OTL logfile created on: 9/17/2011 3:35:40 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 2.83 Gb Free Space | 2.89% Space Free | Partition Type: NTFS
Drive D: | 97.65 Gb Total Space | 9.52 Gb Free Space | 9.75% Space Free | Partition Type: NTFS
Drive E: | 102.77 Gb Total Space | 21.75 Gb Free Space | 21.16% Space Free | Partition Type: NTFS
Drive G: | 14.92 Gb Total Space | 2.26 Gb Free Space | 15.13% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ========== SRV - File not found [Auto] -- -- (UleadBurningHelper)
SRV - [2011/03/17 20:11:02 | 000,947,528 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/08/29 23:17:50 | 000,090,112 | ---- | M] (Clarus, Inc.) [Auto] -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe -- (SZASSIST)
SRV - [2010/04/27 01:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/16 00:11:23 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008/10/20 04:00:12 | 000,102,400 | ---- | M] (PacketVideo) [Auto] -- C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia)
SRV - [2007/03/08 13:01:58 | 000,075,568 | ---- | M] (Zone Labs, LLC) [Auto] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2006/08/30 14:21:33 | 000,585,728 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/03/08 23:48:22 | 000,235,168 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2006/03/08 23:48:08 | 000,087,712 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2006/03/08 23:47:58 | 000,255,648 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/09/30 07:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Auto] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005/04/04 23:17:22 | 000,206,552 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/01/25 09:48:50 | 000,194,272 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/11/02 04:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2004/04/22 23:04:16 | 000,158,848 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2003/06/24 06:23:10 | 000,066,784 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe -- (SBService)
SRV - [2002/08/13 18:03:00 | 000,135,168 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE -- (NProtectService)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/08/11 05:18:08 | 000,070,512 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Clarus\Samsung SecretZone\mvd22.sys -- (mvd22)
DRV - [2010/08/11 05:15:48 | 000,018,288 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Clarus\Samsung SecretZone\mdf16.sys -- (mdf16)
DRV - [2010/02/26 02:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 02:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 02:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 02:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 02:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/02/26 02:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/08/16 00:11:44 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/16 00:11:44 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/26 06:33:59 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/08/25 22:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/18 04:00:00 | 000,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070829.009\NAVEX15.SYS -- (NAVEX15)
DRV - [2007/07/18 04:00:00 | 000,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070829.009\NAVENG.SYS -- (NAVENG)
DRV - [2007/03/08 13:02:10 | 000,394,192 | ---- | M] (Zone Labs, LLC) [Kernel | System] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/01/29 06:26:24 | 000,984,832 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2007/01/17 18:39:20 | 000,050,416 | ---- | M] (Zone Labs, LLC) [Kernel | Boot] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2006/09/15 10:52:12 | 000,124,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2006/08/30 14:21:33 | 000,002,397 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/07/29 07:11:23 | 000,030,601 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006/05/04 04:13:52 | 004,271,616 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/03/15 02:10:04 | 001,048,960 | ---- | M] (Compro Tech.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VMHybrid.sys -- (VMHybrid)
DRV - [2005/11/16 04:08:16 | 000,078,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTL8023xp)
DRV - [2005/08/30 05:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005/08/30 05:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005/08/30 05:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005/08/29 13:49:38 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2005/08/29 13:49:34 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2005/08/29 13:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2005/04/07 05:18:34 | 000,003,840 | ---- | M] () [Kernel | System] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2005/04/04 23:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2005/04/04 23:17:00 | 000,017,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2005/01/25 09:48:52 | 000,305,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/01/25 09:48:52 | 000,037,000 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Norton AntiVirus\savrtpel.sys -- (SAVRTPEL)
DRV - [2004/08/22 04:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\d347prt.sys -- (d347prt)
DRV - [2004/08/22 04:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\d347bus.sys -- (d347bus)
DRV - [2004/08/10 21:27:52 | 000,027,232 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004/08/03 11:04:34 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2004/08/03 10:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2003/12/06 11:50:52 | 000,005,513 | ---- | M] () [File_System | Auto] -- C:\WINDOWS\system32\drivers\mp3m2pls.sys -- (mp3m2pls)
DRV - [2002/08/13 18:03:00 | 000,034,578 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NPDRIVER.SYS -- (NPDriver)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com/IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://us.rd.yahoo.c...//www.yahoo.comIE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comIE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch =
http://us.rd.yahoo.c...rch/search.html IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\martin_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comIE - HKU\martin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKU\martin_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\martin_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\martin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\martin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/12/22 23:17:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2011/07/02 23:58:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/04/12 10:06:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/31 22:16:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/10 10:05:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/04/12 10:06:26 | 000,000,000 | ---D | M]
[2011/05/10 09:58:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/03 10:31:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/08/31 22:16:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/15 08:20:18 | 001,034,544 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2010/04/12 05:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/10 10:04:51 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/05/10 10:04:51 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/10 10:04:51 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/05/10 10:04:51 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/05/10 10:04:51 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2001/08/23 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\martin_ON_C\..\Toolbar\ShellBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\martin_ON_C\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKU\martin_ON_C\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe Photo Downloader] File not found
O4 - HKLM..\Run: [Advanced Tools Check] C:\Program Files\Norton AntiVirus\AdvTools\AdvChk.exe (Symantec Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME)
O4 - HKLM..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe ()
O4 - HKLM..\Run: [DVD or CD Sharing] C:\Program Files\DVD or CD Sharing\ODSAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [EPSON Stylus Photo R310 Series] File not found
O4 - HKLM..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe ()
O4 - HKLM..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SMSERIAL] File not found
O4 - HKLM..\Run: [Symantec NetDriver Monitor] C:\Program Files\SymNetDrv\SNDMon.exe (Symantec Corporation)
O4 - HKLM..\Run: [UIUCU] C:\Documents and Settings\martin\Local Settings\Temp\UIUCU.EXE (Conexant Systems, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKU\martin_ON_C..\Run: [] File not found
O4 - HKU\martin_ON_C..\Run: [Search Protection] File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [avg_spchecker] C:\Program Files\AVG\AVG8\Notification\SPChecker.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\martin\Start Menu\Programs\Startup\Shortcut to utorrent.lnk = File not found
O4 - Startup: C:\Documents and Settings\martin\Start Menu\Programs\Startup\Warner Bros.lnk = File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\martin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\martin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24}
http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/30 06:20:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
========== Files/Folders - Created Within 30 Days ========== [2011/08/26 00:35:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martin\My Documents\Turbo Lister
[2006/08/30 22:46:25 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2006/08/30 22:46:25 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/09/03 23:18:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/03 22:27:12 | 000,000,000 | ---- | M] () -- C:\mediasample.bin
[2011/09/03 22:25:07 | 082,773,569 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/09/03 22:22:42 | 000,050,257 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/09/03 22:22:25 | 000,049,616 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/09/03 22:22:13 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/09/03 08:28:35 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\martin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/03 06:09:44 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/09/02 10:08:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/30 10:35:02 | 023,403,669 | ---- | M] () -- C:\Documents and Settings\martin\Desktop\Chris Brown & Benny Benassi - Beautiful People - YouTube.flv
[2011/08/19 08:00:00 | 000,000,532 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/08/30 10:32:20 | 023,403,669 | ---- | C] () -- C:\Documents and Settings\martin\Desktop\Chris Brown & Benny Benassi - Beautiful People - YouTube.flv
[2011/01/23 00:20:07 | 000,015,000 | ---- | C] () -- C:\Documents and Settings\martin\Application Data\302E.AD5
[2010/10/25 09:00:39 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2010/07/20 01:20:50 | 000,002,140 | ---- | C] () -- C:\WINDOWS\photoimpression.ini
[2010/07/20 01:19:54 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2010/07/20 01:10:32 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2010/07/20 01:10:32 | 000,003,136 | ---- | C] () -- C:\WINDOWS\Ade001.bin
[2010/07/20 01:10:32 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini
[2010/07/20 01:10:32 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini
[2010/07/20 01:10:32 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2010/03/19 21:02:06 | 000,052,884 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/15 10:31:30 | 006,664,208 | ---- | C] () -- C:\WINDOWS\System32\dvdripcore.dll
[2010/03/15 10:31:28 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2009/08/17 02:07:16 | 000,000,032 | ---- | C] () -- C:\WINDOWS\VCatKey.INI
[2009/04/08 10:01:52 | 001,954,520 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/02/01 00:46:32 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\martin\Local Settings\Application Data\kodakpcd.ini
[2009/01/14 09:05:38 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2008/10/08 04:50:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2008/10/08 04:50:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2008/03/17 10:10:02 | 001,355,899 | ---- | C] () -- C:\WINDOWS\UnInstallNetCommADSL.dll
[2007/08/30 08:27:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2007/08/30 08:18:59 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/05/23 00:56:41 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2007/05/19 06:11:18 | 000,000,046 | ---- | C] () -- C:\WINDOWS\VID_DirectX.INI
[2007/04/12 10:41:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcf.INI
[2007/04/01 11:52:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/04/01 11:52:07 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2007/04/01 11:51:28 | 000,002,937 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/03/24 05:19:12 | 000,000,347 | ---- | C] () -- C:\Documents and Settings\martin\Application Data\AutoGK.ini
[2007/03/24 04:55:01 | 000,043,153 | ---- | C] () -- C:\WINDOWS\System32\xvid-uninstall.exe
[2007/03/15 09:53:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2007/03/15 09:53:45 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2007/03/15 07:20:40 | 000,000,906 | ---- | C] () -- C:\Documents and Settings\martin\.plugin141_02.trace
[2007/03/14 08:40:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDER310E.ini
[2006/10/15 10:47:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2006/09/14 01:26:38 | 000,000,034 | ---- | C] () -- C:\WINDOWS\APPGUIDE.INI
[2006/09/08 05:25:49 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2006/09/03 10:09:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/08/31 21:48:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/08/31 21:11:14 | 000,005,513 | ---- | C] () -- C:\WINDOWS\System32\drivers\mp3m2pls.sys
[2006/08/31 01:03:26 | 000,001,162 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2006/08/31 00:24:03 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\martin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/08/30 23:13:26 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/08/30 22:08:29 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2006/08/30 22:08:18 | 000,796,584 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2006/08/30 14:21:33 | 000,002,397 | ---- | C] () -- C:\WINDOWS\System32\drivers\symlcbrd.sys
[2006/08/30 14:15:59 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/30 14:13:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/08/30 14:11:39 | 000,255,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/08/30 14:06:42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006/08/30 13:58:24 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/08/30 13:58:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/08/30 06:21:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/08/30 06:18:01 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/08/16 10:13:34 | 001,382,280 | ---- | C] () -- C:\WINDOWS\System32\fftw3.dll
[2006/06/21 00:09:56 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/21 00:09:56 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/06/21 00:09:56 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/06/21 00:09:54 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/06/21 00:09:54 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/06/21 00:09:54 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/06/21 00:09:54 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/21 00:09:54 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/06/21 00:09:54 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/06/21 00:09:54 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/21 00:09:52 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2005/12/09 05:48:02 | 000,843,776 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/12/05 01:59:58 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/08/12 17:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2004/10/05 18:37:20 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2004/08/22 05:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004/08/02 02:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/05/20 11:50:14 | 001,537,536 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-hi.dll
[2004/04/04 14:09:56 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-lo.dll
[2003/08/07 15:01:50 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2003/01/07 03:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/24 08:40:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\ac3encode.dll
[2002/10/15 18:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/08/28 23:57:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/07/08 00:44:12 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\Uninstall.exe
[2002/06/27 23:48:26 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\CSUninstall.exe
[2002/03/26 08:18:27 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002/03/06 11:19:16 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2001/08/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 08:00:00 | 000,440,682 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 08:00:00 | 000,070,704 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1998/10/10 12:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
========== LOP Check ========== [2009/06/26 06:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVGTOOLBAR
[2009/06/02 05:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\AVGTOOLBAR
[2011/08/31 11:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\BitComet
[2011/03/09 10:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Canon
[2010/11/15 01:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1
[2007/08/30 08:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\ConvertTemp
[2007/04/02 10:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Dr. DivX 2.0 OSS
[2010/03/19 06:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\FreeAudioPack
[2011/01/30 06:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\FrostWire
[2007/11/11 00:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\FunWebProducts
[2010/03/03 13:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\HandBrake
[2011/05/03 22:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\ImgBurn
[2006/09/29 02:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\InterVideo
[2008/05/18 03:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Leadertech
[2007/05/10 09:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Mp3tag
[2010/04/12 10:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Nokia
[2010/04/12 10:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Nokia Ovi Suite
[2009/04/09 23:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Nseries
[2010/04/12 09:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\PC Suite
[2010/03/16 21:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Red Kawa
[2010/03/04 10:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\RipIt4Me
[2010/11/15 21:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Samsung
[2007/03/27 22:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Seven Zip
[2007/08/30 08:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\Temporary
[2007/08/30 08:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\TransRender
[2011/09/03 23:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Application Data\uTorrent
[2011/04/23 10:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2009/12/05 11:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deskshare
[2007/09/06 06:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2010/07/25 01:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/04/09 12:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/04/08 10:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2010/03/14 01:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2010/04/12 09:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/08/03 06:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2007/03/14 08:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010/07/19 02:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2007/03/27 22:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{4588FC3C-C040-44E3-BB19-D9D014557FE1}
[2010/03/18 07:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2005/10/31 11:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
< MD5 for: EXPLORER.EXE >[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/03 12:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004/08/03 12:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2002/08/28 23:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SVCHOST.EXE >[2001/08/23 08:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2004/08/03 12:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004/08/03 12:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >[2004/08/03 12:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004/08/03 12:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[2002/08/28 23:41:28 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >[2004/08/03 12:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004/08/03 12:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2002/08/28 23:41:28 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/08/31 22:16:15 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/08/31 22:16:15 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/08/31 22:16:15 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/08/31 22:16:19 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/08/31 22:16:19 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/08/31 22:16:19 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2004/08/03 12:56:58 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2004/08/03 12:56:58 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2004/08/03 12:56:58 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "%programfiles%\Internet Explorer\iexplore.exe" [2004/08/03 12:56:52 | 000,093,184 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/06/27 12:38:40 | 000,094,208 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/11/03 07:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/11/03 07:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/11/03 07:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/11/03 07:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
< CREATERESTOREPOINT > ========== Files - Unicode (All) ==========[2010/09/20 03:14:50 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\martin\My Documents\~$NG M?.doc) -- C:\Documents and Settings\martin\My Documents\~$NG MẸ.doc
[2010/09/20 03:14:50 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\martin\My Documents\~$NG M?.doc) -- C:\Documents and Settings\martin\My Documents\~$NG MẸ.doc
[2010/03/01 23:34:14 | 000,024,064 | ---- | M] ()(C:\Documents and Settings\martin\My Documents\M?y bài hát dă t́m du?c sau dây.doc) -- C:\Documents and Settings\martin\My Documents\Mấy bài hát đă t́m được sau đây.doc
[2010/02/19 23:23:17 | 000,024,064 | ---- | M] ()(C:\Documents and Settings\martin\My Documents\L̉NG M?.doc) -- C:\Documents and Settings\martin\My Documents\L̉NG MẸ.doc
[2009/10/25 14:44:46 | 000,024,064 | ---- | C] ()(C:\Documents and Settings\martin\My Documents\L̉NG M?.doc) -- C:\Documents and Settings\martin\My Documents\L̉NG MẸ.doc
[2009/09/14 03:53:37 | 000,024,064 | ---- | C] ()(C:\Documents and Settings\martin\My Documents\M?y bài hát dă t́m du?c sau dây.doc) -- C:\Documents and Settings\martin\My Documents\Mấy bài hát đă t́m được sau đây.doc
========== Alternate Data Streams ========== @Alternate Data Stream - 40 bytes -> C:\WINDOWS\system32:a55f1216.zreglib
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:96C6A6062CF55019
< End of report >