OTL logfile created on: 7/10/2010 8:07:25 PM - Run 1
OTL by OldTimer - Version 3.2.9.0     Folder = C:\Documents and Settings\HP_Administrator\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1,014.00 Mb Total Physical Memory | 430.00 Mb Available Physical Memory | 42.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224.87 Gb Total Space | 160.81 Gb Free Space | 71.52% Space Free | Partition Type: NTFS
Drive D: | 8.00 Gb Total Space | 1.42 Gb Free Space | 17.71% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ANITAPATEL
Current User Name: HP_Administrator
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/07/10 20:06:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL.exe
PRC - [2010/07/06 18:25:45 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/06/27 20:18:20 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/06/27 20:18:18 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/03/05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/28 12:01:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0220Mon.exe
PRC - [2006/06/09 01:11:00 | 000,024,576 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2004/09/29 21:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/07/10 20:06:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2004/09/29 21:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2010/07/06 18:25:45 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/07/06 18:25:45 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/07/06 18:25:45 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/06/29 00:58:28 | 000,146,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0220Dev.sys -- (V0220Dev)
DRV - [2006/06/08 03:00:52 | 000,006,272 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0220Vfx.sys -- (V0220Vfx)
DRV - [2005/04/15 20:05:42 | 002,564,032 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/04/11 19:22:14 | 000,085,248 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cxfalcon.sys -- (CXFALCON)
DRV - [2005/01/19 19:21:56 | 000,012,416 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio)
DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/06/29 12:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/12/02 20:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2001/06/04 08:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/07 11:26:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/28 18:29:13 | 000,000,000 | ---D | M]
 
[2009/01/10 19:45:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
[2010/07/10 10:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\4rla564q.Anita\extensions
[2009/09/02 07:54:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\4rla564q.Anita\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/29 18:24:01 | 000,000,000 | ---D | M] (Clear Cache Button) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\4rla564q.Anita\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}
[2009/04/26 21:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\4rla564q.Anita\extensions\moveplayer@movenetworks.com
[2010/06/02 07:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\4yhbr3zt.default\extensions
[2009/03/06 16:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\4yhbr3zt.default\extensions\ChoiceGuard@Microsoft
[2010/06/02 07:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\4yhbr3zt.default\extensions\textlinks@playsushi.com
[2010/07/10 10:14:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/19 16:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2009/11/19 16:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2008/09/24 12:01:00 | 002,650,112 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npRACtrl.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2007/08/06 12:07:00 | 000,008,784 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ractrlkeyhook.dll
[2007/07/18 14:54:00 | 000,245,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\unicows.dll
 
O1 HOSTS File: ([2004/08/10 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra Button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - C:\Program Files\PlaySushi\PSText.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260634846750 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260634842312 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.microsoft.com/mats/DiagWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.87.85.102 68.87.69.150
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/05/31 04:46:09 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{53d5d856-d0e0-11de-a3e0-002127f1c3d7}\Shell - "" = AutoRun
O33 - MountPoints2\{53d5d856-d0e0-11de-a3e0-002127f1c3d7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (69537929998893056)
 
[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]
 
[2010/07/10 10:38:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/07/09 23:34:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/09 23:34:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/07/09 23:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\xsahkcmys
[2010/07/03 22:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Temp
[2010/06/22 20:27:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010/06/18 16:57:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\DAZZLER2010-2011
[2010/06/15 23:01:52 | 018,784,440 | ---- | C] (ooVoo LLC) -- C:\Documents and Settings\HP_Administrator\Desktop\ooVoo.exe
[2010/06/15 22:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\ooVoo Details
[2010/06/15 22:40:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\oovooinstaller
[2010/06/11 08:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\SightSpeed
[2010/06/11 08:35:35 | 000,006,272 | ---- | C] (EyePower Games Pte. Ltd.) -- C:\WINDOWS\System32\drivers\V0220Vfx.sys
[2010/06/11 08:04:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Live! Cam Center
[2010/06/02 07:56:40 | 000,000,000 | ---D | C] -- C:\Program Files\PlaySushi
[2010/05/10 20:10:57 | 000,000,000 | ---D | C] -- C:\Program Files\PopCap Games
[2010/05/09 19:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WorldWinner
[2010/05/09 19:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\WorldWinner.com, Inc
[2010/05/09 19:46:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Worldwinner
 
[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]
 
[2010/07/10 20:08:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/07/10 20:01:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/10 20:01:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/10 20:01:40 | 1063,768,064 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/10 20:00:09 | 004,456,448 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\NTUSER.DAT
[2010/07/10 20:00:09 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.ini
[2010/07/10 19:38:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/07/10 19:18:04 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3981632477-2560148220-4024616735-1008UA.job
[2010/07/10 15:50:09 | 418,480,128 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\outlook.pst
[2010/07/10 15:10:24 | 379,600,896 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\archive.pst
[2010/07/10 10:38:15 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/09 22:18:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3981632477-2560148220-4024616735-1008Core.job
[2010/07/09 19:42:42 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/07/09 08:40:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/07 05:00:08 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy -  Scheduled Task.job
[2010/07/06 18:23:34 | 000,000,948 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/06 18:23:34 | 000,000,279 | RHS- | M] () -- C:\boot.ini
[2010/07/06 18:23:34 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/06 12:40:27 | 000,000,028 | ---- | M] () -- C:\WINDOWS\qbwcd.ini
[2010/07/03 14:10:04 | 000,083,456 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Anjaliwork.doc
[2010/06/28 18:33:20 | 000,018,663 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\activiacoupon
[2010/06/28 18:29:16 | 000,226,728 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2010/06/25 12:45:00 | 002,983,342 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\ALCvelapayment
[2010/06/25 06:53:59 | 000,001,631 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Mozilla Firefox.lnk
[2010/06/25 06:49:58 | 000,001,631 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/25 06:49:58 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/06/22 11:47:32 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\medicalexpenses2010.xls
[2010/06/11 09:07:30 | 000,050,688 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/11 08:56:41 | 000,001,983 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Creative Product Registration.lnk
[2010/06/11 08:43:43 | 000,001,591 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SightSpeed.lnk
[2010/06/11 08:42:39 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Creative Photo Calendar.lnk
[2010/06/11 08:41:56 | 000,001,699 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Creative Photo Manager.lnk
[2010/06/11 07:44:25 | 000,213,672 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/11 07:28:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/08 14:21:03 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\referenceletterbanks042210.doc
[2010/06/07 12:00:39 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\yogiimmigrationletterjuly72010.doc
[2010/06/01 20:52:20 | 001,387,008 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\dazzler directory.doc
[2010/05/24 21:11:21 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/20 08:30:53 | 000,015,282 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\michaels.gif
[2010/05/20 07:13:47 | 000,851,456 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\ANJALICHEETAH051710.ppt
[2010/05/19 08:32:54 | 000,040,119 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\anjalicheetah1.jpg
[2010/05/19 08:30:20 | 000,001,576 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\IrfanView Thumbnails.lnk
[2010/05/19 08:30:20 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\IrfanView.lnk
[2010/05/19 08:24:40 | 000,000,887 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to anjalicheetah.lnk
[2010/05/18 15:01:00 | 000,122,866 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\house1
[2010/05/18 15:01:00 | 000,102,308 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\house
[2010/05/18 14:48:00 | 002,869,668 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\house3
[2010/05/16 20:19:56 | 000,039,971 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\cheetah-mom-and-cub.jpg
[2010/05/16 16:46:04 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\anitaresume042110a.doc
[2010/05/13 21:20:21 | 000,016,052 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Cover letter for Anita.rtf
[2010/05/10 20:10:57 | 000,000,000 | ---- | M] () -- C:\WINDOWS\popcreg.dat
[2010/05/10 20:10:57 | 000,000,000 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2010/05/09 12:52:29 | 000,240,791 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\050110 pics 002.jpg
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 10:15:31 | 000,088,064 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\dbctransactions.doc
[2010/04/25 16:29:04 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\adoption essay.doc
[2010/04/24 16:27:31 | 000,062,976 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\referencelettersandy042310.doc
[2010/04/21 13:35:02 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Anitaresume042110.doc
[2010/04/21 13:30:41 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\anitaresume.doc
[2010/04/21 12:52:33 | 000,179,965 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Anitadegree.jpg
[2010/04/21 12:45:42 | 000,439,421 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\anitadiploma.JPG
[2010/04/21 12:44:42 | 000,181,418 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\danceclinic 002.jpg
[2010/04/14 20:21:21 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\honduras.doc
[2010/04/13 08:53:06 | 001,752,822 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\sponsorlist0910.bmp
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/07/10 11:26:32 | 1063,768,064 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/10 10:38:15 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/03 22:13:55 | 000,001,022 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3981632477-2560148220-4024616735-1008UA.job
[2010/07/03 22:13:54 | 000,000,970 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3981632477-2560148220-4024616735-1008Core.job
[2010/06/28 18:33:20 | 000,018,663 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\activiacoupon
[2010/06/25 12:45:00 | 002,983,342 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\ALCvelapayment
[2010/06/25 06:53:59 | 000,001,631 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Mozilla Firefox.lnk
[2010/06/25 06:49:58 | 000,001,631 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/25 06:49:58 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/06/23 19:25:41 | 000,083,456 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Anjaliwork.doc
[2010/06/11 08:57:10 | 000,007,062 | ---- | C] () -- C:\WINDOWS\System32\audiopid.vxd
[2010/06/11 08:56:41 | 000,001,983 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Creative Product Registration.lnk
[2010/06/11 08:43:43 | 000,001,591 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SightSpeed.lnk
[2010/06/11 08:42:39 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Creative Photo Calendar.lnk
[2010/06/11 08:41:56 | 000,001,699 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Creative Photo Manager.lnk
[2010/06/11 08:35:36 | 000,006,132 | ---- | C] () -- C:\WINDOWS\VF0220.uns
[2010/06/11 08:35:34 | 000,130,304 | ---- | C] () -- C:\WINDOWS\System32\V0220Cvw.bff
[2010/06/07 12:00:21 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\yogiimmigrationletterjuly72010.doc
[2010/05/31 19:10:22 | 001,387,008 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\dazzler directory.doc
[2010/05/20 08:30:52 | 000,015,282 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\michaels.gif
[2010/05/19 08:31:52 | 000,040,119 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\anjalicheetah1.jpg
[2010/05/19 08:30:20 | 000,001,576 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\IrfanView Thumbnails.lnk
[2010/05/19 08:30:20 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\IrfanView.lnk
[2010/05/19 08:24:40 | 000,000,887 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to anjalicheetah.lnk
[2010/05/18 15:01:00 | 000,122,866 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\house1
[2010/05/18 15:01:00 | 000,102,308 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\house
[2010/05/18 14:48:00 | 002,869,668 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\house3
[2010/05/16 20:19:56 | 000,039,971 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\cheetah-mom-and-cub.jpg
[2010/05/16 18:20:35 | 000,851,456 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\ANJALICHEETAH051710.ppt
[2010/05/13 16:46:40 | 000,016,052 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Cover letter for Anita.rtf
[2010/05/10 20:10:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2010/05/10 20:10:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010/05/09 12:51:56 | 000,240,791 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\050110 pics 002.jpg
[2010/04/29 10:15:31 | 000,088,064 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\dbctransactions.doc
[2010/04/25 16:29:04 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\adoption essay.doc
[2010/04/24 16:27:30 | 000,062,976 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\referencelettersandy042310.doc
[2010/04/22 15:03:18 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\referenceletterbanks042210.doc
[2010/04/21 13:51:59 | 000,038,912 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\anitaresume042110a.doc
[2010/04/21 13:22:54 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Anitaresume042110.doc
[2010/04/21 12:52:15 | 000,179,965 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Anitadegree.jpg
[2010/04/21 12:45:42 | 000,439,421 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\anitadiploma.JPG
[2010/04/21 12:44:13 | 000,181,418 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\danceclinic 002.jpg
[2010/04/13 21:16:21 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\honduras.doc
[2010/04/13 08:53:04 | 001,752,822 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\sponsorlist0910.bmp
[2009/11/12 19:48:09 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2009/11/09 20:21:53 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2009/11/09 20:21:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2009/04/27 20:32:45 | 000,000,028 | ---- | C] () -- C:\WINDOWS\qbwcd.ini
[2009/04/27 20:29:36 | 000,001,412 | ---- | C] () -- C:\WINDOWS\QfnOnl.ini
[2009/04/27 20:29:29 | 000,000,362 | ---- | C] () -- C:\WINDOWS\QDQICK.INI
[2009/04/27 20:29:29 | 000,000,038 | ---- | C] () -- C:\WINDOWS\ACCWIZ.INI
[2009/04/27 20:29:29 | 000,000,021 | ---- | C] () -- C:\WINDOWS\QFNOA.INI
[2008/02/21 20:51:20 | 000,000,054 | ---- | C] () -- C:\WINDOWS\NetViewer16ch.INI
[2008/02/19 22:17:41 | 000,000,168 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/12/17 22:39:37 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\uccspecc.sys
[2007/09/06 07:14:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/01/14 21:58:32 | 000,000,334 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/10 17:26:47 | 000,000,117 | ---- | C] () -- C:\WINDOWS\CANDYLND.INI
[2006/04/14 21:30:49 | 000,015,497 | ---- | C] () -- C:\WINDOWS\VX6KStd.ini
[2006/03/16 01:06:01 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/02/09 18:43:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2006/01/14 22:47:41 | 000,000,087 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/10/23 12:09:03 | 000,000,106 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2005/05/31 04:48:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/05/31 04:45:17 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/05/31 04:45:17 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/05/31 04:45:17 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/05/31 04:45:17 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/05/31 04:45:17 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/05/31 04:45:17 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/05/31 04:14:43 | 000,015,329 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/05/31 04:14:36 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/05/31 04:11:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/31 03:46:52 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/05/31 03:38:46 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/05/31 03:26:12 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/05/31 03:24:12 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/05/31 03:24:12 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/05/31 03:23:50 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/02/18 12:56:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/01/20 00:45:40 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2005/01/20 00:45:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/07/26 16:51:38 | 000,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/04/11 00:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[1999/03/21 20:00:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2008/05/30 16:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2006/08/20 15:06:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/12/06 21:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/07/14 18:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/09 19:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WorldWinner
[2008/12/06 07:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/12/30 19:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/07/10 19:38:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2009/06/06 12:26:12 | 000,001,864 | ---- | M] () -- C:\ASLog.txt
[2005/05/31 04:46:09 | 000,000,100 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/11/08 21:12:15 | 000,000,211 | RHS- | M] () -- C:\BOOT.BAK
[2010/07/06 18:23:34 | 000,000,279 | RHS- | M] () -- C:\boot.ini
[2004/08/10 07:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2005/01/28 04:41:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/09/04 14:37:06 | 000,230,424 | ---- | M] () -- C:\DC6810xp-001.raw
[2007/07/11 21:30:23 | 000,026,950 | ---- | M] () -- C:\DF.Log
[2006/08/13 19:21:43 | 000,000,079 | ---- | M] () -- C:\dxerror.ini
[2010/07/10 20:01:40 | 1063,768,064 | -HS- | M] () -- C:\hiberfil.sys
[2007/07/11 21:30:22 | 000,002,512 | ---- | M] () -- C:\history.txt
[2005/01/28 04:41:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/07/17 16:38:21 | 000,001,817 | -H-- | M] () -- C:\IPH.PH
[2007/07/11 21:29:03 | 000,000,333 | ---- | M] () -- C:\iptest.txt
[2005/01/28 04:41:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/10 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/12/12 11:41:16 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/07/10 20:01:36 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2010/07/10 10:05:11 | 000,000,409 | ---- | M] () -- C:\rkill.log
[2009/11/17 19:43:57 | 000,008,885 | ---- | M] () -- C:\shaheedan.jpg
[2009/02/23 11:11:48 | 4084,658,176 | ---- | M] () -- C:\SlumDog.ISO
[2007/04/04 03:06:53 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2007/09/30 20:11:51 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2007/04/04 03:06:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2007/09/30 20:11:51 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2007/03/27 18:40:33 | 000,001,272 | ---- | M] () -- C:\tcpip.txt
[2009/11/08 16:39:46 | 000,000,743 | ---- | M] () -- C:\updatedatfix.log
[2006/03/31 14:34:49 | 000,000,000 | ---- | M] () -- C:\VETlog.dmp
[2006/03/31 14:34:49 | 000,009,243 | ---- | M] () -- C:\VETlog.txt
 
[color=#A23BEC]< %systemroot%\system32\*.wt >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.ruy >[/color]
 
[color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
 
[color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
 
[color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
[2005/01/28 04:40:34 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
 
[color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
 
[color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >[/color]
 
[color=#A23BEC]< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[/color]
[2003/06/19 02:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
 
[color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color]
 
[color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.jpg >[/color]
 
[color=#A23BEC]< %systemroot%\*.scr >[/color]
[2009/02/06 20:03:18 | 000,307,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
 
[color=#A23BEC]< %systemroot%\*._sy >[/color]
 
[color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color]
 
[color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color]
 
[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
 
[color=#A23BEC]< %APPDATA%\Update\*.* >[/color]
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/04/13 19:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\comsvcs.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2005/01/27 20:28:56 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/01/27 20:28:56 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/01/27 20:28:56 | 000,872,448 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
[color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color]
[2008/04/13 19:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
 
[color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color]
[2008/04/13 19:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
 
[color=#A23BEC]< %systemroot%\system32\ws2help.dll /md5 >[/color]
[2008/04/13 19:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-06-11 12:28:28
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\HP_Administrator\Desktop\Nick Games.mht:SummaryInformation
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
< End of report >