OTL logfile created on: 6/14/2010 1:12:52 PM - Run 2
OTL by OldTimer - Version 3.1.32.0     Folder = C:\Documents and Settings\Cori\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 78.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 12.80 Gb Free Space | 8.87% Space Free | Partition Type: NTFS
Drive D: | 601.87 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 952.59 Mb Total Space | 724.66 Mb Free Space | 76.07% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DELL
Current User Name: Cori
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/03/01 14:43:17 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cori\My Documents\Downloads\OTL.exe
PRC - [2009/11/24 19:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 19:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 19:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 19:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/22 15:18:34 | 001,462,272 | ---- | M] (Dynex) -- C:\Program Files\Dynex Enhanced G Desktop Card Adapter\DynexWCUI.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/03/01 14:43:17 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cori\My Documents\Downloads\OTL.exe
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] --  -- (Ventrilo)
SRV - File not found [Auto | Stopped] --  -- (RoxLiveShare9)
SRV - File not found [Disabled | Stopped] --  -- (MpfService)
SRV - File not found [Disabled | Stopped] --  -- (McAfee AntiSpyware Service)
SRV - File not found [Disabled | Stopped] --  -- (DSBrokerService)
SRV - File not found [Disabled | Stopped] --  -- (Automatic LiveUpdate Scheduler)
SRV - [2009/11/24 19:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 19:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 19:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 19:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/23 10:45:29 | 000,303,104 | ---- | M] (Motive Communications, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService)
SRV - [2008/04/13 20:12:02 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation)
SRV - [2007/09/19 21:08:58 | 000,203,248 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe -- (BOTService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/01 09:45:00 | 000,020,480 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\wltrysvc.exe -- (wltrysvc)
SRV - [2005/10/13 20:56:16 | 000,126,976 | ---- | M] (McAfee, Inc) [Disabled | Stopped] -- c:\Program Files\McAfee.com\Agent\Mcdetect.exe -- (McDetect.exe)
SRV - [2005/08/24 17:01:04 | 000,122,368 | ---- | M] (McAfee, Inc) [Disabled | Stopped] -- c:\Program Files\McAfee.com\Agent\McTskshd.exe -- (McTskshd.exe)
SRV - [2005/07/01 20:22:50 | 000,245,760 | ---- | M] (McAfee, Inc) [Disabled | Stopped] -- C:\Program Files\McAfee.com\Agent\mcupdmgr.exe -- (mcupdmgr.exe)
SRV - [2005/04/04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/11/19 12:26:40 | 000,147,456 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe -- (NetSvc)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-tyc"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-tyc"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.7.3
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: {5384767E-00D9-40E9-B72F-9CC39D655D6F}:1.2.8.2
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/06 11:06:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/02 21:53:32 | 000,000,000 | ---D | M]
 
[2008/11/17 03:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Mozilla\Extensions
[2010/06/13 07:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Mozilla\Firefox\Profiles\j0enor1c.default\extensions
[2010/04/27 07:57:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Cori\Application Data\Mozilla\Firefox\Profiles\j0enor1c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/04 10:13:20 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Documents and Settings\Cori\Application Data\Mozilla\Firefox\Profiles\j0enor1c.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2010/03/18 15:46:36 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Cori\Application Data\Mozilla\Firefox\Profiles\j0enor1c.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/03/18 16:16:04 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Cori\Application Data\Mozilla\Firefox\Profiles\j0enor1c.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2008/12/30 15:33:19 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Cori\Application Data\Mozilla\Firefox\Profiles\j0enor1c.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2009/04/01 17:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Mozilla\Firefox\Profiles\j0enor1c.default\extensions\moveplayer@movenetworks.com
[2010/04/13 18:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Mozilla\Firefox\Profiles\j0enor1c.default\extensions\personas@christopher.beard
[2010/06/13 07:37:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/22 08:12:31 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2005/04/27 16:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2006/09/26 13:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
 
O1 HOSTS File: ([2008/02/23 14:53:40 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Broadcom Wireless Manager] C:\WINDOWS\system32\wltray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\Cori\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2009/06/18 22:41:45 | 000,000,000 | ---D | M]
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2009/06/18 22:41:45 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2009/06/18 22:41:45 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2009/06/18 22:41:45 | 000,000,000 | ---D | M]
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Cori\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .fpx - C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll ()
O12 - Plugin for: .ivr - C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll ()
O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141437396140 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158357283562 (MUWebControl Class)
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab (DASWebDownload Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.247.15.53 24.247.24.53 68.115.71.53
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Cori\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cori\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [1998/09/24 09:25:42 | 000,040,448 | R--- | M] (DK Multimedia) - D:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [1998/09/16 11:49:54 | 000,000,191 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) -  File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
 
[2010/06/14 13:05:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/14 13:05:02 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/14 13:05:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/13 17:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/05/04 10:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2010/04/19 11:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2010/03/27 08:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\McAfee
[2009/01/26 19:56:06 | 001,469,952 | ---- | C] (Toshiba Samsung Storage Technology Corporation) -- C:\Documents and Settings\Cori\Application Data\tsdnwin.dll
[2008/12/11 15:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\F-Secure
[2008/11/03 17:07:20 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Cori\Local Settings\Application Data\pcouffin.sys
[2008/11/02 16:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2008/11/02 16:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2008/06/04 11:36:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/06/04 11:36:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/06/04 11:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2007/11/23 20:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\DivX
[2007/11/23 19:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2007/10/01 22:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/08/19 18:19:20 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2007/04/09 01:35:26 | 005,814,651 | ---- | C] (Fengtao Software Inc.                                       ) -- C:\Program Files\Common Files\DVDFabPlatinumNonCSS3050.exe
[2007/04/03 04:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Yahoo!
