After reading some of the other posts with similar issure I have the following logs OTL:
OTL logfile created on: 5/5/2012 5:09:05 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
509.98 Mb Total Physical Memory | 52.37 Mb Available Physical Memory | 10.27% Memory free
1.22 Gb Paging File | 0.54 Gb Available in Paging File | 44.29% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 42.65 Gb Free Space | 57.28% Space Free | Partition Type: NTFS
Computer Name: CHILDREN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/05/05 17:07:43 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2012/05/05 17:02:35 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller\TDSSKiller.exe
PRC - [2012/05/03 22:23:03 | 000,932,736 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
PRC - [2012/05/03 22:22:45 | 001,116,544 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/04/09 17:43:42 | 001,557,160 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/03/02 10:31:20 | 001,810,072 | ---- | M] (We-Care.com) -- C:\Documents and Settings\All Users\Application Data\WeCareReminder\ReminderHelper.exe
PRC - [2012/01/27 13:59:12 | 047,658,848 | ---- | M] (Slimware Utilities, Inc.) -- C:\Program Files\FixCleaner\FixCleaner.exe
PRC - [2009/04/07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 08:00:00 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/05/03 22:23:08 | 000,130,944 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\SiteSafety.dll
MOD - [2012/05/03 22:23:03 | 000,932,736 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
MOD - [2012/05/03 22:22:45 | 001,116,544 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/04/14 17:49:33 | 000,038,400 | ---- | M] () -- C:\WINDOWS\system32\usbniw32.dll
MOD - [2005/03/21 14:36:16 | 000,036,864 | ---- | M] () -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\Security.dll
MOD - [2005/02/24 20:15:20 | 000,102,400 | ---- | M] () -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\ses_cl.dll
MOD - [2004/09/29 15:51:28 | 000,122,880 | ---- | M] () -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\ez54g.dll
MOD - [2003/10/13 15:30:58 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\GTW32N50.dll
MOD - [2002/04/24 00:00:00 | 000,110,592 | ---- | M] () -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\GEMWEP.DLL
MOD - [2001/04/16 16:39:02 | 000,037,808 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe WMP54GSv1_1.exe -- (WMP54GSSVC)
SRV - File not found [On_Demand | Stopped] -- %systemroot%\system32\ehrecvr.dll -- (vsapint)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pmshellsrv.dll -- (sscdbhk5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mksvirmonsvc.dll -- (raidmagt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backupclientsvc.dll -- (qkbfiltr)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/05 10:04:06 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/03 22:23:03 | 000,932,736 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe -- (vToolbarUpdater11.0.2)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/04/07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- -- (bnevoerj)
DRV - [2012/05/05 00:35:10 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{143069F4-480A-4186-9894-DEE64D167228}\MpKsla06f34f6.sys -- (MpKsla06f34f6)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/12/18 13:13:02 | 000,020,480 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NwUsbCdFil.sys -- (NWUSBCDFIL)
DRV - [2009/12/18 13:13:00 | 000,230,912 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2009/12/18 13:12:58 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV - [2009/12/18 13:12:58 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2009/12/18 13:12:58 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2009/04/07 15:33:08 | 000,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2009/04/07 15:33:08 | 000,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2004/12/22 01:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/03/24 10:12:44 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2001/08/17 12:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)
DRV - [2001/05/07 06:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {7C739552-1A17-4EA6-8039-87BAECC5FC28}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{7C739552-1A17-4EA6-8039-87BAECC5FC28}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=2&q={searchTerms}
IE - HKLM\..\SearchScopes\{9bd172ba-3f40-4303-bca1-0484b5ba2a7b}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YJyyyyyyB3us&ptb=C319305C-B7B2-4259-8AB0-B96BD0AFBBFF&psa=&ind=2011071119&ptnrS=YJyyyyyyB3us&si=&st=sb&n=77de828f&searchfor={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - SOFTWARE\Classes\CLSID\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{3E10DC53-6E0D-415E-A586-D7D9C315D8C2}: "URL" = http://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20120313,18760,0,8,0
IE - HKCU\..\SearchScopes\{4408C5D3-D063-47B7-F412-10B06D154E1C}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z170&form=ZGAIDF&install_date=20110902&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{7C739552-1A17-4EA6-8039-87BAECC5FC28}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_enUS453
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={3091B081-7AD2-485D-8372-2D174EE4E938}&mid=650a8ae48b9547d09365d15a669dff50-bb8e173a110fb6e990b0a6efb7e4327fa9ad2a70&lang=en&ds=ts025&pr=sa&d=2012-05-03 22:23:15&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=2&q={searchTerms}
IE - HKCU\..\SearchScopes\{9bd172ba-3f40-4303-bca1-0484b5ba2a7b}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YJyyyyyyB3us&ptb=C319305C-B7B2-4259-8AB0-B96BD0AFBBFF&psa=&ind=2011071119&ptnrS=YJyyyyyyB3us&si=&st=sb&n=77de828f&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\WINDOWS\Downloaded Program Files\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.0.0.9\ [2012/05/03 22:24:08 | 000,000,000 | ---D | M]
Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll File not found
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (NetAssistant) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - !{5911488E-9D1E-40ec-8CBB-06B231CC153F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [Starter] C:\Program Files\Driver-Soft\DriverGenius\StarterW3i.exe (Driver-Soft Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.guffins.com/one-toolbaredits/menusearch.jhtml?s=100000442&p=YJyyyyyyB3us&si=&a=C319305C-B7B2-4259-8AB0-B96BD0AFBBFF&n=2011071119 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} http://launch.soe.com/plugin/web/SOEWebInstaller.cab (SOE Web Installer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1276788178718 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1310097564343 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65CCD2A2-5FB9-4CD9-80C6-908A9DD1A53B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\intelUsb3Sevices: DllName - (usbniw32.dll) - C:\WINDOWS\System32\usbniw32.dll ()
O20 - Winlogon\Notify\usbniw32: DllName - (usbniw32.dll) - C:\WINDOWS\System32\usbniw32.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/17 08:30:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8ad64fdc-9d0b-11df-ae81-0013207916a3}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O33 - MountPoints2\{98ea0576-204f-11e0-aeaa-0013207916a3}\Shell - "" = AutoRun
O33 - MountPoints2\{98ea0576-204f-11e0-aeaa-0013207916a3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98ea0576-204f-11e0-aeaa-0013207916a3}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{98ea0579-204f-11e0-aeaa-0013207916a3}\Shell - "" = AutoRun
O33 - MountPoints2\{98ea0579-204f-11e0-aeaa-0013207916a3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98ea0579-204f-11e0-aeaa-0013207916a3}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: qkbfiltr - %systemroot%\system32\backupclientsvc.dll File not found
NetSvcs: raidmagt - %systemroot%\system32\mksvirmonsvc.dll File not found
NetSvcs: vsapint - %systemroot%\system32\ehrecvr.dll File not found
NetSvcs: sscdbhk5 - %systemroot%\system32\pmshellsrv.dll File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - Services: "Updater Service for StartNow Toolbar"
MsConfig - Services: "GuffinsService"
MsConfig - Services: "gusvc"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe - (BVRP Software)
MsConfig - StartUpReg: ApnUpdater - hkey= - key= - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
MsConfig - StartUpReg: DATAMNGR - hkey= - key= - File not found
MsConfig - StartUpReg: FixCleaner - hkey= - key= - C:\Program Files\FixCleaner\FixCleaner.exe (Slimware Utilities, Inc.)
MsConfig - StartUpReg: frostwire pro - hkey= - key= - File not found
MsConfig - StartUpReg: Guffins Browser Plugin Loader - hkey= - key= - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: StartNowToolbarHelper - hkey= - key= - File not found
MsConfig - StartUpReg: swg - hkey= - key= - File not found
MsConfig - StartUpReg: vProt - hkey= - key= - C:\Program Files\AVG Secure Search\vprot.exe ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1056
========== Files/Folders - Created Within 30 Days ==========
[2012/05/05 17:07:36 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/05/05 17:06:17 | 000,098,992 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\96157151.sys
[2012/05/05 17:04:52 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/05/05 17:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\tdsskiller
[2012/05/04 22:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Live
[2012/05/04 22:42:30 | 000,054,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys
[2012/05/04 22:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2012/05/04 22:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012/05/04 22:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2012/05/04 22:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2012/05/04 22:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2012/05/04 22:38:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2012/05/04 22:38:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2012/05/04 22:25:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/05/03 22:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\SecurityScans
[2012/05/03 22:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Baseline Security Analyzer 2
[2012/05/03 22:24:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AVG Secure Search
[2012/05/03 22:23:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG Secure Search
[2012/05/03 22:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/05/03 22:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/05/03 22:22:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/05/03 22:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\FixCleaner
[2012/05/03 22:16:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/05/03 22:16:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FixCleaner
[2012/05/03 22:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\FixCleaner
[2012/05/03 22:15:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers
[2012/05/03 20:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ElevatedDiagnostics
[2012/05/03 20:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2012/05/03 20:41:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2012/05/03 19:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012/05/03 19:49:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AskToolbar
[2012/05/03 19:49:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\FrostWire
[2012/05/03 19:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\.frostwire5
[2012/05/03 19:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\FrostWire 5
[2012/05/03 19:48:25 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire 5
[2012/05/03 19:47:06 | 010,399,760 | ---- | C] (FrostWire Team) -- C:\Documents and Settings\Owner\Desktop\frostwire-5.3.5.windows.exe
[2012/05/02 00:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\FoxTabPDFReader
[2012/05/01 21:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\MusicOasis
[2012/05/01 21:27:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012/05/01 21:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012/05/01 21:26:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe
[2012/04/19 19:17:06 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/04/14 17:53:45 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/12 08:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2012/04/10 21:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/04/10 21:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/04/10 19:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sun
[2012/04/06 18:46:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/05/05 17:15:02 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/05/05 17:14:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/05 17:07:43 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/05/05 17:06:18 | 000,098,992 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\96157151.sys
[2012/05/05 17:06:01 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/05/05 17:03:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/05 17:02:02 | 002,055,783 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
[2012/05/05 15:19:20 | 000,002,600 | ---- | M] () -- C:\WINDOWS\xp_exe_fix.reg
[2012/05/05 13:12:29 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Owner.job
[2012/05/05 12:00:02 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\FixCleaner Scan.job
[2012/05/05 10:04:04 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/05/05 10:04:04 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/05/05 00:31:35 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/05 00:31:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/05 00:29:15 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/04 22:49:08 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/04 22:44:35 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/05/04 21:16:17 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012/05/04 20:48:19 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2012/05/04 18:46:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/05/03 22:45:38 | 000,000,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk
[2012/05/03 22:16:21 | 000,001,852 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FixCleaner.lnk
[2012/05/03 19:49:07 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.5.lnk
[2012/05/03 19:49:07 | 000,000,870 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FrostWire 5.3.5.lnk
[2012/05/03 19:47:52 | 010,399,760 | ---- | M] (FrostWire Team) -- C:\Documents and Settings\Owner\Desktop\frostwire-5.3.5.windows.exe
[2012/05/01 20:47:09 | 004,455,476 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Take care rhianna & drake.mp3
[2012/04/26 14:01:36 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/04/18 17:53:58 | 000,105,324 | ---- | M] () -- C:\WINDOWS\System32\itusbcore.dat
[2012/04/18 17:53:58 | 000,000,198 | ---- | M] () -- C:\WINDOWS\System32\itlsvc.dat
[2012/04/14 18:42:30 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/04/14 17:57:02 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012/04/14 17:53:27 | 000,115,686 | ---- | M] () -- C:\WINDOWS\System32\itldvupd.dat
[2012/04/14 17:49:33 | 000,038,400 | ---- | M] () -- C:\WINDOWS\System32\usbniw32.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/05 17:01:21 | 002,055,783 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
[2012/05/04 21:25:13 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2012/05/03 22:45:38 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Baseline Security Analyzer 2.2.lnk
[2012/05/03 22:45:37 | 000,000,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk
[2012/05/03 22:16:59 | 000,000,438 | ---- | C] () -- C:\WINDOWS\tasks\FixCleaner Scan.job
[2012/05/03 22:16:21 | 000,001,852 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FixCleaner.lnk
[2012/05/03 19:50:34 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/05/03 19:49:07 | 000,000,888 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.5.lnk
[2012/05/03 19:49:06 | 000,000,870 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FrostWire 5.3.5.lnk
[2012/05/01 22:46:51 | 000,063,096 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/05/01 20:48:31 | 004,455,476 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Take care rhianna & drake.mp3
[2012/04/26 14:01:31 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/04/18 17:53:58 | 000,105,324 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
[2012/04/14 17:53:46 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/14 17:53:27 | 000,115,686 | ---- | C] () -- C:\WINDOWS\System32\itldvupd.dat
[2012/04/14 17:53:27 | 000,000,198 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
[2012/04/14 17:49:33 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\usbniw32.dll
[2012/04/10 21:21:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/04/10 19:55:52 | 000,000,000 | -HS- | C] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012/03/24 10:40:05 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\jgldog11.dll
[2012/02/16 02:44:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/03 19:53:31 | 000,013,308 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/01/30 21:01:48 | 000,161,744 | ---- | C] () -- C:\Program Files\u4res.dll
[2011/10/15 16:14:33 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/08/21 09:13:26 | 000,000,039 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011/07/11 21:55:07 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/23 21:10:53 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2011/04/23 21:10:50 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2011/04/23 21:10:50 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2011/04/23 21:10:41 | 000,004,254 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2011/04/23 20:15:02 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2011/01/15 22:55:16 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/07/31 21:52:32 | 000,001,044 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/07/31 21:24:53 | 000,000,565 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2010/07/11 10:56:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Edmark.ini
[2010/07/11 10:56:00 | 000,000,519 | ---- | C] () -- C:\WINDOWS\pipeline.ini
[2010/07/10 17:50:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2010/06/17 08:32:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/06/17 08:27:53 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/06/17 04:19:48 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/17 04:18:47 | 000,099,048 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== Custom Scans ==========
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2010/06/17 08:29:55 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2011/05/29 00:36:04 | 000,001,746 | -H-- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\LastFlashConfig.WFC
< %PROGRAMFILES%\*.* >
[2011/07/11 19:44:19 | 000,161,744 | ---- | M] () -- C:\Program Files\u4res.dll
< %APPDATA%\Update\*.* >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/06/17 08:30:33 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/06/17 08:37:02 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2010/06/17 08:37:01 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
[2012/05/03 19:47:52 | 010,399,760 | ---- | M] (FrostWire Team) -- C:\Documents and Settings\Owner\Desktop\frostwire-5.3.5.windows.exe
[2012/05/05 17:07:43 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2010/06/17 08:37:01 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Owner\Favorites\Desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.exe /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010/06/17 04:17:59 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010/06/17 04:17:59 | 001,064,960 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010/06/17 04:17:59 | 000,888,832 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.sys >
[2008/04/14 08:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\bcm42rly.sys
[2008/04/14 08:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\GTNDIS5.sys
[2008/04/14 08:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2008/04/14 08:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2008/04/14 08:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2008/04/14 08:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2008/04/14 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2008/04/14 08:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2008/04/14 08:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2008/04/14 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2008/04/14 08:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2008/04/14 08:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2008/04/14 08:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2008/04/14 08:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2008/04/14 08:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2009/12/18 13:13:04 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCASp50.sys
[2009/12/18 13:13:04 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCASp50a64.sys
[2008/04/14 08:00:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2012/02/03 05:22:18 | 001,860,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
< %SYSTEMDRIVE%\*.* >
[2010/06/17 08:30:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/05/05 17:06:01 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/06/17 08:30:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012/04/18 20:24:21 | 000,004,217 | ---- | M] () -- C:\err.log
[2010/06/17 08:30:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/06/17 08:30:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 08:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/05/05 00:31:21 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2012/05/05 17:05:16 | 000,157,484 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_05.05.2012_17.02.47_log.txt
[2012/05/05 17:06:22 | 000,003,264 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_05.05.2012_17.06.17_log.txt
[2011/07/11 21:34:52 | 000,000,000 | ---- | M] () -- C:\testwma.raw
[2012/03/28 18:20:51 | 000,000,050 | ---- | M] () -- C:\user.js
< %PROGRAMFILES%\*. >
[2012/05/01 21:27:12 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/06/17 12:52:55 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2010/06/17 10:58:32 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2011/07/08 15:05:30 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2012/05/03 19:50:35 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2012/05/03 22:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\AVG Secure Search
[2011/07/08 15:04:54 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2012/05/04 22:39:24 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/06/17 08:27:44 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/06/17 11:00:31 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2010/07/22 20:54:48 | 000,000,000 | ---D | M] -- C:\Program Files\Datel
[2010/06/17 11:00:07 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2011/08/05 11:16:38 | 000,000,000 | ---D | M] -- C:\Program Files\Disney
[2012/03/30 21:05:14 | 000,000,000 | ---D | M] -- C:\Program Files\Driver-Soft
[2011/10/13 18:52:59 | 000,000,000 | ---D | M] -- C:\Program Files\EA Games
[2011/05/29 16:49:49 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2012/05/03 22:17:02 | 000,000,000 | ---D | M] -- C:\Program Files\FixCleaner
[2012/05/02 00:03:23 | 000,000,000 | ---D | M] -- C:\Program Files\FoxTabPDFReader
[2012/05/03 19:49:07 | 000,000,000 | ---D | M] -- C:\Program Files\FrostWire 5
[2012/01/31 15:17:02 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2012/01/30 21:01:45 | 000,000,000 | ---D | M] -- C:\Program Files\Guffins
[2011/07/11 19:43:25 | 000,000,000 | ---D | M] -- C:\Program Files\GuffinsEI
[2012/03/24 09:58:40 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/06/17 08:47:41 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2012/05/04 22:44:33 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/07/08 15:07:14 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/07/08 15:08:19 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2012/01/31 19:20:42 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/05/29 22:11:57 | 000,000,000 | ---D | M] -- C:\Program Files\Linksys
[2011/04/23 21:10:53 | 000,000,000 | ---D | M] -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster
[2010/06/17 11:56:09 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2012/05/04 22:42:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2012/05/03 22:45:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Baseline Security Analyzer 2
[2010/06/17 08:30:36 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2012/04/26 14:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2012/02/16 15:39:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2012/05/04 22:25:48 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/07/07 22:32:49 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2011/05/28 23:02:15 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/06/17 12:00:47 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2012/01/30 21:02:39 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2010/06/17 08:27:01 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2010/07/14 16:12:16 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2010/06/17 08:28:37 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2011/01/14 22:32:39 | 000,000,000 | ---D | M] -- C:\Program Files\Novatel Wireless
[2010/06/17 08:29:02 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2011/05/28 23:08:35 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2011/05/29 22:13:22 | 000,000,000 | ---D | M] -- C:\Program Files\Pure Networks
[2011/07/08 15:06:45 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/06/17 12:00:40 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/07/12 17:59:18 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Online Entertainment
[2011/08/21 09:16:43 | 000,000,000 | ---D | M] -- C:\Program Files\The Learning Company
[2010/06/17 08:36:52 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/09/01 21:17:00 | 000,000,000 | ---D | M] -- C:\Program Files\vGrabber
[2011/04/23 20:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\WebEx
[2011/05/29 00:03:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2012/05/04 22:42:27 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2012/05/04 22:41:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2010/06/17 11:54:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2011/07/10 15:44:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2010/06/17 08:26:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/06/17 08:29:06 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2010/06/17 08:30:36 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2012/03/30 21:00:55 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
< %appdata%\*.* >
[2010/06/17 04:19:24 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Owner\Application Data\desktop.ini
< MD5 for: AGP440.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 08:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
< MD5 for: DISK.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/04/14 08:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008/04/14 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008/04/14 08:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 08:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: USBSTOR.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2008/04/14 01:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\dllcache\usbstor.sys
[2008/04/14 01:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\USBSTOR.SYS
[2008/04/14 00:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\USBSTOR.SYS
OTL logfile created on: 5/5/2012 5:09:05 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
509.98 Mb Total Physical Memory | 52.37 Mb Available Physical Memory | 10.27% Memory free
1.22 Gb Paging File | 0.54 Gb Available in Paging File | 44.29% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 42.65 Gb Free Space | 57.28% Space Free | Partition Type: NTFS
Computer Name: CHILDREN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/05/05 17:07:43 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2012/05/05 17:02:35 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller\TDSSKiller.exe
PRC - [2012/05/03 22:23:03 | 000,932,736 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
PRC - [2012/05/03 22:22:45 | 001,116,544 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/04/09 17:43:42 | 001,557,160 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/03/02 10:31:20 | 001,810,072 | ---- | M] (We-Care.com) -- C:\Documents and Settings\All Users\Application Data\WeCareReminder\ReminderHelper.exe
PRC - [2012/01/27 13:59:12 | 047,658,848 | ---- | M] (Slimware Utilities, Inc.) -- C:\Program Files\FixCleaner\FixCleaner.exe
PRC - [2009/04/07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 08:00:00 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/05/03 22:23:08 | 000,130,944 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\SiteSafety.dll
MOD - [2012/05/03 22:23:03 | 000,932,736 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
MOD - [2012/05/03 22:22:45 | 001,116,544 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/04/14 17:49:33 | 000,038,400 | ---- | M] () -- C:\WINDOWS\system32\usbniw32.dll
MOD - [2005/03/21 14:36:16 | 000,036,864 | ---- | M] () -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\Security.dll
MOD - [2005/02/24 20:15:20 | 000,102,400 | ---- | M] () -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\ses_cl.dll
MOD - [2004/09/29 15:51:28 | 000,122,880 | ---- | M] () -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\ez54g.dll
MOD - [2003/10/13 15:30:58 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\GTW32N50.dll
MOD - [2002/04/24 00:00:00 | 000,110,592 | ---- | M] () -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\GEMWEP.DLL
MOD - [2001/04/16 16:39:02 | 000,037,808 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe WMP54GSv1_1.exe -- (WMP54GSSVC)
SRV - File not found [On_Demand | Stopped] -- %systemroot%\system32\ehrecvr.dll -- (vsapint)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pmshellsrv.dll -- (sscdbhk5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mksvirmonsvc.dll -- (raidmagt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backupclientsvc.dll -- (qkbfiltr)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/05 10:04:06 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/03 22:23:03 | 000,932,736 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe -- (vToolbarUpdater11.0.2)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/04/07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- -- (bnevoerj)
DRV - [2012/05/05 00:35:10 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{143069F4-480A-4186-9894-DEE64D167228}\MpKsla06f34f6.sys -- (MpKsla06f34f6)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/12/18 13:13:02 | 000,020,480 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NwUsbCdFil.sys -- (NWUSBCDFIL)
DRV - [2009/12/18 13:13:00 | 000,230,912 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2009/12/18 13:12:58 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV - [2009/12/18 13:12:58 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2009/12/18 13:12:58 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2009/04/07 15:33:08 | 000,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2009/04/07 15:33:08 | 000,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2004/12/22 01:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/03/24 10:12:44 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2001/08/17 12:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)
DRV - [2001/05/07 06:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {7C739552-1A17-4EA6-8039-87BAECC5FC28}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{7C739552-1A17-4EA6-8039-87BAECC5FC28}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=2&q={searchTerms}
IE - HKLM\..\SearchScopes\{9bd172ba-3f40-4303-bca1-0484b5ba2a7b}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YJyyyyyyB3us&ptb=C319305C-B7B2-4259-8AB0-B96BD0AFBBFF&psa=&ind=2011071119&ptnrS=YJyyyyyyB3us&si=&st=sb&n=77de828f&searchfor={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - SOFTWARE\Classes\CLSID\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{3E10DC53-6E0D-415E-A586-D7D9C315D8C2}: "URL" = http://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20120313,18760,0,8,0
IE - HKCU\..\SearchScopes\{4408C5D3-D063-47B7-F412-10B06D154E1C}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z170&form=ZGAIDF&install_date=20110902&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{7C739552-1A17-4EA6-8039-87BAECC5FC28}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_enUS453
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={3091B081-7AD2-485D-8372-2D174EE4E938}&mid=650a8ae48b9547d09365d15a669dff50-bb8e173a110fb6e990b0a6efb7e4327fa9ad2a70&lang=en&ds=ts025&pr=sa&d=2012-05-03 22:23:15&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=2&q={searchTerms}
IE - HKCU\..\SearchScopes\{9bd172ba-3f40-4303-bca1-0484b5ba2a7b}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YJyyyyyyB3us&ptb=C319305C-B7B2-4259-8AB0-B96BD0AFBBFF&psa=&ind=2011071119&ptnrS=YJyyyyyyB3us&si=&st=sb&n=77de828f&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\WINDOWS\Downloaded Program Files\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.0.0.9\ [2012/05/03 22:24:08 | 000,000,000 | ---D | M]
Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll File not found
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (NetAssistant) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - !{5911488E-9D1E-40ec-8CBB-06B231CC153F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [Starter] C:\Program Files\Driver-Soft\DriverGenius\StarterW3i.exe (Driver-Soft Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.guffins.com/one-toolbaredits/menusearch.jhtml?s=100000442&p=YJyyyyyyB3us&si=&a=C319305C-B7B2-4259-8AB0-B96BD0AFBBFF&n=2011071119 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} http://launch.soe.com/plugin/web/SOEWebInstaller.cab (SOE Web Installer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1276788178718 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1310097564343 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65CCD2A2-5FB9-4CD9-80C6-908A9DD1A53B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\intelUsb3Sevices: DllName - (usbniw32.dll) - C:\WINDOWS\System32\usbniw32.dll ()
O20 - Winlogon\Notify\usbniw32: DllName - (usbniw32.dll) - C:\WINDOWS\System32\usbniw32.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/17 08:30:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8ad64fdc-9d0b-11df-ae81-0013207916a3}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O33 - MountPoints2\{98ea0576-204f-11e0-aeaa-0013207916a3}\Shell - "" = AutoRun
O33 - MountPoints2\{98ea0576-204f-11e0-aeaa-0013207916a3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98ea0576-204f-11e0-aeaa-0013207916a3}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{98ea0579-204f-11e0-aeaa-0013207916a3}\Shell - "" = AutoRun
O33 - MountPoints2\{98ea0579-204f-11e0-aeaa-0013207916a3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98ea0579-204f-11e0-aeaa-0013207916a3}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: qkbfiltr - %systemroot%\system32\backupclientsvc.dll File not found
NetSvcs: raidmagt - %systemroot%\system32\mksvirmonsvc.dll File not found
NetSvcs: vsapint - %systemroot%\system32\ehrecvr.dll File not found
NetSvcs: sscdbhk5 - %systemroot%\system32\pmshellsrv.dll File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - Services: "Updater Service for StartNow Toolbar"
MsConfig - Services: "GuffinsService"
MsConfig - Services: "gusvc"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe - (BVRP Software)
MsConfig - StartUpReg: ApnUpdater - hkey= - key= - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
MsConfig - StartUpReg: DATAMNGR - hkey= - key= - File not found
MsConfig - StartUpReg: FixCleaner - hkey= - key= - C:\Program Files\FixCleaner\FixCleaner.exe (Slimware Utilities, Inc.)
MsConfig - StartUpReg: frostwire pro - hkey= - key= - File not found
MsConfig - StartUpReg: Guffins Browser Plugin Loader - hkey= - key= - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: StartNowToolbarHelper - hkey= - key= - File not found
MsConfig - StartUpReg: swg - hkey= - key= - File not found
MsConfig - StartUpReg: vProt - hkey= - key= - C:\Program Files\AVG Secure Search\vprot.exe ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1056
========== Files/Folders - Created Within 30 Days ==========
[2012/05/05 17:07:36 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/05/05 17:06:17 | 000,098,992 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\96157151.sys
[2012/05/05 17:04:52 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/05/05 17:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\tdsskiller
[2012/05/04 22:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Live
[2012/05/04 22:42:30 | 000,054,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys
[2012/05/04 22:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2012/05/04 22:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012/05/04 22:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2012/05/04 22:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2012/05/04 22:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2012/05/04 22:38:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2012/05/04 22:38:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2012/05/04 22:25:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/05/03 22:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\SecurityScans
[2012/05/03 22:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Baseline Security Analyzer 2
[2012/05/03 22:24:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AVG Secure Search
[2012/05/03 22:23:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG Secure Search
[2012/05/03 22:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/05/03 22:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/05/03 22:22:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/05/03 22:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\FixCleaner
[2012/05/03 22:16:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/05/03 22:16:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FixCleaner
[2012/05/03 22:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\FixCleaner
[2012/05/03 22:15:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers
[2012/05/03 20:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ElevatedDiagnostics
[2012/05/03 20:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2012/05/03 20:41:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2012/05/03 19:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012/05/03 19:49:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AskToolbar
[2012/05/03 19:49:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\FrostWire
[2012/05/03 19:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\.frostwire5
[2012/05/03 19:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\FrostWire 5
[2012/05/03 19:48:25 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire 5
[2012/05/03 19:47:06 | 010,399,760 | ---- | C] (FrostWire Team) -- C:\Documents and Settings\Owner\Desktop\frostwire-5.3.5.windows.exe
[2012/05/02 00:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\FoxTabPDFReader
[2012/05/01 21:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\MusicOasis
[2012/05/01 21:27:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012/05/01 21:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012/05/01 21:26:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe
[2012/04/19 19:17:06 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/04/14 17:53:45 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/12 08:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2012/04/10 21:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/04/10 21:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/04/10 19:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sun
[2012/04/06 18:46:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/05/05 17:15:02 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/05/05 17:14:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/05 17:07:43 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/05/05 17:06:18 | 000,098,992 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\96157151.sys
[2012/05/05 17:06:01 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/05/05 17:03:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/05 17:02:02 | 002,055,783 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
[2012/05/05 15:19:20 | 000,002,600 | ---- | M] () -- C:\WINDOWS\xp_exe_fix.reg
[2012/05/05 13:12:29 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Owner.job
[2012/05/05 12:00:02 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\FixCleaner Scan.job
[2012/05/05 10:04:04 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/05/05 10:04:04 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/05/05 00:31:35 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/05 00:31:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/05 00:29:15 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/04 22:49:08 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/04 22:44:35 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/05/04 21:16:17 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012/05/04 20:48:19 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2012/05/04 18:46:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/05/03 22:45:38 | 000,000,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk
[2012/05/03 22:16:21 | 000,001,852 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FixCleaner.lnk
[2012/05/03 19:49:07 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.5.lnk
[2012/05/03 19:49:07 | 000,000,870 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FrostWire 5.3.5.lnk
[2012/05/03 19:47:52 | 010,399,760 | ---- | M] (FrostWire Team) -- C:\Documents and Settings\Owner\Desktop\frostwire-5.3.5.windows.exe
[2012/05/01 20:47:09 | 004,455,476 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Take care rhianna & drake.mp3
[2012/04/26 14:01:36 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/04/18 17:53:58 | 000,105,324 | ---- | M] () -- C:\WINDOWS\System32\itusbcore.dat
[2012/04/18 17:53:58 | 000,000,198 | ---- | M] () -- C:\WINDOWS\System32\itlsvc.dat
[2012/04/14 18:42:30 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/04/14 17:57:02 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012/04/14 17:53:27 | 000,115,686 | ---- | M] () -- C:\WINDOWS\System32\itldvupd.dat
[2012/04/14 17:49:33 | 000,038,400 | ---- | M] () -- C:\WINDOWS\System32\usbniw32.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/05 17:01:21 | 002,055,783 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
[2012/05/04 21:25:13 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2012/05/03 22:45:38 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Baseline Security Analyzer 2.2.lnk
[2012/05/03 22:45:37 | 000,000,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk
[2012/05/03 22:16:59 | 000,000,438 | ---- | C] () -- C:\WINDOWS\tasks\FixCleaner Scan.job
[2012/05/03 22:16:21 | 000,001,852 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FixCleaner.lnk
[2012/05/03 19:50:34 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/05/03 19:49:07 | 000,000,888 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.5.lnk
[2012/05/03 19:49:06 | 000,000,870 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FrostWire 5.3.5.lnk
[2012/05/01 22:46:51 | 000,063,096 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/05/01 20:48:31 | 004,455,476 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Take care rhianna & drake.mp3
[2012/04/26 14:01:31 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/04/18 17:53:58 | 000,105,324 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
[2012/04/14 17:53:46 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/14 17:53:27 | 000,115,686 | ---- | C] () -- C:\WINDOWS\System32\itldvupd.dat
[2012/04/14 17:53:27 | 000,000,198 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
[2012/04/14 17:49:33 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\usbniw32.dll
[2012/04/10 21:21:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/04/10 19:55:52 | 000,000,000 | -HS- | C] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012/03/24 10:40:05 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\jgldog11.dll
[2012/02/16 02:44:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/03 19:53:31 | 000,013,308 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/01/30 21:01:48 | 000,161,744 | ---- | C] () -- C:\Program Files\u4res.dll
[2011/10/15 16:14:33 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/08/21 09:13:26 | 000,000,039 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011/07/11 21:55:07 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/23 21:10:53 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2011/04/23 21:10:50 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2011/04/23 21:10:50 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2011/04/23 21:10:41 | 000,004,254 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2011/04/23 20:15:02 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2011/01/15 22:55:16 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/07/31 21:52:32 | 000,001,044 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/07/31 21:24:53 | 000,000,565 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2010/07/11 10:56:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Edmark.ini
[2010/07/11 10:56:00 | 000,000,519 | ---- | C] () -- C:\WINDOWS\pipeline.ini
[2010/07/10 17:50:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2010/06/17 08:32:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/06/17 08:27:53 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/06/17 04:19:48 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/17 04:18:47 | 000,099,048 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== Custom Scans ==========
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2010/06/17 08:29:55 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2011/05/29 00:36:04 | 000,001,746 | -H-- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\LastFlashConfig.WFC
< %PROGRAMFILES%\*.* >
[2011/07/11 19:44:19 | 000,161,744 | ---- | M] () -- C:\Program Files\u4res.dll
< %APPDATA%\Update\*.* >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/06/17 08:30:33 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/06/17 08:37:02 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2010/06/17 08:37:01 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
[2012/05/03 19:47:52 | 010,399,760 | ---- | M] (FrostWire Team) -- C:\Documents and Settings\Owner\Desktop\frostwire-5.3.5.windows.exe
[2012/05/05 17:07:43 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2010/06/17 08:37:01 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Owner\Favorites\Desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.exe /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010/06/17 04:17:59 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010/06/17 04:17:59 | 001,064,960 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010/06/17 04:17:59 | 000,888,832 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.sys >
[2008/04/14 08:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\bcm42rly.sys
[2008/04/14 08:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\GTNDIS5.sys
[2008/04/14 08:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2008/04/14 08:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2008/04/14 08:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2008/04/14 08:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2008/04/14 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2008/04/14 08:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2008/04/14 08:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2008/04/14 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2008/04/14 08:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2008/04/14 08:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2008/04/14 08:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2008/04/14 08:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2008/04/14 08:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2009/12/18 13:13:04 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCASp50.sys
[2009/12/18 13:13:04 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCASp50a64.sys
[2008/04/14 08:00:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2012/02/03 05:22:18 | 001,860,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
< %SYSTEMDRIVE%\*.* >
[2010/06/17 08:30:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/05/05 17:06:01 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/06/17 08:30:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012/04/18 20:24:21 | 000,004,217 | ---- | M] () -- C:\err.log
[2010/06/17 08:30:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/06/17 08:30:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 08:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/05/05 00:31:21 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2012/05/05 17:05:16 | 000,157,484 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_05.05.2012_17.02.47_log.txt
[2012/05/05 17:06:22 | 000,003,264 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_05.05.2012_17.06.17_log.txt
[2011/07/11 21:34:52 | 000,000,000 | ---- | M] () -- C:\testwma.raw
[2012/03/28 18:20:51 | 000,000,050 | ---- | M] () -- C:\user.js
< %PROGRAMFILES%\*. >
[2012/05/01 21:27:12 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/06/17 12:52:55 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2010/06/17 10:58:32 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2011/07/08 15:05:30 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2012/05/03 19:50:35 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2012/05/03 22:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\AVG Secure Search
[2011/07/08 15:04:54 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2012/05/04 22:39:24 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/06/17 08:27:44 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/06/17 11:00:31 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2010/07/22 20:54:48 | 000,000,000 | ---D | M] -- C:\Program Files\Datel
[2010/06/17 11:00:07 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2011/08/05 11:16:38 | 000,000,000 | ---D | M] -- C:\Program Files\Disney
[2012/03/30 21:05:14 | 000,000,000 | ---D | M] -- C:\Program Files\Driver-Soft
[2011/10/13 18:52:59 | 000,000,000 | ---D | M] -- C:\Program Files\EA Games
[2011/05/29 16:49:49 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2012/05/03 22:17:02 | 000,000,000 | ---D | M] -- C:\Program Files\FixCleaner
[2012/05/02 00:03:23 | 000,000,000 | ---D | M] -- C:\Program Files\FoxTabPDFReader
[2012/05/03 19:49:07 | 000,000,000 | ---D | M] -- C:\Program Files\FrostWire 5
[2012/01/31 15:17:02 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2012/01/30 21:01:45 | 000,000,000 | ---D | M] -- C:\Program Files\Guffins
[2011/07/11 19:43:25 | 000,000,000 | ---D | M] -- C:\Program Files\GuffinsEI
[2012/03/24 09:58:40 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/06/17 08:47:41 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2012/05/04 22:44:33 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/07/08 15:07:14 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/07/08 15:08:19 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2012/01/31 19:20:42 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/05/29 22:11:57 | 000,000,000 | ---D | M] -- C:\Program Files\Linksys
[2011/04/23 21:10:53 | 000,000,000 | ---D | M] -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster
[2010/06/17 11:56:09 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2012/05/04 22:42:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2012/05/03 22:45:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Baseline Security Analyzer 2
[2010/06/17 08:30:36 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2012/04/26 14:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2012/02/16 15:39:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2012/05/04 22:25:48 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/07/07 22:32:49 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2011/05/28 23:02:15 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/06/17 12:00:47 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2012/01/30 21:02:39 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2010/06/17 08:27:01 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2010/07/14 16:12:16 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2010/06/17 08:28:37 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2011/01/14 22:32:39 | 000,000,000 | ---D | M] -- C:\Program Files\Novatel Wireless
[2010/06/17 08:29:02 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2011/05/28 23:08:35 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2011/05/29 22:13:22 | 000,000,000 | ---D | M] -- C:\Program Files\Pure Networks
[2011/07/08 15:06:45 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/06/17 12:00:40 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/07/12 17:59:18 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Online Entertainment
[2011/08/21 09:16:43 | 000,000,000 | ---D | M] -- C:\Program Files\The Learning Company
[2010/06/17 08:36:52 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/09/01 21:17:00 | 000,000,000 | ---D | M] -- C:\Program Files\vGrabber
[2011/04/23 20:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\WebEx
[2011/05/29 00:03:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2012/05/04 22:42:27 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2012/05/04 22:41:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2010/06/17 11:54:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2011/07/10 15:44:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2010/06/17 08:26:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/06/17 08:29:06 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2010/06/17 08:30:36 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2012/03/30 21:00:55 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
< %appdata%\*.* >
[2010/06/17 04:19:24 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Owner\Application Data\desktop.ini
< MD5 for: AGP440.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 08:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
< MD5 for: DISK.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/04/14 08:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008/04/14 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008/04/14 08:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 08:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: USBSTOR.SYS >
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2008/04/14 01:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\dllcache\usbstor.sys
[2008/04/14 01:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\USBSTOR.SYS
[2008/04/14 00:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\USBSTOR.SYS