OTL logfile created on: 7/28/2011 4:11:25 PM - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Amanda\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1015.17 Mb Total Physical Memory | 490.27 Mb Available Physical Memory | 48.29% Memory free 2.38 Gb Paging File | 1.94 Gb Available in Paging File | 81.28% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 144.12 Gb Total Space | 137.27 Gb Free Space | 95.25% Space Free | Partition Type: NTFS Computer Name: ELSENER | User Name: Amanda | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/07/28 16:10:58 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Amanda\Desktop\OTL.scr PRC - [2009/05/08 10:42:54 | 000,395,776 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe PRC - [2009/04/16 19:46:30 | 000,630,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe PRC - [2009/04/16 18:58:54 | 000,118,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe PRC - [2009/03/25 10:43:40 | 000,376,832 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe PRC - [2009/03/13 16:15:02 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/07/28 16:10:58 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Amanda\Desktop\OTL.scr MOD - [2008/04/14 08:00:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (wuauserv) SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart) SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2009/04/27 19:26:44 | 005,074,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/04/20 10:38:18 | 000,232,872 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service) DRV - [2009/03/13 23:05:26 | 001,528,928 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2009/03/02 01:03:47 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c) DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2008/11/19 16:21:28 | 000,039,040 | ---- | M] (GenesysLogic Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\uvclf.sys -- (uvclf) DRV - [2008/08/05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008/04/08 15:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI) DRV - [2006/01/04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) O1 HOSTS File: ([2011/07/28 15:58:25 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKCU..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.) O4 - Startup: C:\Documents and Settings\Amanda\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Eee PC Seashell_1.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Eee PC Seashell_1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/04/28 01:03:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: wuauserv - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/07/28 16:10:55 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Amanda\Desktop\OTL.scr [2011/07/28 15:58:21 | 000,000,000 | ---D | C] -- C:\_OTM [2011/07/28 15:57:09 | 000,522,752 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Amanda\Desktop\OTM.exe [2011/07/28 15:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT [2011/07/28 15:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2011/07/28 15:14:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Application Data\Malwarebytes [2011/07/28 15:14:31 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/07/28 15:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/07/28 15:14:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/07/28 15:14:25 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/07/28 15:14:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/07/28 15:01:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2011/07/28 14:44:14 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/07/28 14:39:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/07/28 14:39:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/07/28 14:39:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/07/28 14:39:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/07/28 14:38:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/07/28 14:38:20 | 000,000,000 | --SD | C] -- C:\ComboFix [2011/07/28 14:35:24 | 004,156,812 | R--- | C] (Swearware) -- C:\Documents and Settings\Amanda\Desktop\ComboFix.exe [2011/07/28 14:31:12 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/07/28 14:30:43 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2011/07/28 14:26:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Application Data\Macromedia [2011/07/28 14:09:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos [2011/07/28 14:09:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\Start Menu\Programs\Administrative Tools [2011/07/28 14:03:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2011/07/28 14:00:28 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Amanda\Application Data\Microsoft [2011/07/28 14:00:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Amanda\SendTo [2011/07/28 14:00:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Amanda\Recent [2011/07/28 14:00:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Amanda\Application Data [2011/07/28 14:00:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\Start Menu\Programs\Startup [2011/07/28 14:00:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\Start Menu [2011/07/28 14:00:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\My Documents\My Pictures [2011/07/28 14:00:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\My Documents\My Music [2011/07/28 14:00:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\My Documents [2011/07/28 14:00:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\Favorites [2011/07/28 14:00:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Amanda\Start Menu\Programs\Accessories [2011/07/28 14:00:28 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Amanda\Cookies [2011/07/28 14:00:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Amanda\Templates [2011/07/28 14:00:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Amanda\PrintHood [2011/07/28 14:00:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Amanda\NetHood [2011/07/28 14:00:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Amanda\Local Settings [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Local Settings\Application Data\SRS Labs [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\My Documents\My Videos [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\My Documents\My Office [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\My Documents\My Ebooks [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Local Settings\Application Data\Microsoft Help [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Local Settings\Application Data\Microsoft [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Application Data\InstallShield [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Application Data\Identities [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Desktop [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Local Settings\Application Data\ApplicationHistory [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Local Settings\Application Data\Adobe [2011/07/28 14:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Amanda\Application Data\Adobe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/07/28 16:10:58 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Amanda\Desktop\OTL.scr [2011/07/28 16:10:26 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Amanda\Desktop\MBR.dat [2011/07/28 16:04:13 | 000,401,964 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/07/28 16:04:13 | 000,063,094 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/07/28 15:59:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/07/28 15:58:25 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2011/07/28 15:57:14 | 000,522,752 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Amanda\Desktop\OTM.exe [2011/07/28 15:55:33 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Amanda\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2011/07/28 15:55:31 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Amanda\Desktop\NTREGOPT.lnk [2011/07/28 15:55:31 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Amanda\Desktop\ERUNT.lnk [2011/07/28 15:14:31 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011/07/28 14:44:31 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2011/07/28 14:30:35 | 004,156,812 | R--- | M] (Swearware) -- C:\Documents and Settings\Amanda\Desktop\ComboFix.exe [2011/07/28 14:00:53 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/07/28 14:00:43 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Amanda\Desktop\Windows Media Player.lnk [2011/07/28 14:00:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/07/28 13:59:53 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2011/07/28 13:58:02 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2011/07/28 13:53:38 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/07/28 16:10:26 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Amanda\Desktop\MBR.dat [2011/07/28 15:55:33 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Amanda\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2011/07/28 15:55:31 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Amanda\Desktop\NTREGOPT.lnk [2011/07/28 15:55:31 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Amanda\Desktop\ERUNT.lnk [2011/07/28 15:14:31 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011/07/28 14:44:29 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2011/07/28 14:44:18 | 000,260,272 | RHS- | C] () -- C:\cmldr [2011/07/28 14:39:43 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/07/28 14:39:43 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/07/28 14:39:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/07/28 14:39:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/07/28 14:39:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/07/28 14:00:53 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Amanda\Start Menu\Programs\Internet Explorer.lnk [2011/07/28 14:00:43 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\Amanda\Desktop\Windows Media Player.lnk [2011/07/28 14:00:28 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Amanda\Start Menu\Programs\Remote Assistance.lnk [2011/07/28 14:00:28 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/07/28 14:00:28 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Amanda\Start Menu\Programs\Windows Media Player.lnk [2011/07/28 14:00:28 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Amanda\Start Menu\Programs\Outlook Express.lnk [2011/07/28 14:00:28 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\Amanda\Desktop\Install Norton Internet Security.lnk [2011/07/28 14:00:28 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Amanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf [2009/05/05 14:13:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2009/05/05 13:16:46 | 000,232,872 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys [2009/05/05 12:03:49 | 000,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini [2009/05/05 12:03:49 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini [2009/05/05 12:02:03 | 000,013,650 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat [2009/05/05 12:00:13 | 000,000,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat [2009/05/05 12:00:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat [2009/05/05 11:52:19 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll [2009/04/28 01:06:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009/04/28 01:02:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009/04/28 00:51:49 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2009/04/28 00:51:38 | 000,401,964 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2009/04/28 00:51:38 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2009/04/28 00:51:38 | 000,063,094 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2009/04/28 00:51:38 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2009/04/28 00:51:38 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2009/04/28 00:51:37 | 000,004,562 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2009/04/28 00:51:36 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2009/04/28 00:51:36 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2009/04/28 00:51:34 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2009/04/28 00:51:34 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2009/04/28 00:51:32 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2009/04/28 00:51:29 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2009/04/27 17:58:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/04/27 17:58:00 | 000,245,512 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [color=#E56717]========== LOP Check ==========[/color] [2009/05/05 12:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wireless LAN Card [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe [2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe [2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2009/02/20 06:20:49 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2009/02/20 06:20:49 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2009/02/20 06:20:49 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/02/28 00:54:41 | 000,636,072 | ---- | M] (Microsoft Corporation) [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2009/02/20 06:20:49 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2009/02/20 06:20:49 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2009/02/20 06:20:49 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/02/28 00:54:41 | 000,636,072 | ---- | M] (Microsoft Corporation) < End of report >