OTL logfile created on: 12/1/2009 6:24:54 PM - Run 2 OTL by OldTimer - Version 3.1.10.1 Folder = C:\Documents and Settings\Admin\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.53% Memory free 2.60 Gb Paging File | 2.01 Gb Available in Paging File | 77.13% Paging File free Paging file location(s): c:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 52.14 Gb Total Space | 1.16 Gb Free Space | 2.22% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 976.13 Mb Total Space | 47.05 Mb Free Space | 4.82% Space Free | Partition Type: FAT H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NB6000 Current User Name: Admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009/11/26 08:03:48 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe PRC - [2009/11/26 08:03:48 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe PRC - [2009/11/26 08:03:45 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe PRC - [2009/11/26 08:03:39 | 04,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgui.exe PRC - [2009/11/26 08:03:38 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe PRC - [2009/11/26 08:03:35 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe PRC - [2009/11/25 18:30:12 | 00,531,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe PRC - [2009/11/25 18:20:56 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Admin\Desktop\SysRestorePoint.exe PRC - [2009/11/19 22:57:36 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe PRC - [2009/10/01 16:03:14 | 01,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008/01/11 19:54:31 | 00,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe PRC - [2007/11/22 13:55:52 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe PRC - [2007/11/14 21:46:00 | 00,131,072 | ---- | M] (Brio) -- C:\Program Files\FolderSize\FolderSizeSvc.exe PRC - [2007/11/13 16:46:00 | 00,135,168 | ---- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe PRC - [2007/09/25 01:11:35 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe PRC - [2007/05/01 09:15:04 | 00,157,264 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe PRC - [2007/03/13 14:39:26 | 00,637,272 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE PRC - [2006/02/19 01:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe PRC - [2005/08/03 23:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2005/08/03 23:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2005/07/07 23:55:00 | 00,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe PRC - [2005/03/03 23:29:02 | 00,356,352 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe PRC - [2004/12/06 01:05:00 | 00,127,035 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfswctrl.exe PRC - [2004/10/30 14:59:54 | 00,385,024 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2004/09/13 16:33:20 | 00,155,648 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe PRC - [2004/09/07 16:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe PRC - [2004/09/07 16:08:02 | 00,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2004/09/07 16:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe PRC - [2004/09/07 16:03:40 | 00,245,760 | ---- | M] (Intel) -- C:\Program Files\Intel\Wireless\Bin\1XConfig.exe PRC - [2004/09/07 16:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe PRC - [2004/09/07 16:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2004/08/19 14:40:08 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe PRC - [2004/08/04 05:00:00 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004/08/04 05:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2004/08/04 05:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dwwin.exe PRC - [2004/08/04 05:00:00 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\taskmgr.exe PRC - [2004/04/11 20:15:14 | 00,290,816 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\Media Experience\PCMService.exe PRC - [2003/12/22 08:38:42 | 00,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe PRC - [2003/06/18 09:54:10 | 00,294,972 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe PRC - [2003/02/04 08:22:30 | 00,181,312 | ---- | M] () -- C:\WINDOWS\system32\ScsiAccess.EXE [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009/11/25 18:30:12 | 00,531,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2004/08/04 05:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004/08/04 05:00:00 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mslbui.dll MOD - [2004/08/04 05:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found -- -- (TabletService) SRV - File not found -- -- (Symantec Core LC) SRV - File not found -- -- (MDM) SRV - File not found -- -- (LicCtrlService) SRV - File not found -- -- (AOL ACS) SRV - [2009/11/26 08:03:35 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2009/10/01 16:03:14 | 01,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe -- (a2free) SRV - [2008/11/22 06:08:11 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2008/10/01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2007/11/22 13:55:52 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2007/11/14 21:46:00 | 00,131,072 | ---- | M] (Brio) -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize) SRV - [2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2007/05/01 09:15:04 | 00,157,264 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe -- (Stuffit Archive Name Service) SRV - [2007/03/20 16:41:24 | 00,153,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3) SRV - [2007/03/07 14:47:46 | 00,076,848 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService) SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc) SRV - [2006/08/18 21:25:18 | 00,068,096 | ---- | M] () -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service) SRV - [2006/08/07 20:10:44 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service) SRV - [2006/01/05 00:06:02 | 00,163,840 | ---- | M] (Alex Feinman) -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe -- (Imapi Helper) SRV - [2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2005/10/14 05:51:45 | 28,768,528 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) SRV - [2005/10/14 05:51:12 | 00,239,320 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2005/10/14 05:50:19 | 00,045,272 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2005/10/14 03:53:50 | 00,087,768 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2005/08/03 23:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2005/03/03 23:29:02 | 00,356,352 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe -- (NICCONFIGSVC) SRV - [2005/01/28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf) SRV - [2004/09/07 16:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) SRV - [2004/09/07 16:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) SRV - [2004/09/07 16:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) SRV - [2004/09/07 16:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) SRV - [2004/08/10 13:01:15 | 00,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv32.dll -- (TermService) SRV - [2004/08/04 05:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2004/03/18 16:55:48 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003/06/18 09:54:10 | 00,294,972 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS) SRV - [2003/02/04 08:22:30 | 00,181,312 | ---- | M] () -- C:\WINDOWS\system32\ScsiAccess.EXE -- (ScsiAccess) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://shop.ebay.com/items/_W0QQ_dmptZUSQ5fSoftware?_nkw=corel+library&_sacat=0&_fromfsb=&_trksid=m270.l1313&_odkw=corel+gallery&_osacat=0 IE - HKCU\..\URLSearchHook: {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NetZero\SearchEnh1.dll (NetZero, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;localhost FF - HKLM\software\mozilla\Netscape Browser 8.1.2.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2008/10/04 19:44:55 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Netscape Browser 8.1.2.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2009/12/01 16:19:49 | 00,000,000 | ---D | M] O1 HOSTS File: (736 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - {86BE1CDA-4F72-4c2f-9526-8E6A22DF46ED} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (ZeroBar) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll (NetZero, Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (ZeroBar) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll (NetZero, Inc.) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions) O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP) O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\Media Experience\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [DellTransferAgent] C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe ( ) O4 - HKLM..\RunOnceEx: [] File not found O4 - Startup: C:\Documents and Settings\Admin\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0 O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.) O9 - Extra Button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - Reg Error: Key error. File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6) O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-3-36.cab (EPUImageControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx (Get_ActiveX Control) O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} http://www.trendsecure.com/easy_install/_activex/en-US/TSEasyInstallX.CAB (TSEasyInstallX Control) O16 - DPF: {BA83FD38-CE14-4DA3-BEF5-96050D55F78A} http://www.flipviewer.com/exe/fv410.cab (FViewerLoading Class) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab (DownloadManager Control) O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/10 13:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1571742e-f463-11dc-b536-000000000000}\Shell - "" = AutoRun O33 - MountPoints2\{1571742e-f463-11dc-b536-000000000000}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{1571742e-f463-11dc-b536-000000000000}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\{1a989424-48b8-11da-8cbc-00038a000015}\Shell\AutoRun\command - "" = E:\SafeGuard\Windows\SafeGuard20.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation) O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/11/26 21:55:36 | 00,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: helpsvc - C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (16892114965102592) [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2009/12/01 15:31:37 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Admin\Desktop\RootRepeal.exe [2009/12/01 15:27:21 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Admin\Desktop\erunt_setup.exe [2009/12/01 15:25:08 | 00,531,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe [2009/12/01 15:24:28 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Admin\Desktop\SysRestorePoint.exe [2009/12/01 14:29:01 | 00,341,504 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\TFC.exe [2009/11/30 20:06:58 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent [2009/11/30 16:26:17 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2009/11/30 16:26:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2009/11/30 09:20:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} [2009/11/29 21:07:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\YA - Components [2009/11/28 21:48:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\YA Resources [2009/11/27 23:19:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\YA Programs [2009/11/27 21:28:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\VM Clients [2009/11/27 21:16:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\VM [2009/11/27 20:08:03 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Admin\PrivacIE [2009/11/27 18:56:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\Security Software Links [2009/11/27 18:46:20 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Admin\IETldCache [2009/11/27 17:58:20 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2009/11/26 22:11:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2009/11/26 22:01:22 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2009/11/26 22:01:22 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2009/11/26 22:01:21 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2009/11/26 21:59:39 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2009/11/26 21:59:39 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2009/11/26 21:59:39 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2009/11/26 21:59:09 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2009/11/26 14:56:42 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2009/11/26 14:56:42 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll [2009/11/26 13:16:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\setup.pss [2009/11/26 12:26:21 | 00,000,000 | ---D | C] -- C:\email [2009/11/26 07:23:36 | 00,000,000 | ---D | C] -- C:\3f6a39976af7e70c5bf66c662caec9d2 [2009/11/25 19:45:31 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT [2009/11/23 21:30:41 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2009/11/23 20:18:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan [2009/11/23 13:42:42 | 00,000,000 | ---D | C] -- C:\Program Files\RAR Password Cracker [2009/11/23 13:42:42 | 00,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2009/11/23 13:30:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg [2009/11/22 09:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Free [2009/11/22 09:54:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\a-squared Free [2009/11/22 09:42:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\SUPERAntiSpyware.com [2009/11/22 09:42:35 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2009/11/22 09:35:09 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Cannot Find Fix Wizard [2009/11/19 22:58:41 | 00,000,000 | -H-D | C] -- C:\$AVG [2009/11/19 22:57:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9 [2009/11/19 22:55:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2006/02/19 02:28:56 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2009/12/01 16:20:02 | 00,000,342 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job [2009/12/01 15:28:50 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\NTREGOPT.lnk [2009/12/01 15:28:50 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\ERUNT.lnk [2009/12/01 15:08:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/12/01 15:08:06 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/12/01 15:08:03 | 21,468,93824 | -HS- | M] () -- C:\hiberfil.sys [2009/12/01 15:06:40 | 15,699,968 | ---- | M] () -- C:\Documents and Settings\Admin\ntuser.dat [2009/12/01 15:06:26 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini [2009/12/01 14:02:28 | 03,574,016 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\ComboFix.exe [2009/12/01 13:55:44 | 00,262,656 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\rkill.com [2009/12/01 13:44:04 | 00,341,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\TFC.exe [2009/12/01 13:10:00 | 00,000,334 | ---- | M] () -- C:\WINDOWS\tasks\WebReg Photosmart D5100 series.job [2009/12/01 11:07:24 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009/12/01 11:05:18 | 45,983,486 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009/11/30 20:44:57 | 80,530,6368 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2009/11/30 20:35:12 | 00,009,830 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\exefix.reg [2009/11/30 20:12:29 | 00,002,025 | ---- | M] () -- C:\WINDOWS\wincmd.ini [2009/11/30 18:28:40 | 00,106,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009/11/30 16:44:14 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009/11/30 09:13:17 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/11/29 21:05:21 | 00,066,548 | ---- | M] () -- C:\WINDOWS\Soap Bubbles.bmp [2009/11/29 21:05:21 | 00,017,632 | ---- | M] () -- C:\WINDOWS\Coffee Bean.bmp [2009/11/29 21:05:21 | 00,000,560 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Global.sw [2009/11/29 08:55:50 | 00,494,388 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009/11/29 08:55:50 | 00,091,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009/11/29 08:55:49 | 00,593,086 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/11/29 08:53:45 | 00,000,636 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2009/11/29 08:52:07 | 00,001,066 | ---- | M] () -- C:\WINDOWS\win.ini [2009/11/27 14:04:14 | 01,737,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/11/27 13:39:13 | 00,002,596 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.PNF [2009/11/27 13:12:31 | 00,132,112 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/11/26 22:43:50 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak [2009/11/26 22:09:24 | 00,030,158 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2009/11/26 21:56:26 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2009/11/26 21:56:24 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2009/11/26 21:56:24 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2009/11/26 21:56:05 | 00,004,327 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2009/11/26 21:54:44 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2009/11/26 21:54:43 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009/11/26 21:54:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2009/11/26 21:54:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2009/11/26 21:54:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2009/11/26 21:54:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2009/11/26 21:54:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2009/11/26 21:54:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2009/11/26 21:53:24 | 00,023,428 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2009/11/26 21:51:56 | 00,001,066 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf [2009/11/26 21:50:39 | 00,000,211 | -HS- | M] () -- C:\boot.ini [2009/11/26 21:49:03 | 00,004,128 | ---- | M] () -- C:\INFCACHE.1 [2009/11/26 21:35:12 | 00,000,299 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.INI [2009/11/26 21:35:12 | 00,000,034 | ---- | M] () -- C:\WINDOWS\System\oeminfo.ini [2009/11/26 21:35:04 | 00,000,503 | ---- | M] () -- C:\WINDOWS\system.ini [2009/11/26 14:29:39 | 00,072,627 | ---- | M] () -- C:\WINDOWS\setupapi.old [2009/11/26 08:04:05 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2009/11/26 08:03:55 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg [2009/11/26 08:03:55 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2009/11/26 07:07:35 | 00,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009/11/25 21:07:28 | 00,000,251 | ---- | M] () -- C:\WINDOWS\System32\tablet.dat [2009/11/25 21:07:04 | 00,000,809 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys [2009/11/25 20:50:56 | 00,000,933 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini [2009/11/25 18:30:12 | 00,531,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe [2009/11/25 18:29:00 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Admin\Desktop\RootRepeal.exe [2009/11/25 18:21:30 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Admin\Desktop\erunt_setup.exe [2009/11/25 18:20:56 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Admin\Desktop\SysRestorePoint.exe [2009/11/19 22:57:55 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2009/11/19 22:57:54 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2009/11/19 22:57:52 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2009/11/19 22:57:52 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2009/11/17 23:12:18 | 00,296,448 | ---- | M] () -- C:\WINDOWS\Xenofex.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009/12/01 15:28:50 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\NTREGOPT.lnk [2009/12/01 15:28:50 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\ERUNT.lnk [2009/12/01 14:28:56 | 00,262,656 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\rkill.com [2009/12/01 14:28:52 | 03,574,016 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\ComboFix.exe [2009/12/01 10:57:49 | 21,468,93824 | -HS- | C] () -- C:\hiberfil.sys [2009/11/30 20:57:13 | 00,009,830 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\exefix.reg [2009/11/30 16:35:00 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009/11/29 12:29:33 | 15,699,968 | ---- | C] () -- C:\Documents and Settings\Admin\ntuser.dat [2009/11/26 22:43:51 | 00,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak [2009/11/26 21:59:44 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2009/11/26 21:59:08 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2009/11/26 21:59:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2009/11/26 21:59:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2009/11/26 21:59:07 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2009/11/26 21:59:06 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2009/11/26 21:59:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2009/11/26 21:59:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2009/11/26 21:59:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2009/11/26 21:59:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2009/11/26 21:59:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2009/11/26 21:59:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2009/11/26 21:59:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2009/11/26 21:59:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2009/11/26 21:59:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2009/11/26 21:59:05 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2009/11/26 21:59:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2009/11/26 21:59:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2009/11/26 21:59:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2009/11/26 21:59:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2009/11/26 21:59:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2009/11/26 21:59:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2009/11/26 21:59:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2009/11/26 21:59:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2009/11/26 21:59:04 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2009/11/26 21:59:03 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2009/11/26 21:59:03 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2009/11/26 21:59:03 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2009/11/26 21:59:03 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2009/11/26 21:59:03 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2009/11/26 21:59:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2009/11/26 21:59:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2009/11/26 21:59:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2009/11/26 21:59:03 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2009/11/26 21:59:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2009/11/26 21:59:02 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2009/11/26 21:59:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2009/11/26 21:59:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2009/11/26 21:59:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2009/11/26 21:59:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2009/11/26 21:59:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2009/11/26 21:59:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2009/11/26 21:59:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2009/11/26 21:59:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2009/11/26 21:59:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2009/11/26 21:59:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2009/11/26 21:59:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2009/11/26 21:59:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2009/11/26 21:54:43 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009/11/26 21:54:32 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2009/11/26 21:54:32 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2009/11/26 21:54:32 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2009/11/26 21:54:32 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2009/11/26 14:57:21 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2009/11/26 14:57:13 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2009/11/26 14:57:04 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP [2009/11/26 14:57:04 | 00,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP [2009/11/26 13:46:52 | 00,000,034 | ---- | C] () -- C:\WINDOWS\System\oeminfo.ini [2009/11/26 09:40:34 | 80,530,6368 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2009/11/26 08:04:05 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2009/11/26 08:03:55 | 45,983,486 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2009/11/26 08:03:55 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg [2009/11/26 08:03:55 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2009/11/26 08:03:55 | 00,106,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2009/09/07 12:15:47 | 00,020,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\T09F8 [2009/08/22 12:58:05 | 00,000,179 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI [2009/07/26 21:56:44 | 00,000,042 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\mainhst.zgh [2009/07/11 14:25:07 | 00,000,282 | ---- | C] () -- C:\WINDOWS\Zipghost.ini [2009/06/06 18:01:10 | 09,838,080 | ---- | C] () -- C:\WINDOWS\System32\tlidenoise30.dll [2009/05/07 12:24:38 | 00,044,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\SEQCAL.SYS [2009/05/07 12:24:20 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\Mplps.dll [2009/05/07 12:06:26 | 00,887,296 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll [2009/05/07 12:06:26 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll [2009/05/07 12:06:10 | 00,233,557 | ---- | C] () -- C:\WINDOWS\System32\esint54.dll [2009/05/07 11:51:47 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2009/05/07 11:47:57 | 00,000,044 | ---- | C] () -- C:\WINDOWS\PERFV700SERIES.ini [2009/05/04 12:44:08 | 04,478,976 | ---- | C] () -- C:\WINDOWS\System32\tliclean20.dll [2009/04/23 10:08:50 | 04,695,552 | ---- | C] () -- C:\WINDOWS\System32\tlisimplify20.dll [2009/04/01 14:33:34 | 07,262,208 | ---- | C] () -- C:\WINDOWS\System32\tliadjust31.dll [2009/03/01 20:56:16 | 00,000,202 | ---- | C] () -- C:\WINDOWS\NetViewer.INI [2009/02/21 06:33:17 | 00,000,011 | ---- | C] () -- C:\WINDOWS\3DShadow.INI [2008/12/16 11:37:52 | 09,069,056 | ---- | C] () -- C:\WINDOWS\System32\tlidenoise22.dll [2008/12/10 13:41:20 | 01,695,744 | ---- | C] () -- C:\WINDOWS\System32\tlidenoise22_dll.dll [2008/12/05 12:23:19 | 00,905,290 | R--- | C] () -- C:\WINDOWS\System32\libmmd.dll [2008/09/30 12:27:33 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\LrxYV12.dll [2008/09/30 12:27:32 | 00,831,488 | ---- | C] () -- C:\WINDOWS\System32\AxMJPGDec.dll [2008/09/30 12:27:29 | 00,143,398 | ---- | C] () -- C:\WINDOWS\System32\TelenorCom.dll [2008/09/30 12:27:29 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\TJPEGCodec.dll [2008/07/04 19:16:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iwlufklg.dll [2008/04/12 08:42:55 | 00,008,981 | ---- | C] () -- C:\Program Files\INSTALL.LOG [2008/04/12 08:42:47 | 00,890,953 | ---- | C] () -- C:\WINDOWS\HSC_sq4.ini [2008/03/23 10:32:32 | 00,000,809 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys [2008/03/23 10:32:31 | 00,043,520 | ---- | C] () -- C:\WINDOWS\mmfs.dll [2007/12/05 13:37:55 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2007/12/05 13:37:54 | 00,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2007/12/05 13:37:52 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2007/12/05 11:48:44 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2007/12/05 11:48:44 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2007/11/23 12:03:34 | 00,000,026 | ---- | C] () -- C:\WINDOWS\ExplorerXP.INI [2007/11/22 14:45:59 | 02,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll [2007/11/17 11:12:47 | 00,000,324 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\AdobeDLM.log [2007/11/17 11:12:42 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\dm.ini [2007/08/04 22:29:33 | 00,373,248 | ---- | C] () -- C:\WINDOWS\EyeCand3.INI [2007/08/04 14:43:45 | 00,000,738 | ---- | C] () -- C:\WINDOWS\XMLEditor4.INI [2007/08/03 23:51:14 | 00,000,029 | ---- | C] () -- C:\WINDOWS\System32\vfolx32n.dll [2007/07/06 08:24:33 | 00,000,247 | ---- | C] () -- C:\WINDOWS\ULead.ini [2007/06/29 07:21:51 | 00,105,648 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\GDIPFONTCACHEV1.DAT [2007/06/19 09:02:17 | 00,001,617 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\.akvis_coloriage.settings [2007/05/13 15:06:24 | 00,001,871 | ---- | C] () -- C:\WINDOWS\Settings.ini [2007/05/13 15:05:16 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\MSFilter.dll [2007/04/04 18:41:35 | 00,000,034 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2007/03/27 18:29:12 | 00,000,824 | ---- | C] () -- C:\WINDOWS\GraphicsDesk.INI [2007/03/21 18:13:48 | 00,000,067 | ---- | C] () -- C:\WINDOWS\POSTER.INI [2007/03/21 16:44:19 | 00,890,953 | ---- | C] () -- C:\WINDOWS\HSCacr15.ini [2007/03/20 20:07:24 | 00,001,714 | ---- | C] () -- C:\WINDOWS\jxqx_srb64.ini [2007/03/17 10:58:49 | 00,000,230 | ---- | C] () -- C:\WINDOWS\pmontage.ini [2007/03/17 10:58:48 | 00,001,404 | ---- | C] () -- C:\WINDOWS\pi2000.ini [2007/03/11 21:58:48 | 00,000,137 | ---- | C] () -- C:\WINDOWS\CDFACE32.INI [2007/03/11 16:41:48 | 00,061,678 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PFP120JPR.{PB [2007/03/11 16:41:48 | 00,012,358 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PFP120JCM.{PB [2007/03/11 16:39:35 | 00,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2007/03/11 16:39:35 | 00,000,056 | RHS- | C] () -- C:\WINDOWS\System32\C7A9DBC912.sys [2007/03/01 20:19:09 | 04,870,144 | R--- | C] () -- C:\WINDOWS\System32\qt-mt333.dll [2007/02/18 15:46:07 | 00,000,255 | ---- | C] () -- C:\WINDOWS\AVPuzzlePro12.ini [2007/02/18 15:44:49 | 00,296,448 | ---- | C] () -- C:\WINDOWS\Xenofex.ini [2007/02/05 21:47:03 | 00,002,175 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2006/12/27 08:28:55 | 00,000,481 | ---- | C] () -- C:\WINDOWS\BROWSER.INI [2006/12/16 08:33:35 | 00,086,304 | ---- | C] () -- C:\WINDOWS\RHVIDEO.DLL [2006/12/06 12:25:15 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\lffpx90n.dll [2006/11/16 20:03:40 | 00,002,044 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log [2006/10/29 11:11:10 | 04,694,016 | ---- | C] () -- C:\WINDOWS\System32\qt-mt336.dll [2006/10/17 07:24:52 | 00,108,032 | ---- | C] () -- C:\WINDOWS\System32\sh33w32.dll [2006/08/13 23:12:33 | 00,268,226 | ---- | C] () -- C:\Program Files\setuplog.txt [2006/08/10 23:43:49 | 00,000,264 | ---- | C] () -- C:\WINDOWS\System32\winsusrm.dll [2006/08/10 23:43:49 | 00,000,120 | ---- | C] () -- C:\WINDOWS\System32\winsusrx.dll [2006/07/20 20:26:48 | 00,000,073 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini [2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/06/29 13:32:34 | 00,000,073 | ---- | C] () -- C:\WINDOWS\SCapPro.INI [2006/06/29 13:30:35 | 00,000,037 | ---- | C] () -- C:\WINDOWS\systemex.ini [2006/06/05 15:07:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\dzwrapper.dll [2006/06/05 15:06:34 | 05,935,104 | ---- | C] () -- C:\WINDOWS\System32\dzcore.dll [2006/05/19 14:39:08 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\flvprop.dll [2006/05/19 14:39:08 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\flvsplit.dll [2006/05/19 14:39:04 | 00,385,024 | ---- | C] () -- C:\WINDOWS\System32\flvdecvp6.dll [2006/05/16 01:25:43 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2006/05/12 09:49:37 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\TabUnst.dll [2006/05/12 09:49:37 | 00,015,744 | ---- | C] () -- C:\WINDOWS\System32\wintab.dll [2006/05/12 09:48:29 | 00,013,408 | ---- | C] () -- C:\WINDOWS\System32\tabinst.dll [2006/05/12 09:48:29 | 00,004,032 | ---- | C] () -- C:\WINDOWS\System32\tabins16.dll [2006/05/11 14:39:02 | 01,445,888 | ---- | C] () -- C:\WINDOWS\System32\daz-qsa.dll [2006/04/28 14:37:12 | 05,910,528 | ---- | C] () -- C:\WINDOWS\System32\daz-qt-mt.dll [2006/04/19 15:30:35 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006/03/04 15:57:17 | 00,000,563 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2006/03/04 15:44:32 | 00,002,722 | ---- | C] () -- C:\WINDOWS\DevMgr.ini [2006/03/04 08:42:31 | 00,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI [2006/01/22 14:36:28 | 00,000,933 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2005/12/15 20:30:42 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\fusioncache.dat [2005/12/06 14:41:02 | 00,002,025 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2005/10/15 19:03:33 | 00,000,540 | ---- | C] () -- C:\WINDOWS\pcdlab.ini [2005/10/15 18:36:06 | 00,000,144 | ---- | C] () -- C:\WINDOWS\INDEO.INI [2005/10/15 18:34:12 | 00,132,112 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2005/09/08 09:54:46 | 00,018,511 | ---- | C] () -- C:\WINDOWS\System32\drivers\nipplpt.sys [2005/09/02 18:05:29 | 00,000,734 | ---- | C] () -- C:\WINDOWS\ahd3.ini [2005/08/25 20:04:12 | 00,000,636 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005/08/23 20:29:14 | 00,096,256 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005/08/18 19:52:45 | 00,000,299 | ---- | C] () -- C:\WINDOWS\PRELUDE.INI [2005/08/01 14:43:21 | 03,621,802 | -H-- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\IconCache.db [2005/07/27 12:08:48 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005/07/27 11:56:57 | 00,000,136 | ---- | C] () -- C:\WINDOWS\wininit.ini [2005/07/27 11:47:28 | 00,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare [2005/07/27 11:23:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll [2005/07/27 11:21:56 | 00,000,299 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005/02/23 10:19:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004/08/12 08:44:10 | 00,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll [2004/08/10 13:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/10 13:04:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2004/08/10 13:02:05 | 00,000,057 | ---- | C] () -- C:\WINDOWS\vb.ini [2004/08/10 13:02:05 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2004/08/10 13:01:18 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2004/08/10 13:01:18 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2004/08/10 13:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2004/08/10 12:57:53 | 00,593,086 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2004/08/10 12:57:52 | 00,004,327 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004/08/10 12:57:41 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini [2004/08/10 12:51:28 | 00,001,066 | ---- | C] () -- C:\WINDOWS\win.ini [2004/08/10 12:51:26 | 00,000,503 | ---- | C] () -- C:\WINDOWS\system.ini [2004/08/04 05:00:00 | 01,287,680 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll [2004/08/04 05:00:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2004/08/04 05:00:00 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2004/08/04 05:00:00 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll [2004/08/04 05:00:00 | 00,498,205 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll [2004/08/04 05:00:00 | 00,385,024 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll [2004/08/04 05:00:00 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll [2004/08/04 05:00:00 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2004/08/04 05:00:00 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll [2004/08/04 05:00:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2004/08/04 05:00:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll [2004/08/04 05:00:00 | 00,186,368 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2004/08/04 05:00:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2004/08/04 05:00:00 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2004/08/04 05:00:00 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll [2004/08/04 05:00:00 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2004/08/04 05:00:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2004/08/04 05:00:00 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2004/08/04 05:00:00 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2004/08/04 05:00:00 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2004/08/04 05:00:00 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll [2004/08/04 05:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2004/08/04 05:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2004/08/04 05:00:00 | 00,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2004/08/04 05:00:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2004/08/04 05:00:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2004/08/04 05:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2004/08/04 05:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2004/08/04 05:00:00 | 00,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2004/08/04 05:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004/08/04 05:00:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2004/08/04 05:00:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2004/08/04 05:00:00 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2004/08/04 05:00:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2004/08/04 05:00:00 | 00,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2004/08/04 05:00:00 | 00,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2004/08/04 05:00:00 | 00,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2004/08/04 05:00:00 | 00,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2004/08/04 05:00:00 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll [2004/08/04 05:00:00 | 00,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2004/08/04 05:00:00 | 00,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2004/08/04 05:00:00 | 00,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2004/08/04 05:00:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2004/08/04 05:00:00 | 00,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2004/08/04 05:00:00 | 00,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2004/02/11 12:22:58 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\CDVPreviewEx.dll [2003/10/08 23:18:31 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\NToolBar.dll [2003/09/28 10:29:48 | 00,453,120 | R--- | C] () -- C:\WINDOWS\System32\DiskTriage_ContextMenu.dll [2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/11/20 18:51:34 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\win2000.dll [2002/03/16 19:00:00 | 00,007,420 | ---- | C] () -- C:\WINDOWS\UA000059.DLL [2001/08/17 17:36:28 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [2000/09/08 16:53:50 | 00,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll [2000/04/12 16:24:10 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL [1997/09/30 15:30:02 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL [color=#E56717]========== LOP Check ==========[/color] [2009/11/29 19:50:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Adobe [2005/08/07 13:56:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\AdobeUM [2007/09/23 22:46:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Ahead [2007/03/17 19:22:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Alien Skin [2008/10/04 19:21:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Apple Computer [2009/05/31 12:54:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Babylon [2007/11/16 13:06:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\CB Model Pro [2007/03/11 16:39:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Corel [2007/10/24 14:04:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\CSOdessa [2005/08/01 14:56:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\CyberLink [2009/11/23 18:45:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\DNA [2007/11/23 22:59:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Download Manager [2008/01/16 10:18:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\EBookSys [2007/02/13 18:40:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Echo Software [2007/02/16 20:08:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Eovia [2009/05/09 07:32:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\EPSON [2007/04/14 12:26:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Extensis [2007/04/14 10:50:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\FastStone [2009/09/26 14:50:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Filter Forge [2007/06/01 21:33:59 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Admin\Application Data\Gtek [2005/11/23 14:00:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Help [2007/10/10 10:23:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Hemera [2009/01/10 16:35:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\HP [2004/08/10 13:08:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Identities [2009/05/31 14:02:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Imagenomic [2007/03/04 16:46:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\IndigoRose [2007/02/08 09:16:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Inspiration Software [2008/09/30 12:26:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\InstallShield [2005/07/27 11:43:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Intel [2008/03/31 08:16:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Intuit [2007/08/03 23:08:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Jasc Software Inc [2009/09/07 12:15:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Lasersoft Imaging [2005/08/18 20:25:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Leadertech [2006/01/24 14:40:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\LexisNexis [2006/08/08 21:09:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Lost Marble [2009/12/01 17:41:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Macromedia [2009/09/01 15:30:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Malwarebytes [2007/08/25 13:57:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mask Pro 4.0 [2007/12/31 17:58:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\McAfee [2009/03/03 22:46:29 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Admin\Application Data\Microsoft [2007/02/03 16:38:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Netscape [2007/06/21 09:23:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\onOne Software [2006/08/26 01:37:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Opera [2008/01/02 23:03:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\PCToolsFirewallPlus [2007/02/13 18:59:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\PE Explorer [2007/04/13 18:27:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\pixfiler [2009/01/11 14:10:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Power Sound Editor Free [2006/03/04 15:57:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\ScanSoft [2006/01/28 12:31:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\SmartFTP [2006/07/20 20:20:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Softplicity [2005/08/18 20:25:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Sonic [2005/07/27 11:42:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Sun [2009/11/22 09:42:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\SUPERAntiSpyware.com [2007/12/18 08:47:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\SWiSHvideo [2005/08/01 14:48:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Symantec [2007/06/21 11:11:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Ulead Systems [2007/05/23 20:26:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Viewpoint [2007/04/13 18:27:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\XnView [2009/07/26 22:02:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\ZipGenius [2007/03/04 12:52:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Zoner [2007/08/03 23:26:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems [2007/11/24 01:10:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2006/08/07 20:10:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems [2007/11/23 18:47:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ALM [2008/01/01 09:06:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL [2007/12/28 20:13:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple [2005/06/27 10:05:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2009/11/26 23:18:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 [2009/05/31 12:54:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon [2008/11/22 06:09:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix [2005/07/27 11:46:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink [2007/12/31 14:02:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell [2008/05/31 06:53:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eBay [2007/04/14 12:26:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Extensis [2009/08/23 18:22:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet [2009/03/25 21:37:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft [2005/07/27 12:04:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GTek [2007/03/27 20:34:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hemera [2007/06/20 16:24:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP [2009/09/13 05:47:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software [2009/09/13 05:47:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software Solutions [2005/07/27 11:51:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield [2005/07/27 11:43:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel [2009/04/11 15:57:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit [2008/12/24 09:40:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kodak [2009/11/30 16:33:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2009/12/01 17:41:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia [2009/09/01 15:30:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2007/12/31 17:59:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee [2008/05/24 08:24:43 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2007/11/22 07:56:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help [2007/02/09 13:25:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mindjet [2007/12/25 12:40:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NetZero [2005/07/27 11:54:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime [2004/08/10 13:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI [2006/03/04 15:59:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft [2009/11/30 16:43:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan [2007/06/16 05:53:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMSI [2007/06/20 13:49:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic [2006/03/04 16:04:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir [2006/03/04 16:05:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard [2007/12/31 15:09:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec [2007/11/30 12:43:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith [2009/11/29 09:22:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2007/06/21 11:05:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems [2005/07/27 11:54:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2007/10/11 20:44:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2007/02/16 12:24:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2006/02/12 16:29:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion [2008/10/04 19:51:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} [2009/11/30 18:13:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} [2009/11/30 16:44:14 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2009/12/01 11:07:24 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [2004/08/04 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009/12/01 16:20:02 | 00,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\HP Usg Daily.job [2009/12/01 15:08:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [2009/12/01 13:10:00 | 00,000,334 | ---- | M] () -- C:\WINDOWS\Tasks\WebReg Photosmart D5100 series.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [2007/10/02 14:48:00 | 00,509,984 | ---- | M] (Microsoft Corporation) -- C:\HTGD0006.exe [2 C:\i386\*.tmp files -> C:\i386\*.tmp -> ] [2 C:\i386\*.tmp files -> C:\i386\*.tmp -> ] [2 C:\i386\*.tmp files -> C:\i386\*.tmp -> ] [2 C:\i386\*.tmp files -> C:\i386\*.tmp -> ] [2 C:\i386\*.tmp files -> C:\i386\*.tmp -> ] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys [2004/08/03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS [2004/08/03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys [2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys [2004/08/04 05:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll [2004/08/04 05:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll [2004/08/04 05:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004/08/04 05:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2007/07/12 16:35:02 | 00,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\dell\iastor\iastor.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll [2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\sp2qfe\netlogon.dll [2004/08/04 05:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll [2004/08/04 05:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll [2004/08/04 05:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll [color=#A23BEC]< MD5 for: NVATA.SYS >[/color] [2006/10/18 17:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) MD5=EF9941593B2E9B436F64A87DDB570D1A -- C:\WINDOWS\dell\nvraid\nvata.sys [color=#A23BEC]< MD5 for: NVATABUS.SYS >[/color] [2006/10/18 16:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) MD5=EF9941593B2E9B436F64A87DDB570D1A -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys [2006/10/18 16:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) MD5=EF9941593B2E9B436F64A87DDB570D1A -- C:\WINDOWS\system32\drivers\NvAtaBus.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2004/08/04 05:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll [2004/08/04 05:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll [2004/08/04 05:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll [2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BAC5E44F @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:04853F41 @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6 @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:527DAC91 @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C98F34F6 @Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8FB6501C < End of report >