OTL logfile created on: 4/14/2010 9:59:14 AM - Run 1
OTL by OldTimer - Version 3.1.37.3     Folder = C:\Documents and Settings\mac\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: 
 
503.00 Mb Total Physical Memory | 94.00 Mb Available Physical Memory | 19.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 11.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.51 Gb Total Space | 62.29 Gb Free Space | 83.60% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
Drive E: | 3.72 Gb Total Space | 0.65 Gb Free Space | 17.50% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: HP22552173873
Current User Name: mac
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/03/26 23:45:38 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mac\Desktop\OTL.exe
PRC - [2009/05/26 22:57:08 | 000,411,108 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\billy.exe
PRC - [2009/05/26 22:54:10 | 000,549,400 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\oldmcdonald.exe
PRC - [2009/04/02 09:36:14 | 000,204,800 | ---- | M] () -- C:\Program Files\ILC\MaxView\Persistence Service\wrapper.exe
PRC - [2007/12/14 23:21:44 | 005,754,880 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
PRC - [2005/09/23 13:43:44 | 000,131,072 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Apache Software Foundation\Tomcat 5.5\bin\tomcat5w.exe
PRC - [2005/09/23 13:43:44 | 000,102,400 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Apache Software Foundation\Tomcat 5.5\bin\tomcat5.exe
PRC - [2005/08/26 15:55:46 | 000,049,248 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_05\bin\java.exe
PRC - [2005/04/17 12:31:56 | 000,038,648 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\CBA\pds.exe
PRC - [2005/04/17 12:31:42 | 000,908,992 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec System Center\NscTop.exe
PRC - [2005/04/17 12:31:18 | 001,726,656 | ---- | M] (Symantec Corporation) -- C:\Program Files\SAV\Rtvscan.exe
PRC - [2005/04/17 12:30:48 | 000,085,184 | ---- | M] (Symantec Corporation) -- C:\Program Files\SAV\VPTray.exe
PRC - [2005/04/17 12:30:32 | 000,019,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\SAV\DefWatch.exe
PRC - [2005/04/08 15:54:52 | 000,161,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2005/04/08 15:52:32 | 000,185,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2005/04/08 15:52:30 | 000,048,752 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2004/09/15 12:34:46 | 000,041,042 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
PRC - [2004/08/04 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/04 00:56:58 | 000,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\slserv.exe
PRC - [2004/06/20 20:45:28 | 000,630,854 | ---- | M] (UltraVNC) -- C:\Program Files\UltraVNC\winvnc.exe
PRC - [2003/07/30 13:08:58 | 000,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
PRC - [2002/09/20 19:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2002/07/26 09:42:40 | 000,376,832 | ---- | M] () -- C:\Program Files\ILC\MaxView\Broker\SNMP\snmpdm.exe
PRC - [2002/07/26 09:42:40 | 000,073,728 | ---- | M] () -- C:\Program Files\ILC\MaxView\Broker\SNMP\msnsaagt.exe
PRC - [1999/03/30 19:38:18 | 000,043,280 | R--- | M] () -- C:\WINDOWS\system32\rkillsrv.exe
PRC - [1998/07/24 16:38:52 | 000,018,192 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rcmdsvc.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/03/26 23:45:38 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mac\Desktop\OTL.exe
MOD - [2004/08/04 04:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2009/04/02 09:36:14 | 000,204,800 | ---- | M] () [Auto | Running] -- C:\Program Files\ILC\MaxView\Persistence Service\wrapper.exe -- (MaxView Persistence Service)
SRV - [2007/12/14 23:21:44 | 005,754,880 | ---- | M] () [Auto | Running] -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL)
SRV - [2005/09/23 13:43:44 | 000,102,400 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\Apache Software Foundation\Tomcat 5.5\bin\tomcat5.exe -- (Tomcat5)
SRV - [2005/04/17 12:31:56 | 000,038,648 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\WINDOWS\system32\CBA\pds.exe -- (Intel PDS)
SRV - [2005/04/17 12:31:42 | 000,908,992 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec System Center\NscTop.exe -- (NSCTOP)
SRV - [2005/04/17 12:31:18 | 001,726,656 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\SAV\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2005/04/17 12:30:32 | 000,019,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\SAV\DefWatch.exe -- (DefWatch)
SRV - [2005/04/08 15:54:52 | 000,161,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/04/08 15:54:50 | 000,083,568 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2005/04/08 15:52:32 | 000,185,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/03/30 21:48:22 | 000,992,864 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2004/09/15 12:33:38 | 000,020,541 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\Program Files\Apache Group\Apache2\bin\Apache.exe -- (Apache2)
SRV - [2004/08/04 00:56:58 | 000,073,796 | ---- | M] (Smart Link) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2004/06/20 20:45:28 | 000,630,854 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\UltraVNC\winvnc.exe -- (winvnc)
SRV - [2002/09/20 19:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
SRV - [2002/07/26 09:42:40 | 000,376,832 | ---- | M] () [Auto | Running] -- C:\Program Files\ILC\MaxView\Broker\SNMP\snmpdm.exe -- (snmpdm)
SRV - [2002/07/26 09:42:40 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ILC\MaxView\Broker\SNMP\msnsaagt.exe -- (msnsa)
SRV - [1999/03/30 19:38:18 | 000,043,280 | R--- | M] () [Auto | Running] -- C:\WINDOWS\system32\rkillsrv.exe -- (Remote Kill Server)
SRV - [1998/07/24 16:38:52 | 000,018,192 | R--- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rcmdsvc.exe -- (Remote Command Server)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.compaq.com/1Q00CDT/0409/bl7.asp
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp22552173873/cgi-bin/reportgen.pl
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2008/08/08 10:48:46 | 000,003,570 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	localhost
O1 - Hosts: 172.27.185.220	SESIMBRA-DTA
O1 - Hosts: 172.27.185.224	SESIMBRA-DTABU
O1 - Hosts: 172.27.185.226	SESIMBRA-DTB
O1 - Hosts: 172.27.185.41	SESIMBRA_S1
O1 - Hosts: 172.27.185.131	SESIMBRA-ETHERTRAK1
O1 - Hosts: 172.27.185.132	SESIMBRA-ETHERTRAK2
O1 - Hosts: 172.27.184.220	CARCAVELOS-DT
O1 - Hosts: 172.27.184.224	CARCAVELOS-DTB
O1 - Hosts: 172.27.184.41	CARCAVELOS_S1
O1 - Hosts: 172.27.184.131	CARCAVELOS-ETHERTRAK1
O1 - Hosts: 172.27.184.132	CARCAVELOS-ETHERTRAK2
O1 - Hosts: 172.27.155.220	PONTADELGADASMS
O1 - Hosts: 172.27.155.225	PDELGADASMS-BU
O1 - Hosts: 172.27.155.224	PONTADELGADA-NB
O1 - Hosts: 172.27.155.131	PONTADELGADASMS-ETHERTRAK1
O1 - Hosts: 172.27.155.132	PONTADELGADASMS-ETHERTRAK2
O1 - Hosts: 172.27.164.220	FUNCHAL-DT
O1 - Hosts: 172.27.164.131	FUNCHAL-ETHERTRAK1
O1 - Hosts: 172.27.164.132	FUNCHAL-ETHERTRAK2
O1 - Hosts: 172.27.175.222  TESTES
O1 - Hosts: 172.27.175.221	MAC-GENERAL
O1 - Hosts: 172.27.175.225	SINTRA1-SRV2
O1 - Hosts: 172.27.175.231	SINTRA-SRV-BU
O1 - Hosts: 172.27.175.232	SINTRA-LOGGER
O1 - Hosts: 99 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApacheTomcatMonitor] C:\Program Files\Apache Software Foundation\Tomcat 5.5\bin\tomcat5w.exe (Apache Software Foundation)
O4 - HKLM..\Run: [Autorun Eater] C:\Program Files\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [vptray] C:\Program Files\SAV\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [WinVNC] C:\Program Files\UltraVNC\winvnc.exe (UltraVNC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe (Apache Software Foundation)
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF  [binary data]
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\NPJPI150_05.dll (Sun Microsystems, Inc.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/14 07:21:26 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010/04/12 20:27:46 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{369d242c-37f5-11df-b334-001560591645}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{369d242c-37f5-11df-b334-001560591645}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{369d242d-37f5-11df-b334-001560591645}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{369d242d-37f5-11df-b334-001560591645}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{3f6ecfa6-1985-11dc-b31d-000e0cb8ee9a}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{3f6ecfa6-1985-11dc-b31d-000e0cb8ee9a}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{7c314325-2ddc-11df-b333-001560591645}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{7c314325-2ddc-11df-b333-001560591645}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{83ba3527-110c-11dd-b327-001560591645}\Shell - "" = AutoRun
O33 - MountPoints2\{83ba3527-110c-11dd-b327-001560591645}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{83ba3527-110c-11dd-b327-001560591645}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{83ba352c-110c-11dd-b327-001560591645}\Shell - "" = AutoRun
O33 - MountPoints2\{83ba352c-110c-11dd-b327-001560591645}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{83ba352c-110c-11dd-b327-001560591645}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{83ba352d-110c-11dd-b327-001560591645}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- File not found
O33 - MountPoints2\{83ba352d-110c-11dd-b327-001560591645}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- File not found
O33 - MountPoints2\{83ba352f-110c-11dd-b327-001560591645}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{83ba352f-110c-11dd-b327-001560591645}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{9b287992-e941-11dd-b32e-001560591645}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{9b287992-e941-11dd-b32e-001560591645}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{b5e5aee0-908d-11dd-b328-001560591645}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{b5e5aee0-908d-11dd-b328-001560591645}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{f18588c5-b489-11dd-b32c-001560591645}\Shell\AutoRun\command - "" = M:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- File not found
O33 - MountPoints2\{f18588c5-b489-11dd-b32c-001560591645}\Shell\open\command - "" = M:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- File not found
O33 - MountPoints2\{f18588c7-b489-11dd-b32c-001560591645}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{f18588c7-b489-11dd-b32c-001560591645}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{f18588c8-b489-11dd-b32c-001560591645}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O33 - MountPoints2\{f18588c8-b489-11dd-b32c-001560591645}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- [2008/04/15 09:04:22 | 000,013,824 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
 
[2010/04/14 09:58:12 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\mac\Desktop\OTL.exe
[2010/04/14 07:21:24 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/04/13 15:10:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2010/04/13 15:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\Autorun Eater
[2004/11/21 02:29:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2004/11/21 02:29:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2004/11/21 02:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2004/11/21 02:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
 
[2010/04/14 10:00:26 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\mac\NTUSER.DAT
[2010/04/14 07:49:12 | 000,444,728 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/14 07:49:12 | 000,384,660 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/14 07:49:12 | 000,053,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/14 07:47:36 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\mac\Desktop\Logger-SINTRA.url
[2010/04/14 07:44:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/14 07:44:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/14 07:44:44 | 527,962,112 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/14 07:43:52 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\mac\ntuser.ini
[2010/04/14 01:00:04 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\MVCleandb.job
[2010/04/13 23:00:02 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\MVSpace.job
[2010/04/13 22:00:06 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\MVArchiver.job
[2010/04/13 15:10:10 | 000,000,574 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/04/12 17:37:48 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\mac\Desktop\DESINFECTAR AS CANETAS  Flash_Disinfector.exe
[2010/04/01 11:15:42 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/01 11:15:42 | 000,000,506 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/04/01 11:15:42 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/04/01 11:13:08 | 000,001,174 | -H-- | M] () -- C:\Documents and Settings\mac\My Documents\Default.rdp
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/04/14 07:47:34 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\mac\Desktop\Logger-SINTRA.url
[2010/04/13 15:10:48 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\mac\Desktop\DESINFECTAR AS CANETAS  Flash_Disinfector.exe
[2010/04/13 15:10:08 | 000,000,574 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2010/03/19 07:52:17 | 000,000,490 | ---- | C] () -- C:\WINDOWS\EventManager.ini
[2010/03/19 07:52:15 | 000,000,136 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/07/08 14:33:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\NTEventLogAppender.dll
[2008/09/09 08:18:39 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\mac\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/29 07:36:22 | 000,000,067 | ---- | C] () -- C:\WINDOWS\PPM.INI
[2007/01/29 06:41:37 | 000,000,980 | ---- | C] () -- C:\WINDOWS\CCWTERM.INI
[2005/12/20 02:46:15 | 000,327,680 | ---- | C] () -- C:\Program Files\Common Files\UnPackIt
[2005/08/03 00:37:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2004/11/21 02:43:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/21 02:39:10 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2004/08/04 04:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 04:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002/05/08 05:12:22 | 000,001,065 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/04/13 15:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2010/04/14 01:00:04 | 000,000,358 | ---- | M] () -- C:\WINDOWS\Tasks\MVCleandb.job
[2010/04/13 23:00:02 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\MVSpace.job
[2010/04/13 22:00:06 | 000,000,360 | ---- | M] () -- C:\WINDOWS\Tasks\MVArchiver.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2004/08/04 09:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2004/08/04 09:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 02:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/04 02:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2004/08/04 02:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2004/02/03 00:36:44 | 000,028,773 | ---- | M] () MD5=2BC34697A3E62DBE977FF29DBDF190A4 -- C:\Perl\site\lib\auto\Win32\EventLog\EventLog.dll
[2004/08/04 04:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2004/08/04 04:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2004/08/04 04:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
 
[color=#A23BEC]< MD5 for: SYMMPI.SYS  >[/color]
[2002/04/04 01:32:06 | 000,028,416 | R--- | M] (LSI Logic) MD5=F2B7E8416F508368AC6730E2AE1C614F -- C:\WINDOWS\system32\drivers\symmpi.sys
 
[color=#A23BEC]< %systemroot%\*./mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2004/08/09 02:20:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/09 02:20:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/09 02:20:08 | 000,864,256 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
[color=#A23BEC]< %systemroot%system32\drivers\*.sys /90 >[/color]
< End of report >