Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow internet, errors with browsers..

Started by Kilmez , Nov 04 2011 05:52 PM

  • Please log in to reply

#1
Kilmez
Posted 04 November 2011 - 05:52 PM

Kilmez

    New Member

  • Member
  • Pip
  • 1 posts
Hi. Ok this is how it goes. I'm pretty sure that Im infected with malware and all that other stuff. It more or less started when I was looking for some kitchen accesories to buy, then offers for some of those products I was looking at started appearing in other sites totally unrelated to kitchen stuff. My internet is really slow, and often get these errors for my browsers. When I use Firefox (v.2.0... I should note that this is pretty old computer and cant handle newer versions of Firefox) I used to get an error about an unresponsive script. Thst the page is busy and the script stopped responding. I used to get it in only one of the pages that I visis frequently, but I am starting to get it in other ones as well. With Explorer I get that something that says that it has to restart because something acted in an unexpected way.
The only things I've done to try to fix it is to run Avira and Superantispyware, but both come out clean. That's all I can think of right now, thanks for any help.

OTL logfile created on: 11/4/2011 1:45:51 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

351.48 Mb Total Physical Memory | 97.23 Mb Available Physical Memory | 27.66% Memory free
998.14 Mb Paging File | 403.76 Mb Available in Paging File | 40.45% Paging File free
Paging file location(s): C:\pagefile.sys 572 672 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 53.61 Gb Free Space | 47.96% Space Free | Partition Type: NTFS

Computer Name: OWNER-XUKSZMPNK | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/04 13:43:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/08/23 21:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/06/30 09:44:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/27 06:44:54 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/02 17:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/03/16 11:41:59 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/01/14 23:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/12/17 16:59:08 | 007,678,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\FireFox\firefox.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/04 11:38:00 | 000,088,584 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe
PRC - [2006/11/02 17:57:56 | 000,528,384 | ---- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/20 10:48:50 | 008,522,400 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/02/06 11:31:58 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/17 14:16:34 | 000,324,896 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libtidy.dll
MOD - [2010/06/17 16:27:22 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/09/04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/09/14 01:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/06/30 09:44:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/27 06:44:54 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/06/30 09:45:14 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/30 09:45:13 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 16:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 16:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/06/10 19:35:21 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/04/30 17:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 17:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/11/16 11:33:38 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/06/25 21:14:38 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/04/13 13:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/01/24 15:09:34 | 000,048,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2008/01/24 15:09:24 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2008/01/24 15:09:04 | 000,028,168 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2008/01/24 15:08:54 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2006/11/21 00:24:50 | 000,015,890 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2006/10/09 13:58:48 | 000,203,648 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2006/02/23 12:38:32 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\videX32.sys -- (videX32)
DRV - [2004/08/04 00:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/03/02 15:02:30 | 000,167,040 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2003/07/24 13:10:34 | 000,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DNINDIS5.sys -- (DNINDIS5)
DRV - [2003/07/02 05:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/07/17 08:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)
DRV - [2001/08/30 11:59:04 | 000,136,136 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptserial.sys -- (Ptserial)
DRV - [2001/08/17 14:28:16 | 000,397,502 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vpctcom.sys -- (Vpctcom)
DRV - [2001/08/17 14:28:16 | 000,064,605 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vvoice.sys -- (Vvoice)
DRV - [2001/08/17 14:28:14 | 000,604,253 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\vmodem.sys -- (Vmodem)
DRV - [2001/08/17 09:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:III
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.0.1
FF - prefs.js..keyword.URL: "http://toolbar.ask.c...7&gct=&gc=1&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.709: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.709: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.709: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Owner\Application Data\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/16 11:46:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\FireFox\components [2011/06/23 01:58:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\FireFox\plugins [2011/07/03 16:25:13 | 000,000,000 | ---D | M]

[2008/08/26 21:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/10/03 00:26:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions
[2011/04/03 12:39:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/08/26 22:31:01 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2008/08/27 01:58:47 | 000,000,000 | ---D | M] (Dallas Cowboys) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions\{769d93be-4857-11dc-8314-0800200c9a66}
[2010/03/15 17:14:09 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/12/20 19:09:47 | 000,000,000 | ---D | M] (Amazon Quick Search) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions\{dffa0a29-2400-4d34-b469-efe699ce0115}
[2009/12/20 19:15:45 | 000,000,000 | ---D | M] (Amazonbutton+) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions\[email protected]
[2007/12/08 01:05:49 | 000,000,000 | ---D | M] (Xuxen III EDBL) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions\[email protected]
[2009/04/25 14:46:16 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions\[email protected]
[2011/10/03 00:28:07 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions\[email protected]
[2011/01/05 16:04:15 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\extensions\vshareus@toolbar
[2008/06/02 01:13:47 | 000,001,193 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\searchplugins\altavista.xml
[2009/12/20 19:18:16 | 000,002,684 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\searchplugins\amazon-search-suggestions.xml
[2011/08/23 21:16:36 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\searchplugins\askcom.xml
[2008/08/23 01:27:33 | 000,001,137 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\searchplugins\dictionarycom.xml
[2008/06/02 01:13:48 | 000,002,200 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\searchplugins\gamefaqs.xml
[2008/06/19 00:26:40 | 000,000,908 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\searchplugins\imdb.xml
[2008/04/21 13:09:51 | 000,002,006 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\searchplugins\urban-dictionary.xml
[2008/06/23 22:35:33 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\searchplugins\wikipedia-en.xml
[2010/05/29 10:15:10 | 000,001,292 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\searchplugins\wikipedia-es.xml
[2008/08/23 22:51:43 | 000,001,224 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wal9bexx.default\searchplugins\yahoo-answers.xml
[2010/03/16 11:46:51 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/03/15 18:00:15 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010/07/12 01:02:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/03/15 17:59:26 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2010/03/14 02:15:05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (att.net Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\PROGRAM FILES\Logitech\GAMING SOFTWARE\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...etInstaller.cab (WebBrowserType Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC292830-E399-48EB-8B1F-484EE0F8D685}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\vsharechrome - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/01/09 22:40:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0fae7670-8047-11e0-832e-00e04c79f129}\Shell - "" = AutoRun
O33 - MountPoints2\{0fae7670-8047-11e0-832e-00e04c79f129}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0fae7670-8047-11e0-832e-00e04c79f129}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/04 13:43:43 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/10/10 17:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\New Folder
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/04 13:43:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/11/04 13:28:33 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/11/03 22:25:37 | 000,020,297 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\E1.JPG
[2011/11/03 16:16:19 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-789336058-854245398-1003.job
[2011/11/03 16:16:18 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-796845957-789336058-854245398-1003.job
[2011/11/02 10:27:46 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/01 03:37:29 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{33466F56-B28E-432D-BB34-A90DEADB4A78}.job
[2011/10/31 13:53:06 | 015,485,003 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Fatboy Slim - Illuminati.mp3
[2011/10/31 03:38:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/26 17:37:31 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/10/26 17:37:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/25 00:22:38 | 000,089,691 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Klose.jpg
[2011/10/16 04:16:02 | 000,144,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/16 03:29:47 | 000,472,590 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/16 03:29:47 | 000,084,210 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/16 03:11:09 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/10/14 05:27:40 | 1587,686,488 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Illuminati The Music Industry Exposed [Full Length].avi
[2011/10/11 18:41:01 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/03 22:25:36 | 000,020,297 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\E1.JPG
[2011/10/31 12:44:41 | 015,485,003 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Fatboy Slim - Illuminati.mp3
[2011/10/25 00:22:34 | 000,089,691 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Klose.jpg
[2011/10/14 02:41:11 | 1587,686,488 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Illuminati The Music Industry Exposed [Full Length].avi
[2011/08/30 11:26:59 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/08/30 11:26:59 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/08/30 11:26:59 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/08/30 11:26:59 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/08/30 11:26:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/08 19:30:13 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ULVIO40.INI
