OTL logfile created on: 2/16/2011 8:24:32 PM - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
751.00 Mb Total Physical Memory | 420.00 Mb Available Physical Memory | 56.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1128 2256 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.95 Gb Total Space | 53.90 Gb Free Space | 75.97% Space Free | Partition Type: NTFS
Drive D: | 3.57 Gb Total Space | 1.67 Gb Free Space | 46.83% Space Free | Partition Type: FAT32
Drive F: | 56.73 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: YOUR-B0FCFFB706 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/02/16 20:17:57 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
PRC - [2011/02/16 20:17:48 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTH.scr
PRC - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/03/18 19:17:48 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CtHelper.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/02/16 20:17:57 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011/01/18 10:35:40 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/17 10:29:38 | 000,287,024 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/21 20:53:21 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Stopped] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2006/12/04 11:57:38 | 000,036,864 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\acs.exe -- (ACS)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/02/12 10:35:36 | 000,139,768 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\dwprot.sys -- (DwProt)
DRV - [2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/12/16 17:57:57 | 000,031,088 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2010/12/01 14:06:29 | 000,108,104 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/11/25 10:53:58 | 000,160,448 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2010/11/25 10:42:10 | 000,124,992 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010/11/24 09:18:16 | 000,089,192 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010/11/17 10:19:50 | 000,249,616 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/11/09 13:56:12 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2010/07/08 09:49:10 | 000,057,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdisMP)
DRV - [2010/07/08 09:49:10 | 000,057,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdis)
DRV - [2010/03/18 20:50:12 | 000,189,528 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2010/03/18 20:50:04 | 000,162,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2010/03/18 20:49:56 | 000,798,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2010/03/18 20:45:42 | 000,092,760 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/03/18 20:45:28 | 000,157,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/03/18 20:45:20 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/03/18 20:45:12 | 000,127,576 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/03/18 20:40:56 | 000,018,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctgame.sys -- (ctgame)
DRV - [2010/03/18 20:40:48 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010/03/18 20:40:40 | 000,528,472 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2010/03/18 20:40:32 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/03/18 20:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS -- (CTERFXFX.SYS)
DRV - [2010/03/18 20:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTERFXFX.sys -- (CTERFXFX)
DRV - [2010/03/18 20:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS -- (CTSBLFX.SYS)
DRV - [2010/03/18 20:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTSBLFX.sys -- (CTSBLFX)
DRV - [2010/03/18 20:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS -- (CTAUDFX.SYS)
DRV - [2010/03/18 20:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTAUDFX.sys -- (CTAUDFX)
DRV - [2010/03/18 20:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\COMMONFX.SYS -- (COMMONFX.SYS)
DRV - [2010/03/18 20:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COMMONFX.sys -- (COMMONFX)
DRV - [2010/02/21 21:03:15 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2009/12/18 09:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2006/07/05 05:33:24 | 000,472,000 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WPN311.sys -- (AR5211)
DRV - [2004/10/27 10:57:38 | 002,284,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/10/20 14:39:32 | 000,040,724 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/10/18 17:05:12 | 000,042,968 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt39.sys -- (SunkFilt39)
DRV - [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/12/11 08:50:00 | 000,070,894 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/12/11 08:50:00 | 000,037,916 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsb.sys -- (LHidUsb)
DRV - [2003/12/11 08:50:00 | 000,025,630 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2001/08/17 23:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 23:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 23:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 23:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 23:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 22:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 22:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 22:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 22:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 22:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 22:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 22:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 22:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 22:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 22:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 15:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd.                                               ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
O1 HOSTS File: ([2011/02/12 11:05:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconEM.exe (Alcor Micro, Corp.)
