Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

BSODs and boot.ini deleted after every reboot [Solved]


  • This topic is locked This topic is locked

#31
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Alright, did it as you said. It blue screened right before I could reboot, though. I didn't get the invalid boot.ini when it was starting up, but I checked for it in C, and it's gone again, so I'm suspecting I'll see the message next time I boot up.

Edited by Quamble, 20 February 2013 - 10:53 PM.

  • 0

Advertisements


#32
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts
Hmm... try a reboot and see what happens.

The colleague that gave me the advice about the manual way of repairing the boot.ini also mentioned that in the past the ASKUpgrade Service was the culprit in that it removed the boot.ini at every reboot. You had that on your machine but I thought it had been removed along with a whole lot of other rubbish.

After you reboot let's have another look at things:

  • Close all windows and open OTL again.
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you. Post the log here.
Note: If the log doesn't appear where you saved OTL when you downloaded it then a copy of the OTL log is saved in a text file at
  • 0

#33
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Alright, some good news at last! Turns out, it was hidden for some reason, although I had it checked before it blue screened, I had to recheck the view hidden files option. So, it hasn't been deleted yet. That's something to be happy about, I suppose. Hopefully it doesn't get deleted again. I'm still blue screening though, which is troublesome. I'll run the OTL scan if you still need me to.
  • 0

#34
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts
Yes please. :thumbsup:
  • 0

#35
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Alright, I ran OTL, left the room, and when I came back I saw a pop up stating the system was shutting down and warned me to save everything or it'd be lost, then it went onto say it was intiated or started by NT Authority System, or something like that and below was something about lsass.exe. I couldn't read it all because it restarted. I DID manage to run OTL after that peculiar pop up though. Here it is:

OTL logfile created on: 2/21/2013 12:42:05 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ally\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.55 Gb Available Physical Memory | 85.03% Memory free
4.85 Gb Paging File | 4.59 Gb Available in Paging File | 94.69% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 283.64 Gb Free Space | 60.90% Space Free | Partition Type: NTFS
Drive D: | 931.50 Gb Total Space | 278.57 Gb Free Space | 29.91% Space Free | Partition Type: NTFS
Drive G: | 7.35 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: HOME-46F4D09C66 | User Name: Ally | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ally\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\dlcxcoms.exe ( )
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\13022001\algo.dll ()
MOD - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll ()


========== Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (STacSV) -- c:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe (IDT, Inc.)
SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (dlcx_device) -- C:\WINDOWS\system32\dlcxcoms.exe ( )


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (TVICHW32) -- C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS File not found
DRV - (sfng32) -- system32\drivers\sfng32.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (a8o6zz0q) -- File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (BANTExt) -- C:\WINDOWS\system32\drivers\BANTExt.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8F98310E-C4DA-4800-BC84-B368D6D0FECE}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=966134"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\PROGRA~1\SONYON~1\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/02/16 21:06:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 20:47:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/20 20:47:28 | 000,000,000 | ---D | M]

[2009/02/15 17:30:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Extensions
[2013/02/20 20:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions
[2009/06/17 11:34:53 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/12/08 15:29:47 | 000,000,000 | ---D | M] ("tektek.org GaiaOnline Toolbar 2.1") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{0df7b3bb-9581-44bb-835f-061a29ec8a46}
[2009/09/02 12:18:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/24 13:19:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/26 20:56:41 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/05/30 17:58:11 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/10/04 09:36:19 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/12/07 15:01:01 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/06/17 11:34:56 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/25 14:25:55 | 000,000,000 | ---D | M] (DriverAgent Plugin for Firefox and Opera) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}
[2010/01/20 18:24:37 | 000,000,000 | ---D | M] (Illimitux) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/04/09 17:52:06 | 000,000,000 | ---D | M] (Personas for Firefox) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/06/09 21:16:44 | 000,000,000 | ---D | M] (translator) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/09/01 16:07:37 | 000,000,000 | ---D | M] (translator (fixed)) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/10/04 09:36:36 | 000,004,546 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\aim-search.xml
[2009/04/21 11:53:14 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\live-search.xml
[2009/07/14 12:00:21 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\winamp-search.xml
[2009/10/10 15:18:10 | 000,000,872 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.gif
[2009/10/10 15:18:10 | 000,000,464 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.src
[2009/10/10 15:18:06 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.xml
[2013/02/20 05:28:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/08/19 15:31:28 | 000,098,304 | ---- | M] (ASP) -- C:\Program Files\mozilla firefox\plugins\NPHoldemFireLauncher.dll
[2009/01/28 22:08:04 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiCHPlugin.dll
[2008/09/10 02:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\mozilla firefox\plugins\npijjiFFPlugin1.dll
[2009/11/09 20:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Program Files\mozilla firefox\plugins\NPMFireLauncher.dll
[2010/01/28 14:08:16 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: HoldemFireLauncher (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPHoldemFireLauncher.dll
CHR - plugin: ijji plugin for channeling games. (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
CHR - plugin: npijjiFFPlugin1 for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: MFireLauncher (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMFireLauncher.dll
CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Free Realms Installer (Enabled) = C:\PROGRA~1\SONYON~1\npsoe.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Marlies Dekkers = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm\2_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.60_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/02/19 21:43:39 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DLCXCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe (PC Pitstop, LLC.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.c...ch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15D2CD05-3B7B-46ED-A6B3-2E4BE1EDD31D}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84F6238C-AC6E-456E-8A36-8A4D2EE5FCD2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O24 - Desktop WallPaper: C:\Documents and Settings\Ally\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ally\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/18 20:57:37 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/20 21:40:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
[2013/02/20 21:37:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\burnatonce
[2013/02/20 21:37:53 | 000,000,000 | ---D | C] -- C:\Program Files\burnatonce
[2013/02/20 20:38:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2013/02/20 20:20:00 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ally\Desktop\MGADiag.exe
[2013/02/20 20:19:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/02/20 05:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/02/19 21:41:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/02/19 20:23:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/02/19 16:55:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/02/19 16:55:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/02/19 16:55:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/02/19 16:55:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/02/19 16:55:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/19 01:44:22 | 005,034,457 | R--- | C] (Swearware) -- C:\Documents and Settings\Ally\Desktop\ComboFix.exe
[2013/02/18 22:43:59 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Ally\Desktop\tdsskiller.exe
[2013/02/18 18:54:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/02/18 18:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Application Data\Uninstaller Tool(Comodo Forums)
[2013/02/18 16:13:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ally\Desktop\OTL.exe
[2013/02/17 23:44:59 | 000,281,808 | ---- | C] (Igor Pavlov) -- C:\7za.dll
[2013/02/17 23:44:59 | 000,000,000 | ---D | C] -- C:\themes
[2013/02/17 23:44:58 | 003,360,976 | ---- | C] (Terra Informatica Software, Inc.) -- C:\cmdhtml.dll
[2013/02/17 23:44:58 | 000,000,000 | ---D | C] -- C:\cis
[2013/02/17 23:44:57 | 018,980,560 | ---- | C] (COMODO) -- C:\cmdinstall.exe
[2013/02/17 23:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Start Menu\Programs\NirSoft BlueScreenView
[2013/02/17 23:14:12 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2013/02/17 21:59:28 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/02/17 21:33:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Application Data\Malwarebytes
[2013/02/17 21:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/17 21:32:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/02/17 21:32:40 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/02/17 21:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/17 21:00:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ally\My Documents\My Music
[2013/02/17 21:00:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/02/17 03:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2013/02/17 01:05:01 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2013/02/17 01:02:19 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2013/02/17 01:02:07 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2013/02/17 01:01:16 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2013/02/17 01:00:56 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2013/02/17 01:00:03 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2013/02/17 00:58:50 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2013/02/17 00:57:12 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013/02/17 00:54:32 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/02/17 00:54:31 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/02/17 00:51:40 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2013/02/17 00:48:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2013/02/16 21:51:10 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.backup
[2013/02/16 21:46:47 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ally\My Documents\uxtheme.dll
[2013/02/16 21:46:13 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ally\Desktop\uxtheme.dll
[2013/02/16 21:07:31 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/02/16 21:07:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/02/16 21:07:30 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/02/16 21:07:28 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/02/16 21:07:28 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/02/16 21:06:45 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/02/16 21:06:44 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/02/16 21:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/02/16 21:06:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/02/16 21:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\Magical Jelly Bean
[2013/02/16 21:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\KeyFinder
[2013/02/16 20:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2013/02/16 20:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AIM
[2013/02/16 20:38:48 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/02/16 20:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/02/16 20:09:29 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/02/16 20:09:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Local Settings\Application Data\Google
[2013/02/16 02:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Backed up files from the 1TB
[2013/02/16 02:20:54 | 009,319,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.EXE
[2013/02/16 02:20:54 | 000,070,400 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtlnicxp.sys