[2010/12/08 19:25:49 | 000,000,212 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2010/06/29 18:54:37 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/03/19 17:39:57 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2010/02/10 04:12:21 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/12/05 18:34:46 | 000,027,480 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/11/16 11:33:38 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/06/25 21:18:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/06/25 21:03:31 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/06/07 06:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2009/02/12 22:36:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/02/12 22:35:50 | 002,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009/02/12 22:35:48 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/02/12 22:35:48 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/11/13 04:20:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/07/29 19:17:48 | 000,001,160 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/07/21 17:19:55 | 000,112,128 | ---- | C] () -- C:\WINDOWS\audiow32.dll
[2008/03/04 18:52:34 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2008/01/24 20:27:24 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\STLibWrapper.dll
[2007/10/31 09:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/05/17 13:58:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
[2007/02/07 16:14:58 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/05 11:11:50 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/12/19 00:12:42 | 000,054,398 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/12/12 17:49:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\internaldb6334.dat
[2006/12/12 17:49:05 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\internaldb8467.dat
[2006/12/12 17:49:05 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\internaldb41.dat
[2006/12/12 17:48:57 | 000,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/12 17:48:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\internaldb5436.dat
[2006/12/12 17:48:51 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\internaldb4827.dat
[2006/12/12 17:48:50 | 000,000,337 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\internaldb1942.dat
[2006/12/12 17:48:50 | 000,000,023 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\inifile41.ini
[2006/11/26 02:24:03 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006/11/23 17:15:53 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/11/22 19:27:08 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2006/11/22 13:18:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2006/11/21 23:58:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/11/21 23:47:06 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/21 23:47:00 | 000,151,552 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/21 21:17:40 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System32\TrueSoft.dat
[2006/11/21 21:17:36 | 000,000,456 | R--- | C] () -- C:\WINDOWS\System32\pthsp.dat
[2006/11/21 21:16:49 | 000,173,056 | ---- | C] () -- C:\WINDOWS\System32\pctspk.exe
[2006/11/21 01:36:28 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/21 00:24:39 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2006/11/21 00:12:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/11/21 00:05:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/11/20 17:58:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/11/20 17:57:24 | 000,144,424 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/09/24 13:37:00 | 000,169,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/08/16 09:47:08 | 000,000,114 | ---- | C] () -- C:\WINDOWS\PART0100.DAT
[2002/08/29 02:57:58 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 07:00:00 | 000,472,590 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 07:00:00 | 000,084,210 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2009/05/15 22:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2009/06/07 13:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTToolbar
[2011/09/08 02:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTYToolbar
[2001/01/09 19:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Geek Squad
[2006/11/23 20:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kazaa Lite
[2010/03/09 18:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2007/08/24 13:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\show itch idol that
[2010/04/18 13:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/20 13:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/17 10:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/25 01:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/04/18 13:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AnvSoft
[2009/05/15 22:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AT&T
[2009/06/07 13:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ATTToolbar
[2010/06/24 08:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Aura4You
[2010/07/26 22:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\avidemux
[2010/04/18 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Clone2Go Video Converter Professional
[2009/09/12 16:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FMZilla
[2010/06/29 17:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FreeVideoConverter
[2010/12/07 00:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\HamsterSoft
[2010/08/09 17:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\licenses
[2010/02/25 18:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Panda Security
[2010/08/09 17:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PCMM2009
[2010/08/09 17:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PCMM2010
[2009/06/25 21:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Samsung
[2011/01/05 16:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\vShare
[2009/06/14 11:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WinPatrol
[2011/10/26 17:37:31 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2011/11/04 13:28:33 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/11/01 03:37:29 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{33466F56-B28E-432D-BB34-A90DEADB4A78}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7578EF04

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP