OTListIt logfile created on: 3/20/2009 7:58:43 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.7.0     Folder = K:\CleanPuter
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.97 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 63.33% Memory free
3.29 Gb Paging File | 2.68 Gb Available in Paging File | 81.43% Paging File free
Paging file location(s): C:\pagefile.sys 1500 3000;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 85.15 Gb Free Space | 57.13% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 232.88 Gb Total Space | 178.79 Gb Free Space | 76.77% Space Free | Partition Type: NTFS
Drive K: | 3.73 Gb Total Space | 3.63 Gb Free Space | 97.47% Space Free | Partition Type: FAT32
 
Computer Name: EMACHINE
Current User Name: Dave
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
 
[color=orange]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
PRC - C:\Program Files\BinarySense\HDDlife 3\hldasvc.exe (BinarySense, Inc.)
PRC - C:\Program Files\BinarySense\HDDlife 3\hldasvc.exe (BinarySense, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Program Files\PD91Agent.exe (Raxco Software, Inc.)
PRC - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe ()
PRC - C:\Program Files\Shield\shdserv.exe ()
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Program Files\Shield\shieldclnt.exe ()
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Shield\shieldtray.exe ()
PRC - C:\Program Files\COMODO\SafeSurf\cssurf.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ()
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Genie-Soft\GBMPro8\GBMAgent.exe (Genie-soft)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - K:\CleanPuter\OTListIt2.exe (OldTimer Tools)
 
[color=orange]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (AdobeActiveFileMonitor6.0 [Auto | Running]) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (bgsvcgen [Auto | Running]) -- C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (cmdAgent [Auto | Running]) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (getPlus(R) Helper [On_Demand | Stopped]) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (HDDlife HDD Access service [Auto | Running]) -- C:\Program Files\BinarySense\HDDlife 3\hldasvc.exe (BinarySense, Inc.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (McAfee SiteAdvisor Service [Auto | Running]) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (PD91Agent [Auto | Running]) -- C:\Program Files\PD91Agent.exe (Raxco Software, Inc.)
SRV - (PD91Engine [On_Demand | Stopped]) -- C:\Program Files\PD91Engine.exe (Raxco Software, Inc.)
SRV - (ScsiAccess [Auto | Running]) -- C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe ()
SRV - (SHDSERV [Auto | Running]) -- C:\Program Files\Shield\shdserv.exe ()
SRV - (ShieldClientService [Auto | Running]) -- C:\Program Files\Shield\shieldclnt.exe ()
SRV - (StarWindServiceAE [Auto | Running]) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
 
[color=orange]========== Driver Services (SafeList) ==========[/color]
 
DRV - (AnyDVD [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (BANTExt [System | Running]) -- C:\WINDOWS\System32\Drivers\BANTExt.sys ()
DRV - (cdrbsdrv [System | Running]) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (cloverm [System | Running]) -- C:\WINDOWS\System32\drivers\cloverm.sys ()
DRV - (cmdGuard [System | Running]) -- C:\WINDOWS\System32\DRIVERS\cmdguard.sys (COMODO)
DRV - (DefragFS [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\DefragFS.sys (Raxco Software, Inc.)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (ElbyCDIO [System | Running]) -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (HdAudAddService [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\HdAudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows (R) Server 2003 DDK provider)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (nm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NMnt.sys (Microsoft Corporation)
DRV - (pcouffin [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\pcouffin.sys (VSO Software)
DRV - (PD0620VID [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\P0620Vid.sys (Creative Technology Ltd.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SCDEmu [System | Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Shdbus [Boot | Running]) -- C:\WINDOWS\System32\drivers\Shdbus.sys ()
DRV - (Shield [Boot | Running]) -- C:\WINDOWS\System32\drivers\Shield.sys ()
DRV - (Shieldf [Boot | Running]) -- C:\WINDOWS\System32\drivers\Shieldf.sys ()
DRV - (Shieldm [Boot | Running]) -- C:\WINDOWS\System32\drivers\Shieldm.sys ()
DRV - (smbusp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\intelsmb.sys (Intel Corporation)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (usbaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (WimFltr [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\wimfltr.sys (Microsoft Corporation)
 
[color=orange]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=orange]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=orange]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}:1.5.2.35
FF - prefs.js..extensions.enabledItems: {C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}:2.2.48
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.2
FF - prefs.js..extensions.enabledItems: {F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}:2.2008.6.24
FF - prefs.js..extensions.enabledItems: {5B700FEA-FF2A-4746-BB2D-9D26A8EB056D}:1.6.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.1.8
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:5.0.20090122Wb2
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090207
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.5
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.1.2
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2d}:1.2.2
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.28
FF - prefs.js..extensions.enabledItems: sxipper@sxip.com:2.2.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7
FF - prefs.js..google.toolbar.linkdoctor.backup.keyword.URL: "chrome://browser-region/locale/region.properties"
FF - prefs.js..google.toolbar.linkdoctor.backup.keyword.enabled: true
 
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/10/26 12:08:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2009/03/20 15:59:58 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/02/25 18:28:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/11 08:24:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/14 09:59:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/01/28 15:28:57 | 00,000,000 | ---D | M]
 
[2008/10/24 23:08:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Extensions
[2008/10/24 23:08:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/20 16:54:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions
[2008/10/24 23:34:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{1483B687-8B6E-4bca-B85D-3CB02696DFC6}
[2009/03/13 16:23:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/02/13 09:19:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/10/24 23:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2008/10/24 23:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2d}
[2008/10/24 23:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{5a2b4e34-ce62-42e9-a658-06ba4490adf8}
[2008/11/27 11:58:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{5B700FEA-FF2A-4746-BB2D-9D26A8EB056D}
[2009/03/20 16:54:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/02/08 12:53:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2008/11/27 11:15:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/03/04 21:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/10/24 23:34:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}
[2008/12/20 15:04:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2009/01/11 12:06:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/10/24 23:34:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}
[2008/10/24 23:34:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}(2)
[2008/10/24 23:34:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2008/12/28 13:57:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\mozilla\Firefox\Profiles\ks2ajqpl.default\extensions\sxipper@sxip.com
[2009/02/10 09:46:20 | 00,001,792 | ---- | M] () -- C:\Documents and Settings\Dave\Application Data\Mozilla\FireFox\Profiles\ks2ajqpl.default\searchplugins\mse360.xml
[2007/12/23 11:13:36 | 00,001,406 | ---- | M] () -- C:\Documents and Settings\Dave\Application Data\Mozilla\FireFox\Profiles\ks2ajqpl.default\searchplugins\siteadvisor.gif
[2007/12/23 11:13:36 | 00,000,276 | ---- | M] () -- C:\Documents and Settings\Dave\Application Data\Mozilla\FireFox\Profiles\ks2ajqpl.default\searchplugins\siteadvisor.src
[2007/12/18 09:19:16 | 00,002,386 | ---- | M] () -- C:\Documents and Settings\Dave\Application Data\Mozilla\FireFox\Profiles\ks2ajqpl.default\searchplugins\siteadvisor.xml
[2009/03/20 16:54:44 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/11 08:24:04 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/10/26 12:09:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2008/12/03 09:29:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/03/11 08:23:52 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/11 08:23:52 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/11/14 20:28:04 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/11/14 20:28:04 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/11/14 20:28:04 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/14 20:28:04 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/11/14 20:28:04 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/11/14 20:28:04 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/11/14 20:28:04 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
 
O1 HOSTS File: (291715 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	www.eazsolution.com
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 10047 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h File not found
O4 - HKLM..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h ()
O4 - HKLM..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s (COMODO)
O4 - HKLM..\Run: [GBMPro8Agent] "C:\Program Files\Genie-Soft\GBMPro8\GBMAgent.exe" (Genie-soft)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [PD0620 STISvc] RunDLL32.exe P0620Pin.dll,RunDLL32EP 513 (Creative Technology Ltd.)
O4 - HKLM..\Run: [shield] C:\Program Files\Shield\shieldtray.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (Microsoft Corporation)
O4 - HKCU..\Run: [GBMPro8Agent] "C:\Program Files\Genie-Soft\GBMPro8\GBMAgent.exe" (Genie-soft)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O4 - Startup: C:\Documents and Settings\Dave\Start Menu\Programs\Startup\AutorunsDisabled [2009/01/17 17:14:31 | 00,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://www.pcpitstop.com/internet/pcpConnCheck.cab (iCC Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www.ca.com/US/securityadvisor/virusinfo/webscan.cab (WScanCtl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\cssdll32.dll) - C:\WINDOWS\system32\cssdll32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O33 - MountPoints2\{7b30c2fc-ee8b-11dd-9fc1-001111c68d48}\Shell\AutoRun\command - "" = J:\.\Vado\Vado.exe -- File not found
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\system32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
 
[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/03/20 18:13:24 | 00,286,208 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\lpwg4v0e.exe
[2009/03/20 17:57:17 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\Rooter.exe
[2009/03/20 17:56:36 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/03/20 16:50:25 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2009/03/20 16:50:25 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\SpywareBlaster.lnk
[2009/03/20 16:50:25 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/03/20 16:42:19 | 02,869,536 | ---- | C] (Javacool Software LLC                                       ) -- C:\Documents and Settings\Dave\Desktop\spywareblastersetup41.exe
[2009/03/20 16:29:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\Malwarebytes
[2009/03/20 16:29:05 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/20 16:29:05 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/20 16:29:03 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/20 16:29:02 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/20 16:29:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/17 20:10:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Desktop\Temp Stuff
[2009/03/17 20:09:44 | 00,610,304 | ---- | C] (Speed Guide Inc.) -- C:\Documents and Settings\Dave\Desktop\TCPOptimizer.exe
[2009/03/14 20:34:43 | 00,000,909 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\Bitdefender report.rtf
[2009/03/14 19:03:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/03/14 13:27:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Desktop\Adobe_After_Effects_CS3_Portable
[2009/03/11 00:47:24 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2009/03/10 15:38:20 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2009/03/06 20:39:28 | 00,000,000 | ---D | C] -- C:\tmp
[2009/02/28 16:32:45 | 00,041,472 | -HS- | C] () -- C:\Documents and Settings\Dave\Desktop\Thumbs.db
[2009/02/28 12:59:05 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009/02/28 00:52:27 | 00,000,004 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\sysqcl0.dat
[2009/02/28 00:50:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/02/27 23:45:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\theimagingfactory
[2009/02/27 23:42:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\Nik Software
[2009/02/27 19:10:57 | 00,001,115 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\camcorder catalog.rtf
[2009/02/27 16:49:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\My Documents\Xilisoft
[2009/02/27 16:49:10 | 00,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2009/02/27 16:08:12 | 00,000,000 | ---D | C] -- C:\Program Files\Video Snapshots Genius
[2009/02/27 00:09:31 | 73,410,7648 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\TheReader1.avi
[2009/02/27 00:09:31 | 73,315,1232 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\TheReader2.avi
[2009/02/26 19:43:04 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/02/25 20:01:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Local Settings\Application Data\ApplicationHistory
[2009/02/25 20:01:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\FixerLabs
[2009/02/25 20:01:11 | 00,000,000 | ---D | C] -- C:\Program Files\FixerLabs
[2009/02/25 19:59:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2009/02/25 18:27:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/02/25 18:27:35 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/02/25 18:27:22 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/02/25 18:18:57 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/02/25 18:18:57 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/02/25 18:18:57 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/02/25 18:18:57 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/02/25 18:18:57 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/02/25 18:18:57 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/02/25 18:18:57 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/02/25 17:39:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\My Documents\Comic Life
[2009/02/25 17:38:46 | 00,000,004 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\sysqcl1129139270.dat
[2009/02/25 17:36:04 | 00,000,000 | ---D | C] -- C:\Program Files\plasq
[2009/02/25 17:34:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\My Documents\Website Layout Maker
[2009/02/25 17:26:33 | 00,000,145 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2009/02/25 16:16:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\Ashampoo
[2009/02/25 16:14:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Local Settings\Application Data\ashampoo
[2009/02/25 16:14:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2009/02/25 16:14:29 | 00,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2009/02/25 15:28:21 | 08,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2009/02/25 00:12:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Genie-Soft
[2009/02/25 00:07:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\Genie-soft
[2009/02/25 00:04:12 | 00,128,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WimFltr.sys
[2009/02/25 00:04:09 | 00,000,000 | ---D | C] -- C:\Program Files\Genie-Soft
[2009/02/24 21:05:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\LEAPS
[2009/02/24 21:05:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\My Documents\TMPGEnc DVD Author 3
[2009/02/24 21:02:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\Pegasys Inc
[2009/02/24 20:57:36 | 00,145,504 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
[2009/02/24 20:57:36 | 00,059,488 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\GenSvcInst.exe
[2009/02/24 20:57:36 | 00,033,408 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS
[2009/02/24 20:57:02 | 00,000,000 | ---D | C] -- C:\Program Files\Pegasys Inc
[2009/02/23 23:49:56 | 73,014,0672 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\tlcoap.avi
[2009/02/23 23:06:37 | 70,434,8418 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\No_Country_For_Old_Men.avi
[2009/02/23 23:05:34 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\viewtopic.php
[2009/02/23 16:42:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2009/02/22 17:36:07 | 00,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.8.64739.471_XP_Vista_x32.INI
[2009/02/22 17:03:24 | 00,155,384 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2009/02/22 17:03:24 | 00,110,992 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2009/02/22 17:03:24 | 00,080,400 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2009/02/22 17:03:24 | 00,024,336 | ---- | C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2009/02/22 16:02:20 | 00,477,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\cloverm.sys
[2009/02/22 16:02:20 | 00,105,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\Shield.sys
[2009/02/22 16:02:20 | 00,030,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Shieldm.sys
[2009/02/22 16:02:20 | 00,022,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\Shieldf.sys
[2009/02/22 16:02:20 | 00,007,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\Shdbus.sys
[2009/02/22 16:01:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\configfix
[2009/02/22 16:01:03 | 00,000,000 | ---D | C] -- C:\Program Files\Shield
[2009/02/22 15:06:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVSVideoBurner
[2009/02/22 14:19:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\AVS4YOU
[2009/02/22 14:19:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2009/02/22 14:16:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2009/02/22 14:16:05 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp70.dll
[2009/02/22 14:16:04 | 01,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2009/02/22 14:16:04 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2009/02/22 14:16:04 | 00,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2009/02/21 19:34:12 | 00,002,608 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\Greg.nri
[2009/02/21 17:14:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\My Documents\AnyDVDHD
[2009/02/21 13:02:39 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009/02/21 13:01:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\DeskSoft
[2009/02/21 11:18:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2009/02/21 11:18:30 | 00,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/02/20 22:16:01 | 00,000,000 | ---D | C] -- C:\Program Files\SlySoft
[2009/02/20 22:14:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dave\My Documents\AnyDVD.v6.3.1.7-RES-FULL
[2009/02/20 18:57:47 | 73,084,5184 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\iousa.avi
[2009/02/20 15:56:44 | 00,000,062 | ---- | C] () -- C:\WINDOWS\System32\Days5.ini
[2009/02/20 15:50:25 | 00,000,000 | ---D | C] -- C:\Program Files\Picture Resize Genius
[2009/02/20 15:26:30 | 02,881,985 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\AnyDVD.v6.3.1.7-RES-FULL.rar
[2009/02/19 20:25:41 | 73,249,3824 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\Transsiberian.avi
 
[color=orange]========== Files - Modified Within 30 Days ==========[/color]
 
[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/03/20 18:13:40 | 00,286,208 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\lpwg4v0e.exe
[2009/03/20 17:51:14 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/20 17:51:10 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/20 16:50:25 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\SpywareBlaster.lnk
[2009/03/20 16:47:17 | 02,869,536 | ---- | M] (Javacool Software LLC                                       ) -- C:\Documents and Settings\Dave\Desktop\spywareblastersetup41.exe
[2009/03/20 16:29:05 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/20 16:00:15 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/20 14:19:04 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\Rooter.exe
[2009/03/17 20:10:00 | 00,610,304 | ---- | M] (Speed Guide Inc.) -- C:\Documents and Settings\Dave\Desktop\TCPOptimizer.exe
[2009/03/17 08:52:20 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/16 13:58:47 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/14 20:34:43 | 00,000,909 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\Bitdefender report.rtf
[2009/03/14 13:37:23 | 00,073,728 | ---- | M] () -- C:\Documents and Settings\Dave\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/11 08:23:21 | 00,251,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 00:47:51 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/08 11:15:34 | 00,000,576 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\My Sharing Folders.lnk
[2009/03/08 10:51:26 | 00,522,430 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/08 10:51:26 | 00,441,652 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/08 10:51:26 | 00,071,526 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/06 15:02:43 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/06 10:19:55 | 00,155,384 | ---- | M] () -- C:\WINDOWS\System32\guard32.dll
[2009/03/06 09:18:49 | 00,080,400 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2009/03/06 09:18:41 | 00,110,992 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2009/02/28 16:32:46 | 00,041,472 | -HS- | M] () -- C:\Documents and Settings\Dave\Desktop\Thumbs.db
[2009/02/28 00:52:27 | 00,000,004 | RHS- | M] () -- C:\Documents and Settings\All Users\Application Data\sysqcl0.dat
[2009/02/27 20:35:05 | 00,001,115 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\camcorder catalog.rtf
[2009/02/27 16:10:39 | 00,000,062 | ---- | M] () -- C:\WINDOWS\System32\Days5.ini
[2009/02/27 05:09:29 | 73,410,7648 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\TheReader1.avi
[2009/02/27 05:05:38 | 73,315,1232 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\TheReader2.avi
[2009/02/25 20:01:46 | 00,036,200 | ---- | M] () -- C:\Documents and Settings\Dave\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/02/25 17:38:46 | 00,000,004 | RHS- | M] () -- C:\Documents and Settings\All Users\Application Data\sysqcl1129139270.dat
[2009/02/25 17:26:33 | 00,000,145 | ---- | M] () -- C:\WINDOWS\cavscan.INI
[2009/02/25 12:55:00 | 24,768,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/02/24 20:56:46 | 00,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
[2009/02/24 20:56:46 | 00,059,488 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\GenSvcInst.exe
[2009/02/24 20:56:46 | 00,033,408 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS
[2009/02/24 02:57:22 | 73,014,0672 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\tlcoap.avi
[2009/02/24 02:26:21 | 70,434,8418 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\No_Country_For_Old_Men.avi
[2009/02/23 23:05:34 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\viewtopic.php
[2009/02/22 18:54:36 | 00,291,715 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/02/22 18:01:32 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/02/22 17:36:07 | 00,000,120 | ---- | M] () -- C:\WINDOWS\CIS_Setup_3.8.64739.471_XP_Vista_x32.INI
[2009/02/22 17:04:58 | 00,253,688 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cssdll32.dll
[2009/02/22 17:03:18 | 00,024,336 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2009/02/22 16:57:01 | 00,000,040 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/02/21 19:34:12 | 00,002,608 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\Greg.nri
[2009/02/21 13:02:39 | 00,010,752 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009/02/20 20:49:54 | 73,084,5184 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\iousa.avi
[2009/02/20 15:27:08 | 02,881,985 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\AnyDVD.v6.3.1.7-RES-FULL.rar
[2009/02/19 22:54:00 | 73,249,3824 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\Transsiberian.avi
 
[color=orange]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 170 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BE9FEFC
< End of report >