[2013/02/16 02:19:16 | 016,162,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2013/02/16 02:19:16 | 002,297,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2013/02/10 19:38:21 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2013/02/10 19:38:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2013/02/10 19:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2013/02/10 19:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2013/02/10 19:38:11 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2013/02/10 19:38:09 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2013/02/10 19:38:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2013/02/10 19:38:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2013/02/10 19:38:01 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2013/02/10 19:37:50 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013/02/10 19:37:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2013/02/10 19:37:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2013/02/10 19:37:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2013/02/10 19:37:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2013/02/10 19:37:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2013/02/10 19:37:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2013/02/10 19:37:44 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2013/02/10 19:37:44 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2013/02/10 19:37:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2013/02/10 19:37:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2013/02/10 19:36:05 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2013/02/10 19:35:34 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2013/02/10 19:35:34 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2013/01/27 13:53:54 | 000,000,000 | ---D | C] -- C:\f12faa67f3615af0b880
[2013/01/25 22:55:44 | 000,552,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2009/11/29 19:24:38 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ally\Application Data\pcouffin.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/21 00:41:33 | 000,000,312 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/02/21 00:41:02 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/21 00:40:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/21 00:19:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/20 23:46:00 | 000,000,191 | RH-- | M] () -- C:\boot.ini
[2013/02/20 21:51:59 | 000,184,224 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/20 21:37:56 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\burnatonce.lnk
[2013/02/20 21:35:06 | 003,990,680 | ---- | M] ( ) -- C:\Documents and Settings\Ally\Desktop\bao0995.exe
[2013/02/20 20:38:21 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/20 20:20:04 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Ally\Desktop\MGADiag.exe
[2013/02/19 21:43:39 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/02/19 02:48:05 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\E-mail.lnk
[2013/02/19 01:44:29 | 005,034,457 | R--- | M] (Swearware) -- C:\Documents and Settings\Ally\Desktop\ComboFix.exe
[2013/02/18 22:44:04 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Ally\Desktop\tdsskiller.exe
[2013/02/18 20:29:19 | 000,587,671 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\adwcleaner0.exe
[2013/02/18 16:13:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ally\Desktop\OTL.exe
[2013/02/18 02:49:02 | 000,026,502 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\800px-Latveria_flag (1).JPG
[2013/02/18 00:11:03 | 000,285,256 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2013/02/17 23:50:12 | 000,262,704 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\bobok.xml
[2013/02/17 23:44:59 | 000,000,614 | ---- | M] () -- C:\WINDOWS\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2013/02/17 21:32:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/17 18:17:38 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Shortcut to 12 Catastrophe.mp3.lnk
[2013/02/17 18:17:38 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\DVDVideoSoft Free Studio.lnk
[2013/02/17 18:17:38 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Cucusoft AVI to VCD DVD MPEG Converter Pro.lnk
[2013/02/17 18:17:38 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\MOVAVI VideoSuite 3.5.lnk
[2013/02/17 18:17:38 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Avi2Dvd.lnk
[2013/02/17 18:17:38 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\DVDFab 5.lnk
[2013/02/17 17:33:23 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2013/02/17 03:58:26 | 000,432,776 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/17 03:58:26 | 000,067,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/17 03:55:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/02/16 22:21:20 | 002,183,944 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\the_avengers_by_liquidsky64-d4yyjly.jpg
[2013/02/16 22:15:52 | 000,355,336 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\Ironman_wallpaper_by_BordomBeThyName.jpg
[2013/02/16 21:07:27 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/02/16 20:58:34 | 000,001,723 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/02/16 20:52:54 | 000,001,405 | -H-- | M] () -- C:\IPH.PH
[2013/02/16 20:52:45 | 000,001,592 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2013/02/16 20:52:01 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/16 20:50:46 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013/02/16 20:39:00 | 000,292,700 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/02/16 20:39:00 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/02/16 20:38:55 | 000,292,700 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/02/16 20:38:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013/02/16 20:18:23 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/14 00:44:43 | 001,810,583 | ---- | M] () -- C:\Documents and Settings\Ally\hipster
[2013/01/25 22:55:44 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2013/01/24 17:42:48 | 003,360,976 | ---- | M] (Terra Informatica Software, Inc.) -- C:\cmdhtml.dll
[2013/01/24 17:42:46 | 000,281,808 | ---- | M] (Igor Pavlov) -- C:\7za.dll
[2013/01/24 17:42:41 | 018,980,560 | ---- | M] (COMODO) -- C:\cmdinstall.exe
[2013/01/24 03:19:04 | 001,196,032 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\Memtest86-4.1.0.iso
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/20 23:46:00 | 000,000,191 | RH-- | C] () -- C:\boot.ini
[2013/02/20 21:37:56 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\burnatonce.lnk
[2013/02/20 21:35:05 | 003,990,680 | ---- | C] ( ) -- C:\Documents and Settings\Ally\Desktop\bao0995.exe
[2013/02/19 16:55:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/02/19 16:55:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/02/19 16:55:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/02/19 16:55:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/02/19 16:55:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/02/19 02:48:05 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\E-mail.lnk
[2013/02/18 22:42:05 | 000,022,951 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\CIS Clean-up Tool.bat
[2013/02/18 20:29:16 | 000,587,671 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\adwcleaner0.exe
[2013/02/18 02:49:01 | 000,026,502 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\800px-Latveria_flag (1).JPG
[2013/02/18 00:58:28 | 001,196,032 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Memtest86-4.1.0.iso
[2013/02/17 23:50:12 | 000,262,704 | ---- | C] () -- C:\Documents and Settings\Ally\My Documents\bobok.xml
[2013/02/17 23:40:54 | 000,000,614 | ---- | C] () -- C:\WINDOWS\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2013/02/17 21:59:30 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/02/17 21:32:44 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/17 00:51:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/02/17 00:51:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/02/16 22:21:20 | 002,183,944 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\the_avengers_by_liquidsky64-d4yyjly.jpg
[2013/02/16 22:15:52 | 000,355,336 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Ironman_wallpaper_by_BordomBeThyName.jpg
[2013/02/16 22:12:13 | 003,104,272 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Radium Neue.ip
[2013/02/16 22:12:13 | 000,115,290 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Radium Neue.png
[2013/02/16 21:48:04 | 000,011,578 | R--- | C] () -- C:\Documents and Settings\Ally\Desktop\Replacer.cmd
[2013/02/16 21:48:04 | 000,003,116 | R--- | C] () -- C:\Documents and Settings\Ally\Desktop\data
[2013/02/16 21:07:27 | 000,000,312 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/02/16 20:58:34 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/02/16 20:58:34 | 000,001,711 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Belarc Advisor.lnk
[2013/02/16 20:58:32 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2013/02/16 20:50:46 | 000,005,208 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013/02/16 20:38:55 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/02/16 20:38:55 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/02/16 20:38:55 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/02/16 20:38:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013/02/16 20:10:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/16 20:10:13 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/16 20:09:32 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/16 20:09:31 | 000,000,878 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/16 02:20:54 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013/02/16 02:19:17 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2013/02/16 02:08:23 | 001,810,583 | ---- | C] () -- C:\Documents and Settings\Ally\hipster
[2012/02/09 22:40:00 | 002,783,770 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2010/03/12 16:36:45 | 000,003,630 | ---- | C] () -- C:\Documents and Settings\Ally\.recently-used.xbel
[2010/02/07 16:12:04 | 000,143,718 | ---- | C] () -- C:\Documents and Settings\Ally\myhubby2.bmp
[2009/11/29 19:24:38 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\pcouffin.cat
[2009/11/29 19:24:38 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\pcouffin.inf
[2009/11/29 19:10:09 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/05/19 13:17:46 | 040,229,620 | ---- | C] () -- C:\Documents and Settings\Ally\remix.wav
[2009/05/13 17:31:53 | 000,000,518 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\burnaware.ini
[2009/03/11 18:39:26 | 000,085,504 | ---- | C] () -- C:\Documents and Settings\Ally\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/01/01 00:33:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ally\initdebug.nfo

========== ZeroAccess Check ==========

[2009/04/20 19:37:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/28 23:46:52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
  • 0

#36
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts
Those error messages you have been getting along with the BSODs suggest to me that there is a fair amount of corruption on your machine. Malware also leaves behind corruption.

My thought is that reinstalling SP3 would renew all your systems files and maybe improve things somewhat.

What do you think?

You can uninstall and then reinstall SP3 (Service Pack 3) Here's the link for SP3 download

Link: http://www.microsoft...&displaylang=en

Disregard the information for use on multiple network computers.

Read this for information about what to do before installing SP3:

http://support.microsoft.com/kb/950717

After that run Windows updates. You may have quite a few.

Then come back and tell me if that has made a difference to your computer.
  • 0

#37
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
I uninstalled service pack 3, then reinstalled it. It went great when I uninstalled it, but when I reinstalled it, everything went wrong. The computer refuses to boot up normally now and blue screens before even hitting the welcome screen. Safe mode works fine, though. Not sure what's causing this.
  • 0

#38
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts

Safe mode works fine, though


Try uninstalling all your security programs and tell me if that makes a difference.
  • 0

#39
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
So, so sorry I didn't include this last night. I ended up feeling sick and went to bed. I did a system restore before I went to bed just to see if it'd work, and to ease my mind, and it did. Would it be alright to uninstall SP3 again and then reinstall it? Sorry if I shouldn't of restored it, I guess I just freaked out. I'll remove all my security programs if it starts blue screening after I reinstall it. Thank you again for helping me though, you've really been patient with me and I appreciate it.
  • 0

#40
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts

Sorry if I shouldn't of restored it, I guess I just freaked out.


No that's fine although we will have to recheck for malware that might had been preserved in System Restore and now be back. Also, if you carried out the Systems Restore before you found you could work okay in Safe Mode we may have a different scenario.

For now though; I take it that it was after the System Restore that you were able to work fine in Safe Mode or could you do that before you carried out the restore?
  • 0

Advertisements


#41
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
The system restore was right before I uninstalled SP3. The boot.ini is still here too, so hopefully the malware isn't back.

Er, here's how everything happened, in order. I made a system restore right before I uninstalled SP3 just to be safe. I uninstalled SP3, I couldn't do it through add/remove because the option wasn't there, so I used the "Run" application and put this in, which I got off of the Microsoft website.
c:\windows\$NtServicePackUninstall$\spuninst\spuninst.exe
After I put that in, everything uninstalled fine and the system was still booting up properly. I let the computer restart because it asked to after it uninstalled SP3. I then used the SP3 download you gave me and let it install and the installation process went fine, it asked to restart the computer and I let it. This is where I had problems. It was at the Microsoft boot up with the little loading bar, and as it was about to hit the welcome screen, I got a blue screen that said the computer had been shut off to prevent damage to the system. I tried to boot up once more normally, the option to boot in safe mode appeared as it said the computer did not start up normally last time and asked if I wanted to try safe mode, I let it boot up normally instead to see if the blue screen was a one time thing, but it wasn't. I then shut off the computer, restarted it, and chose the safe mode option this time. Everything loaded fine in safe mode. I went into system restore, while still in safe mode, and chose the restore point I had made earlier. I restored it, and everything booted up normally with no problem. Should I try uninstalling SP3 again now?

Edited by Quamble, 21 February 2013 - 08:42 PM.

  • 0

#42
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts
Hello Quamble,

I let it boot up normally instead to see if the blue screen was a one time thing, but it wasn't.


Excellent news. :thumbsup:

One thing System Restore does is return registry settings to the older point in time. This can be a work around for corrupted registry items which may well have been part of your problem... remember the "error code 7".

Could be a combination of removal of the malware, the reinstallation, boot.ini fix and the restore have corrected things.

Should I try uninstalling SP3 again now?


No, tell me have the BSOD's all gone?

And

The boot.ini is still here too, so hopefully the malware isn't back.


Hopefully not, I think the one that did it would not come back but we still need to check things in case there was infection that was came back with the restore. Unlike earlier times, nowadays AVs are pretty good at getting infected stuff in System Restore so hopefully we are okay but nevertheless...

Please carry out the ESET scan again see post #18 for the instructions and post back the results.

After that

  • Close all windows and open OTL again.
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you. Post the log here.
Note: If the log doesn't appear where you saved OTL when you downloaded it then a copy of the OTL log is saved in a text file at.

So when you return please post
  • ESET scan results
  • OTL txt


PS Please don't do any other actions without letting me know. :lol:
  • 0

#43
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Alright, just a warning here. The ESET scan might take a good 12 hours to finish like it did last time, I'll post it and the OTL log as soon as I can. Also, no, the bsods remain. Mostly when I use chrome that I've noticed though. I try loading up chrome and I get blue screens. It seems to be more stable on fire fox, but I've still gotten some while using it. Alright, I'll return as soon as possible, this may take a while. And I won't! Sorry about last time!

Edited by Quamble, 21 February 2013 - 09:21 PM.

  • 0

#44
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,989 posts

Also, no, the bsods remain. Mostly when I use chrome that I've noticed though. I try loading up chrome and I get blue screens.


Hmm... when you told me things worked okay in Safe Mode it suggested to me that it was some start up program causing conflict, hence the suggestion of uninstalling your security programs as these can often be corrupted, or have settings unknowingly configured to cause problems. That said, it could be conflict from any program or driver not running in safe mode.

In your position I would just uninstall Chrome and see if that fixes it. Certainly Chrome will likely be broken after removal of the malware which was entwined in it.

Personally, I like Firefox far better anyway. :lol:

The ESET scan might take a good 12 hours


That's fine just do it when you get time... I will still be here.

And I won't! Sorry about last time!


Not to worry... just makes things simpler is all. :)
  • 0

#45
Quamble

Quamble

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
I ran ESET around 6 AM my time and let it scan through out the day. I left to do other things and when I got back I checked to see how it was coming along. Unfortunately, when I turned on the screen all I saw was a blue screen. I guess it blue screened during the scan, because the log file only says this:

[email protected] as downloader log:
all ok

I'm willing to run it again, and I haven't uninstalled it yet. I was unsure if you'd want me to run it again. Let me know if you do and I will or if I should uninstall it. I did run OTL though after I booted the computer back up.

OTL logfile created on: 2/22/2013 5:23:34 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ally\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 82.78% Memory free
4.85 Gb Paging File | 4.51 Gb Available in Paging File | 93.04% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 279.45 Gb Free Space | 60.00% Space Free | Partition Type: NTFS
Drive D: | 931.50 Gb Total Space | 254.13 Gb Free Space | 27.28% Space Free | Partition Type: NTFS

Computer Name: HOME-46F4D09C66 | User Name: Ally | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ally\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\dwwin.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\dlcxcoms.exe ( )
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\13022201\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\13022200\algo.dll ()
MOD - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll ()
MOD - C:\Program Files\Avi2Dvd\Programs\Filters\Haali media splitter\mmfinfo.dll ()
MOD - C:\Program Files\Avi2Dvd\Programs\Filters\Haali media splitter\mkunicode.dll ()


========== Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (STacSV) -- c:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe (IDT, Inc.)
SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (dlcx_device) -- C:\WINDOWS\system32\dlcxcoms.exe ( )


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (TVICHW32) -- C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS File not found
DRV - (sfng32) -- system32\drivers\sfng32.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (asmo5711) -- File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (BANTExt) -- C:\WINDOWS\system32\drivers\BANTExt.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8F98310E-C4DA-4800-BC84-B368D6D0FECE}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=966134"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\PROGRA~1\SONYON~1\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/02/16 21:06:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 20:47:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/20 20:47:28 | 000,000,000 | ---D | M]

[2009/02/15 17:30:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Extensions
[2013/02/21 17:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions
[2009/06/17 11:34:53 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/12/08 15:29:47 | 000,000,000 | ---D | M] ("tektek.org GaiaOnline Toolbar 2.1") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{0df7b3bb-9581-44bb-835f-061a29ec8a46}
[2009/09/02 12:18:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/24 13:19:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/26 20:56:41 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/05/30 17:58:11 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/10/04 09:36:19 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/12/07 15:01:01 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/06/17 11:34:56 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/25 14:25:55 | 000,000,000 | ---D | M] (DriverAgent Plugin for Firefox and Opera) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}
[2010/01/20 18:24:37 | 000,000,000 | ---D | M] (Illimitux) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/04/09 17:52:06 | 000,000,000 | ---D | M] (Personas for Firefox) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/06/09 21:16:44 | 000,000,000 | ---D | M] (translator) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/09/01 16:07:37 | 000,000,000 | ---D | M] (translator (fixed)) -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\extensions\[email protected]
[2009/10/04 09:36:36 | 000,004,546 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\aim-search.xml
[2009/04/21 11:53:14 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\live-search.xml
[2009/07/14 12:00:21 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\winamp-search.xml
[2009/10/10 15:18:10 | 000,000,872 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.gif
[2009/10/10 15:18:10 | 000,000,464 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.src
[2009/10/10 15:18:06 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Mozilla\Firefox\Profiles\iym1yxeh.default\searchplugins\yahoo.xml
[2013/02/21 17:20:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/08/19 15:31:28 | 000,098,304 | ---- | M] (ASP) -- C:\Program Files\mozilla firefox\plugins\NPHoldemFireLauncher.dll
[2009/01/28 22:08:04 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiCHPlugin.dll
[2008/09/10 02:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\mozilla firefox\plugins\npijjiFFPlugin1.dll
[2009/11/09 20:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Program Files\mozilla firefox\plugins\NPMFireLauncher.dll
[2010/01/28 14:08:16 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: HoldemFireLauncher (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPHoldemFireLauncher.dll
CHR - plugin: ijji plugin for channeling games. (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
CHR - plugin: npijjiFFPlugin1 for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: MFireLauncher (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMFireLauncher.dll
CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Free Realms Installer (Enabled) = C:\PROGRA~1\SONYON~1\npsoe.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Marlies Dekkers = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm\2_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.60_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Documents and Settings\Ally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/02/19 21:43:39 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DLCXCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe (PC Pitstop, LLC.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.c...ch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15D2CD05-3B7B-46ED-A6B3-2E4BE1EDD31D}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84F6238C-AC6E-456E-8A36-8A4D2EE5FCD2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O24 - Desktop WallPaper: C:\Documents and Settings\Ally\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ally\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/18 20:57:37 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/21 07:23:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/02/21 07:17:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/02/21 06:20:44 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2013/02/21 06:20:41 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2013/02/21 06:20:40 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2013/02/21 06:16:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles(2)
[2013/02/21 06:05:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/02/20 21:40:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
[2013/02/20 21:37:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\burnatonce
[2013/02/20 21:37:53 | 000,000,000 | ---D | C] -- C:\Program Files\burnatonce
[2013/02/20 20:38:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2013/02/20 20:20:00 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ally\Desktop\MGADiag.exe
[2013/02/20 20:19:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/02/20 05:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/02/19 21:41:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/02/19 20:23:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/02/19 16:55:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/02/19 16:55:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/02/19 16:55:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/02/19 16:55:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/02/19 16:55:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/19 01:44:22 | 005,034,457 | R--- | C] (Swearware) -- C:\Documents and Settings\Ally\Desktop\ComboFix.exe
[2013/02/18 22:43:59 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Ally\Desktop\tdsskiller.exe
[2013/02/18 18:54:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/02/18 18:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Application Data\Uninstaller Tool(Comodo Forums)
[2013/02/18 16:13:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ally\Desktop\OTL.exe
[2013/02/17 23:44:59 | 000,281,808 | ---- | C] (Igor Pavlov) -- C:\7za.dll
[2013/02/17 23:44:59 | 000,000,000 | ---D | C] -- C:\themes
[2013/02/17 23:44:58 | 003,360,976 | ---- | C] (Terra Informatica Software, Inc.) -- C:\cmdhtml.dll
[2013/02/17 23:44:58 | 000,000,000 | ---D | C] -- C:\cis
[2013/02/17 23:44:57 | 018,980,560 | ---- | C] (COMODO) -- C:\cmdinstall.exe
[2013/02/17 23:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Start Menu\Programs\NirSoft BlueScreenView
[2013/02/17 23:14:12 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2013/02/17 21:59:28 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/02/17 21:33:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Application Data\Malwarebytes
[2013/02/17 21:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/17 21:32:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/02/17 21:32:40 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/02/17 21:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/17 21:00:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ally\My Documents\My Music
[2013/02/17 21:00:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/02/17 03:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2013/02/17 01:05:01 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2013/02/17 01:02:19 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2013/02/17 01:02:07 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2013/02/17 01:01:16 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2013/02/17 01:00:56 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2013/02/17 01:00:03 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2013/02/17 00:58:50 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2013/02/17 00:57:12 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013/02/17 00:54:32 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/02/17 00:54:31 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/02/17 00:51:40 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2013/02/17 00:48:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2013/02/16 21:51:10 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.backup
[2013/02/16 21:46:47 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ally\My Documents\uxtheme.dll
[2013/02/16 21:46:13 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Ally\Desktop\uxtheme.dll
[2013/02/16 21:07:31 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/02/16 21:07:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/02/16 21:07:30 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/02/16 21:07:28 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/02/16 21:07:28 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/02/16 21:06:45 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/02/16 21:06:44 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/02/16 21:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/02/16 21:06:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/02/16 21:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\Magical Jelly Bean
[2013/02/16 21:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\KeyFinder
[2013/02/16 20:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2013/02/16 20:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AIM
[2013/02/16 20:38:48 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/02/16 20:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/02/16 20:09:29 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/02/16 20:09:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Local Settings\Application Data\Google
[2013/02/16 02:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ally\Backed up files from the 1TB
[2013/02/16 02:20:54 | 009,319,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.EXE
[2013/02/16 02:20:54 | 000,070,400 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtlnicxp.sys
[2013/02/16 02:19:16 | 016,162,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2013/02/16 02:19:16 | 002,297,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2013/02/10 19:38:21 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2013/02/10 19:38:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2013/02/10 19:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2013/02/10 19:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2013/02/10 19:38:11 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2013/02/10 19:38:09 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2013/02/10 19:38:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2013/02/10 19:38:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2013/02/10 19:38:01 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2013/02/10 19:37:50 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013/02/10 19:37:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2013/02/10 19:37:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2013/02/10 19:37:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2013/02/10 19:37:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2013/02/10 19:37:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2013/02/10 19:37:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2013/02/10 19:37:44 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2013/02/10 19:37:44 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2013/02/10 19:37:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2013/02/10 19:37:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2013/02/10 19:36:05 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2013/02/10 19:35:34 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2013/02/10 19:35:34 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2013/01/27 13:53:54 | 000,000,000 | ---D | C] -- C:\f12faa67f3615af0b880
[2013/01/25 22:55:44 | 000,552,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2009/11/29 19:24:38 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ally\Application Data\pcouffin.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/22 17:21:26 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/02/22 17:20:39 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/22 17:20:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/22 17:20:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/22 07:19:03 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/22 03:41:26 | 001,014,105 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\tumblr_mij1c9T6zR1rypv9bo1_500.gif
[2013/02/21 07:24:39 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/02/21 07:24:38 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/02/21 07:23:34 | 000,184,224 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/21 06:42:16 | 000,432,782 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/21 06:42:16 | 000,067,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/21 06:32:06 | 000,002,675 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/02/21 06:11:21 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/02/21 02:47:23 | 000,038,638 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\untitled.PNG
[2013/02/21 02:35:57 | 000,036,297 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\green minimalistic syringe digital art hazard 2880x1800 wallpaper_www.artwallpaperhi.com_23.jpg
[2013/02/20 23:46:00 | 000,000,191 | RH-- | M] () -- C:\boot.ini
[2013/02/20 21:37:56 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\burnatonce.lnk
[2013/02/20 21:35:06 | 003,990,680 | ---- | M] ( ) -- C:\Documents and Settings\Ally\Desktop\bao0995.exe
[2013/02/20 20:20:04 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Ally\Desktop\MGADiag.exe
[2013/02/19 21:43:39 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/02/19 02:48:05 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\E-mail.lnk
[2013/02/19 01:44:29 | 005,034,457 | R--- | M] (Swearware) -- C:\Documents and Settings\Ally\Desktop\ComboFix.exe
[2013/02/18 22:44:04 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Ally\Desktop\tdsskiller.exe
[2013/02/18 20:29:19 | 000,587,671 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\adwcleaner0.exe
[2013/02/18 16:13:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ally\Desktop\OTL.exe
[2013/02/18 02:49:02 | 000,026,502 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\800px-Latveria_flag (1).JPG
[2013/02/18 00:11:03 | 000,285,256 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2013/02/17 23:50:12 | 000,262,704 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\bobok.xml
[2013/02/17 23:44:59 | 000,000,614 | ---- | M] () -- C:\WINDOWS\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2013/02/17 21:32:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/17 18:17:38 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Shortcut to 12 Catastrophe.mp3.lnk
[2013/02/17 18:17:38 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\DVDVideoSoft Free Studio.lnk
[2013/02/17 18:17:38 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Cucusoft AVI to VCD DVD MPEG Converter Pro.lnk
[2013/02/17 18:17:38 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\MOVAVI VideoSuite 3.5.lnk
[2013/02/17 18:17:38 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\Avi2Dvd.lnk
[2013/02/17 18:17:38 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Ally\My Documents\DVDFab 5.lnk
[2013/02/17 17:33:23 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2013/02/16 22:21:20 | 002,183,944 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\the_avengers_by_liquidsky64-d4yyjly.jpg
[2013/02/16 22:15:52 | 000,355,336 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\Ironman_wallpaper_by_BordomBeThyName.jpg
[2013/02/16 20:58:34 | 000,001,723 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/02/16 20:52:54 | 000,001,405 | -H-- | M] () -- C:\IPH.PH
[2013/02/16 20:52:45 | 000,001,592 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2013/02/16 20:52:01 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/16 20:50:46 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013/02/16 20:39:00 | 000,292,700 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/02/16 20:39:00 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/02/16 20:38:55 | 000,292,700 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/02/16 20:38:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013/02/16 20:18:23 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/14 00:44:43 | 001,810,583 | ---- | M] () -- C:\Documents and Settings\Ally\hipster
[2013/01/25 22:55:44 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2013/01/24 17:42:48 | 003,360,976 | ---- | M] (Terra Informatica Software, Inc.) -- C:\cmdhtml.dll
[2013/01/24 17:42:46 | 000,281,808 | ---- | M] (Igor Pavlov) -- C:\7za.dll
[2013/01/24 17:42:41 | 018,980,560 | ---- | M] (COMODO) -- C:\cmdinstall.exe
[2013/01/24 03:19:04 | 001,196,032 | ---- | M] () -- C:\Documents and Settings\Ally\Desktop\Memtest86-4.1.0.iso
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/22 03:41:24 | 001,014,105 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\tumblr_mij1c9T6zR1rypv9bo1_500.gif
[2013/02/21 07:24:39 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/02/21 06:20:48 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/02/21 06:20:48 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/02/21 06:20:48 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/02/21 06:20:48 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/02/21 06:20:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/02/21 06:20:47 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/02/21 06:20:47 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/02/21 06:20:47 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/02/21 06:20:47 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/02/21 06:20:47 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/02/21 06:20:47 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/02/21 06:20:47 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/02/21 06:20:46 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/02/21 06:20:46 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/02/21 06:20:45 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/02/21 06:20:45 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/02/21 06:20:45 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/02/21 06:20:45 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/02/21 06:20:45 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/02/21 06:20:45 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/02/21 06:20:45 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/02/21 06:20:45 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/02/21 06:20:45 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/02/21 06:20:45 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/02/21 06:20:45 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/02/21 06:20:45 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/02/21 06:20:44 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/02/21 06:20:44 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/02/21 06:20:44 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/02/21 06:20:44 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/02/21 06:20:44 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/02/21 06:20:44 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/02/21 06:20:44 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/02/21 06:20:44 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/02/21 06:20:44 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/02/21 06:20:44 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/02/21 06:20:44 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/02/21 06:20:43 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/02/21 06:20:43 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/02/21 06:20:43 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/02/21 06:20:43 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/02/21 06:20:43 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/02/21 06:20:43 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/02/21 06:20:43 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/02/21 06:20:43 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/02/21 06:20:43 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/02/21 06:20:43 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/02/21 06:20:43 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/02/21 06:20:43 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/02/21 06:20:43 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/02/21 06:20:43 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/02/21 06:20:43 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/02/21 06:20:43 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/02/21 06:20:43 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/02/21 06:20:43 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/02/21 06:20:42 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/02/21 06:20:42 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/02/21 06:20:41 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/02/21 06:20:41 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/02/21 06:20:40 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/02/21 06:20:40 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/02/21 06:20:39 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/02/21 06:20:39 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/02/21 06:20:39 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/02/21 06:20:39 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/02/21 06:20:39 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/02/21 06:20:39 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/02/21 06:20:39 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/02/21 06:20:39 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/02/21 06:20:39 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/02/21 06:20:39 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/02/21 06:11:58 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/02/21 06:11:54 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/02/21 02:47:22 | 000,038,638 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\untitled.PNG
[2013/02/21 02:35:55 | 000,036,297 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\green minimalistic syringe digital art hazard 2880x1800 wallpaper_www.artwallpaperhi.com_23.jpg
[2013/02/20 23:46:00 | 000,000,191 | RH-- | C] () -- C:\boot.ini
[2013/02/20 21:37:56 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\burnatonce.lnk
[2013/02/20 21:35:05 | 003,990,680 | ---- | C] ( ) -- C:\Documents and Settings\Ally\Desktop\bao0995.exe
[2013/02/19 16:55:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/02/19 16:55:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/02/19 16:55:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/02/19 16:55:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/02/19 16:55:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/02/19 02:48:05 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\E-mail.lnk
[2013/02/18 22:42:05 | 000,022,951 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\CIS Clean-up Tool.bat
[2013/02/18 20:29:16 | 000,587,671 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\adwcleaner0.exe
[2013/02/18 02:49:01 | 000,026,502 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\800px-Latveria_flag (1).JPG
[2013/02/18 00:58:28 | 001,196,032 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Memtest86-4.1.0.iso
[2013/02/17 23:50:12 | 000,262,704 | ---- | C] () -- C:\Documents and Settings\Ally\My Documents\bobok.xml
[2013/02/17 23:40:54 | 000,000,614 | ---- | C] () -- C:\WINDOWS\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2013/02/17 21:59:30 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/02/17 21:32:44 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/17 00:51:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/02/17 00:51:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/02/16 22:21:20 | 002,183,944 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\the_avengers_by_liquidsky64-d4yyjly.jpg
[2013/02/16 22:15:52 | 000,355,336 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Ironman_wallpaper_by_BordomBeThyName.jpg
[2013/02/16 22:12:13 | 003,104,272 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Radium Neue.ip
[2013/02/16 22:12:13 | 000,115,290 | ---- | C] () -- C:\Documents and Settings\Ally\Desktop\Radium Neue.png
[2013/02/16 21:48:04 | 000,011,578 | R--- | C] () -- C:\Documents and Settings\Ally\Desktop\Replacer.cmd
[2013/02/16 21:48:04 | 000,003,116 | R--- | C] () -- C:\Documents and Settings\Ally\Desktop\data
[2013/02/16 21:07:27 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/02/16 20:58:34 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/02/16 20:58:34 | 000,001,711 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Belarc Advisor.lnk
[2013/02/16 20:58:32 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2013/02/16 20:50:46 | 000,005,208 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013/02/16 20:38:55 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/02/16 20:38:55 | 000,292,700 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/02/16 20:38:55 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/02/16 20:38:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013/02/16 20:10:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/16 20:10:13 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/16 20:09:32 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/16 20:09:31 | 000,000,878 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/16 02:20:54 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013/02/16 02:19:17 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2013/02/16 02:08:23 | 001,810,583 | ---- | C] () -- C:\Documents and Settings\Ally\hipster
[2012/02/09 22:40:00 | 002,783,770 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2010/03/12 16:36:45 | 000,003,630 | ---- | C] () -- C:\Documents and Settings\Ally\.recently-used.xbel
[2010/02/07 16:12:04 | 000,143,718 | ---- | C] () -- C:\Documents and Settings\Ally\myhubby2.bmp
[2009/11/29 19:24:38 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\pcouffin.cat
[2009/11/29 19:24:38 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\pcouffin.inf
[2009/11/29 19:10:09 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/05/19 13:17:46 | 040,229,620 | ---- | C] () -- C:\Documents and Settings\Ally\remix.wav
[2009/05/13 17:31:53 | 000,000,518 | ---- | C] () -- C:\Documents and Settings\Ally\Application Data\burnaware.ini
[2009/03/11 18:39:26 | 000,085,504 | ---- | C] () -- C:\Documents and Settings\Ally\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/01/01 00:33:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ally\initdebug.nfo

========== ZeroAccess Check ==========

[2009/04/20 19:37:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/28 23:46:52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP