Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

internet slow down


  • Please log in to reply

#1
scottie279

scottie279

    Member

  • Member
  • PipPip
  • 33 posts
my computer was slowing down and internet was getting slower and slower.

OTL logfile created on: 12/12/2011 8:31:31 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Elvis\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 1.29 Gb Available Physical Memory | 65.49% Memory free
3.82 Gb Paging File | 3.34 Gb Available in Paging File | 87.45% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.69 Gb Total Space | 59.04 Gb Free Space | 76.98% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 130.14 Gb Free Space | 55.88% Space Free | Partition Type: NTFS

Computer Name: SCOTT | User Name: Elvis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/12 20:30:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elvis\Desktop\OTL.exe
PRC - [2011/11/28 12:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 12:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/11/20 22:04:51 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Mozilla Firefox\firefox.exe
PRC - [2011/10/25 08:59:16 | 000,244,960 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/25 08:45:44 | 000,956,928 | ---- | M] (Christian Salmon) -- C:\Program Files\VisualTooltip\VisualToolTip.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/12 11:28:08 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/12/12 11:03:17 | 001,646,080 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11121201\algo.dll
MOD - [2011/12/12 09:57:38 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11121201\aswRep.dll
MOD - [2011/11/20 22:04:51 | 001,989,592 | ---- | M] () -- C:\Mozilla Firefox\mozjs.dll
MOD - [2011/10/25 08:59:16 | 000,244,960 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
MOD - [2009/10/26 01:33:33 | 000,010,240 | ---- | M] () -- C:\Unlocker\UnlockerCOM.dll
MOD - [2005/10/07 15:05:32 | 000,125,440 | ---- | M] () -- C:\Winrar\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/11/28 12:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/10/25 08:59:16 | 000,244,960 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/11/28 11:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 11:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 11:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 11:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 11:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 11:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 11:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/04/13 12:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 12:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\changer.sys -- (Changer)
DRV - [2006/09/24 07:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2001/08/17 08:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2000/06/25 04:31:14 | 000,098,272 | R--- | M] (Tekom Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\p35u.sys -- (DCamUSBCompany)
DRV - [1997/04/22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75)
DRV - [1996/04/03 13:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...l_date=20111212
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.tigerdire..., 2, 4, 2, 1, 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?..._date=20111212"
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.1
FF - prefs.js..extensions.enabledItems: {7E7165E2-0767-448c-852F-5FA8714F2C37}:1.0.3
FF - prefs.js..extensions.enabledItems: {03B08592-E5B4-45ff-A0BE-C1D975458688}:0.6.0.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: [email protected]:6.0.1367
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {46d606b0-a645-11df-981c-0800200c9a66}:1.0.29
FF - prefs.js..extensions.enabledItems: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.4.0
FF - prefs.js..keyword.URL: "http://www.bing.com/...te=20111212&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/12 13:31:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Mozilla Firefox\components [2011/12/12 18:48:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Mozilla Firefox\plugins [2011/12/12 18:48:51 | 000,000,000 | ---D | M]

[2009/03/02 23:25:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Extensions
[2011/12/12 19:08:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions
[2011/12/12 19:08:16 | 000,000,000 | ---D | M] (Toolbar Buttons) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
[2009/09/02 13:25:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/22 08:27:01 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/12/12 17:42:19 | 000,000,000 | ---D | M] (ShopToWin9) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}
[2011/12/12 17:41:06 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2009/10/29 18:56:10 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/09/04 06:17:51 | 000,000,000 | ---D | M] (PlainOldFavorites) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}
[2009/10/26 15:24:49 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/10/29 18:56:14 | 000,000,000 | ---D | M] (AnyColor) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\[email protected]
[2009/10/29 18:56:17 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\[email protected]
[2011/12/12 17:41:24 | 000,000,000 | ---D | M] (EpicPlay Games) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\[email protected]
[2011/12/12 17:42:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}\chrome\content\dca\core\extensionManager
[2011/12/12 17:41:04 | 000,001,945 | ---- | M] () -- C:\Documents and Settings\Elvis\Application Data\Mozilla\Firefox\Profiles\0u9fdn78.default\searchplugins\bing-zugo.xml
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ELVIS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0U9FDN78.DEFAULT\EXTENSIONS\[email protected]
[2011/12/12 13:31:55 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2010/01/22 08:35:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2011/12/12 10:47:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (EpicPlay Games) - {56E4076B-A42B-4745-BA35-34DA8AC4C2F2} - C:\Program Files\EpicPlay\epicPlayGames.dll (EpicPlay LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe (Christian Salmon)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled [2009/10/27 11:07:28 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Elvis\Start Menu\Programs\Startup\AutorunsDisabled [2009/10/27 11:07:24 | 000,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 03 00 00 00 [binary data]
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.8.cab (DLM Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1236058644531 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://support.f-sec...m/ols/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{423FB4CE-0FBC-4FFD-A668-A666B8808800}: DhcpNameServer = 10.1.10.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Elvis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Elvis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/02 23:06:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/14 06:55:12 | 000,000,000 | ---D | M] - C:\Autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/12 20:29:52 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Elvis\Desktop\OTL.exe
[2011/12/12 19:52:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/12/12 17:49:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/12/12 17:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\My Documents\DealRunner
[2011/12/12 17:42:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DealRunner
[2011/12/12 17:42:30 | 000,000,000 | ---D | C] -- C:\Program Files\DealRunner
[2011/12/12 17:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\My Documents\ShopToWin
[2011/12/12 17:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\FreeCause
[2011/12/12 17:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\EpicPlay
[2011/12/12 17:41:04 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2011/12/12 16:27:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/12/12 15:46:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/12/12 15:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\PCHealth
[2011/12/12 14:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2011/12/12 13:38:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/12/12 13:35:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Desktop\Scott
[2011/12/12 13:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/12/12 13:33:06 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/12/12 13:31:23 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/12/12 13:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/12/12 13:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Big Hammer
[2011/12/12 13:28:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/12/12 13:19:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011/12/12 13:01:06 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/12/12 13:01:06 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/12/12 12:58:37 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/12/12 10:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Quick Search Box
[2011/12/12 10:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elvis\Local Settings\Application Data\Temp
[2011/12/12 10:48:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2011/12/12 10:43:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[19 C:\Documents and Settings\Elvis\Desktop\*.tmp files -> C:\Documents and Settings\Elvis\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/12 20:30:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elvis\Desktop\OTL.exe
[2011/12/12 20:20:58 | 000,021,760 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/12 20:20:03 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/12 20:19:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/12 19:54:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/12 19:20:47 | 000,002,404 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/12 18:49:02 | 000,000,617 | ---- | M] () -- C:\Documents and Settings\Elvis\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/12 18:49:02 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/12 18:33:47 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\Elvis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/12 18:24:28 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/12 18:02:41 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\Elvis\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/12/12 17:54:17 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/12 17:54:09 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/12/12 17:54:08 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/12/12 16:31:58 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/12 16:31:58 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/12 16:28:59 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/12/12 16:26:32 | 000,157,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/12 13:53:10 | 000,001,509 | ---- | M] () -- C:\Documents and Settings\Elvis\Desktop\Windows Explorer.lnk
[2011/12/12 13:33:20 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/12 13:33:06 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/12 13:16:09 | 000,021,760 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2011/12/12 13:03:16 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/12/12 12:56:22 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/12/12 12:52:17 | 000,022,720 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/12/12 12:50:23 | 000,000,306 | -HS- | M] () -- C:\boot.ini
[2011/12/12 10:47:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/11/28 12:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/28 12:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/28 11:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/28 11:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/28 11:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/28 11:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/28 11:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/28 11:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/28 11:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/28 11:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[19 C:\Documents and Settings\Elvis\Desktop\*.tmp files -> C:\Documents and Settings\Elvis\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/12 18:49:02 | 000,000,605 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/12 18:49:02 | 000,000,599 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/12 18:33:06 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/12 13:33:20 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/12 13:31:06 | 000,002,404 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/12 13:00:11 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/12/12 12:59:54 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/12/12 12:59:47 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/12/12 12:59:16 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/12/12 12:58:43 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/12/12 12:28:03 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/12/12 12:28:03 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/12/12 12:28:03 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/12/12 12:28:03 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/12/12 12:28:03 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/12/12 12:28:03 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/12/12 12:28:02 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2011/12/12 10:43:45 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/12 10:43:44 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/06/01 01:48:56 | 000,334,422 | ---- | C] () -- C:\WINDOWS\System32\viwc.exe
[2009/06/01 01:43:12 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe
[2009/06/01 01:43:12 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe
[2009/06/01 01:43:12 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe
[2009/05/22 18:29:34 | 000,130,048 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/05/22 18:29:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/05/22 18:29:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/05/22 18:29:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/18 06:56:01 | 000,000,039 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2009/03/06 03:32:12 | 000,010,382 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/03/06 03:32:12 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\4F3DA9204E.sys
[2009/03/05 21:49:42 | 000,000,310 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009/03/05 21:38:14 | 000,028,672 | R--- | C] () -- C:\WINDOWS\rmvall.exe
[2009/03/05 08:02:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/05 08:02:19 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Elvis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/04 12:17:51 | 000,000,003 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2009/03/03 08:26:41 | 000,024,598 | ---- | C] () -- C:\Documents and Settings\Elvis\Application Data\Comma Separated Values (Windows).ADR
[2009/03/03 08:19:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/02 23:31:33 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2009/03/02 23:29:26 | 000,003,415 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/03/02 23:29:24 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/03/02 23:25:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/02 23:09:58 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/02 23:02:06 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/02 16:53:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/02 16:51:33 | 000,157,160 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/26 14:28:48 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/11/06 10:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 10:33:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2004/10/26 16:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/09/17 17:37:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/08/04 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 06:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 06:00:00 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/09/09 15:37:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\avisynth_c.dll
[2002/10/15 16:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/05/10 19:14:33 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[1996/04/03 13:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2011/12/12 13:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/05/22 20:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/08/17 19:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2009/04/03 21:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Auslogics
[2009/05/13 14:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\BitZipper
[2011/12/12 13:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\DisplayTune
[2009/05/22 18:43:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Elvis\Application Data\drivers
[2009/03/05 09:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\DVD2AVI Ripper Professional
[2009/03/04 09:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\eMule
[2009/10/26 15:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Foxit
[2009/03/03 01:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\ICQ
[2009/03/03 10:14:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\IObit
[2009/03/05 22:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Miranda
[2009/08/23 08:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Movienizer
[2009/10/24 21:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\OpenOffice.org
[2009/08/10 14:42:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Stardock
[2009/06/01 02:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Styler
[2009/06/13 20:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\SystemRequirementsLab
[2009/05/22 20:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Uniblue
[2009/03/04 13:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\vghd
[2009/07/02 05:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\ViSplore
[2009/06/01 02:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\ViStart
[2009/11/21 02:14:09 | 000,000,302 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Elvis\Desktop\oledlg.ini:SummaryInformation

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP