OTL logfile created on: 3/18/2010 11:59:55 AM - Run 1
OTL by OldTimer - Version 3.1.37.3     Folder = C:\test
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1,023.00 Mb Total Physical Memory | 526.00 Mb Available Physical Memory | 51.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 179.89 Gb Total Space | 82.47 Gb Free Space | 45.85% Space Free | Partition Type: NTFS
Drive D: | 6.40 Gb Total Space | 0.54 Gb Free Space | 8.47% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 48.11 Gb Total Space | 38.79 Gb Free Space | 80.64% Space Free | Partition Type: NTFS
Drive H: | 44.77 Gb Total Space | 29.60 Gb Free Space | 66.12% Space Free | Partition Type: NTFS
Drive I: | 93.43 Gb Total Space | 24.75 Gb Free Space | 26.49% Space Free | Partition Type: NTFS
 
Computer Name: MIKE-136F2019DC
Current User Name: HP_Administrator
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/03/18 11:57:48 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\test\OTL.exe
PRC - [2010/03/14 00:33:24 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/01/07 16:07:10 | 000,429,392 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/01/07 16:07:10 | 000,236,368 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/12/01 09:24:25 | 000,238,832 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe
PRC - [2009/12/01 09:24:25 | 000,230,664 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\cavrid.exe
PRC - [2009/10/08 02:24:38 | 000,014,088 | ---- | M] (CA) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
PRC - [2009/10/08 02:24:36 | 000,177,392 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
PRC - [2009/10/08 02:24:35 | 000,144,960 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\isafe.exe
PRC - [2009/10/08 02:24:34 | 000,218,376 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
PRC - [2008/04/13 14:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/08/20 18:17:06 | 000,263,696 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/03/18 11:57:48 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\test\OTL.exe
MOD - [2009/10/08 02:24:38 | 000,083,208 | ---- | M] (CA) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOEHook.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (WMPNetworkSvc)
SRV - File not found [On_Demand | Stopped] --  -- (Adobe LM Service)
SRV - [2010/01/07 16:07:10 | 000,236,368 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/12/01 09:24:25 | 000,238,832 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe -- (VETMSGNT)
SRV - [2009/10/08 02:24:36 | 000,214,256 | ---- | M] (CA, Inc.) [On_Demand | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2009/10/08 02:24:35 | 000,144,960 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\isafe.exe -- (CAISafe)
SRV - [2009/10/08 02:24:34 | 000,189,704 | ---- | M] (CA, Inc.) [Auto | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe -- (PPCtlPriv)
SRV - [2009/05/05 06:56:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/08/26 17:02:24 | 000,014,336 | ---- | M] (Agere Systems) [On_Demand | Stopped] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/20 18:17:06 | 000,263,696 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hawaii.rr.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2009/05/17 18:11:11 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [CAVRID] C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\WECPUpdate.exe (MediaCodec.Org)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QOELOADER] C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe (CA)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00  [binary data]
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O15 - HKCU\..Trusted Domains: msn.com ([zone] * in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} http://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab (ZPA_DMNO Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab (MSN Games – Hearts)
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/18 05:58:22 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 22:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{783e9451-a47c-11dd-97df-00112fb69460}\Shell\AutoRun\command - "" = K:\setupSNK.exe -- File not found
O33 - MountPoints2\{fb81a4ce-3e1f-11dd-97a7-00112fb69460}\Shell\AutoRun\command - "" = O:\wd_windows_tools\WDEULA.exe -- File not found
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\wd_windows_tools\WDEULA.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) -  File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/06/18 05:31:47 | 000,000,000 | ---D | M]
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
Unable to start service SrService!
 
[color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
 
[2010/03/16 15:33:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/16 15:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/03/14 00:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/01/04 22:59:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/02 15:14:43 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\HP_Administrator\Application Data\pcouffin.sys
[2009/09/07 20:04:32 | 000,016,384 | ---- | C] (SM Software) -- C:\Documents and Settings\HP_Administrator\Application Data\stub.exe
[2009/07/13 02:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/03/14 17:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\DivX
[2008/07/21 21:02:30 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/07/20 20:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2005/06/09 23:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2005/06/06 00:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\ApplicationHistory
[2005/06/05 02:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2005/05/02 10:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2005/05/02 10:40:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
 
[color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
 
[2010/03/18 08:53:57 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-88183880-3130738316-382827162-1008.job
[2010/03/18 08:53:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/18 08:53:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/18 03:20:08 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.ini
[2010/03/18 03:20:07 | 009,175,040 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.dat
[2010/03/18 03:00:00 | 000,000,536 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for HP_Administrator.job
[2010/03/18 02:04:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/03/18 01:00:00 | 000,000,522 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for HP_Administrator.job
[2010/03/17 20:01:38 | 000,001,665 | ---- | M] () -- C:\WINDOWS\yahtzee.ini
[2010/03/16 02:21:52 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/14 22:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/03/14 05:30:04 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-88183880-3130738316-382827162-1008.job
[2010/03/14 00:36:00 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer SP.lnk
[2010/03/14 00:33:32 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/03/07 15:39:58 | 000,002,481 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Excel.lnk
[2010/03/06 19:44:17 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\CAAntiSpywareScan_Daily as HP_Administrator at 4 21 AM.job
[2010/03/05 11:05:50 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/05 03:35:13 | 000,086,612 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/04 19:15:38 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\ed paint.xls.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/03/14 00:36:04 | 000,000,300 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-88183880-3130738316-382827162-1008.job
[2010/03/14 00:36:03 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-88183880-3130738316-382827162-1008.job
[2010/03/14 00:36:00 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer SP.lnk
[2010/03/05 03:35:13 | 000,086,612 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/04 19:15:38 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\ed paint.xls.lnk
[2010/01/05 10:58:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/01/04 01:03:34 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/01/04 00:59:22 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EPNX510.ini
[2010/01/02 15:14:59 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\pcouffin.log
[2010/01/02 15:14:43 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\inst.exe
[2010/01/02 15:14:43 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\pcouffin.cat
[2010/01/02 15:14:43 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\pcouffin.inf
[2009/12/14 06:51:18 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/11/20 19:02:14 | 017,027,637 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe
[2009/11/20 19:01:52 | 000,069,632 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\config
[2009/11/10 02:07:55 | 000,286,785 | ---- | C] () -- C:\WINDOWS\FranklinCovey.dll
[2009/11/10 02:07:55 | 000,069,632 | ---- | C] () -- C:\WINDOWS\Compass.dll
[2009/11/10 02:07:53 | 000,130,560 | ---- | C] () -- C:\WINDOWS\al21mfc.dll
[2009/08/14 08:15:27 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009/08/13 03:20:34 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
[2009/07/17 21:48:58 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/16 13:42:53 | 000,000,038 | ---- | C] () -- C:\WINDOWS\pbMv.INI
[2009/07/13 01:57:29 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\89A4070969.sys
[2009/07/03 04:44:33 | 000,001,665 | ---- | C] () -- C:\WINDOWS\yahtzee.ini
[2009/06/21 23:47:08 | 000,000,040 | ---- | C] () -- C:\WINDOWS\ESINSTALL.INI
[2009/06/07 23:38:38 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\PFP120JPR.{PB
[2009/06/07 23:38:38 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\PFP120JCM.{PB
[2009/05/15 01:45:29 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/04/04 03:26:40 | 001,208,320 | ---- | C] () -- C:\WINDOWS\System32\cygxml2-2.dll
[2009/04/04 03:26:40 | 000,980,992 | ---- | C] () -- C:\WINDOWS\System32\cygiconv-2.dll
[2009/04/04 03:26:40 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2009/04/04 02:38:43 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\cdga.dll
[2009/04/02 23:33:50 | 000,000,067 | ---- | C] () -- C:\WINDOWS\#1 Video Converter.INI
[2009/04/01 02:04:50 | 000,000,296 | ---- | C] () -- C:\WINDOWS\AoADVDRipper.INI
[2009/03/29 23:29:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/24 23:19:41 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini
[2009/03/24 23:19:41 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini
[2009/03/24 23:19:11 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\Image32.dll
[2009/03/24 23:19:11 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Png32.dll
[2009/03/24 23:19:11 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2009/03/24 23:19:11 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Tga32.dll
[2009/03/24 23:19:11 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Pcx32.dll
[2009/03/24 23:19:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\Twscan32.dll
[2009/01/27 20:35:51 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\bassmod.dll
[2009/01/22 09:55:40 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/01/22 09:55:40 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/01/21 21:09:15 | 000,000,032 | ---- | C] () -- C:\WINDOWS\EPSONSC88+.ini
[2009/01/21 20:56:37 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2008/12/29 00:07:04 | 000,000,078 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2008/12/29 00:07:03 | 000,000,545 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2008/12/29 00:04:57 | 000,001,001 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2008/12/23 05:34:44 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2008/12/23 05:06:15 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2008/06/22 18:48:04 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/06/22 17:24:23 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2008/06/18 06:06:54 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2007/09/20 00:27:16 | 003,190,784 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2007/09/20 00:27:16 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2007/09/20 00:27:16 | 000,662,016 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/09/20 00:27:16 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2007/09/20 00:27:16 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/09/20 00:27:16 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2007/09/20 00:27:16 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2007/09/20 00:27:16 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2007/09/20 00:27:16 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2007/09/20 00:27:16 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2007/09/20 00:27:16 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2007/09/20 00:27:16 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2007/09/20 00:27:16 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2007/09/20 00:27:16 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2007/09/20 00:27:16 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2007/09/20 00:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2007/09/20 00:27:16 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2007/09/20 00:27:16 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2007/09/20 00:27:16 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/09/20 00:27:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/01/11 17:24:58 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/09/06 13:36:07 | 000,009,481 | ---- | C] () -- C:\WINDOWS\SCWRITER.INI
[2006/05/28 18:29:17 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/01/14 17:22:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2005/12/14 19:47:36 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/09/29 19:44:57 | 000,000,139 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/08/12 02:04:31 | 000,000,461 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/08/06 23:36:04 | 000,221,696 | ---- | C] () -- C:\WINDOWS\System32\TCFurnitureCtrl.dll
[2005/08/05 12:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/02 10:26:45 | 000,000,045 | ---- | C] () -- C:\WINDOWS\BBIMLLKO.ini
[2005/04/29 00:09:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2005/02/13 03:21:13 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2005/02/04 04:29:46 | 000,000,171 | ---- | C] () -- C:\WINDOWS\CustomPalette.ini
[2005/01/24 01:17:02 | 000,000,035 | ---- | C] () -- C:\WINDOWS\atechloc.ini
[2005/01/24 01:16:58 | 000,000,083 | ---- | C] () -- C:\WINDOWS\atech.ini
[2004/09/03 12:56:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/09/02 21:39:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2004/09/02 21:39:06 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/09/02 21:39:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/09/02 21:33:49 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2004/09/02 21:29:30 | 000,025,995 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/09/02 21:28:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/09/02 21:17:33 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/09/02 20:02:09 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2004/09/02 19:21:11 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/09/02 18:52:23 | 000,000,045 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/09/02 18:25:54 | 000,000,549 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/03 19:59:10 | 000,300,032 | ---- | C] () -- C:\WINDOWS\System32\windriver.dll
[2004/06/29 02:58:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2000/09/13 18:15:38 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pagesync.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/02/07 00:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2009/10/08 02:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/01/04 01:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/01/07 02:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IMSIDesign
[2010/01/28 19:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/01/02 22:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/03/06 19:44:17 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\CAAntiSpywareScan_Daily as HP_Administrator at 4 21 AM.job
[2010/03/18 02:04:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/03/14 22:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2004/08/10 09:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/05/20 22:39:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/10 02:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2009/05/20 22:39:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 08:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 08:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 08:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2004/08/10 09:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/05/20 22:39:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/10 02:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2009/05/20 22:39:01 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 08:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 08:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 08:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/10 02:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2008/04/13 14:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 14:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/13 14:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/10 02:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2008/04/13 14:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 14:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/13 14:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 02:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2004/08/10 02:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 14:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 14:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/13 14:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2010/01/05 00:00:20 | 000,347,136 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dxtmsft.dll
[2010/01/05 00:00:21 | 000,214,528 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dxtrans.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\System32\config\*.sav  >[/color]
[2004/09/02 11:33:03 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/09/02 11:33:03 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/09/02 11:33:03 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8E3D07DE
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:99671BE2
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FD34FE88
< End of report >