O4 - HKCU..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WPN311 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN311\wlancfg5.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\run_startmenu.cmd ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} http://www.mpix.com/customer/uploading/activex/ImageUploader6.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab (SysInfo Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab (Creative Software AutoUpdate Support Package)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\emachines.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\emachines.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/26 13:04:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/02/16 20:17:55 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2011/02/16 20:17:47 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTH.scr
[2011/02/16 19:44:35 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/02/16 19:44:29 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/02/16 19:44:29 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/02/16 19:44:29 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/02/16 19:44:29 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/02/16 19:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/02/16 19:44:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/02/16 17:34:07 | 001,366,104 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2011/02/16 13:56:59 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/02/16 13:56:59 | 000,027,984 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe
[2011/02/16 13:56:10 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2011/02/16 13:44:33 | 000,000,000 | ---D | C] -- C:\ComboFix1
[2011/02/16 13:26:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\SUPERAntiSpyware
[2011/02/16 13:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/02/14 18:53:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\PCToolsFirewallPlus
[2011/02/14 18:53:15 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011/02/14 18:53:15 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011/02/14 18:53:11 | 000,249,616 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011/02/14 18:52:07 | 000,089,192 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2011/02/14 18:52:07 | 000,057,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2011/02/14 18:52:07 | 000,032,808 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2011/02/14 18:52:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Firewall Plus
[2011/02/14 18:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/02/14 18:52:02 | 000,124,992 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2011/02/14 18:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus
[2011/02/14 12:30:18 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/02/14 08:25:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/02/12 10:38:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/02/12 10:35:36 | 000,139,768 | ---- | C] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2011/02/10 12:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/02/10 12:15:32 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/02/01 09:07:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\gtk-2.0
[2011/02/01 09:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\.thumbnails
[2011/02/01 09:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\.gimp-2.6
[2011/02/01 09:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\gegl-0.0
[2011/02/01 08:49:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2011/01/26 10:06:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/01/26 10:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/26 10:06:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/01/26 10:06:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/21 15:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Help
[2011/01/21 15:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Help
[2011/01/18 12:38:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/01/18 12:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/01/18 12:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/01/18 12:37:13 | 000,000,000 | ---D | C] -- C:\a90fd3b1bba8bc675f0f
[2011/01/18 12:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2011/01/18 12:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Nikon
[2011/01/18 12:17:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2011/01/18 12:17:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2011/01/18 12:15:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nikon Message Center 2
[2011/01/18 12:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2011/01/18 12:13:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Nikon
[2011/01/18 12:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2011/01/18 10:52:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Creative
[2011/01/18 10:35:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Creative
[2011/01/18 10:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative Labs Shared
[2010/04/02 19:53:11 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Owner\Application Data\pcouffin.sys
[2010/03/18 19:18:32 | 000,010,752 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/02/16 20:18:36 | 000,721,199 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\iExplore.exe
[2011/02/16 20:18:29 | 000,721,199 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\rkill.scr
[2011/02/16 20:18:22 | 000,721,199 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\rkill.com
[2011/02/16 20:17:57 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2011/02/16 20:17:48 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTH.scr
[2011/02/16 20:09:08 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/16 20:08:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/16 20:08:56 | 787,271,680 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/16 19:37:03 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/16 19:27:21 | 000,032,000 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000000-00001102-00000004-10021102}.rfx
[2011/02/16 19:27:21 | 000,032,000 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-00000000-00001102-00000004-10021102}.rfx
[2011/02/16 19:27:21 | 000,031,368 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-00000000-00001102-00000004-10021102}.rfx
[2011/02/16 19:27:21 | 000,031,368 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-00000000-00001102-00000004-10021102}.rfx
[2011/02/16 19:27:21 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000000-00001102-00000004-10021102}.rfx
[2011/02/16 19:26:42 | 004,931,577 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-00000000-00001102-00000004-10021102}.CDF
[2011/02/16 19:26:42 | 004,931,577 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-00000000-00001102-00000004-10021102}.BAK
[2011/02/16 17:34:09 | 001,366,104 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2011/02/14 12:30:21 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/02/14 07:45:45 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/12 11:05:22 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/02/12 10:35:36 | 000,139,768 | ---- | M] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2011/02/11 19:06:59 | 000,000,473 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2011/02/11 08:20:02 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/02/10 18:34:50 | 004,403,558 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ReloadingForTheM1Rifle_JohnRClarke.pdf
[2011/02/10 15:26:03 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\iTunes.lnk
[2011/02/10 15:22:23 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/10 07:42:08 | 000,175,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/09 22:17:37 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/08 14:09:20 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT
[2011/02/02 12:35:26 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk
[2011/02/01 09:07:46 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\Owner\.recently-used.xbel
[2011/01/27 16:16:25 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\M1 Garand Accurizing.doc
[2011/01/27 11:47:34 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\le-65d.doc
[2011/01/27 11:40:14 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\le-64d.doc
[2011/01/27 11:36:54 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\le-63d.doc
[2011/01/27 11:32:25 | 000,042,496 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\le-62d.doc
[2011/01/27 11:30:22 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\le-61d.doc
[2011/01/27 11:27:28 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\le-60d.doc
[2011/01/27 11:24:29 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\le-59d.doc
[2011/01/27 11:21:09 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\le-58d.doc
[2011/01/26 10:06:51 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/24 10:01:46 | 000,087,040 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\stock refinising.doc
[2011/01/19 11:12:05 | 000,441,454 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/01/19 11:12:05 | 000,071,264 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/01/18 18:37:18 | 000,000,125 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2011/01/18 12:48:30 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011/01/18 12:48:30 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2011/01/18 12:17:17 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\All Users\Application Data\External Build System
[2011/01/18 12:17:17 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\Owner\Application Data\Equalizer
[2011/01/18 12:17:17 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLck.DAT
[2011/01/18 12:17:17 | 000,000,012 | RH-- | M] () -- C:\Documents and Settings\All Users\Application Data\Organic
[2011/01/18 12:17:10 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\All Users\Application Data\File Templates
[2011/01/18 12:17:10 | 000,000,268 | RH-- | M] () -- C:\Documents and Settings\Owner\Application Data\Error Handlers
[2011/01/18 12:17:10 | 000,000,012 | RH-- | M] () -- C:\Documents and Settings\All Users\Application Data\Overdrive
[2011/01/18 10:34:38 | 000,445,016 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/02/16 20:18:35 | 000,721,199 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\iExplore.exe
[2011/02/16 20:18:28 | 000,721,199 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\rkill.scr
[2011/02/16 20:18:21 | 000,721,199 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\rkill.com
[2011/02/16 20:08:56 | 787,271,680 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/10 18:34:50 | 004,403,558 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ReloadingForTheM1Rifle_JohnRClarke.pdf
[2011/02/10 15:26:03 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\iTunes.lnk
[2011/02/08 15:34:08 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Owner\b&h.txt
[2011/02/01 09:07:46 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\Owner\.recently-used.xbel
[2011/01/27 16:16:23 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\M1 Garand Accurizing.doc
[2011/01/27 11:47:34 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\le-65d.doc
[2011/01/27 11:40:14 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\le-64d.doc
[2011/01/27 11:36:54 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\le-63d.doc
[2011/01/27 11:32:25 | 000,042,496 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\le-62d.doc
[2011/01/27 11:30:22 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\le-61d.doc
[2011/01/27 11:27:28 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\le-60d.doc
[2011/01/27 11:24:29 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\le-59d.doc
[2011/01/27 11:21:09 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\le-58d.doc
[2011/01/26 10:06:51 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/24 10:01:46 | 000,087,040 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\stock refinising.doc
[2011/01/18 12:48:30 | 000,001,080 | ---- | C] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011/01/18 12:48:30 | 000,001,080 | ---- | C] () -- C:\WINDOWS\System32\settings.sfm
[2011/01/18 12:17:17 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\External Build System
[2011/01/18 12:17:17 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Application Data\Equalizer
[2011/01/18 12:17:17 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLck.DAT
[2011/01/18 12:17:17 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Organic
[2011/01/18 12:17:10 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\File Templates
[2011/01/18 12:17:10 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Application Data\Error Handlers
[2011/01/18 12:17:10 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Overdrive
[2011/01/18 12:17:05 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT
[2011/01/18 10:50:32 | 000,031,368 | ---- | C] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-00000000-00001102-00000004-10021102}.rfx
[2011/01/18 10:50:32 | 000,031,368 | ---- | C] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-00000000-00001102-00000004-10021102}.rfx
[2011/01/18 10:50:32 | 000,011,564 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000000-00001102-00000004-10021102}.rfx
[2011/01/18 10:50:03 | 004,931,577 | ---- | C] () -- C:\WINDOWS\{00000001-00000000-00000000-00001102-00000004-10021102}.BAK
[2011/01/18 10:36:15 | 004,931,577 | ---- | C] () -- C:\WINDOWS\{00000001-00000000-00000000-00001102-00000004-10021102}.CDF
[2010/07/10 12:43:13 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2010/04/02 19:53:18 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.log
[2010/04/02 19:53:11 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.cat
[2010/04/02 19:53:11 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.inf
[2010/03/20 09:00:29 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/18 19:59:54 | 000,050,439 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2010/03/18 19:59:50 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/03/18 19:19:58 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2010/02/22 21:25:32 | 000,000,125 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2010/02/22 19:57:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/02/21 21:20:34 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2010/02/21 21:05:59 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/02/21 20:43:58 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2010/02/21 20:01:47 | 000,000,473 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2010/02/21 20:01:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxblvs.dll
[2010/02/21 20:01:25 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBLLCNP.DLL
[2009/07/08 15:10:56 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2007/08/13 20:45:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2004/08/27 05:50:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/26 11:12:43 | 000,001,314 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/26 11:12:43 | 000,000,487 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 05:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/08/19 19:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1click dvd copy
[2010/07/10 13:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
[2011/02/12 10:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/29 18:22:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/01/18 12:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2010/12/29 19:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2010/12/29 18:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/01/18 12:25:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2010/11/21 11:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2010/02/22 21:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2010/03/04 18:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2011/02/16 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/18 12:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2010/06/07 19:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/06/06 15:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wal-Mart
[2010/07/24 11:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/29 19:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG
[2010/12/29 18:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2010/10/15 17:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Catalina Marketing Corp
[2011/02/01 09:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gtk-2.0
[2011/01/30 13:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LaunchPad
[2011/01/18 12:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nikon
[2010/12/29 17:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Panda Security
[2011/02/14 18:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PCToolsFirewallPlus
[2010/02/21 21:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2010/03/04 19:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TaxCut
[2010/11/21 11:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vso
[2010/06/06 15:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Wal-Mart
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >