when I visit my sites these pesky pop-up ad show up, and also when on youtube the video keep shaking and doesn't keep up the words that are being sung and loading the websites are even slow can some please take a look I did a OTL scan and here are the results
OTL logfile created on: 9/19/2013 7:02:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = H:\Documents and Settings\Admin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.74 Gb Available Physical Memory | 39.42% Memory free
3.72 Gb Paging File | 2.51 Gb Available in Paging File | 67.48% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
Drive H: | 465.75 Gb Total Space | 387.46 Gb Free Space | 83.19% Space Free | Partition Type: NTFS
Computer Name: ADMIN-6F9FC3320 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/09/19 19:02:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Admin\Desktop\OTL.exe
PRC - [2013/09/15 15:56:46 | 001,164,328 | ---- | M] (iolo technologies, LLC) -- H:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2013/08/30 02:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- H:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 02:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- H:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/08/29 20:57:08 | 000,206,624 | ---- | M] (BrowseFox) -- H:\Program Files\BrowseFox\updateBrowseFox.exe
PRC - [2013/08/13 16:54:32 | 004,225,288 | ---- | M] (Eyeo GmbH) -- H:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
PRC - [2013/06/12 21:45:17 | 000,182,184 | ---- | M] (Oracle Corporation) -- H:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/05/14 13:18:02 | 000,235,072 | ---- | M] (Internet Helper) -- H:\Documents and Settings\All Users\Application Data\Internet Helper Anti-phishing\internetHelper_antiphishing.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe
PRC - [2002/10/15 18:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- H:\WINDOWS\mixer.exe
PRC - [2001/08/17 22:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- H:\WINDOWS\system32\devldr32.exe
========== Modules (No Company Name) ==========
MOD - [2013/09/19 11:23:37 | 002,103,296 | ---- | M] () -- H:\Program Files\AVAST Software\Avast\defs\13091902\algo.dll
MOD - [2013/09/02 22:28:10 | 000,153,432 | ---- | M] () -- H:\Documents and Settings\Admin\Local Settings\Application Data\TopArcadeHits\Toparcadehits.dll
MOD - [2013/08/19 12:05:06 | 000,212,992 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013/08/19 12:04:55 | 000,141,312 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\cab8d2f8933390bab32c35c5c6a479bd\System.Configuration.Install.ni.dll
MOD - [2013/08/19 11:17:56 | 000,978,944 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\14d1a28674a9f78c5759e7dcf74a13fd\System.Configuration.ni.dll
MOD - [2013/08/19 10:31:49 | 005,462,016 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013/08/19 10:23:49 | 007,977,984 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013/08/03 13:56:45 | 011,497,984 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013/06/12 21:44:43 | 000,016,808 | ---- | M] () -- H:\Program Files\Java\jre7\bin\jp2native.dll
MOD - [2013/06/12 21:44:34 | 000,197,032 | ---- | M] () -- H:\Program Files\Java\jre7\bin\jp2iexp.dll
MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- H:\WINDOWS\system32\quartz.dll
MOD - [2012/10/11 21:56:46 | 000,087,952 | ---- | M] () -- H:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/10/11 21:56:22 | 001,242,512 | ---- | M] () -- H:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/10/26 17:41:20 | 000,305,664 | ---- | M] () -- H:\Program Files\TeraCopy\TeraCopyExt.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- H:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- H:\WINDOWS\system32\devenum.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/09/15 15:56:46 | 001,164,328 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- H:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2013/09/13 22:18:40 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/30 02:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- H:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/08/29 20:57:08 | 000,206,624 | ---- | M] (BrowseFox) [Auto | Running] -- H:\Program Files\BrowseFox\updateBrowseFox.exe -- (Update BrowseFox)
SRV - [2013/06/12 21:45:17 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- H:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/09/15 15:50:02 | 000,068,464 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- H:\WINDOWS\system32\drivers\PDFsFilter.sys -- (PDFsFilter)
DRV - [2013/08/30 02:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- H:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/08/30 02:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- H:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/08/30 02:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- H:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/08/30 02:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- H:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/08/30 02:48:12 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- H:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/08/30 02:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- H:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/08/30 02:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- H:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/08/30 02:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- H:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/01/22 08:54:58 | 005,408,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2012/12/03 14:49:36 | 000,011,944 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\amdide.sys -- (amdide)
DRV - [2012/08/29 08:47:56 | 000,190,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- H:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/02/11 02:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/11/17 18:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 18:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/06/12 12:21:40 | 000,500,096 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2008/04/14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/11/22 15:55:52 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/04/16 15:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2002/11/18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci)
DRV - [2001/08/17 12:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman)
DRV - [2001/08/17 12:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1)
DRV - [2001/08/17 12:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k)
DRV - [2001/08/17 12:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {DB942941-2B74-4888-9187-71F72491DD87}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?r...opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 4D E9 14 12 B2 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {DB942941-2B74-4888-9187-71F72491DD87}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\..\SearchScopes\{DB942941-2B74-4888-9187-71F72491DD87}: "URL" = http://search.condui...2412724236&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/AuthorwarePlayer: H:\WINDOWS\system32\Macromed\AUTHORWA\np32asw.dll (Macromedia, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: H:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: H:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: H:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: h:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: h:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: H:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: H:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013/09/02 22:28:11 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - Extension: Docs = H:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: TopArcadeHits = H:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp\1.0.0_0\
O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (TopArcadeHits Games) - {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - H:\Documents and Settings\Admin\Local Settings\Application Data\TopArcadeHits\Toparcadehits.dll ()
O2 - BHO: (BrowseFox) - {b9507101-e464-4b3b-a4cb-291aaedd94f2} - H:\Program Files\BrowseFox\BrowseFoxBHO.dll (Browse Fox)
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - H:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] H:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [C-Media Mixer] H:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [Internet Helper Anti-phishing] H:\Documents and Settings\All Users\Application Data\Internet Helper Anti-phishing\internetHelper_antiphishing.exe (Internet Helper)
O4 - HKLM..\Run: [QuickTime Task] H:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - H:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1373552159031 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1371599671109 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.254 142.161.130.155
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C0C52D9-4F8E-4DEC-9ECE-19B8070B5165}: DhcpNameServer = 192.168.100.254 142.161.130.155
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - H:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: H:\Documents and Settings\Admin\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: H:\Documents and Settings\Admin\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - H:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/09/19 19:02:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- H:\Documents and Settings\Admin\Desktop\OTL.exe
[2013/09/19 10:04:21 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\Local Settings\Application Data\Adblock Plus for IE
[2013/09/19 09:30:26 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\Application Data\Adblock Plus for IE
[2013/09/19 09:30:22 | 000,000,000 | ---D | C] -- H:\Program Files\Adblock Plus for IE
[2013/09/18 13:28:46 | 000,000,000 | RH-D | C] -- H:\Documents and Settings\Admin\Recent
[2013/09/18 13:04:43 | 000,029,816 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/09/18 13:04:43 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/09/18 13:04:42 | 000,369,584 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswSP.sys
[2013/09/18 13:04:41 | 000,770,344 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswSnx.sys
[2013/09/18 13:04:41 | 000,056,080 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswTdi.sys
[2013/09/18 13:04:41 | 000,049,760 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswRdr.sys
[2013/09/18 13:04:40 | 000,066,336 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/09/18 12:59:24 | 000,041,664 | ---- | C] (AVAST Software) -- H:\WINDOWS\avastSS.scr
[2013/09/18 12:37:33 | 000,000,000 | ---D | C] -- H:\Documents and Settings\LocalService\Application Data\iolo
[2013/09/18 12:36:46 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic
[2013/09/18 12:36:41 | 002,097,984 | ---- | C] (iolo technologies, LLC) -- H:\WINDOWS\System32\Incinerator32.dll
[2013/09/18 12:36:22 | 000,068,464 | ---- | C] (Raxco Software, Inc.) -- H:\WINDOWS\System32\drivers\PDFsFilter.sys
[2013/09/18 12:36:21 | 000,041,616 | ---- | C] (iolo technologies, LLC) -- H:\WINDOWS\System32\iolobtdfg.exe
[2013/09/18 12:36:21 | 000,023,568 | ---- | C] (iolo technologies, LLC) -- H:\WINDOWS\System32\smrgdf.exe
[2013/09/18 12:36:20 | 000,056,200 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\offreg.dll
[2013/09/18 12:36:13 | 000,000,000 | ---D | C] -- H:\Program Files\iolo
[2013/09/18 12:15:50 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Application Data\iolo
[2013/09/18 12:15:50 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\Application Data\iolo
[2013/09/15 07:48:40 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\Tracing
[2013/09/15 07:48:16 | 000,054,760 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\drivers\fssfltr_tdi.sys
[2013/09/15 07:47:27 | 000,000,000 | ---D | C] -- H:\Program Files\Microsoft SQL Server Compact Edition
[2013/09/15 07:46:17 | 000,000,000 | ---D | C] -- H:\Program Files\Microsoft
[2013/09/15 07:46:06 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Documents\microsoft
[2013/09/15 07:45:59 | 000,000,000 | ---D | C] -- H:\Program Files\Windows Live SkyDrive
[2013/09/15 07:45:53 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Start Menu\Programs\Windows Live
[2013/09/15 07:45:35 | 000,000,000 | ---D | C] -- H:\Program Files\Windows Live
[2013/09/15 07:42:29 | 000,000,000 | ---D | C] -- H:\Program Files\Common Files\Windows Live
[2013/09/02 23:18:03 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\My Documents\Image-Line
[2013/09/02 23:18:03 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\Application Data\Image-Line
[2013/09/02 23:18:02 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\Start Menu\Programs\Image-Line
[2013/09/02 23:17:54 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Start Menu\Programs\Image-Line
[2013/09/02 23:17:25 | 001,554,944 | ---- | C] (HMS http://hp.vector.co....thors/VA012897/) -- H:\WINDOWS\System32\vorbis.acm
[2013/09/02 23:16:38 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\Application Data\FlowStone
[2013/09/02 23:16:35 | 000,000,000 | ---D | C] -- H:\Program Files\DSPRobotics
[2013/09/02 23:03:08 | 000,000,000 | ---D | C] -- H:\Program Files\Image-Line
[2013/09/02 22:34:01 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Application Data\TEMP
[2013/09/02 22:28:13 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\Start Menu\Programs\TopArcadeHits
[2013/09/02 22:28:11 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\Application Data\Mozilla
[2013/09/02 22:28:08 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Admin\Local Settings\Application Data\TopArcadeHits
[2013/09/02 22:28:06 | 000,000,000 | ---D | C] -- H:\Program Files\BrowseFox
