OTL logfile created on: 12/13/2009 11:06:49 AM - Run 1
OTL by OldTimer - Version 3.1.17.0     Folder = C:\Documents and Settings\Owner\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1015.52 Mb Total Physical Memory | 647.24 Mb Available Physical Memory | 63.74% Memory free
1.64 Gb Paging File | 1.43 Gb Available in Paging File | 87.43% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.80 Gb Total Space | 94.80 Gb Free Space | 87.94% Space Free | Partition Type: NTFS
Drive D: | 3.97 Gb Total Space | 0.66 Gb Free Space | 16.62% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: YOUR-SZ6X6SEFXO
Current User Name: Owner
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2009/12/13 10:50:42 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\OTL.exe
PRC - [2009/11/30 11:17:28 | 00,650,160 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/05/16 22:15:10 | 00,071,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
PRC - [2004/11/02 08:59:42 | 00,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2009/12/13 10:50:42 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\OTL.exe
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2009/11/30 11:17:28 | 00,650,160 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2009/11/30 11:17:28 | 00,650,160 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2009/03/25 14:14:03 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/04/13 17:12:03 | 00,291,328 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)
SRV - [2007/08/09 00:27:52 | 00,073,728 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/05/20 09:37:12 | 00,081,920 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE -- (HP Port Resolver)
SRV - [2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/10/16 04:31:06 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE -- (HP Status Server)
SRV - [2003/03/03 16:44:00 | 00,065,536 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2008/04/13 11:39:50 | 00,005,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2007/11/13 03:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/09/07 13:07:25 | 00,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2007/09/07 13:07:25 | 00,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2006/07/24 17:51:34 | 00,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\filedisk.sys -- (FileDisk)
DRV - [2005/10/21 19:58:58 | 00,016,496 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005/10/21 19:58:52 | 00,049,920 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2005/10/21 19:52:48 | 00,021,568 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005/08/19 02:00:00 | 00,046,080 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\PxHelp20.sys -- (PxHelp20)
DRV - [2004/11/02 09:27:20 | 00,773,565 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/10/01 10:24:02 | 02,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/08/03 22:29:52 | 00,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/01/30 06:29:37 | 00,055,808 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiH0464.sys -- (SaiH0464)
DRV - [2004/01/28 08:09:36 | 00,026,624 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiNtBus.sys -- (SaiNtBus)
DRV - [2004/01/28 08:09:34 | 00,015,232 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2003/03/07 22:13:22 | 00,624,369 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/02/26 19:19:50 | 00,260,736 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/02/22 19:55:26 | 00,141,824 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2002/12/27 11:41:00 | 00,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/12/24 22:09:48 | 00,030,848 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/09/06 18:24:00 | 00,013,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2002/08/29 04:00:00 | 00,032,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2002/08/29 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002/07/29 21:43:50 | 00,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\w, = http://windiwsfsearch.com/search?q=%s
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://windiwsfsearch.com/search?q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.ca/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\w, = http://windiwsfsearch.com/search?q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:9095
 
 
[2009/09/13 17:37:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2009/09/13 17:37:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org
 
O1 HOSTS File: (732 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {EBDC9399-1774-4e54-82DA-60081F6C9730} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\RunOnce: [SMRequiresRestart]  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10801} http://www.flysuite.com/flyword/loaderword_win.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} http://mail.cedagroup.com/dwa8W.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll -  File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O21 - SSODL: equestre - {70305bc2-b289-4209-a344-be21f22bc930} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/04/10 02:49:37 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 04:02:32 | 00,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/12/01 14:34:21 | 00,000,000 | ---D | M]
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: napagent - C:\WINDOWS\system32\qagentrt.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891947461378048)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2009/12/13 10:50:41 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\OTL.exe
[2009/12/13 10:28:41 | 00,000,000 | ---D | C] -- C:\ERDNT
[2009/12/13 10:28:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2009/12/13 10:28:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/13 10:28:37 | 00,000,000 | ---D | C] -- C:\!FixIEDef
[2009/12/13 10:06:41 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2009/12/04 17:53:32 | 00,093,096 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll
[2009/12/04 17:53:31 | 00,009,341 | ---- | C] (iolo technologies, LLC (based on original work by Bo Brantén)) -- C:\WINDOWS\System32\drivers\filedisk.sys
[2009/12/04 17:53:16 | 00,000,000 | ---D | C] -- C:\Program Files\iolo
[2009/12/03 07:23:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\My Drive Images
[2009/12/03 00:41:56 | 00,118,784 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iavlsp.dll
[2009/12/03 00:25:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Yahoo!
[2009/12/03 00:25:02 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/12/02 22:58:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG8
[2009/12/02 21:41:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\iolo
[2009/12/02 21:41:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iolo
[2009/11/20 16:32:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\FxsTmp
[2009/11/20 16:32:28 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclntR.dll
[2009/11/20 16:32:28 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/11/20 16:32:28 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscfgwz.dll
[2009/11/20 16:32:28 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/11/20 16:32:28 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsroute.dll
[2009/11/20 16:32:28 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/11/20 16:32:28 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2009/11/20 16:32:28 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/09/26 16:19:22 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/09/26 16:19:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/01/23 20:03:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2008/09/30 14:05:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2007/09/12 12:08:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/07/12 23:33:56 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006/12/04 06:00:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google
[2006/11/05 20:03:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2006/09/17 12:36:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help
[2006/09/17 12:36:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Help
[2006/02/19 02:28:56 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[2003/04/10 02:52:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2009/12/13 10:50:42 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\OTL.exe
[2009/12/13 10:48:06 | 00,000,015 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\settings.dat
[2009/12/13 10:06:22 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/12/12 14:36:25 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{BDA46166-7211-4359-AEF7-813C6DE201EE}.job
[2009/12/11 16:39:58 | 00,000,799 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/11 16:39:58 | 00,000,282 | ---- | M] () -- C:\WINDOWS\System.ini
[2009/12/11 16:39:58 | 00,000,281 | -HS- | M] () -- C:\boot.ini
[2009/12/11 14:25:13 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/11 14:24:53 | 00,011,625 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Global.sw2
[2009/12/11 14:24:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/11 14:24:27 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/11 14:24:25 | 10,649,23136 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/11 14:23:53 | 04,718,592 | ---- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT
[2009/12/11 14:23:53 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2009/12/11 14:23:51 | 06,962,986 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2009/12/08 20:43:58 | 00,026,310 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20091208_204312.reg
[2009/12/06 12:47:03 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Search Results.lnk
[2009/12/04 17:53:33 | 00,001,814 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\System Mechanic Professional.lnk
[2009/12/04 15:21:36 | 00,016,332 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20091204_152123.reg
[2009/12/03 00:25:03 | 00,001,556 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk
[2009/12/02 23:36:45 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2009/12/02 21:50:03 | 00,000,406 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2009/12/02 21:28:59 | 00,002,367 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SpyWare Killer Main Menu.lnk
[2009/12/02 21:20:00 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/12/02 11:23:52 | 00,093,096 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll
[2009/12/02 11:23:42 | 02,118,568 | ---- | M] () -- C:\WINDOWS\System32\Incinerator.dll
[2009/11/22 22:08:00 | 00,017,920 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\erika.wps
[2009/11/20 16:32:56 | 00,526,596 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/20 16:32:56 | 00,444,776 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/20 16:32:56 | 00,072,928 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/20 16:32:49 | 00,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2009/12/13 10:40:44 | 00,000,015 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\settings.dat
[2009/12/08 20:43:15 | 00,026,310 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20091208_204312.reg
[2009/12/06 12:47:03 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Search Results.lnk
[2009/12/04 17:53:33 | 00,001,814 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\System Mechanic Professional.lnk
[2009/12/04 15:21:26 | 00,016,332 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20091204_152123.reg
[2009/12/03 00:25:03 | 00,001,556 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk
[2009/12/02 21:50:03 | 00,000,406 | ---- | C] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2009/12/02 21:49:27 | 02,118,568 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll
[2009/12/02 21:49:25 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\iolobtdfg.exe
[2009/11/22 22:07:59 | 00,017,920 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\erika.wps
[2009/11/20 16:32:28 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/11/20 16:32:28 | 00,001,361 | ---- | C] () -- C:\WINDOWS\System32\fxscount.h
[2009/06/11 17:11:34 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2008/09/29 18:27:42 | 00,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Robot
[2008/09/29 18:27:42 | 00,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Application Data\Receipts
[2008/09/29 18:27:42 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2008/09/29 18:27:42 | 00,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Sampler Files
[2008/08/17 17:36:58 | 00,291,328 | ---- | C] () -- C:\WINDOWS\System32\qagentrt.dll
[2008/06/25 17:25:14 | 00,000,998 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/12/31 15:10:18 | 00,000,273 | ---- | C] () -- C:\WINDOWS\SysMech7.INI
[2007/08/16 21:26:23 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2007/08/15 10:42:27 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/08/15 10:38:03 | 00,009,350 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/07/02 08:58:02 | 00,006,144 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/02 08:44:38 | 00,001,362 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/06/24 07:34:10 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007/04/25 07:25:31 | 00,000,679 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/03/07 20:26:05 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\ZLIB.DLL
[2005/12/24 09:28:16 | 00,000,069 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\fc_location.txt
[2005/12/07 18:47:31 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\stats.mst
[2005/12/05 17:17:09 | 00,000,587 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2005/12/02 09:04:57 | 00,025,471 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2005/12/02 09:04:53 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdinben.dll
[2003/10/23 18:42:56 | 00,171,008 | ---- | C] () -- C:\WINDOWS\System32\sccsccp.dll
[2003/10/23 18:39:37 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\rtm.dll
[2003/10/23 18:39:36 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\rnr20.dll
[2003/10/23 18:39:32 | 00,024,064 | ---- | C] () -- C:\WINDOWS\System32\olesvr.dll
[2003/10/23 18:39:14 | 00,037,916 | ---- | C] () -- C:\WINDOWS\System32\msxml2r.dll
[2003/10/23 18:39:11 | 00,028,746 | ---- | C] () -- C:\WINDOWS\System32\msrecr40.dll
[2003/10/23 18:38:06 | 00,032,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipfltdrv.sys
[2003/10/23 18:37:51 | 00,016,384 | ---- | C] () -- C:\WINDOWS\System32\ds32gt.dll
[2003/10/23 18:37:10 | 00,027,200 | R--- | C] () -- C:\WINDOWS\System32\ctl3dv2.dll
[2003/10/23 18:37:04 | 00,026,624 | ---- | C] () -- C:\WINDOWS\System32\cnvfat.dll
[2003/04/10 04:10:20 | 00,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/04/10 04:08:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/04/10 04:08:01 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/04/10 04:07:51 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/04/10 04:00:09 | 00,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2003/04/10 03:59:52 | 00,000,608 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/04/10 03:53:45 | 00,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2003/04/10 03:16:02 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/04/10 03:06:11 | 00,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/04/10 03:06:11 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/04/10 03:05:46 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\delphimm.dll
[2003/04/10 03:05:46 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/04/10 02:53:32 | 00,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/04/10 02:37:43 | 00,000,552 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/04/10 02:37:01 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdic.dll
[2003/04/10 02:37:01 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdru.dll
[2003/04/10 02:37:01 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdkyr.dll
[2003/04/10 00:08:18 | 00,000,438 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2003/04/10 00:08:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2003/03/19 16:50:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/03/18 19:44:36 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\MFC71ESP.DLL
[2003/03/18 19:44:34 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\MFC71FRA.DLL
[2003/01/08 08:15:00 | 00,696,320 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003/01/08 08:15:00 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2002/12/12 07:14:32 | 00,005,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\mspclock.sys
[2002/05/24 08:00:00 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2002/05/24 08:00:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2001/07/07 02:00:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1999/07/05 03:00:00 | 00,074,256 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2002/07/26 16:02:06 | 00,153,088 | ---- | M] () -- C:\UNWISE.EXE
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/04/13 11:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 11:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2002/08/29 04:00:00 | 00,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtUninstallQ331958$\atapi.sys
[2008/04/13 11:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 11:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2008/04/13 17:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 17:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 00:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2008/04/13 17:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 17:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 00:56:46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2004/08/04 00:56:46 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 17:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 17:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E4DF3FE
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:825D5945
< End of report >