OTL logfile created on: 9/21/2011 10:21:11 PM - Run 3
OTL by OldTimer - Version 3.2.20.3 Folder = C:\Documents and Settings\Matt M\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 370.00 Mb Available Physical Memory | 36.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.94 Gb Total Space | 44.64 Gb Free Space | 62.92% Space Free | Partition Type: NTFS
Drive Z: | 37.24 Gb Total Space | 11.37 Gb Free Space | 30.54% Space Free | Partition Type: NTFS
Computer Name: MATT | User Name: Matt M | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)
PRC - C:\Documents and Settings\Matt M\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
PRC - C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe (Musicmatch, Inc.)
PRC - C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe (Musicmatch, Inc.)
PRC - C:\WIN2000\Guru.exe (a la mode, inc.)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()
PRC - C:\Program Files\D-Link\Air USB Utility\AirCFG.exe (D-Link)
PRC - C:\Program Files\WZCBDL Service\WZCBDLS.exe (D-Link)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\EBRR.exe (SEIKO EPSON CORPORATION)
PRC - C:\WINDOWS\SYSTEM32\E_S00RP2.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\SAgentNT.exe (SEIKO EPSON CORPORATION)
========== Modules (SafeList) ==========
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll (Microsoft Corporation)
MOD - C:\Documents and Settings\Matt M\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (Check Point Software Technologies)
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (nosGetPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (vsmon) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WSWNDA3100) -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (getPlus® Helper) getPlus® -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (NetSvc) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (WZCBDLService) -- C:\Program Files\WZCBDL Service\WZCBDLS.exe (D-Link)
SRV - (EPSONStatusAgent2) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV2_02) EPSON V3 Service2(02) -- C:\WINDOWS\SYSTEM32\E_S00RP2.EXE (SEIKO EPSON CORPORATION)
SRV - (StatusAgent) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgentNT.exe (SEIKO EPSON CORPORATION)
========== Driver Services (SafeList) ==========
DRV - (MBAMProtector) -- C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys (Malwarebytes Corporation)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Revoflt) -- C:\WINDOWS\SYSTEM32\DRIVERS\revoflt.sys (VS Revo Group)
DRV - (avgntflt) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys (Avira GmbH)
DRV - (vsdatant) -- C:\WINDOWS\SYSTEM32\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (Mkd2kfNt) -- C:\WINDOWS\SYSTEM32\DRIVERS\Mkd2kfNT.sys (AhnLab, Inc.)
DRV - (Mkd2Nadr) -- C:\WINDOWS\SYSTEM32\DRIVERS\Mkd2Nadr.sys (AhnLab, Inc.)
DRV - (ssmdrv) -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys (Avira GmbH)
DRV - (BCMH43XX) -- C:\WINDOWS\SYSTEM32\DRIVERS\bcmwlhigh5.sys (Broadcom Corporation)
DRV - (avipbb) -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (ActionReplayDS) -- C:\WINDOWS\SYSTEM32\DRIVERS\ActionReplayDS.sys (Thesycon GmbH, Germany)
DRV - (WUSB54GPV4SRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\rt2500usb.sys (Ralink Technology Inc.)
DRV - (nv) -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS (NVIDIA Corporation)
DRV - (IntelC53) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys (Intel Corporation)
DRV - (IntelC52) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys (Intel Corporation)
DRV - (IntelC51) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys (Intel Corporation)
DRV - (mohfilt) -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys (Intel Corporation)
DRV - (PRISM_USB) -- C:\WINDOWS\SYSTEM32\DRIVERS\PRISMUSB.sys (Intersil Americas Inc.)
DRV - (omci) -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys (Dell Computer Corporation)
DRV - (NIOC) -- C:\WINDOWS\SYSTEM32\NIOC.sys (D-Link Corporation)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (msloop) -- C:\WINDOWS\SYSTEM32\DRIVERS\loop.sys (Microsoft Corporation)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Eplpdx02) -- C:\WINDOWS\SYSTEM32\DRIVERS\EPLPDX02.SYS (MK Systems CO., LTD.)