========== Files - Modified Within 30 Days ==========
[2013/09/19 19:02:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Admin\Desktop\OTL.exe
[2013/09/19 19:01:00 | 000,000,412 | ---- | M] () -- H:\WINDOWS\tasks\At1.job
[2013/09/19 18:42:55 | 000,000,334 | ---- | M] () -- H:\WINDOWS\tasks\TopArcadeHits.job
[2013/09/19 18:18:00 | 000,000,830 | ---- | M] () -- H:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/09/19 14:57:56 | 000,000,422 | -H-- | M] () -- H:\WINDOWS\tasks\User_Feed_Synchronization-{DF9EFA9C-B7BF-454B-B084-7916D2DE3D37}.job
[2013/09/19 13:04:00 | 000,000,314 | -H-- | M] () -- H:\WINDOWS\tasks\avast! Emergency Update.job
[2013/09/18 13:22:01 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2013/09/18 13:13:48 | 000,001,945 | ---- | M] () -- H:\WINDOWS\epplauncher.mif
[2013/09/18 13:04:43 | 000,001,689 | ---- | M] () -- H:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/09/18 13:04:40 | 000,002,577 | ---- | M] () -- H:\WINDOWS\System32\CONFIG.NT
[2013/09/18 12:39:19 | 000,000,406 | ---- | M] () -- H:\WINDOWS\System32\ioloBootDefrag.cfg
[2013/09/18 12:36:57 | 000,001,689 | ---- | M] () -- H:\Documents and Settings\Admin\Desktop\System Mechanic.lnk
[2013/09/18 12:24:18 | 000,013,646 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2013/09/18 12:17:01 | 000,074,703 | ---- | M] () -- H:\WINDOWS\System32\mfc45.dat
[2013/09/18 12:15:50 | 000,074,703 | ---- | M] () -- H:\WINDOWS\System32\mfc45.dll
[2013/09/16 03:21:44 | 000,524,218 | ---- | M] () -- H:\WINDOWS\System32\perfh009.dat
[2013/09/16 03:21:44 | 000,096,024 | ---- | M] () -- H:\WINDOWS\System32\perfc009.dat
[2013/09/16 03:17:17 | 000,098,256 | ---- | M] () -- H:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/15 16:18:10 | 000,041,616 | ---- | M] (iolo technologies, LLC) -- H:\WINDOWS\System32\iolobtdfg.exe
[2013/09/15 16:18:00 | 000,023,568 | ---- | M] (iolo technologies, LLC) -- H:\WINDOWS\System32\smrgdf.exe
[2013/09/15 15:59:12 | 002,097,984 | ---- | M] (iolo technologies, LLC) -- H:\WINDOWS\System32\Incinerator32.dll
[2013/09/15 15:50:02 | 000,068,464 | ---- | M] (Raxco Software, Inc.) -- H:\WINDOWS\System32\drivers\PDFsFilter.sys
[2013/09/15 15:50:02 | 000,056,200 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\offreg.dll
[2013/09/15 03:33:00 | 000,000,354 | ---- | M] () -- H:\WINDOWS\tasks\Driver Robot.job
[2013/09/14 20:23:17 | 000,000,284 | ---- | M] () -- H:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/09/13 22:18:38 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerApp.exe
[2013/09/13 22:18:38 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/08/30 02:48:13 | 000,369,584 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswSP.sys
[2013/08/30 02:48:13 | 000,177,864 | ---- | M] () -- H:\WINDOWS\System32\drivers\aswVmm.sys
[2013/08/30 02:48:13 | 000,056,080 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswTdi.sys
[2013/08/30 02:48:12 | 000,770,344 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswSnx.sys
[2013/08/30 02:48:12 | 000,049,760 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswRdr.sys
[2013/08/30 02:48:12 | 000,049,376 | ---- | M] () -- H:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/08/30 02:48:11 | 000,066,336 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/08/30 02:48:11 | 000,029,816 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/08/30 02:47:40 | 000,041,664 | ---- | M] (AVAST Software) -- H:\WINDOWS\avastSS.scr
[2013/08/30 02:47:32 | 000,229,648 | ---- | M] (AVAST Software) -- H:\WINDOWS\System32\aswBoot.exe
[2013/08/29 22:50:13 | 000,000,505 | ---- | M] () -- H:\Documents and Settings\Admin\Desktop\New Briefcase.zip
[2013/08/27 18:40:18 | 000,000,623 | ---- | M] () -- H:\Documents and Settings\Admin\My Documents\just reason i hate you.rtf
========== Files Created - No Company Name ==========
[2013/09/18 13:04:43 | 000,001,689 | ---- | C] () -- H:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/09/18 13:04:41 | 000,000,314 | -H-- | C] () -- H:\WINDOWS\tasks\avast! Emergency Update.job
[2013/09/18 13:04:40 | 000,177,864 | ---- | C] () -- H:\WINDOWS\System32\drivers\aswVmm.sys
[2013/09/18 13:04:40 | 000,049,376 | ---- | C] () -- H:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/09/18 12:39:19 | 000,000,406 | ---- | C] () -- H:\WINDOWS\System32\ioloBootDefrag.cfg
[2013/09/18 12:36:57 | 000,001,689 | ---- | C] () -- H:\Documents and Settings\Admin\Desktop\System Mechanic.lnk
[2013/09/18 12:17:01 | 000,074,703 | ---- | C] () -- H:\WINDOWS\System32\mfc45.dat
[2013/09/18 12:15:50 | 000,074,703 | ---- | C] () -- H:\WINDOWS\System32\mfc45.dll
[2013/09/02 22:28:08 | 000,000,334 | ---- | C] () -- H:\WINDOWS\tasks\TopArcadeHits.job
[2013/08/29 22:50:13 | 000,000,505 | ---- | C] () -- H:\Documents and Settings\Admin\Desktop\New Briefcase.zip
[2013/08/24 01:07:33 | 000,000,623 | ---- | C] () -- H:\Documents and Settings\Admin\My Documents\just reason i hate you.rtf
[2013/08/10 22:48:54 | 000,000,175 | ---- | C] () -- H:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/08/10 22:48:54 | 000,000,175 | ---- | C] () -- H:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/08/10 22:48:54 | 000,000,175 | ---- | C] () -- H:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/07/01 11:37:30 | 000,010,240 | ---- | C] () -- H:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/24 14:25:49 | 000,000,025 | ---- | C] () -- H:\WINDOWS\mixerdef.ini
[2013/06/24 12:19:39 | 000,025,816 | ---- | C] () -- H:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\y.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\x.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\UYKKK.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\UYJ.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\su.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\s.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\q.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\olo.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\ik.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\hy.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\hukyium.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\gt.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\GFG.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\[bleep]en strong.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\ed.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\dill.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\daws.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\daws is buff.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\d.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\charlie.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\bull.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\bull hunt.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\bn.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\bigbull.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\azd.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\a.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\2343 street.bmp
[2013/04/22 11:26:18 | 000,230,454 | ---- | C] () -- H:\Documents and Settings\Admin\;p.bmp
[2013/04/19 14:59:52 | 000,003,072 | ---- | C] () -- H:\WINDOWS\System32\iacenc.dll
[2013/04/19 13:33:22 | 000,650,752 | ---- | C] () -- H:\WINDOWS\System32\xvidcore.dll
[2013/04/19 13:33:22 | 000,243,200 | ---- | C] () -- H:\WINDOWS\System32\xvidvfw.dll
[2013/04/19 13:33:19 | 000,715,038 | ---- | C] () -- H:\WINDOWS\unins000.exe
[2013/04/19 13:33:19 | 000,216,064 | ---- | C] ( ) -- H:\WINDOWS\System32\lagarith.dll
[2013/04/19 13:33:19 | 000,155,648 | ---- | C] () -- H:\WINDOWS\System32\utv_core.dll
[2013/04/19 13:33:19 | 000,069,632 | ---- | C] () -- H:\WINDOWS\System32\utv_vcm.dll
[2013/04/19 13:33:19 | 000,001,794 | ---- | C] () -- H:\WINDOWS\unins000.dat
[2013/04/19 13:31:49 | 000,271,264 | ---- | C] () -- H:\WINDOWS\System32\vbrun100.dll
[2013/04/19 13:31:49 | 000,210,944 | ---- | C] () -- H:\WINDOWS\System32\msvcrt10.dll
[2013/04/19 13:31:13 | 000,000,000 | ---- | C] () -- H:\WINDOWS\ativpsrm.bin
[2013/04/19 13:30:12 | 003,107,788 | ---- | C] () -- H:\WINDOWS\System32\ativva5x.dat
[2013/04/19 13:30:12 | 000,887,724 | ---- | C] () -- H:\WINDOWS\System32\ativva6x.dat
[2013/04/19 13:30:07 | 000,189,051 | ---- | C] () -- H:\WINDOWS\System32\atiicdxx.dat
[2013/04/19 13:10:26 | 000,002,048 | --S- | C] () -- H:\WINDOWS\bootstat.dat
[2013/04/19 13:06:30 | 000,021,640 | ---- | C] () -- H:\WINDOWS\System32\emptyregdb.dat
[2013/04/19 06:25:53 | 000,004,161 | ---- | C] () -- H:\WINDOWS\ODBCINST.INI
[2013/04/19 06:23:11 | 000,098,256 | ---- | C] () -- H:\WINDOWS\System32\FNTCACHE.DAT
[2013/03/13 11:49:46 | 000,112,640 | ---- | C] () -- H:\WINDOWS\System32\ff_vfw.dll
[2013/02/07 07:22:00 | 000,050,330 | ---- | C] () -- H:\Program Files\AntiDust.exe
[2012/05/21 09:28:58 | 000,155,648 | ---- | C] () -- H:\WINDOWS\System32\mlc.dll
========== ZeroAccess Check ==========
[2013/04/19 14:00:03 | 000,000,227 | RHS- | M] () -- H:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = H:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = H:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> H:\Documents and Settings\All Users\Application Data\TEMP:373E1720
< End of report >