OTL logfile created on: 12/29/2009 8:00:10 PM - Run 1
OTL by OldTimer - Version 3.1.20.1     Folder = C:\Users\DR\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 32.51 Gb Total Space | 7.52 Gb Free Space | 23.14% Space Free | Partition Type: NTFS
Drive D: | 32.26 Gb Total Space | 31.98 Gb Free Space | 99.15% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DR-ACER
Current User Name: DR
Logged in as Administrator.
 
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2009/12/29 19:53:56 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\DR\Desktop\OTL.exe
PRC - [2009/12/29 19:45:55 | 00,293,376 | ---- | M] () -- C:\Users\DR\Desktop\x0hsscpi.exe
PRC - [2009/11/20 23:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/10/05 23:33:47 | 00,640,760 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\AAWWSC.exe
PRC - [2009/10/05 23:33:46 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/10/05 23:33:44 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/04/10 23:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/10 23:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 00:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2009/12/29 19:53:56 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\DR\Desktop\OTL.exe
MOD - [2009/04/10 23:21:38 | 01,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll
MOD - [2009/04/10 23:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] --  -- (RoxLiveShare9)
SRV - File not found [Auto | Stopped] --  -- (CLTNetCnService)
SRV - [2009/11/24 16:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 16:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 16:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/05 23:33:44 | 01,028,432 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/09/24 18:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/04/10 23:28:20 | 00,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/04/10 23:28:20 | 00,373,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/04/10 23:28:17 | 00,052,224 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/03/24 16:49:07 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/01/19 00:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/22 15:00:02 | 00,135,168 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/05/16 22:15:22 | 00,163,840 | ---- | M] (acer) [Auto | Stopped] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007/05/10 14:05:36 | 00,024,576 | ---- | M] () [Auto | Stopped] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/04/25 16:34:30 | 00,457,512 | ---- | M] (HiTRSUT) [Auto | Stopped] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/03/14 10:52:30 | 00,024,576 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/02/13 06:26:50 | 00,053,248 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/01/29 22:23:52 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2007/01/26 14:24:42 | 00,050,688 | ---- | M] () [Auto | Stopped] -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService)
SRV - [2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/11/24 12:57:54 | 00,107,008 | ---- | M] () [Auto | Stopped] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/10/05 19:48:40 | 00,577,644 | ---- | M] (Executive Software International, Inc.) [Auto | Stopped] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.azcentral.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [cdloader] C:\Users\DR\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [settdebugx.exe] C:\Users\DR\AppData\Local\Temp\settdebugx.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{36393deb-81c7-11de-bc4f-001b385656dd}\Shell\AutoRun\command - "" = C:\Windows\System32\setupSNK.exe -- [2008/01/19 00:33:29 | 00,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{40346e2b-d053-11de-b133-001b385656dd}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\{40346e2b-d053-11de-b133-001b385656dd}\Shell\phone\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\G\Shell\phone\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
 
[2009/12/29 19:53:53 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\DR\Desktop\OTL.exe
[2009/12/29 19:34:05 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/29 19:34:03 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/29 19:34:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/12/29 19:25:21 | 00,000,000 | ---D | C] -- C:\Users\DR\AppData\Roaming\SUPERAntiSpyware.com
[2009/12/29 19:25:21 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/12/29 19:25:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/12/28 16:58:21 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2009/12/28 15:19:33 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/12/28 15:19:33 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/12/28 15:19:32 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/12/28 15:19:31 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/12/28 15:19:31 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/12/28 15:19:03 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/12/28 15:19:03 | 00,053,328 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/12/28 15:19:01 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/12/28 15:13:47 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/12/27 21:42:14 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/27 21:38:06 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/12/27 21:27:10 | 02,633,902 | -H-- | C] () -- C:\Users\DR\AppData\Local\IconCache.db
[2009/12/27 21:23:47 | 00,000,000 | ---D | C] -- C:\ProgramData\avg9
[2009/12/27 21:20:08 | 00,000,000 | ---D | C] -- C:\Users\DR\AppData\Roaming\AVG8
[2009/12/27 21:15:44 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/27 20:56:51 | 00,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2009/12/27 20:12:30 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/12/27 18:50:05 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2009/12/27 09:43:42 | 00,000,008 | ---- | C] () -- C:\ProgramData\sysReserve.ini
[2009/12/23 20:53:06 | 00,000,000 | ---D | C] -- C:\Users\DR\AppData\Local\MCS Studios
[2009/12/23 20:53:01 | 00,000,000 | ---D | C] -- C:\Program Files\MCS Studios
[2009/12/23 20:45:51 | 00,000,000 | ---D | C] -- C:\Program Files\CPU Speed Pro
[2009/12/18 03:23:15 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2009/12/16 20:24:27 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2009/12/16 20:24:27 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2009/12/16 20:24:19 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2008/07/15 17:10:21 | 00,075,096 | ---- | C] () -- C:\Users\DR\AppData\Roaming\GDIPFONTCACHEV1.DAT
[2008/06/01 20:01:22 | 00,018,944 | ---- | C] () -- C:\Users\DR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/02 07:45:34 | 00,075,096 | ---- | C] () -- C:\Users\DR\AppData\Local\GDIPFONTCACHEV1.DAT
[2007/09/03 13:38:09 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[2006/11/02 05:48:00 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 05:35:51 | 00,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 05:35:51 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 05:35:51 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 05:35:51 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
 
[color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
 
[2009/12/29 20:00:49 | 02,359,296 | -HS- | M] () -- C:\Users\DR\NTUSER.DAT
[2009/12/29 19:53:56 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\DR\Desktop\OTL.exe
[2009/12/29 19:45:55 | 00,293,376 | ---- | M] () -- C:\Users\DR\Desktop\x0hsscpi.exe
[2009/12/29 19:34:07 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/29 19:31:41 | 00,769,778 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/29 19:31:41 | 00,652,394 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/29 19:31:41 | 00,119,996 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/29 19:28:11 | 00,000,199 | ---- | M] () -- C:\Windows\System32\srcr.dat
[2009/12/29 19:28:07 | 00,000,675 | ---- | M] () -- C:\Windows\System32\krl32mainweq.dll
[2009/12/29 19:27:07 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/29 19:26:32 | 17,140,7153 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/12/29 19:25:13 | 00,000,412 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{80FA7BA8-B7D2-4361-BCCF-5135F84BB95D}.job
[2009/12/29 19:16:54 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/12/29 18:58:01 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/29 18:58:01 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/29 18:57:58 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/29 18:56:28 | 00,524,288 | -HS- | M] () -- C:\Users\DR\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2009/12/29 18:56:28 | 00,065,536 | -HS- | M] () -- C:\Users\DR\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2009/12/29 18:51:51 | 02,633,902 | -H-- | M] () -- C:\Users\DR\AppData\Local\IconCache.db
[2009/12/29 17:10:04 | 00,131,072 | ---- | M] () -- C:\Users\Public\Documents\backup.pst
[2009/12/29 05:20:50 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/12/28 19:24:39 | 00,018,944 | ---- | M] () -- C:\Users\DR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/28 15:19:34 | 00,001,888 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/12/28 15:19:30 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/12/27 21:42:14 | 00,001,913 | ---- | M] () -- C:\Users\DR\Desktop\HijackThis.lnk
[2009/12/27 18:02:51 | 00,000,356 | ---- | M] () -- C:\Users\DR\Desktop\Public - Shortcut.lnk
[2009/12/27 09:43:42 | 00,000,008 | ---- | M] () -- C:\ProgramData\sysReserve.ini
[2009/12/23 21:21:49 | 00,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/12/23 20:53:02 | 00,000,973 | ---- | M] () -- C:\Users\DR\Desktop\MCS CPU Benchmark 2008.lnk
[2009/12/18 03:22:52 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/12/17 21:26:57 | 00,286,072 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2009/12/29 19:45:49 | 00,293,376 | ---- | C] () -- C:\Users\DR\Desktop\x0hsscpi.exe
[2009/12/29 19:34:07 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/29 19:26:32 | 17,140,7153 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009/12/28 15:19:34 | 00,001,888 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/12/28 15:19:03 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2009/12/27 21:42:14 | 00,001,913 | ---- | C] () -- C:\Users\DR\Desktop\HijackThis.lnk
[2009/12/27 18:02:51 | 00,000,356 | ---- | C] () -- C:\Users\DR\Desktop\Public - Shortcut.lnk
[2009/12/27 09:45:16 | 00,000,675 | ---- | C] () -- C:\Windows\System32\krl32mainweq.dll
[2009/12/27 09:44:14 | 00,000,199 | ---- | C] () -- C:\Windows\System32\srcr.dat
[2009/12/27 09:43:42 | 00,000,008 | ---- | C] () -- C:\ProgramData\sysReserve.ini
[2009/12/23 20:53:02 | 00,237,568 | ---- | C] () -- C:\Windows\System32\mcstabs.ocx
[2009/12/23 20:53:02 | 00,000,973 | ---- | C] () -- C:\Users\DR\Desktop\MCS CPU Benchmark 2008.lnk
[2009/12/18 03:22:52 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/12/10 16:39:15 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/11/11 21:26:52 | 00,000,702 | ---- | C] () -- C:\Windows\NewsRover.INI
[2009/11/08 13:21:54 | 00,000,057 | ---- | C] () -- C:\Windows\Topo.INI
[2009/10/27 16:22:08 | 04,835,652 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009/10/27 16:16:44 | 01,632,375 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll
[2009/10/27 16:16:12 | 00,611,638 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009/10/27 16:10:02 | 00,143,872 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009/10/27 15:46:26 | 00,248,320 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2009/10/27 15:28:08 | 00,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009/10/16 16:58:06 | 00,183,296 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2009/10/16 16:57:06 | 00,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2009/10/16 16:04:24 | 00,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2009/10/16 16:04:08 | 00,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2009/10/16 16:03:48 | 00,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2009/10/16 16:03:44 | 00,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2009/10/16 16:03:40 | 00,484,864 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2009/10/16 13:53:32 | 00,100,864 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2009/10/16 13:53:20 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/10/16 12:40:42 | 00,957,047 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2009/10/16 12:38:20 | 00,914,464 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/01/10 15:17:32 | 00,163,840 | ---- | C] () -- C:\Windows\System32\ts.dll
[2009/01/10 15:16:56 | 00,148,480 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2009/01/10 15:16:50 | 00,108,032 | ---- | C] () -- C:\Windows\System32\avi.dll
[2009/01/10 15:16:14 | 00,141,312 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2009/01/10 15:15:54 | 00,120,832 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2009/01/10 15:15:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2009/01/10 15:15:32 | 00,102,400 | ---- | C] () -- C:\Windows\System32\avss.dll
[2009/01/10 15:15:28 | 00,246,784 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2009/01/10 15:15:12 | 00,097,280 | ---- | C] () -- C:\Windows\System32\avs.dll
[2009/01/10 15:14:08 | 00,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2009/01/10 15:14:06 | 00,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2008/12/03 15:11:50 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/11/06 09:37:32 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/06 09:34:00 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/09/15 17:11:10 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/03/04 18:52:34 | 00,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2008/02/11 19:55:18 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/01/02 16:57:36 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/01/02 16:47:22 | 01,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/01/02 16:47:22 | 01,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/01/02 16:47:22 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/11/04 07:32:27 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/11/04 06:01:19 | 00,000,000 | ---- | C] () -- C:\Windows\vpc32.INI
[2007/10/31 09:39:54 | 00,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2007/10/13 02:30:20 | 00,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2007/09/20 19:04:27 | 00,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2007/09/20 19:04:19 | 00,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007/09/03 14:53:39 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/09/03 13:44:52 | 00,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/09/03 13:39:01 | 00,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/09/03 13:39:01 | 00,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/09/03 13:38:06 | 00,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/09/03 12:05:10 | 00,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/09/03 12:05:10 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1280.dll
[2007/07/10 10:10:12 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007/05/17 13:58:10 | 00,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2007/04/25 16:33:22 | 00,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/04/25 16:32:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/04/25 16:32:46 | 00,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/04/25 16:31:00 | 00,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/04/25 16:30:52 | 00,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/04/25 16:30:44 | 00,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 15:44:48 | 00,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/02 00:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/07/15 11:35:56 | 00,831,488 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2005/07/15 11:35:56 | 00,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2001/12/26 16:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/03 23:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2007/11/02 07:45:27 | 00,000,000 | ---D | M] -- C:\Users\DR\AppData\Roaming\Acer
[2009/12/27 17:38:46 | 00,000,000 | ---D | M] -- C:\Users\DR\AppData\Roaming\BitTorrent
[2008/03/13 23:24:48 | 00,000,000 | ---D | M] -- C:\Users\DR\AppData\Roaming\BitTorrent DNA
[2008/08/30 20:17:37 | 00,000,000 | ---D | M] -- C:\Users\DR\AppData\Roaming\DNA
[2007/11/02 07:45:26 | 00,000,000 | ---D | M] -- C:\Users\DR\AppData\Roaming\Leadertech
[2009/11/19 18:48:36 | 00,000,000 | ---D | M] -- C:\Users\DR\AppData\Roaming\mjusbsp
[2008/12/05 00:02:07 | 00,000,000 | ---D | M] -- C:\Users\DR\AppData\Roaming\Mp3tag
[2009/12/29 05:20:50 | 00,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009/12/29 18:56:38 | 00,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/12/29 19:25:13 | 00,000,412 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{80FA7BA8-B7D2-4361-BCCF-5135F84BB95D}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 00:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 02:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 02:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 00:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 00:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 02:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/01/18 22:06:48 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/01/18 22:06:48 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/01/18 21:33:23 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 02:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 02:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: ENETHOOK.DLL  >[/color]
[2007/05/22 15:00:04 | 00,090,112 | ---- | M] (acer) MD5=2BB5B239A4501C0A846A2E43D3A98986 -- C:\Acer\Empowering Technology\eNet\eNetHook.dll
[2007/05/22 15:00:04 | 00,090,112 | ---- | M] (acer) MD5=2BB5B239A4501C0A846A2E43D3A98986 -- C:\Windows\System32\eNetHook.dll
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/19 00:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 00:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 02:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 02:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2006/11/02 02:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/10 23:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 23:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 00:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 02:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 02:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 00:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 00:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/19 00:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 02:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/10 23:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/10 23:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/03/08 04:31:42 | 00,348,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 04:31:37 | 00,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtrans.dll
[2009/11/20 23:34:38 | 11,069,952 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ieframe.dll
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 76 bytes -> C:\Users\DR\Desktop\34.jpg:Roxio EMC Stream
< End of report >