[code] OTS logfile created on: 1/31/2010 3:58:44 PM - Run 4 OTS by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\My PC\Desktop\Upkeep Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 511.00 Mb Total Physical Memory | 221.00 Mb Available Physical Memory | 43.00% Memory free 1.00 Gb Paging File | 1.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.52 Gb Total Space | 54.85 Gb Free Space | 73.61% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC Current User Name: My PC Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\My PC\Desktop\Upkeep\OTS.exe -> [2010/01/31 13:38:55 | 000,632,320 | ---- | M] (OldTimer Tools) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2010/01/06 18:29:22 | 000,908,248 | ---- | M] (Mozilla Corporation) cmdagent.exe -> C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -> [2009/12/18 15:33:37 | 000,723,632 | ---- | M] (COMODO) cfp.exe -> C:\Program Files\COMODO\COMODO Internet Security\cfp.exe -> [2009/12/18 15:32:53 | 001,800,464 | ---- | M] (COMODO) ekrn.exe -> C:\Program Files\Eset\ESET NOD32 Antivirus\ekrn.exe -> [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) egui.exe -> C:\Program Files\Eset\ESET NOD32 Antivirus\egui.exe -> [2009/11/16 09:03:32 | 002,054,360 | ---- | M] (ESET) jqs.exe -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/10/13 11:07:37 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) explorer.exe -> C:\WINDOWS\explorer.exe -> [2009/05/08 21:48:34 | 002,314,752 | ---- | M] (Microsoft Corporation) winampa.exe -> C:\Program Files\Winamp\winampa.exe -> [2008/09/12 11:45:48 | 000,036,352 | ---- | M] () washersvc.exe -> C:\Program Files\Webroot\Washer\WasherSvc.exe -> [2007/11/26 14:47:40 | 000,598,856 | ---- | M] (Webroot Software, Inc.) pdengine.exe -> C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -> [2007/05/24 02:40:56 | 000,734,736 | ---- | M] (Raxco Software, Inc.) pdagent.exe -> C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -> [2007/05/24 02:40:40 | 000,415,248 | ---- | M] (Raxco Software, Inc.) sstray.exe -> C:\WINDOWS\system32\sstray.exe -> [2003/12/18 01:53:24 | 000,073,728 | ---- | M] (NVIDIA Corporation) [Modules - Safe List] ots.exe -> C:\Documents and Settings\My PC\Desktop\Upkeep\OTS.exe -> [2010/01/31 13:38:55 | 000,632,320 | ---- | M] (OldTimer Tools) [Win32 Services - Safe List] (cmdAgent) COMODO Internet Security Helper Service [Auto | Running] -> C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -> [2009/12/18 15:33:37 | 000,723,632 | ---- | M] (COMODO) (EhttpSrv) ESET HTTP Server [On_Demand | Stopped] -> C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -> [2009/11/16 09:12:54 | 000,020,680 | ---- | M] (ESET) (ekrn) ESET Service [Auto | Running] -> C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -> [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) (JavaQuickStarterService) Java Quick Starter [Auto | Running] -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/10/13 11:07:37 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) (wwEngineSvc) Window Washer Engine [Auto | Running] -> C:\Program Files\Webroot\Washer\WasherSvc.exe -> [2007/11/26 14:47:40 | 000,598,856 | ---- | M] (Webroot Software, Inc.) (PDExchange) PDExchange [On_Demand | Stopped] -> C:\Program Files\Raxco\PerfectDisk\PDExchange.exe -> [2007/05/24 02:41:04 | 000,202,256 | ---- | M] (Raxco Software, Inc.) (PDEngine) PDEngine [On_Demand | Running] -> C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -> [2007/05/24 02:40:56 | 000,734,736 | ---- | M] (Raxco Software, Inc.) (PDAgent) PDAgent [Auto | Running] -> C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -> [2007/05/24 02:40:40 | 000,415,248 | ---- | M] (Raxco Software, Inc.) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 04:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (cmdGuard) COMODO Internet Security Sandbox Driver [File_System | System | Running] -> C:\WINDOWS\system32\drivers\cmdguard.sys -> [2009/12/18 15:33:46 | 000,133,064 | ---- | M] (COMODO) (Inspect) COMODO Internet Security Firewall Driver [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\inspect.sys -> [2009/12/18 15:33:46 | 000,087,104 | ---- | M] (COMODO) (cmdHlp) COMODO Internet Security Helper Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\cmdhlp.sys -> [2009/12/18 15:33:46 | 000,025,160 | ---- | M] (COMODO) (epfwtdir) epfwtdir [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\epfwtdir.sys -> [2009/11/16 09:06:50 | 000,096,408 | ---- | M] (ESET) (ehdrv) ehdrv [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\ehdrv.sys -> [2009/11/16 09:03:36 | 000,108,792 | ---- | M] (ESET) (eamon) eamon [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\eamon.sys -> [2009/11/16 08:56:12 | 000,116,520 | ---- | M] (ESET) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2008/04/14 06:00:00 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2008/04/14 06:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) (ndismgr) ndismgr [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\ndismgr.sys -> [2008/04/14 06:00:00 | 000,002,304 | ---- | M] () (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2008/04/13 23:04:16 | 000,701,440 | ---- | M] (ATI Technologies Inc.) (DefragFS) DefragFS [File_System | Boot | Running] -> C:\WINDOWS\system32\drivers\DefragFs.sys -> [2007/03/13 07:18:22 | 000,067,352 | ---- | M] (Raxco Software, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2007/03/07 18:51:00 | 000,043,528 | ---- | M] (Sonic Solutions) (Point32) Microsoft IntelliPoint Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\point32.sys -> [2006/11/07 17:02:36 | 000,021,760 | ---- | M] (Microsoft Corporation) (L8042Kbd) Logitech SetPoint Keyboard Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\L8042Kbd.sys -> [2006/07/19 06:27:26 | 000,013,568 | ---- | M] (Logitech Inc.) (nvatabus) nvatabus [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\nvatabus.sys -> [2006/02/26 10:21:18 | 000,089,856 | ---- | M] (NVIDIA Corporation) (nvcchflt) NVIDIA Disk Cache Filter Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\nvcchflt.sys -> [2006/02/26 10:21:18 | 000,016,640 | ---- | M] (NVIDIA Corporation) (nv_agp) NVIDIA nForce AGP Bus Filter [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\nv_agp.sys -> [2006/02/26 10:03:29 | 000,021,760 | ---- | M] (NVIDIA Corporation) (NVENET) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\NVENET.sys -> [2004/01/28 18:10:00 | 000,094,274 | ---- | M] (NVIDIA Corporation) (nvnforce) Service for NVIDIA(R) nForce(TM) Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\nvapu.sys -> [2003/12/24 01:33:00 | 000,316,672 | ---- | M] (NVIDIA Corporation) (nvax) Service for NVIDIA(R) nForce(TM) Audio Enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\nvax.sys -> [2003/12/24 01:33:00 | 000,040,704 | ---- | M] (NVIDIA Corporation) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: Main\\"Start Page" -> http://www.google.com/ -> HKEY_USERS\S-1-5-19\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\] > -> -> HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\My PC\Application Data\Mozilla\FireFox\Profiles\a623lim4.default\prefs.js -> browser.startup.homepage -> "http://www.Dofuswiki.wikia.com/" -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 -> extensions.enabledItems -> {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.1 -> extensions.enabledItems -> {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028 -> extensions.enabledItems -> {7A44E49F-41FB-41F7-8E97-9B3504B646DB}:1.9.1 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{7A44E49F-41FB-41F7-8E97-9B3504B646DB} -> C:\Documents and Settings\My PC\Local Settings\Application Data\{7A44E49F-41FB-41F7-8E97-9B3504B646DB} [C:\DOCUMENTS AND SETTINGS\MY PC\LOCAL SETTINGS\APPLICATION DATA\{7A44E49F-41FB-41F7-8E97-9B3504B646DB}] -> [2010/01/31 03:36:12 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/01/09 11:51:10 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/01/23 13:34:08 | 000,000,000 | ---D | M] HKLM\software\mozilla\Thunderbird\Extensions -> -> HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com -> C:\Program Files\Eset\ESET NOD32 Antivirus\Mozilla Thunderbird [C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD] -> [2009/12/18 15:14:03 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\My PC\Application Data\Mozilla\Extensions -> [2009/10/13 11:27:31 | 000,000,000 | ---D | M] -> C:\Documents and Settings\My PC\Application Data\Mozilla\Firefox\Profiles\a623lim4.default\extensions -> [2010/01/31 11:18:13 | 000,000,000 | ---D | M] Forecastfox -> C:\Documents and Settings\My PC\Application Data\Mozilla\Firefox\Profiles\a623lim4.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} -> [2009/12/18 14:45:33 | 000,000,000 | ---D | M] WOT -> C:\Documents and Settings\My PC\Application Data\Mozilla\Firefox\Profiles\a623lim4.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} -> [2009/12/18 14:45:33 | 000,000,000 | ---D | M] Adblock Plus -> C:\Documents and Settings\My PC\Application Data\Mozilla\Firefox\Profiles\a623lim4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -> [2010/01/09 12:18:52 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2009/12/18 14:40:23 | 000,000,000 | ---D | M] < HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Cmaudio" -> [RunDll32 cmicnfg.cpl,CMICtrlWnd] -> File not found "COMODO Internet Security" -> C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ["C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h] -> [2009/12/18 15:32:53 | 001,800,464 | ---- | M] (COMODO) "egui" -> C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe ["C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice] -> [2009/11/16 09:03:32 | 002,054,360 | ---- | M] (ESET) "nForce Tray Options" -> C:\WINDOWS\System32\sstray.exe [sstray.exe /r] -> [2003/12/18 01:53:24 | 000,073,728 | ---- | M] (NVIDIA Corporation) "WinampAgent" -> C:\Program Files\Winamp\winampa.exe ["C:\Program Files\Winamp\winampa.exe"] -> [2008/09/12 11:45:48 | 000,036,352 | ---- | M] () < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < My PC Startup Folder > -> C:\Documents and Settings\My PC\Start Menu\Programs\Startup -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found \\"NoSetActiveDesktop" -> [1] -> File not found \\"NoActiveDesktopChanges" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"EnableLUA" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"NoResolveTrack" -> [1] -> File not found \\"LinkResolveIgnoreLinkInfo" -> [1] -> File not found \\"NoResolveSearch" -> [1] -> File not found \\"NoSMHelp" -> [1] -> File not found \\"NoSMConfigurePrograms" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"NoResolveTrack" -> [1] -> File not found \\"LinkResolveIgnoreLinkInfo" -> [1] -> File not found \\"NoResolveSearch" -> [1] -> File not found \\"NoSMHelp" -> [1] -> File not found \\"NoSMConfigurePrograms" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [149] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002] > -> HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"NoResolveTrack" -> [1] -> File not found \\"LinkResolveIgnoreLinkInfo" -> [1] -> File not found \\"NoResolveSearch" -> [1] -> File not found \\"NoSMConfigurePrograms" -> [1] -> File not found \\"NoSMHelp" -> [0] -> File not found \\"EditLevel" -> [0] -> File not found \\"NoClose" -> [0] -> File not found \\"NoSaveSettings" -> [0] -> File not found \\"NoFileMenu" -> [0] -> File not found \\"NoCommonGroups" -> [0] -> File not found \\"NoSetActiveDesktop" -> [1] -> File not found \\"NoActiveDesktopChanges" -> [1] -> File not found \\"NoFolderOptions" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002] > -> HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableTaskMgr" -> [1] -> File not found \\"DisableRegistryTools" -> [1] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\] > -> HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3 domain(s) found. -> buy-internet-security10.com .[http] -> Trusted sites -> is-soft-download.com .[http] -> Trusted sites -> is-software-download25.com .[http] -> Trusted sites -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\] > -> HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1409082233-1390067357-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {2E62CD87-057C-47F6-BAF6-2DB22C9733A3}\\DhcpNameServer -> 192.168.1.1 (NVIDIA nForce Networking Controller) -> {2E62CD87-057C-47F6-BAF6-2DB22C9733A3}\\NameServer -> 83.149.115.157,4.2.2.1,192.168.1.1 (NVIDIA nForce Networking Controller) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2009/05/08 21:48:34 | 002,314,752 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/10/17 07:22:15 | 000,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < AppCertDlls [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls -> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls \\"AppSecDll" -> [] -> File not found [Registry - Additional Scans - Safe List] < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> htmlfile [edit] -> "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 -> [2003/07/14 14:52:56 | 000,055,360 | ---- | M] (Microsoft Corporation) htmlfile [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/03/08 13:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation) htmlfile [opennew] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/03/08 13:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation) htmlfile [print] -> "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 -> [2003/07/14 14:52:56 | 000,055,360 | ---- | M] (Microsoft Corporation) http [open] -> Reg Error: Key error. https [open] -> Reg Error: Key error. piffile [open] -> "%1" %* -> regfile [merge] -> Reg Error: Key error. scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2009/05/09 04:22:22 | 000,137,216 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> txtfile [edit] -> Reg Error: Key error. Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [Browse with FastStone] -> "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" -> [2009/11/19 19:32:52 | 001,714,176 | ---- | M] () Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/05/08 21:48:34 | 002,314,752 | ---- | M] (Microsoft Corporation) Directory [Winamp.Bookmark] -> "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" -> [2008/09/12 12:21:22 | 001,345,376 | ---- | M] (Nullsoft) Directory [Winamp.Enqueue] -> "C:\Program Files\Winamp\winamp.exe" /ADD "%1" -> [2008/09/12 12:21:22 | 001,345,376 | ---- | M] (Nullsoft) Directory [Winamp.Play] -> "C:\Program Files\Winamp\winamp.exe" "%1" -> [2008/09/12 12:21:22 | 001,345,376 | ---- | M] (Nullsoft) Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2009/05/08 21:48:34 | 002,314,752 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2009/05/08 21:48:34 | 002,314,752 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/05/08 21:48:34 | 002,314,752 | ---- | M] (Microsoft Corporation) Applications\iexplore.exe [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/03/08 13:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "C:\Program Files\Internet Explorer\iexplore.exe" -> [2009/03/08 13:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation) < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 12/13/2009 9:58:36 AM Computer Name = PC | Source = Userenv | ID = 1090 -> Description = Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy. Application [ Error ] 12/13/2009 10:31:36 AM Computer Name = PC | Source = Userenv | ID = 1090 -> Description = Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy. Application [ Error ] 12/13/2009 11:31:36 AM Computer Name = PC | Source = Userenv | ID = 1090 -> Description = Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy. Application [ Error ] 12/13/2009 12:17:36 PM Computer Name = PC | Source = Userenv | ID = 1090 -> Description = Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy. Application [ Error ] 12/13/2009 1:04:36 PM Computer Name = PC | Source = Userenv | ID = 1090 -> Description = Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy. Application [ Error ] 12/13/2009 1:57:36 PM Computer Name = PC | Source = Userenv | ID = 1090 -> Description = Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy. Application [ Error ] 12/13/2009 2:37:36 PM Computer Name = PC | Source = Userenv | ID = 1090 -> Description = Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy. Application [ Error ] 12/13/2009 3:37:36 PM Computer Name = PC | Source = Userenv | ID = 1090 -> Description = Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy. Application [ Error ] 12/13/2009 4:09:29 PM Computer Name = PC | Source = Userenv | ID = 1090 -> Description = Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy. Application [ Error ] 12/13/2009 5:28:30 PM Computer Name = PC | Source = Userenv | ID = 1090 -> Description = Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy. System [ Error ] 1/31/2010 3:19:44 PM Computer Name = PC | Source = Ftdisk | ID = 262189 -> Description = The system could not sucessfully load the crash dump driver. System [ Error ] 1/31/2010 3:19:44 PM Computer Name = PC | Source = Ftdisk | ID = 262193 -> Description = Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. System [ Error ] 1/31/2010 3:19:49 PM Computer Name = PC | Source = SRService | ID = 104 -> Description = The System Restore initialization process failed. System [ Error ] 1/31/2010 3:20:13 PM Computer Name = PC | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} System [ Error ] 1/31/2010 3:34:01 PM Computer Name = PC | Source = SRService | ID = 104 -> Description = The System Restore initialization process failed. System [ Error ] 1/31/2010 3:36:00 PM Computer Name = PC | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} System [ Error ] 1/31/2010 4:56:25 PM Computer Name = PC | Source = Ftdisk | ID = 262189 -> Description = The system could not sucessfully load the crash dump driver. System [ Error ] 1/31/2010 4:56:25 PM Computer Name = PC | Source = Ftdisk | ID = 262193 -> Description = Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. System [ Error ] 1/31/2010 4:56:30 PM Computer Name = PC | Source = SRService | ID = 104 -> Description = The System Restore initialization process failed. System [ Error ] 1/31/2010 4:56:53 PM Computer Name = PC | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} [Files/Folders - Created Within 30 Days] _OTS -> C:\_OTS -> [2010/01/31 15:53:45 | 000,000,000 | ---D | C] ESET -> C:\Documents and Settings\My PC\Local Settings\Application Data\ESET -> [2010/01/31 14:18:11 | 000,000,000 | ---D | C] Recent -> C:\Documents and Settings\My PC\Recent -> [2010/01/31 13:31:49 | 000,000,000 | RH-D | C] ERDNT -> C:\WINDOWS\ERDNT -> [2010/01/31 13:04:55 | 000,000,000 | ---D | C] ERUNT -> C:\Program Files\ERUNT -> [2010/01/31 13:04:24 | 000,000,000 | ---D | C] ESET -> C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET -> [2010/01/31 04:11:16 | 000,000,000 | ---D | M] Macromedia -> C:\Documents and Settings\NetworkService\Application Data\Macromedia -> [2010/01/31 03:40:18 | 000,000,000 | ---D | M] Adobe -> C:\Documents and Settings\NetworkService\Application Data\Adobe -> [2010/01/31 03:39:56 | 000,000,000 | ---D | M] {7A44E49F-41FB-41F7-8E97-9B3504B646DB} -> C:\Documents and Settings\My PC\Local Settings\Application Data\{7A44E49F-41FB-41F7-8E97-9B3504B646DB} -> [2010/01/31 03:36:12 | 000,000,000 | ---D | C] Guitar Pro 5 -> C:\Program Files\Guitar Pro 5 -> [2010/01/31 02:24:47 | 000,000,000 | ---D | C] Facebook -> C:\Documents and Settings\My PC\Application Data\Facebook -> [2010/01/29 21:57:06 | 000,000,000 | ---D | C] Webroot -> C:\Documents and Settings\My PC\Application Data\Webroot -> [2010/01/25 00:43:10 | 000,000,000 | ---D | C] Webroot -> C:\Program Files\Webroot -> [2010/01/25 00:43:09 | 000,000,000 | ---D | C] Webroot -> C:\Documents and Settings\All Users\Application Data\Webroot -> [2010/01/25 00:43:09 | 000,000,000 | ---D | C] Unwash6.exe -> C:\WINDOWS\Unwash6.exe -> [2010/01/25 00:42:58 | 000,194,888 | ---- | C] (Webroot Software, Inc.) jtk374en -> C:\Documents and Settings\My PC\Desktop\jtk374en -> [2010/01/24 18:52:53 | 000,000,000 | ---D | C] Nexon -> C:\Nexon -> [2010/01/23 14:42:05 | 000,000,000 | ---D | C] PMB Files -> C:\Documents and Settings\My PC\Local Settings\Application Data\PMB Files -> [2010/01/23 13:34:14 | 000,000,000 | ---D | C] PMB Files -> C:\Documents and Settings\All Users\Application Data\PMB Files -> [2010/01/23 13:34:10 | 000,000,000 | ---D | C] Pando Networks -> C:\Program Files\Pando Networks -> [2010/01/23 13:33:57 | 000,000,000 | ---D | C] Playlists (Winamp) -> C:\Documents and Settings\My PC\My Documents\Playlists (Winamp) -> [2010/01/21 22:47:59 | 000,000,000 | ---D | C] Updater -> C:\Documents and Settings\My PC\My Documents\Updater -> [2010/01/18 17:23:31 | 000,000,000 | ---D | C] Text Documents -> C:\Documents and Settings\My PC\Desktop\Text Documents -> [2010/01/17 23:57:32 | 000,000,000 | ---D | C] appmgmt -> C:\WINDOWS\System32\appmgmt -> [2010/01/17 23:50:09 | 000,000,000 | ---D | C] Microsoft -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft -> [2009/10/22 17:15:52 | 000,000,000 | --SD | M] Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2009/10/17 07:27:05 | 000,000,000 | --SD | M] Microsoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft -> [2009/10/17 07:26:43 | 000,000,000 | --SD | M] Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2009/10/17 07:26:43 | 000,000,000 | --SD | M] [Files/Folders - Modified Within 30 Days] uses32.dat -> C:\WINDOWS\System32\uses32.dat -> [2010/01/31 15:57:09 | 000,000,648 | ---- | M] () flags.ini -> C:\WINDOWS\System32\flags.ini -> [2010/01/31 15:57:09 | 000,000,100 | ---- | M] () RegCure Program Check.job -> C:\WINDOWS\tasks\RegCure Program Check.job -> [2010/01/31 15:56:17 | 000,000,438 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/01/31 15:56:14 | 000,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/01/31 15:56:12 | 000,002,048 | --S- | M] () NTUSER.DAT -> C:\Documents and Settings\My PC\NTUSER.DAT -> [2010/01/31 15:55:14 | 001,835,008 | -H-- | M] () ntuser.ini -> C:\Documents and Settings\My PC\ntuser.ini -> [2010/01/31 15:55:04 | 000,000,178 | -HS- | M] () IconCache.db -> C:\Documents and Settings\My PC\Local Settings\Application Data\IconCache.db -> [2010/01/31 13:31:41 | 003,233,598 | -H-- | M] () NTREGOPT.lnk -> C:\Documents and Settings\My PC\Desktop\NTREGOPT.lnk -> [2010/01/31 13:04:30 | 000,000,611 | ---- | M] () ERUNT.lnk -> C:\Documents and Settings\My PC\Desktop\ERUNT.lnk -> [2010/01/31 13:04:30 | 000,000,592 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/01/31 10:39:11 | 000,002,228 | ---- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/01/31 10:38:57 | 000,123,728 | ---- | M] () RegCure.job -> C:\WINDOWS\tasks\RegCure.job -> [2010/01/31 10:36:08 | 000,000,372 | ---- | M] () d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2010/01/31 06:15:38 | 000,002,932 | ---- | M] () smss32.exe -> C:\WINDOWS\System32\smss32.exe -> [2010/01/31 03:32:11 | 000,039,424 | ---- | M] () GDIPFONTCACHEV1.DAT -> C:\Documents and Settings\My PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2010/01/31 02:26:06 | 000,020,904 | ---- | M] () Guitar Pro 5.lnk -> C:\Documents and Settings\My PC\Desktop\Guitar Pro 5.lnk -> [2010/01/31 02:25:18 | 000,000,619 | ---- | M] () jagex_runescape_preferences.dat -> C:\Documents and Settings\My PC\jagex_runescape_preferences.dat -> [2010/01/30 23:04:57 | 000,000,039 | ---- | M] () jagex_runescape_preferences2.dat -> C:\Documents and Settings\My PC\jagex_runescape_preferences2.dat -> [2010/01/30 23:04:23 | 000,000,069 | ---- | M] () Norton Security Scan for My PC.job -> C:\WINDOWS\tasks\Norton Security Scan for My PC.job -> [2010/01/29 20:00:13 | 000,000,474 | ---- | M] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2010/01/20 21:09:28 | 000,000,069 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\My PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/01/18 00:03:08 | 000,004,608 | ---- | M] () win.ini -> C:\WINDOWS\win.ini -> [2010/01/17 16:05:08 | 000,000,507 | ---- | M] () system.ini -> C:\WINDOWS\system.ini -> [2010/01/17 16:05:08 | 000,000,227 | ---- | M] () boot.ini -> C:\boot.ini -> [2010/01/17 16:05:08 | 000,000,211 | -HS- | M] () mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/01/07 16:07:04 | 000,019,160 | ---- | M] (Malwarebytes Corporation) 1 C:\Documents and Settings\My PC\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\My PC\Local Settings\Temp\*.tmp -> [Files - No Company Name] uses32.dat -> C:\WINDOWS\System32\uses32.dat -> [2010/01/31 15:57:09 | 000,000,648 | ---- | C] () flags.ini -> C:\WINDOWS\System32\flags.ini -> [2010/01/31 15:57:09 | 000,000,100 | ---- | C] () NTREGOPT.lnk -> C:\Documents and Settings\My PC\Desktop\NTREGOPT.lnk -> [2010/01/31 13:04:30 | 000,000,611 | ---- | C] () ERUNT.lnk -> C:\Documents and Settings\My PC\Desktop\ERUNT.lnk -> [2010/01/31 13:04:30 | 000,000,592 | ---- | C] () smss32.exe -> C:\WINDOWS\System32\smss32.exe -> [2010/01/31 03:32:23 | 000,039,424 | ---- | C] () Guitar Pro 5.lnk -> C:\Documents and Settings\My PC\Desktop\Guitar Pro 5.lnk -> [2010/01/31 02:25:18 | 000,000,619 | ---- | C] () Photoshop CS2.lnk -> C:\Documents and Settings\My PC\Desktop\Photoshop CS2.lnk -> [2010/01/17 23:47:51 | 000,001,644 | ---- | C] () wininit.ini -> C:\WINDOWS\wininit.ini -> [2009/11/30 17:05:12 | 000,000,492 | ---- | C] () cfplogvw.INI -> C:\WINDOWS\cfplogvw.INI -> [2009/11/09 17:58:35 | 000,000,130 | ---- | C] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2009/10/23 13:45:56 | 000,000,069 | ---- | C] () ssnvfx.ini -> C:\WINDOWS\System32\ssnvfx.ini -> [2009/10/17 08:24:29 | 000,018,253 | ---- | C] () oeminfo.ini -> C:\WINDOWS\System32\oeminfo.ini -> [2009/10/17 07:25:02 | 000,000,207 | ---- | C] () udaprop.dll -> C:\WINDOWS\System32\udaprop.dll -> [2009/10/16 19:03:21 | 000,000,000 | ---- | C] () cmuda.sys -> C:\WINDOWS\System32\drivers\cmuda.sys -> [2009/10/16 19:03:21 | 000,000,000 | ---- | C] () cmuda.dll -> C:\WINDOWS\System32\cmuda.dll -> [2009/10/16 19:03:21 | 000,000,000 | ---- | C] () cmirmdrv.dll -> C:\WINDOWS\System32\cmirmdrv.dll -> [2009/10/16 19:03:21 | 000,000,000 | ---- | C] () Audio3D.dll -> C:\WINDOWS\System32\Audio3D.dll -> [2009/10/16 19:03:21 | 000,000,000 | ---- | C] () a3d.dll -> C:\WINDOWS\System32\a3d.dll -> [2009/10/16 19:03:21 | 000,000,000 | ---- | C] () FontCache3.0.0.0.dat -> C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat -> [2009/10/13 11:13:33 | 000,076,512 | ---- | C] () BASSMOD.dll -> C:\WINDOWS\System32\BASSMOD.dll -> [2009/10/13 04:22:50 | 000,034,308 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2009/10/13 02:54:54 | 000,000,376 | ---- | C] () xfcodec.dll -> C:\WINDOWS\System32\xfcodec.dll -> [2009/09/25 17:21:54 | 000,041,872 | ---- | C] () HMTCD.dll -> C:\WINDOWS\System32\HMTCD.dll -> [2009/02/01 16:59:02 | 000,394,240 | ---- | C] () CopyToSendTo.dll -> C:\WINDOWS\System32\CopyToSendTo.dll -> [2008/04/14 06:00:00 | 000,061,440 | ---- | C] () ndismgr.sys -> C:\WINDOWS\System32\ndismgr.sys -> [2008/04/14 06:00:00 | 000,002,304 | ---- | C] () FInstall.sys -> C:\WINDOWS\System32\FInstall.sys -> [2008/04/14 06:00:00 | 000,000,003 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006/06/29 13:58:52 | 000,030,808 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006/06/29 13:53:56 | 000,026,489 | ---- | C] () GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006/04/18 14:39:28 | 000,029,779 | ---- | C] () GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006/04/18 14:39:28 | 000,026,040 | ---- | C] () [File - Lop Check] ESET -> C:\Documents and Settings\All Users\Application Data\ESET -> [2009/12/18 15:14:02 | 000,000,000 | ---D | M] PMB Files -> C:\Documents and Settings\All Users\Application Data\PMB Files -> [2010/01/23 13:34:31 | 000,000,000 | ---D | M] SecTaskMan -> C:\Documents and Settings\All Users\Application Data\SecTaskMan -> [2009/10/13 02:57:19 | 000,000,000 | ---D | M] Braid -> C:\Documents and Settings\My PC\Application Data\Braid -> [2009/10/31 18:52:53 | 000,000,000 | ---D | M] Facebook -> C:\Documents and Settings\My PC\Application Data\Facebook -> [2010/01/29 21:57:09 | 000,000,000 | ---D | M] godzHell -> C:\Documents and Settings\My PC\Application Data\godzHell -> [2009/11/16 01:13:50 | 000,000,000 | ---D | M] id Software -> C:\Documents and Settings\My PC\Application Data\id Software -> [2010/01/17 23:50:19 | 000,000,000 | ---D | M] LimeWire -> C:\Documents and Settings\My PC\Application Data\LimeWire -> [2009/12/05 19:19:07 | 000,000,000 | ---D | M] Opera -> C:\Documents and Settings\My PC\Application Data\Opera -> [2009/11/28 19:24:18 | 000,000,000 | ---D | M] The Path -> C:\Documents and Settings\My PC\Application Data\The Path -> [2009/10/31 18:44:45 | 000,000,000 | ---D | M] Trillian -> C:\Documents and Settings\My PC\Application Data\Trillian -> [2009/10/23 13:19:18 | 000,000,000 | ---D | M] New Task.job -> C:\WINDOWS\Tasks\New Task.job -> [2009/11/09 17:51:03 | 000,000,154 | ---- | M] () RegCure Program Check.job -> C:\WINDOWS\Tasks\RegCure Program Check.job -> [2010/01/31 15:56:17 | 000,000,438 | ---- | M] () RegCure.job -> C:\WINDOWS\Tasks\RegCure.job -> [2010/01/31 10:36:08 | 000,000,372 | ---- | M] () [File - Purity Scan] < End of report > [/code]