OTL logfile created on: 6/27/2011 12:47:30 AM - Run 1
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Documents and Settings\DAVID\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.94 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 54.66% Memory free
3.78 Gb Paging File | 2.88 Gb Available in Paging File | 76.10% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.41 Gb Total Space | 10.52 Gb Free Space | 30.58% Space Free | Partition Type: NTFS
Drive D: | 263.67 Gb Total Space | 67.08 Gb Free Space | 25.44% Space Free | Partition Type: NTFS
 
Computer Name: AXESS | User Name: DAVID | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/06/27 00:47:25 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAVID\Desktop\OTL.exe
PRC - [2011/06/18 08:31:11 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/06/16 18:22:36 | 002,413,936 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2011/06/16 18:20:10 | 000,071,824 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2011/06/01 14:10:00 | 000,821,080 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/05/30 08:39:02 | 000,493,184 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2011/05/30 08:39:00 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/28 14:46:56 | 000,803,728 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/04/19 03:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/03/16 14:00:28 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/02/10 11:00:58 | 000,091,432 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe
PRC - [2010/12/17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
PRC - [2010/11/03 07:49:19 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/22 11:50:36 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/06/27 00:47:25 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAVID\Desktop\OTL.exe
MOD - [2011/05/30 08:39:06 | 000,644,736 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2011/05/14 01:17:40 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
MOD - [2011/05/14 01:12:34 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
MOD - [2010/08/23 13:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - [2011/06/18 08:31:11 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/06/16 18:22:36 | 002,413,936 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011/06/01 14:10:00 | 000,821,080 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/05/30 08:39:02 | 000,493,184 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/05/25 15:14:34 | 000,053,248 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2011/04/19 03:44:40 | 000,993,848 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/04/19 03:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/03/16 14:00:28 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/02/10 11:00:58 | 000,091,432 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe -- (FreeAgentGoFlex Service)
SRV - [2010/12/17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe -- (RUBotSrv)
SRV - [2010/06/14 16:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/02/19 19:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/10/20 15:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | Disabled | Running] --  -- (SNAPSHOD0)
DRV - [2011/06/17 11:45:05 | 000,026,096 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pxkbf.sys -- (pxkbf)
DRV - [2011/06/16 18:20:10 | 000,525,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)
DRV - [2011/05/30 08:38:54 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Stop_Pending] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/27 19:18:34 | 000,239,472 | ---- | M] () [File_System | Disabled | Stop_Pending] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/03/23 01:00:08 | 000,016,080 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/03/23 01:00:06 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2011/03/16 19:00:46 | 000,140,848 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files\IObit\Protected Folder\pffilter.sys -- (PfFilter)
DRV - [2011/03/16 14:00:29 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/11/22 11:15:07 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/09/01 05:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/08/25 14:45:28 | 000,395,464 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010/08/25 14:45:28 | 000,056,208 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2010/08/25 14:45:28 | 000,037,080 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2010/02/26 15:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 15:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 15:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 15:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/12/15 13:24:38 | 000,033,848 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD) SoundTap Recorder (32 Bit)
DRV - [2009/10/20 15:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/05/11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/05 09:59:02 | 000,022,168 | ---- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2009/05/05 09:58:30 | 000,013,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/08/26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/06/16 09:02:34 | 000,017,024 | ---- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys -- (BS_I2cIo)
DRV - [2008/04/14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/08/16 10:09:38 | 000,003,604 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BS_Flash.sys -- (BS_Flash)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/10/26 11:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - [2004/04/26 13:47:42 | 000,163,456 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\vidstub.sys -- (BootScreen)
DRV - [2003/07/02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2001/09/19 13:28:50 | 000,009,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\viausb1.sys -- (viafilter)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/06/25 10:39:09 | 000,000,000 | ---D | M]
 
[2011/06/18 22:46:02 | 000,002,423 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2011/06/26 20:13:39 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
O2 - BHO: (SafeOnline BHO) - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\WINDOWS\system32\PxSecure.dll (Prevx)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -  File not found
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -  File not found
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1255150248015 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.microsoft.com/mats/DiagWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (DDRevision Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\DAVID\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\DAVID\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/07 21:19:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/06/27 00:47:20 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DAVID\Desktop\OTL.exe
[2011/06/27 00:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\Desktop\Reports
[2011/06/27 00:08:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\DAVID\Recent
[2011/06/26 20:27:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/06/26 20:06:52 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/06/26 20:05:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/06/26 20:05:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/06/26 20:05:01 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/06/26 20:05:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/06/26 20:04:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/06/26 20:04:00 | 000,000,000 | ---D | C] -- C:\Comfix
[2011/06/26 20:03:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/26 20:01:46 | 004,126,959 | R--- | C] (Swearware) -- C:\Documents and Settings\DAVID\Desktop\Comfix.exe
[2011/06/25 19:19:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\Start Menu\Programs\Notepad++
[2011/06/25 19:19:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Notepad++
[2011/06/25 19:19:23 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2011/06/25 19:19:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\Application Data\Notepad++
[2011/06/25 15:55:06 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2011/06/25 15:55:06 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2011/06/25 15:55:06 | 000,059,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwma.dll
[2011/06/25 15:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\Application Data\vlc
[2011/06/25 15:30:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/06/25 14:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/06/25 14:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/06/25 14:44:36 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/06/25 14:44:36 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/25 14:44:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/25 14:44:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/25 14:44:36 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/25 14:41:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\Local Settings\Application Data\Secunia PSI
[2011/06/25 14:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/06/25 14:23:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap
[2011/06/25 14:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011/06/25 14:22:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Trend Micro RUBotted
[2011/06/25 11:08:49 | 000,000,000 | ---D | C] -- C:\Program Files\Prio
[2011/06/20 07:35:43 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/19 21:23:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\My Documents\ForceField Shared Files
[2011/06/19 21:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\zonealarm_security_suite
[2011/06/19 21:22:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Check Point
[2011/06/19 21:22:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2011/06/19 20:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Recuva
[2011/06/18 23:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/06/18 22:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/06/18 13:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\Application Data\Digital Support Free Tools
[2011/06/18 13:08:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Digital Support Free Tools
[2011/06/18 13:08:04 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Support Free Tools
[2011/06/18 12:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Digital Support
[2011/06/18 12:48:30 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Support
[2011/06/17 11:45:06 | 000,071,880 | ---- | C] (Prevx) -- C:\WINDOWS\System32\PxSecure.dll
[2011/06/17 11:45:05 | 000,032,008 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys
[2011/06/17 11:45:05 | 000,026,096 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxkbf.sys
[2011/06/17 11:42:23 | 000,076,696 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2011/06/17 11:42:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2011/06/17 11:07:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2011/06/17 11:07:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2011/06/17 09:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\ZeoBIT
[2011/06/17 09:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\Start Menu\Programs\WinRAR
[2011/06/17 09:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/06/17 03:02:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/06/17 03:01:34 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/06/17 02:33:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Protected Folder
[2011/06/17 02:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 4
[2011/06/17 02:23:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
[2011/06/16 18:20:10 | 000,525,840 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2011/06/16 18:01:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\DoctorWeb
[2011/06/16 13:50:16 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/06/16 13:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\Application Data\f-secure
[2011/06/15 19:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAVID\Start Menu\Programs\Rootkit Unhooker
[2011/06/15 19:06:16 | 000,000,000 | ---D | C] -- C:\RkUnhooker
[2011/06/15 17:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2011/06/15 17:28:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sophos
[2011/06/02 09:42:53 | 000,161,296 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2011/05/30 10:24:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/06/27 00:47:25 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAVID\Desktop\OTL.exe
[2011/06/27 00:08:16 | 000,000,660 | ---- | M] () -- C:\WINDOWS\tasks\CCleaner.job
[2011/06/26 22:00:09 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\IMF_AutoScan.job
[2011/06/26 20:48:54 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_AutoCare.job
[2011/06/26 20:19:50 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_AutoSweep.job
[2011/06/26 20:19:12 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/06/26 20:18:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/26 20:13:39 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/26 20:06:57 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2011/06/26 20:04:23 | 004,126,959 | R--- | M] (Swearware) -- C:\Documents and Settings\DAVID\Desktop\Comfix.exe
[2011/06/26 19:58:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/25 20:02:18 | 000,001,020 | ---- | M] () -- C:\Documents and Settings\DAVID\Desktop\magicJack  SET PRIORITY.lnk
[2011/06/25 18:14:56 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_AutoUpdate.job
[2011/06/25 15:30:57 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/06/25 15:12:10 | 000,441,876 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/25 15:12:10 | 000,071,686 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/25 14:52:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/25 14:44:02 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/25 14:44:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/25 14:44:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/25 14:44:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/06/25 14:44:01 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/06/25 14:23:13 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\-1
[2011/06/25 13:20:03 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\IMF_AutoUpdate.job
[2011/06/25 12:50:11 | 000,002,435 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Reg Repair.lnk
[2011/06/25 11:02:32 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Red's Birthday Reminder.job
[2011/06/25 11:01:28 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Dentist Reminder.job
[2011/06/25 10:23:51 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\Snapshot full.job
[2011/06/23 12:34:24 | 000,467,968 | ---- | M] () -- C:\Documents and Settings\DAVID\My Documents\TENNIS.pps
[2011/06/21 15:32:16 | 001,268,961 | ---- | M] () -- C:\Documents and Settings\DAVID\My Documents\Zone Alarm Security Settings Backup.xml
[2011/06/20 05:36:26 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\Daily Backup.job
[2011/06/19 23:02:10 | 000,000,116 | ---- | M] () -- C:\WINDOWS\Printdir.bat
[2011/06/19 21:30:05 | 000,411,107 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/06/18 23:43:58 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\DAVID\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/06/18 22:21:56 | 000,142,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/18 12:48:39 | 000,001,005 | ---- | M] () -- C:\Documents and Settings\DAVID\Desktop\PC Fixer.lnk
[2011/06/17 13:20:54 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume D Task.job
[2011/06/17 13:19:48 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume C Task.job
[2011/06/17 13:17:54 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\Paragon Archive name arc_170611154527515.job
[2011/06/17 11:45:06 | 000,071,880 | ---- | M] (Prevx) -- C:\WINDOWS\System32\PxSecure.dll
[2011/06/17 11:45:05 | 000,032,008 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys
[2011/06/17 11:45:05 | 000,026,096 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxkbf.sys
[2011/06/17 11:44:58 | 000,000,048 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/06/17 11:42:23 | 000,076,696 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2011/06/17 02:34:00 | 000,000,908 | ---- | M] () -- C:\Documents and Settings\DAVID\Application Data\Microsoft\Internet Explorer\Quick Launch\Protected Folder.lnk
[2011/06/17 02:34:00 | 000,000,890 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Protected Folder.lnk
[2011/06/17 02:33:23 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\DAVID\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 4.lnk
[2011/06/17 02:33:23 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 4.lnk
[2011/06/17 02:23:11 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IObit Malware Fighter.lnk
[2011/06/16 18:20:10 | 000,525,840 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2011/06/06 10:23:43 | 000,117,871 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2011/06/02 09:42:53 | 000,161,296 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2011/05/30 19:19:48 | 005,964,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/06/26 20:06:56 | 000,000,223 | ---- | C] () -- C:\Boot.bak
[2011/06/26 20:06:54 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/06/26 20:05:01 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/06/26 20:05:01 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/06/26 20:05:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/06/26 20:05:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/06/26 20:05:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/06/25 18:14:55 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\ASC4_AutoCare.job
[2011/06/25 15:30:57 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/06/25 14:41:00 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2011/06/25 11:02:32 | 000,000,222 | ---- | C] () -- C:\WINDOWS\tasks\Red's Birthday Reminder.job
[2011/06/25 11:01:28 | 000,000,222 | ---- | C] () -- C:\WINDOWS\tasks\Dentist Reminder.job
[2011/06/23 12:34:23 | 000,467,968 | ---- | C] () -- C:\Documents and Settings\DAVID\My Documents\TENNIS.pps
[2011/06/21 15:32:16 | 001,268,961 | ---- | C] () -- C:\Documents and Settings\DAVID\My Documents\Zone Alarm Security Settings Backup.xml
[2011/06/19 23:02:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\Printdir.bat