DRV - (USBIO) USBIO Driver (usbio.sys) -- C:\WINDOWS\SYSTEM32\DRIVERS\usbio.sys (Thesycon GmbH, Germany)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?...09&l=dis&gct=hp
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/02/07 11:12:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
[2009/06/16 21:48:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Matt M\Application Data\Mozilla\Extensions
[2009/06/16 21:48:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Matt M\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2011/01/23 16:26:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - File not found
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (NetAssistantBHO Class) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll (W3i, LLC)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)
O4 - HKLM..\Run: [D-Link Air USB Utility] C:\Program Files\D-Link\Air USB Utility\AirCFG.exe (D-Link)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MimBoot] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WinTOTAL Scheduler] C:\WIN2000\Guru.exe (a la mode, inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
O4 - Startup: C:\Documents and Settings\Matt M\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://etrade.webex...nbr/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) - C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) - C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:1 () - http://www.youtube.com/
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk Z:\
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2004/12/16 10:33:00 | 000,040,960 | ---- | C] ( ) -- C:\WINDOWS\System32\alaLIB.dll
[2004/07/28 12:46:06 | 000,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\AutoLicense.dll
[2002/07/16 18:12:58 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\AutoPAX.dll
[2002/04/29 12:04:40 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/21 22:29:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FFBFC81D-7B2D-4219-8852-27749A597E4F}.job
[2011/09/21 22:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/09/21 20:18:27 | 000,003,523 | ---- | M] () -- C:\WINDOWS\ALAMODE.INI
[2011/09/21 19:58:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/09/21 19:58:34 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/21 15:31:51 | 000,000,558 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for isaac.job
[2011/09/17 13:23:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/09/15 11:21:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/14 12:07:09 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/12 17:19:35 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\msexcr.ini
[2011/06/26 13:55:10 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011/01/21 13:00:14 | 000,000,085 | ---- | C] () -- C:\Documents and Settings\Matt M\Application Data\toolbar_log.txt
[2010/12/12 23:25:19 | 000,004,785 | ---- | C] () -- C:\Documents and Settings\Matt M\Application Data\Cabos.plist
[2009/09/21 17:07:40 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Matt M\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/25 20:55:15 | 000,000,162 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/13 15:19:07 | 000,000,162 | ---- | C] () -- C:\WINDOWS\VeggieMysteryIsland.ini
[2009/03/13 11:38:28 | 000,000,112 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2009/03/12 08:52:27 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2009/03/07 19:02:22 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/01/01 12:35:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2008/05/04 09:51:00 | 000,000,880 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/03/03 18:59:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2005/05/11 15:25:32 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\alaMapi.dll
[2004/12/02 19:05:53 | 000,000,115 | ---- | C] () -- C:\WINDOWS\DDETEST.ini
[2004/12/01 17:06:00 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Matt M\Application Data\PFP120JPR.{PB
[2004/12/01 17:06:00 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Matt M\Application Data\PFP120JCM.{PB
[2004/11/09 18:03:44 | 000,003,523 | ---- | C] () -- C:\WINDOWS\ALAMODE.INI
[2004/10/31 12:56:55 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/10/31 12:29:53 | 000,000,023 | ---- | C] () -- C:\WINDOWS\EPSC80.ini
[2004/10/27 17:16:54 | 000,000,035 | ---- | C] () -- C:\WINDOWS\mercury.ini
[2004/10/13 00:49:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/10/13 00:41:34 | 000,000,859 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/10/13 00:19:28 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/13 17:03:12 | 001,159,168 | ---- | C] () -- C:\WINDOWS\System32\alaMFC2.dll
[2004/08/11 09:07:00 | 000,003,522 | ---- | C] () -- C:\WINDOWS\TECHHELP.INI
[2004/08/10 13:13:12 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 13:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 05:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2004/06/17 11:43:12 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ala32.dll
[2003/12/11 18:05:40 | 000,401,408 | ---- | C] () -- C:\WINDOWS\System32\AXF_AXS.dll
[2002/07/16 18:15:02 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\PAXMeta.dll
[2002/06/09 13:07:30 | 000,053,315 | ---- | C] () -- C:\WINDOWS\System32\DevCtrl.dll
[2002/04/29 12:05:00 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\Postiex.dll
[2002/04/29 12:04:58 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P2kDesk.dll
[2002/04/29 12:04:41 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFfpx7.dll
[2002/04/29 12:04:41 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKodak.dll
[2002/04/29 12:04:28 | 000,204,864 | ---- | C] () -- C:\WINDOWS\System32\AtxWrap.dll
[2002/04/29 12:04:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\alaIE.dll
[2002/01/30 09:03:00 | 000,495,616 | ---- | C] () -- C:\WINDOWS\System32\TX32.dll
[2001/06/27 02:24:00 | 000,000,260 | ---- | C] () -- C:\WINDOWS\System32\ic32.ini
[1999/09/15 15:03:48 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DP2kFrms.dll
[1999/08/17 09:50:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\DeskSkt.dll
[1980/01/01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
========== LOP Check ==========
[2010/08/18 23:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1F12D
[2010/05/15 18:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3b21bae
[2009/06/19 19:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010/12/09 20:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/12/09 20:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Free Ride Games
[2009/01/01 16:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2010/12/09 20:40:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2011/09/17 15:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/09 21:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2011/06/28 12:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2008/03/09 19:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2011/06/09 10:28:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{4EF77D37-415C-4195-AE30-904ED23A3940}
[2011/04/17 15:41:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{6A6F35C2-F1BB-455A-85C0-F522DF746DDA}
[2009/06/16 22:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/12/03 10:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\Auslogics
[2009/06/19 20:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\Azureus
[2011/01/17 22:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\Cabos
[2009/12/03 17:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\CheckPoint
[2011/01/26 16:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/03/06 15:16:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\Facebook
[2011/04/27 21:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\Free PDF Tablet
[2004/10/27 17:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\Leadertech
[2007/04/06 10:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\Musicmatch
[2010/03/19 08:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\RadioBar
[2010/11/24 14:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\Registry Mechanic
[2011/01/21 13:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\simppulltoolbar
[2009/12/19 15:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matt M\Application Data\Singlesnet
[2004/10/18 22:26:35 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 1.job
[2011/09/21 22:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/09/21 22:29:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{FFBFC81D-7B2D-4219-8852-27749A597E4F}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >
Edited by realapp, 21 September 2011 - 10:38 PM.