Avast Infection URL:MAIL

Hi All,

i am working on a computer for my mother inlaw which is getting the following Avast warming

Avast Infection URL:MAIL

Computer is quite old, running XP profressional

Quick scan below

Any help would be greatly appreciated.

Regards
David

OTL logfile created on: 2/21/2013 8:15:44 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Nanette\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.23 Mb Total Physical Memory | 617.46 Mb Available Physical Memory | 60.34% Memory free
2.40 Gb Paging File | 2.14 Gb Available in Paging File | 88.88% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.85 Gb Total Space | 15.54 Gb Free Space | 27.83% Space Free | Partition Type: NTFS
Drive E: | 227.90 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 154.60 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 78.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DTD | User Name: Nanette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/21 08:14:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nanette\Desktop\OTL.exe
PRC - [2012/10/31 09:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/10/31 09:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/08/26 18:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
PRC - [2010/07/07 02:06:20 | 005,279,016 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe
PRC - [2010/07/07 02:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2008/04/14 11:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/11/10 14:03:52 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PRC - [2002/08/22 22:28:14 | 000,143,360 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2002/07/18 19:58:40 | 000,163,840 | ---- | M] () -- C:\WINDOWS\SYSTEM32\pctspk.exe
PRC - [2002/06/12 15:39:18 | 000,090,112 | ---- | M] (D-Link) -- C:\WINDOWS\SYSTEM32\gsicon.exe
PRC - [2001/07/13 13:44:24 | 000,032,768 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe

========== Modules (No Company Name) ==========

MOD - [2013/02/20 20:26:14 | 002,060,800 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\13022000\algo.dll
MOD - [2013/02/20 09:51:25 | 002,060,288 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\13021902\algo.dll
MOD - [2010/08/26 18:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
MOD - [2010/07/09 17:38:00 | 000,286,720 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
MOD - [2008/04/14 11:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msdmo.dll
MOD - [2008/04/14 11:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\SYSTEM32\devenum.dll
MOD - [2002/07/18 19:58:40 | 000,163,840 | ---- | M] () -- C:\WINDOWS\SYSTEM32\pctspk.exe

========== Services (SafeList) ==========

SRV - [2012/10/31 09:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/08/26 18:48:00 | 000,285,152 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)
SRV - [2010/07/07 02:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2004/12/09 22:51:18 | 000,205,824 | ---- | M] (DameWare Development LLC) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DWRCS.EXE -- (DWMRCS)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\AGGROU~1\ETHERP~1.0\PEEK.SYS -- (PEEK)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\ipsecw2k.sys -- (IPSECSHM)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - [2013/01/22 19:14:51 | 000,105,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Documents and Settings\Nanette\Local Settings\Temp\5886.sys -- (5886)
DRV - [2012/10/31 09:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/31 09:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/31 09:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/31 09:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/10/31 09:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/10/31 09:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/10/31 09:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/03 12:21:56 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\npf.sys -- (NPF)
DRV - [2010/01/06 17:21:00 | 000,594,048 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\RTL8192su.sys -- (RTL8192su)
DRV - [2009/04/02 20:50:57 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/03/06 20:00:00 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\symtdi.sys -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\symfw.sys -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\symids.sys -- (SYMIDS)
DRV - [2009/02/19 13:31:16 | 000,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\symndis.sys -- (SYMNDIS)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\symredrv.sys -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\symdns.sys -- (SYMDNS)
DRV - [2009/02/10 09:59:18 | 000,251,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20090730.002\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2008/07/30 18:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\COH_Mon.sys -- (COH_Mon)
DRV - [2008/04/14 05:46:08 | 000,049,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mstape.sys -- (MSTAPE)
DRV - [2008/04/14 05:46:07 | 000,013,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\avcstrm.sys -- (AVCSTRM)
DRV - [2004/08/04 16:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 16:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 16:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 16:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 16:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 16:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 16:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 16:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 16:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 16:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2003/09/16 01:10:18 | 000,265,728 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ms68bm.SYS -- (MSI43XX)
DRV - [2003/07/01 21:26:16 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2003/06/30 10:50:00 | 000,072,894 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\lmouflt2.sys -- (LMouFlt2)
DRV - [2003/06/30 10:50:00 | 000,037,884 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LHIDUSB.SYS -- (LHidUsb)
DRV - [2003/06/30 10:50:00 | 000,025,214 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LHIDFLT2.SYS -- (LHidFlt2)
DRV - [2003/06/30 10:50:00 | 000,014,348 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LCCFLTR.SYS -- (LCcfltr)
DRV - [2003/04/25 20:10:52 | 000,220,176 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\STAC97.sys -- (STAC97)
DRV - [2003/03/29 17:45:18 | 000,089,184 | ---- | M] (Ahead Software AG and its licensors) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\imagedrv.sys -- (Imagedrv)
DRV - [2003/03/12 20:38:24 | 000,099,168 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\st3tiger.sys -- (st3tiger)
DRV - [2003/03/12 20:37:56 | 000,008,640 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\st3tgbus.sys -- (st3tgbus)
DRV - [2003/02/12 16:32:40 | 000,090,824 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/01/07 18:19:26 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/12/17 14:41:36 | 000,042,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/22 15:56:10 | 000,476,955 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\vpctcom.sys -- (Vpctcom)
DRV - [2002/11/15 03:15:00 | 000,012,640 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\itchfltr.sys -- (itchfltr)
DRV - [2002/11/06 18:23:34 | 000,135,260 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ptserial.sys -- (Ptserial)
DRV - [2002/11/06 18:23:16 | 000,066,111 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\vvoice.sys -- (Vvoice)
DRV - [2002/11/06 18:22:50 | 000,689,821 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\vmodem.sys -- (Vmodem)
DRV - [2002/06/10 15:20:50 | 000,039,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\lvcd.sys -- (QCDonner)
DRV - [2002/06/03 21:38:38 | 000,311,684 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\P1001Vid.sys -- (P1001VID)
DRV - [2002/05/14 14:16:26 | 000,244,419 | ---- | M] (GlobespanVirata Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\glausb.sys -- (glausb)
DRV - [2002/03/22 13:01:06 | 000,027,147 | ---- | M] (GlobespanVirata Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gafwload.sys -- (gafwload)
DRV - [2001/08/17 15:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2001/08/17 14:05:44 | 000,141,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Icam3.sys -- (ICAM3NT5)
DRV - [2001/08/17 13:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\smcirda.sys -- (SMCIRDA)
DRV - [2000/03/10 02:24:42 | 000,007,196 | ---- | M] (IBM Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\V7.SYS -- (V7)
DRV - [1999/09/10 13:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (ASPI32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.msn.com/spbasic.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1864: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1924: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.857: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - Extension: Google Docs = C:\Documents and Settings\Nanette\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Docs = C:\Documents and Settings\Nanette\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Nanette\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Nanette\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Nanette\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Nanette\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Nanette\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Documents and Settings\Nanette\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004/10/13 06:40:29 | 000,000,832 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 57.6.144.111 Sydln01
O1 - Hosts: 57.6.144.110 gscapdc01
O1 - Hosts: 57.6.144.95 gscabdc01
O1 - Hosts: 10.239.213.2 sydm02
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [GSICONEXE] C:\WINDOWS\System32\gsicon.exe (D-Link)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PCTVOICE] C:\WINDOWS\System32\pctspk.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe File not found
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe File not found
O16 - DPF: {00000000-0000-0000-0000-000020030000} http://xxxtrayicon.com/xtrayinst.exe (Reg Error: Key error.)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.micros...cs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} Reg Error: Value error. (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} Reg Error: Value error. (QuickTime Object)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {24CEC0BF-C8BC-4BCB-B804-226326B319EF} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {2C52AF58-B9B1-11D5-9DF6-00508B755B44} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1408.g.akama...iTunesSetup.exe (Reg Error: Key error.)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} http://207.188.7.150...ip/RdxIE601.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1198011751270 (WUWebControl Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: ConferenceRoom Java Client Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: Sametime Meeting Room Client ST30SP1 Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Yahoo! Checkers Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Yahoo! Dominoes Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22ECD501-D8B7-4F34-B055-EF50C4B39573}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F59E8B0-480A-4B98-B474-35B31AD9FB89}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92B9DCB5-05BD-4D27-AB61-C1D3865F6A7F}: NameServer = 203.12.160.35,203.12.160.36
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Nanette\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nanette\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/16 16:25:08 | 000,000,184 | RH-- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2003/08/16 14:20:36 | 000,000,184 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2003/08/15 12:02:18 | 000,000,184 | RH-- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{42ce3d20-e35c-11d7-8107-000bdb9764ba}\Shell - "" = AutoRun
O33 - MountPoints2\{42ce3d20-e35c-11d7-8107-000bdb9764ba}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{42ce3d20-e35c-11d7-8107-000bdb9764ba}\Shell\AutoRun\command - "" = I:\SETUP.EXE
O33 - MountPoints2\{42ce3d20-e35c-11d7-8107-000bdb9764ba}\Shell\configure\command - "" = I:\SETUP.EXE
O33 - MountPoints2\{42ce3d20-e35c-11d7-8107-000bdb9764ba}\Shell\install\command - "" = I:\SETUP.EXE
O33 - MountPoints2\{e9d8350a-ada1-11d7-80af-000bdb9764ba}\Shell - "" = AutoRun
O33 - MountPoints2\{e9d8350a-ada1-11d7-80af-000bdb9764ba}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e9d8350a-ada1-11d7-80af-000bdb9764ba}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- [2003/07/15 07:58:00 | 000,416,824 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{e9d8350a-ada1-11d7-80af-000bdb9764ba}\Shell\configure\command - "" = F:\SETUP.EXE -- [2003/07/15 07:58:00 | 000,416,824 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{e9d8350a-ada1-11d7-80af-000bdb9764ba}\Shell\install\command - "" = F:\SETUP.EXE -- [2003/07/15 07:58:00 | 000,416,824 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{e9d8350b-ada1-11d7-80af-000bdb9764ba}\Shell - "" = AutoRun
O33 - MountPoints2\{e9d8350b-ada1-11d7-80af-000bdb9764ba}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e9d8350b-ada1-11d7-80af-000bdb9764ba}\Shell\AutoRun\command - "" = G:\SETUP.EXE -- [2003/07/15 07:58:00 | 000,416,824 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{e9d8350b-ada1-11d7-80af-000bdb9764ba}\Shell\configure\command - "" = G:\SETUP.EXE -- [2003/07/15 07:58:00 | 000,416,824 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{e9d8350b-ada1-11d7-80af-000bdb9764ba}\Shell\install\command - "" = G:\SETUP.EXE -- [2003/07/15 07:58:00 | 000,416,824 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{f6e00ee4-a81b-11d7-809a-000bdb9764ba}\Shell - "" = AutoRun
O33 - MountPoints2\{f6e00ee4-a81b-11d7-809a-000bdb9764ba}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f6e00ee4-a81b-11d7-809a-000bdb9764ba}\Shell\AutoRun\command - "" = E:\SETUP.EXE -- [2003/07/15 07:58:00 | 000,416,824 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{f6e00ee4-a81b-11d7-809a-000bdb9764ba}\Shell\configure\command - "" = E:\SETUP.EXE -- [2003/07/15 07:58:00 | 000,416,824 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{f6e00ee4-a81b-11d7-809a-000bdb9764ba}\Shell\install\command - "" = E:\SETUP.EXE -- [2003/07/15 07:58:00 | 000,416,824 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/20 19:58:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nanette\Desktop\OTL.exe
[2013/02/20 17:04:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nanette\My Documents\Downloads
[2013/02/13 13:14:54 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2013/02/13 13:13:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\{113016FE-E013-4FAF-85FB-8649DEED76B2}
[2013/02/09 21:07:24 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/02/02 10:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/02/02 10:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nanette\Local Settings\Application Data\Google
[2013/02/02 10:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/01/22 19:14:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nanette\Application Data\Sun
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/21 08:14:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nanette\Desktop\OTL.exe
[2013/02/21 08:08:26 | 000,017,239 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2013/02/20 16:49:00 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2013/02/20 16:48:32 | 000,017,112 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013/02/20 16:48:07 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2013/02/20 16:44:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2013/02/20 16:44:29 | 1073,008,640 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/18 14:30:11 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ce0d8842554980.job
[2013/02/14 17:09:18 | 000,274,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/14 13:47:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/02/14 13:38:27 | 000,444,804 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2013/02/14 13:38:27 | 000,072,384 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2013/02/13 13:27:49 | 000,017,239 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2013/02/09 21:07:24 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/02/09 21:07:16 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/02/05 22:33:39 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7F5DACBE-C4C7-482F-A748-4284288111D6}.job
[2013/02/02 22:32:16 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Nanette\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/02 10:21:03 | 000,086,350 | ---- | M] () -- C:\Documents and Settings\Nanette\AVON CAMPAIGN STATEMENT 7.pdf
[2013/02/01 23:11:40 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\Nanette\Desktop\Spider Solitaire.lnk
[2013/02/01 23:11:35 | 000,001,522 | ---- | M] () -- C:\Documents and Settings\Nanette\Desktop\Freecell.lnk
[2013/02/01 23:10:56 | 000,001,491 | ---- | M] () -- C:\Documents and Settings\Nanette\Desktop\Solitaire.lnk
[2013/01/25 10:02:56 | 000,000,230 | ---- | M] () -- C:\Documents and Settings\Nanette\Desktop\Hotmail - [email protected]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/18 14:30:11 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ce0d8842554980.job
[2013/02/09 21:07:16 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/02/05 22:33:39 | 000,000,426 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7F5DACBE-C4C7-482F-A748-4284288111D6}.job
[2013/02/02 10:21:03 | 000,086,350 | ---- | C] () -- C:\Documents and Settings\Nanette\AVON CAMPAIGN STATEMENT 7.pdf
[2013/02/02 10:14:34 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Nanette\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/02 10:10:43 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/02/01 23:11:35 | 000,001,522 | ---- | C] () -- C:\Documents and Settings\Nanette\Desktop\Freecell.lnk
[2013/02/01 23:11:09 | 000,001,490 | ---- | C] () -- C:\Documents and Settings\Nanette\Desktop\Spider Solitaire.lnk
[2013/02/01 23:10:56 | 000,001,491 | ---- | C] () -- C:\Documents and Settings\Nanette\Desktop\Solitaire.lnk
[2010/08/20 21:53:11 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Nanette\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/05/14 14:24:38 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008/04/14 11:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 23:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/14 11:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/08/20 13:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2004/03/21 13:26:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2003/12/17 11:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lotus
[2004/01/26 21:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NFS Underground
[2004/08/02 15:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/08/20 13:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\TeamViewer
[2010/10/14 17:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\The Labyrinth Plus! Edition

========== Purity Check ==========

< End of report >

Edited by Herty, 20 February 2013 - 03:39 PM.

#1
Herty

Posted 20 February 2013 - 03:37 PM

Advertisements

#2
Jintan

Posted 23 February 2013 - 05:37 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us