[2011/06/19 21:24:00 | 000,411,107 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/06/18 23:43:58 | 000,000,681 | ---- | C] () -- C:\Documents and Settings\DAVID\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/06/18 13:08:05 | 000,002,435 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Reg Repair.lnk
[2011/06/18 12:48:39 | 000,001,005 | ---- | C] () -- C:\Documents and Settings\DAVID\Desktop\PC Fixer.lnk
[2011/06/18 08:11:41 | 000,000,298 | ---- | C] () -- C:\WINDOWS\tasks\IMF_AutoUpdate.job
[2011/06/18 08:08:43 | 000,000,298 | ---- | C] () -- C:\WINDOWS\tasks\IMF_AutoScan.job
[2011/06/17 12:46:47 | 000,000,994 | ---- | C] () -- C:\WINDOWS\tasks\Paragon Archive name arc_170611154527515.job
[2011/06/17 11:42:14 | 000,000,048 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/06/17 11:08:37 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/06/17 02:56:02 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\ASC4_AutoSweep.job
[2011/06/17 02:54:42 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\ASC4_AutoUpdate.job
[2011/06/17 02:34:00 | 000,000,908 | ---- | C] () -- C:\Documents and Settings\DAVID\Application Data\Microsoft\Internet Explorer\Quick Launch\Protected Folder.lnk
[2011/06/17 02:34:00 | 000,000,890 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Protected Folder.lnk
[2011/06/17 02:33:23 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\DAVID\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 4.lnk
[2011/06/17 02:33:23 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 4.lnk
[2011/06/17 02:23:11 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IObit Malware Fighter.lnk
[2011/06/17 02:21:03 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/06/15 16:09:14 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/05/09 17:55:50 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SysEngine2.SYS
[2011/05/05 16:08:07 | 000,153,600 | ---- | C] () -- C:\WINDOWS\System32\AI_ContextMenu.dll
[2011/05/05 13:46:25 | 000,000,028 | ---- | C] () -- C:\WINDOWS\v2d.INI
[2011/05/04 17:23:08 | 000,000,587 | ---- | C] () -- C:\Documents and Settings\DAVID\Application Data\AutoGK.ini
[2011/04/23 13:52:14 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010/08/27 15:01:48 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\cplldr.dll
[2010/08/15 12:35:31 | 000,000,065 | ---- | C] () -- C:\WINDOWS\MIDIFixer.INI
[2010/05/21 14:28:07 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/05/03 19:35:54 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\DAVID\Local Settings\Application Data\housecall.guid.cache
[2010/04/09 01:39:56 | 000,117,871 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/02/10 01:21:49 | 000,696,832 | ---- | C] () -- C:\WINDOWS\is-75ORC.exe
[2009/12/16 12:40:31 | 000,000,347 | ---- | C] () -- C:\WINDOWS\AudioDVD.INI
[2009/12/15 13:01:47 | 000,000,050 | ---- | C] () -- C:\WINDOWS\RKACCUBURN.INI
[2009/11/25 17:34:26 | 000,005,016 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\kbkwknay.ayh
[2009/11/16 14:16:19 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009/11/16 14:16:19 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009/10/26 20:39:44 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\AscSQLite.dll
[2009/10/26 13:38:25 | 000,163,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys
[2009/10/26 06:18:11 | 000,064,512 | ---- | C] () -- C:\Documents and Settings\DAVID\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/21 17:50:50 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/10/21 17:50:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/10/20 15:19:30 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/10/10 23:15:26 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\mtbjfghn.xbe
[2009/10/10 18:35:27 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2009/10/10 18:07:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2009/10/10 15:58:44 | 000,003,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\BS_Flash.sys
[2009/10/08 00:46:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/07 23:58:17 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/10/07 23:57:49 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/10/07 23:24:54 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2009/10/07 21:21:10 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/10/07 21:16:38 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/10/07 18:07:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/10/07 18:05:27 | 000,142,832 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/25 18:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/08 20:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/01/05 15:44:10 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/02/19 03:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2008/02/07 11:05:18 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2007/11/09 19:06:47 | 000,004,666 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM0.DLL
[2004/08/05 09:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/05 09:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/05 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/05 09:00:00 | 000,441,876 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/05 09:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004/08/05 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/05 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/05 09:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/05 09:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004/08/05 09:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2004/08/05 09:00:00 | 000,071,686 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/05 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/05 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/05 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/05 09:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/05 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/05 09:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/10/15 19:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF
@Alternate Data Stream - 16 bytes -> C:\Documents and Settings\DAVID\My Documents\Shareaza Downloads:Shareaza.GUID
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63238B95
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80337C03

< End of report >