Hi, here's the OTL log
OTL logfile created on: 01/03/2010 22:38:47 - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = D:\Documents and Settings\Caroline Dexter.049924520170\My Documents\Downloads
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1,022.00 Mb Total Physical Memory | 257.00 Mb Available Physical Memory | 25.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.99 Gb Total Space | 16.38 Gb Free Space | 54.60% Space Free | Partition Type: NTFS
Drive D: | 111.24 Gb Total Space | 27.34 Gb Free Space | 24.58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: 049924520170
Current User Name: Caroline Dexter
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2010/03/01 22:38:03 | 000,551,424 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Caroline Dexter.049924520170\My Documents\Downloads\OTL.exe
PRC - [2010/02/18 23:33:08 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/02 14:44:22 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009/12/12 08:58:05 | 000,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/12/12 08:58:05 | 000,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/11/23 14:42:37 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/11/23 14:42:35 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/23 14:42:21 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/06/01 16:41:11 | 000,341,312 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/05/28 18:58:39 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2006/05/17 15:05:52 | 002,297,856 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
PRC - [2006/01/30 08:56:38 | 001,978,368 | ---- | M] () -- C:\APPS\Softex\OmniPass\scureapp.exe
PRC - [2006/01/30 07:47:50 | 000,014,848 | ---- | M] () -- C:\APPS\Softex\OmniPass\OPXPApp.exe
PRC - [2006/01/30 07:47:48 | 000,032,768 | ---- | M] (Softex Inc.) -- C:\APPS\Softex\OmniPass\OmniServ.exe
PRC - [2005/10/20 05:15:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
PRC - [2005/10/20 05:15:00 | 000,090,112 | ---- | M] () -- C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
PRC - [2005/10/18 11:14:00 | 000,557,056 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe
PRC - [2005/01/31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/10/04 12:03:18 | 000,310,272 | ---- | M] () -- C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe
PRC - [2004/08/10 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/04/08 07:38:26 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2003/05/02 10:31:50 | 000,024,576 | ---- | M] (NEC Computers International) -- C:\APPS\ABOARD\ABOARD.EXE
PRC - [2003/05/02 10:31:38 | 000,069,632 | ---- | M] (NEC Computers International) -- C:\APPS\ABOARD\AOSD.EXE
========== Modules (SafeList) ========== MOD - [2010/03/01 22:38:03 | 000,551,424 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Caroline Dexter.049924520170\My Documents\Downloads\OTL.exe
MOD - [2009/06/01 16:41:24 | 000,062,776 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
MOD - [2006/08/25 15:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/01/30 07:45:26 | 000,053,248 | ---- | M] () -- C:\APPS\Softex\OmniPass\scuredll.dll
MOD - [2004/10/04 10:12:06 | 000,046,080 | ---- | M] () -- C:\Program Files\Goto Software\Vade Retro\VrOe_hook.dll
========== Win32 Services (SafeList) ========== SRV - [2009/11/23 14:42:21 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/05/23 16:24:10 | 000,953,168 | ---- | M] (Lavasoft) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/10/13 12:35:12 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation)
SRV - [2006/01/30 07:47:48 | 000,032,768 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\APPS\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2005/10/20 05:15:00 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -- (USBDeviceService)
SRV - [2005/01/31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2004/04/08 07:38:26 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
========== Driver Services (SafeList) ========== DRV - [2009/11/23 14:44:29 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/11/23 14:44:28 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/11/23 14:44:28 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/23 16:24:24 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2007/02/23 08:52:58 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2006/10/13 10:23:15 | 000,163,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwrdr.sys -- (NWRDR)
DRV - [2006/10/05 12:06:17 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/09/28 04:36:04 | 000,144,561 | ---- | M] (Roland Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rdwm1005.sys -- (RDID1005)
DRV - [2006/09/05 01:16:04 | 000,217,600 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u)
DRV - [2006/06/12 11:05:12 | 000,043,008 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FETND5BV)
DRV - [2006/05/29 11:03:22 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\viamraid.sys -- (viamraid)
DRV - [2006/05/29 11:03:00 | 000,006,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaidexp.sys -- (ViaIde)
DRV - [2006/05/16 16:32:58 | 004,275,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/04/27 23:47:00 | 003,663,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/03/27 16:53:28 | 000,167,808 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2005/10/18 11:16:00 | 000,905,608 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2005/04/25 01:03:00 | 000,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2005/01/07 16:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/10 13:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/08/10 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/10 13:00:00 | 000,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2004/08/10 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 22:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/08/03 22:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/03 22:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2003/01/10 15:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:53:32 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qv2kux.sys -- (QV2KUX)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-357337470-3576400413-644577365-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.ukIE - HKU\S-1-5-21-357337470-3576400413-644577365-1005\S-1-5-21-357337470-3576400413-644577365-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-357337470-3576400413-644577365-1005\S-1-5-21-357337470-3576400413-644577365-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Google Images"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-GB.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-GB:official"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={24811134-4962-D8EE-1811-175DE14ED9BB}&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/12 15:51:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/18 23:33:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/18 23:33:14 | 000,000,000 | ---D | M]
[2009/06/01 21:22:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Caroline Dexter.049924520170\Application Data\Mozilla\Extensions
[2010/02/26 18:17:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Caroline Dexter.049924520170\Application Data\Mozilla\Firefox\Profiles\i11aa4b0.default\extensions
[2009/09/04 11:56:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Caroline Dexter.049924520170\Application Data\Mozilla\Firefox\Profiles\i11aa4b0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/29 17:00:35 | 000,000,000 | ---D | M] (Fast Browser Search (My Tattoons)) -- D:\Documents and Settings\Caroline Dexter.049924520170\Application Data\Mozilla\Firefox\Profiles\i11aa4b0.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}(2)
[2009/11/29 16:48:39 | 000,005,407 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Application Data\Mozilla\Firefox\Profiles\i11aa4b0.default\searchplugins\fast-browser-search.xml
[2009/06/21 19:29:52 | 000,001,926 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Application Data\Mozilla\Firefox\Profiles\i11aa4b0.default\searchplugins\google-books.xml
[2009/06/22 15:16:14 | 000,004,855 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Application Data\Mozilla\Firefox\Profiles\i11aa4b0.default\searchplugins\google-images.xml
[2009/06/22 12:36:36 | 000,002,434 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Application Data\Mozilla\Firefox\Profiles\i11aa4b0.default\searchplugins\google-scholar.xml
[2010/02/05 19:35:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/27 10:49:05 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/27 10:49:05 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/27 10:49:05 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/27 10:49:06 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2009/06/01 22:36:28 | 000,306,026 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10560 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (EndNote Web) - {82D2E569-25A7-4E4D-9FA3-C5025B4B7912} - C:\Program Files\EndNote Web\ENWIEPlug.dll (Thomson ResearchSoft)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (EndNote Web) - {945C8270-A848-11D5-A805-00B0D092F45B} - C:\Program Files\EndNote Web\ENWIEPlug.dll (Thomson ResearchSoft)
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O3 - HKU\S-1-5-21-357337470-3576400413-644577365-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-357337470-3576400413-644577365-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKLM..\Run: [ACTIVBOARD] c:\APPS\ABOARD\ABOARD.EXE (NEC Computers International)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe ()
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OmniPass] C:\APPS\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Vade Retro Outlook Express] C:\Program Files\Goto Software\Vade Retro\Vaderetro_oe.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-357337470-3576400413-644577365-1005..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-357337470-3576400413-644577365-1005\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-357337470-3576400413-644577365-1005\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-357337470-3576400413-644577365-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-357337470-3576400413-644577365-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-357337470-3576400413-644577365-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-357337470-3576400413-644577365-1005_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-357337470-3576400413-644577365-1005_Classes\Software\Policies\Microsoft\Internet Explorer\restrictions present
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (RtlGina2.dll) - C:\WINDOWS\System32\RtlGina2.dll ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Apps\Softex\OmniPass\opxpgina.dll - C:\APPS\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop WallPaper: D:\Documents and Settings\Caroline Dexter.049924520170\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Caroline Dexter.049924520170\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/09/10 07:16:00 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - C:\WINDOWS\system32\nwwks.dll (Microsoft Corporation)
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17173310768939008)
========== Files/Folders - Created Within 30 Days ========== [2010/02/28 22:19:04 | 000,417,136 | ---- | C] (Sysinternals) -- C:\WINDOWS\handle.exe
[2010/02/28 10:32:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Caroline Dexter.049924520170\Application Data\Malwarebytes
[2010/02/28 10:31:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/02/28 10:31:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/02/28 10:31:53 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/02/28 10:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/25 08:21:43 | 000,000,000 | ---D | C] -- C:\rsit
[2010/02/21 22:37:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/02/11 08:32:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010/02/05 20:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/02/05 19:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Celebrity Toolbar
[2010/02/05 07:25:57 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/02/05 07:25:57 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/02/04 17:28:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Caroline Dexter.049924520170\Tracing
[2010/02/04 17:27:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Documents\microsoft
[2010/02/04 17:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/02/02 20:20:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Caroline Dexter.049924520170\My Documents\HK computer
[2006/10/05 12:32:59 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006/10/05 12:32:59 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/10/05 12:32:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2006/10/05 12:32:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[13 D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\*.tmp files -> D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/03/01 22:21:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/03/01 22:15:59 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/01 22:15:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/01 22:15:51 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/01 19:30:50 | 007,077,888 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\ntuser.dat
[2010/03/01 19:30:50 | 000,000,278 | -HS- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\ntuser.ini
[2010/03/01 19:30:29 | 003,620,508 | -H-- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Local Settings\Application Data\IconCache.db
[2010/03/01 17:17:42 | 056,483,219 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/02/28 22:15:44 | 000,000,000 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Local Settings\Application Data\prvlcl.dat
[2010/02/28 17:35:28 | 000,077,312 | ---- | M] () -- C:\mbr.exe
[2010/02/28 10:32:01 | 000,000,581 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/24 20:55:29 | 000,000,030 | ---- | M] () -- C:\WINDOWS\iedit.INI
[2010/02/24 17:08:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/02/21 22:48:00 | 000,026,112 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/20 21:48:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/02/19 23:22:28 | 000,241,994 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\bnbnbiluoluyfl.jpg
[2010/02/19 09:47:02 | 001,328,135 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\DSCF1252.jpg
[2010/02/18 08:24:23 | 000,001,615 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\HijackThis.lnk
[2010/02/14 23:14:59 | 000,089,066 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\sofa.JPG
[2010/02/14 23:01:15 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/10 20:01:47 | 000,002,397 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\n-Track Studio.lnk
[2010/02/10 08:26:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/08 23:16:34 | 000,091,826 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\katie snow.jpg
[2010/02/08 23:14:49 | 000,072,157 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\katie sam snow.jpg
[2010/02/07 16:00:26 | 000,143,013 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\6a00d8341cafa853ef00e5507bd65d8834-800wi.gif
[2010/02/06 12:30:27 | 000,000,666 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/06 11:30:23 | 000,362,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/02 11:00:45 | 000,100,692 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\Flash 22_PESKIMO-Random-Banner-start_29thJanuary2010.swf
[2010/02/01 23:03:08 | 000,022,859 | ---- | M] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\downs-baby.jpg
[13 D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\*.tmp files -> D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/02/28 17:37:31 | 000,077,312 | ---- | C] () -- C:\mbr.exe
[2010/02/28 10:32:01 | 000,000,581 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/19 23:22:27 | 000,241,994 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\bnbnbiluoluyfl.jpg
[2010/02/19 09:47:02 | 001,328,135 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\DSCF1252.jpg
[2010/02/18 08:24:23 | 000,001,615 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\HijackThis.lnk
[2010/02/17 20:43:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/02/14 23:14:56 | 000,089,066 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\sofa.JPG
[2010/02/08 23:16:33 | 000,091,826 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\katie snow.jpg
[2010/02/08 23:14:48 | 000,072,157 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\katie sam snow.jpg
[2010/02/07 16:00:25 | 000,143,013 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\6a00d8341cafa853ef00e5507bd65d8834-800wi.gif
[2010/02/02 11:00:43 | 000,100,692 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\Flash 22_PESKIMO-Random-Banner-start_29thJanuary2010.swf
[2010/02/01 23:03:06 | 000,022,859 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Desktop\downs-baby.jpg
[2009/12/04 20:40:34 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Local Settings\Application Data\prvlcl.dat
[2009/10/11 17:23:30 | 000,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/10/10 18:49:48 | 000,000,151 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Local Settings\Application Data\fusioncache.dat
[2009/06/04 18:37:57 | 000,031,862 | ---- | C] () -- C:\WINDOWS\System32\RdCi1005.dll
[2009/05/08 08:38:33 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Application Data\wklnhst.dat
[2009/05/08 08:30:57 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/25 13:51:09 | 000,026,112 | ---- | C] () -- D:\Documents and Settings\Caroline Dexter.049924520170\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/06/10 23:09:35 | 000,010,886 | ---- | C] () -- C:\WINDOWS\System32\RdCi1009.dll
[2007/05/27 23:49:17 | 000,000,030 | ---- | C] () -- C:\WINDOWS\iedit.INI
[2006/10/05 12:30:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/05 12:08:32 | 000,000,514 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2006/10/05 12:04:11 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/10/05 12:02:10 | 000,007,596 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2006/10/05 11:49:28 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/10/05 11:48:02 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/05 11:48:02 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/05 11:47:57 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/05 11:47:49 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/05 11:47:48 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/05 11:47:48 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/05 11:47:33 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/06 14:44:26 | 000,006,740 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/05/03 16:44:32 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\RtlGina2.dll
[2006/01/12 11:23:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/10/18 11:15:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2005/10/18 11:15:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2005/10/18 11:14:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2005/10/18 11:14:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2005/10/18 11:14:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2005/10/18 11:14:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2005/10/18 11:13:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2005/10/18 11:13:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2005/10/18 11:13:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2005/08/05 13:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/06/17 04:41:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/09/10 14:50:43 | 000,000,831 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/09/10 13:57:30 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002/12/31 10:00:00 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2010/02/28 17:35:28 | 000,077,312 | ---- | M] () -- C:\mbr.exe
< MD5 for: AGP440.SYS >[2004/08/10 13:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/10 13:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/04/13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\agp440.sys
[2004/08/03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS
< MD5 for: ATAPI.SYS >[2004/08/10 13:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/10 13:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 18:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >[2008/04/14 00:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\eventlog.dll
[2004/08/10 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >[2008/04/14 00:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\netlogon.dll
[2009/02/06 18:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2009/02/06 18:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtUninstallKB968389$\netlogon.dll
< MD5 for: SCECLI.DLL >[2004/08/10 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/14 00:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\scecli.dll
< MD5 for: VIAMRAID.SYS >[2006/05/29 11:03:22 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=FBF18F9F5FB852C2976723587B44F346 -- C:\PNP\MOBO\VIAMRAID.SYS
[2006/05/29 11:03:22 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=FBF18F9F5FB852C2976723587B44F346 -- C:\WINDOWS\system32\drivers\viamraid.sys
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles >[2005/07/26 04:39:44 | 001,267,200 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[2009/12/22 05:35:05 | 000,357,888 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/12/22 05:35:05 | 000,205,312 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[2004/08/10 13:00:00 | 001,392,671 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav >[2004/09/10 14:22:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/09/10 14:22:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/09/10 14:22:08 | 000,851,968 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< End of report >
thanks