | Computer Name = BREACHED-NET | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 192046
seconds with 5160 seconds of active time. This session ended with a crash.
Error - 5/5/2010 1:09:20 PM | Computer Name = BREACHED-NET | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 94239
seconds with 7920 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 8/26/2010 11:27:04 PM | Computer Name = BREACHED-NET | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
FLOPPY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F1EBAE73-65D8-4E1C-BF.
The
master browser is stopping or an election is being forced.
Error - 8/27/2010 12:30:14 AM | Computer Name = BREACHED-NET | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
FLOPPY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F1EBAE73-65D8-4E1C-BF.
The
master browser is stopping or an election is being forced.
Error - 8/27/2010 1:31:19 AM | Computer Name = BREACHED-NET | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
FLOPPY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F1EBAE73-65D8-4E1C-BF.
The
master browser is stopping or an election is being forced.
Error - 8/27/2010 3:19:31 AM | Computer Name = BREACHED-NET | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
FLOPPY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F1EBAE73-65D8-4E1C-BF.
The
master browser is stopping or an election is being forced.
Error - 8/27/2010 9:44:53 AM | Computer Name = BREACHED-NET | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
FLOPPY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F1EBAE73-65D8-4E1C-BF.
The
master browser is stopping or an election is being forced.
Error - 8/27/2010 11:34:13 AM | Computer Name = BREACHED-NET | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
FLOPPY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F1EBAE73-65D8-4E1C-BF.
The
master browser is stopping or an election is being forced.
Error - 8/27/2010 12:45:10 PM | Computer Name = BREACHED-NET | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
FLOPPY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F1EBAE73-65D8-4E1C-BF.
The
master browser is stopping or an election is being forced.
Error - 8/28/2010 1:11:05 AM | Computer Name = BREACHED-NET | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
FLOPPY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F1EBAE73-65D8-4E1C-BF.
The
master browser is stopping or an election is being forced.
Error - 8/28/2010 2:13:11 AM | Computer Name = BREACHED-NET | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
FLOPPY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F1EBAE73-65D8-4E1C-BF.
The
master browser is stopping or an election is being forced.
Error - 8/30/2010 11:50:16 PM | Computer Name = BREACHED-NET | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
FLOPPY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F1EBAE73-65D8-4E1C-BF.
The
master browser is stopping or an election is being forced.
< End of report >