[2007/03/04 19:39:40 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\ODMediaConsoleSetup.exe
[2006/09/01 08:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help
[2006/09/01 08:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Help
[2006/04/26 11:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Registry Cleaner
[2006/04/26 11:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2006/03/03 22:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
[2004/11/24 15:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
 
[2049/12/31 16:00:00 | 002,686,021 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\brazyl's boys ear cuts 007.jpg
[2049/12/31 16:00:00 | 000,933,993 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\brazyl's boys ear cuts 009.jpg
[2010/06/14 13:05:09 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/14 12:45:07 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\BackOnTrack Instant Restore Idle.job
[2010/06/14 12:31:36 | 010,747,904 | ---- | M] () -- C:\Documents and Settings\Cori\ntuser.dat
[2010/06/14 10:28:18 | 000,553,436 | ---- | M] () -- C:\WINDOWS\System32\PERFSTRINGBACKUP.INI
[2010/06/14 10:28:18 | 000,462,472 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/14 10:28:18 | 000,080,342 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/14 10:24:46 | 000,013,730 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/14 10:21:55 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/14 10:19:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/14 10:19:12 | 2137,149,440 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/14 10:15:58 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Cori\ntuser.ini
[2010/06/09 12:08:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/07 20:04:30 | 000,268,297 | ---- | M] () -- C:\Documents and Settings\Cori\Desktop\AssuranceWirelessLetter.pdf
[2010/06/05 13:11:09 | 001,020,928 | ---- | M] () -- C:\Documents and Settings\Cori\My Documents\Bullet.doc
[2010/06/04 15:31:27 | 000,723,506 | ---- | M] () -- C:\Documents and Settings\Cori\Desktop\Laurell K. Hamilton - Anita Blake 19 - Bullet.pdf
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/06/14 13:05:09 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/14 10:22:19 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\BackOnTrack Instant Restore Idle.job
[2010/06/07 20:04:26 | 000,268,297 | ---- | C] () -- C:\Documents and Settings\Cori\Desktop\AssuranceWirelessLetter.pdf
[2010/06/05 13:11:05 | 001,020,928 | ---- | C] () -- C:\Documents and Settings\Cori\My Documents\Bullet.doc
[2010/06/04 15:31:22 | 000,723,506 | ---- | C] () -- C:\Documents and Settings\Cori\Desktop\Laurell K. Hamilton - Anita Blake 19 - Bullet.pdf
[2010/05/14 16:05:52 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\dtmon.dll
[2010/05/14 16:05:48 | 000,002,219 | ---- | C] () -- C:\WINDOWS\OEDEVKIT.INI
[2010/05/14 16:05:46 | 000,000,761 | ---- | C] () -- C:\WINDOWS\BTI.INI
[2010/05/14 16:04:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WININI.INI
[2010/05/04 10:57:33 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\MagicTranslator.ini
[2010/01/07 17:28:57 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/01/07 17:28:55 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009/05/13 19:42:22 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/02/25 11:46:57 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Cori\Application Data\PFP120JPR.{PB
[2009/02/25 11:46:57 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Cori\Application Data\PFP120JCM.{PB
[2009/01/26 19:55:31 | 000,000,457 | ---- | C] () -- C:\Documents and Settings\Cori\Application Data\SamsungLiveUpdateConfig.ini
[2009/01/22 00:06:39 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2009/01/22 00:06:39 | 000,003,045 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_iPod.ini
[2009/01/22 00:06:34 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/01/06 13:03:10 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2008/12/03 17:30:32 | 000,000,196 | ---- | C] () -- C:\Documents and Settings\Cori\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
[2008/11/28 22:00:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2008/11/22 01:05:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMON.DLL
[2008/11/22 01:05:48 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXF3FXPU.DLL
[2008/11/22 01:05:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxf3oem.dll
[2008/11/22 01:05:28 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL
[2008/11/21 17:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 17:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/21 17:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/21 17:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/11/03 17:07:21 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\Cori\Local Settings\Application Data\pcouffin.log
[2008/11/03 17:07:20 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Cori\Local Settings\Application Data\ezpinst.exe
[2008/11/03 17:07:20 | 000,007,824 | ---- | C] () -- C:\Documents and Settings\Cori\Local Settings\Application Data\pcouffin.cat
[2008/11/03 17:07:20 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Cori\Local Settings\Application Data\pcouffin.inf
[2008/10/28 11:47:19 | 000,000,187 | ---- | C] () -- C:\Documents and Settings\Cori\Local Settings\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
[2008/10/28 11:45:34 | 000,151,552 | ---- | C] () -- C:\Documents and Settings\Cori\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/28 11:07:00 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Cori\Local Settings\Application Data\fusioncache.dat
[2008/04/17 11:07:52 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2007/11/29 00:36:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Game.INI
[2007/06/13 00:47:35 | 000,000,032 | ---- | C] () -- C:\WINDOWS\INSTAL~4.INI
[2007/04/09 01:34:11 | 000,005,032 | ---- | C] () -- C:\Program Files\Common Files\file.txt
[2007/03/31 14:30:17 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/02 20:27:25 | 001,166,848 | ---- | C] () -- C:\Program Files\Common Files\MCEKaraokePlugin.msi
[2006/11/24 23:14:04 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2006/11/24 23:14:04 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2006/10/03 19:03:33 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nero.INI
[2006/10/01 18:49:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2006/09/07 17:33:01 | 000,000,179 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2006/09/03 15:11:22 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/31 21:47:25 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/04/30 00:34:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\WbxRMenu.dll
[2006/04/22 21:42:43 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\MscID.dll
[2006/04/22 11:29:58 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/04/18 21:50:32 | 000,000,241 | ---- | C] () -- C:\WINDOWS\MVPEUCHR.INI
[2006/04/18 20:05:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\LiveBilliards.INI
[2006/04/13 23:18:24 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\atonres.dll
[2006/04/13 23:18:24 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\WbxMSAI.dll
[2006/04/13 23:18:24 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\atonecli.dll
[2006/03/30 09:38:13 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/03/04 11:06:05 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2006/02/27 11:01:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/27 10:57:29 | 000,000,633 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/27 10:24:00 | 000,000,300 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 09:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/10/12 02:40:58 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2004/10/12 02:39:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2004/10/12 02:39:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2004/10/09 02:40:16 | 000,454,144 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2004/10/05 04:16:08 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2004/10/03 13:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/08/10 00:11:42 | 000,185,856 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2002/12/05 18:51:00 | 000,059,392 | R--- | C] () -- C:\WINDOWS\streamhlp.dll
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/05/14 15:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4Team
[2008/11/12 12:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2009/01/08 14:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2008/06/04 11:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2008/02/15 11:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/03/17 22:35:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/10/11 10:39:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2009/03/18 12:11:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2009/01/21 19:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/01/22 00:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/09/07 10:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2008/12/11 15:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg
[2008/09/26 00:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc
[2008/10/21 01:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2008/09/29 17:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LxThumbs
[2006/03/04 11:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Otto
[2007/08/21 23:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2006/09/27 20:33:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2009/02/16 11:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2007/08/25 14:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2009/04/28 21:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/03/12 18:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2008/06/30 13:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/04/22 14:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2008/06/30 23:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2008/10/15 22:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/12/02 12:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/11/01 04:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\.BitTornado
[2010/05/14 15:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\4Team
[2009/01/17 12:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\A.D.A.M., Inc
[2008/12/23 04:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\acccore
[2008/10/28 11:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\ApplicationHistory
[2008/11/17 09:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Ashampoo
[2009/01/08 14:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\AT&T
[2006/02/27 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\BVRP Software
[2009/09/20 17:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Canon
[2008/12/25 16:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/08/28 22:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\CrystalSpace
[2008/11/10 01:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\F-Secure
[2008/12/20 22:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\GamesCafe
[2008/11/28 21:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\HotSync
[2009/04/26 23:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\IMVU
[2009/04/23 13:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\IMVU Previewer
[2009/04/23 13:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\IMVUClient
[2008/12/20 22:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\iWin
[2008/11/28 21:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Leadertech
[2008/11/22 03:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Lexmark Productivity Studio
[2008/12/10 01:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\OpenOffice.org
[2010/02/02 18:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\SharePod
[2009/01/11 13:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Skip-Bo
[2010/05/04 10:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Softland
[2009/11/06 14:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Sony Online Entertainment
[2010/01/13 21:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\TeamViewer
[2009/03/18 11:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Vbuzzer Messenger
[2009/11/28 10:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cori\Application Data\Walgreens
[2010/06/14 12:45:07 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\BackOnTrack Instant Restore Idle.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F098C56D
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:478FEFC3
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D31DA45
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:861A898F
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:814B9485
< End of report >