OTL logfile created on: 12/8/2011 10:30:16 AM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = F:\Malware_Cleanup
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
509.98 Mb Total Physical Memory | 359.57 Mb Available Physical Memory | 70.51% Memory free
1.22 Gb Paging File | 1.14 Gb Available in Paging File | 93.30% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 108.59 Gb Total Space | 91.52 Gb Free Space | 84.29% Space Free | Partition Type: NTFS
Drive D: | 37.24 Gb Total Space | 37.17 Gb Free Space | 99.83% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 696.24 Gb Free Space | 74.74% Space Free | Partition Type: NTFS
 
Computer Name: D56WSZ91 | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/12/08 10:23:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- F:\Malware_Cleanup\OTL.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011/11/28 10:46:27 | 000,037,888 | ---- | M] () -- C:\WINDOWS\system32\sqlesw32.dll
MOD - [2004/08/04 03:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (MSDTC)
SRV - File not found [On_Demand | Stopped] --  -- (hpqcxs08)
SRV - File not found [On_Demand | Stopped] --  -- (CA_LIC_CLNT)
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - File not found [Auto | Stopped] --  -- (6to4)
SRV - [2011/11/28 10:46:27 | 000,162,304 | ---- | M] (Intel Corporation                                           ) [Auto | Stopped] -- C:\WINDOWS\system32\sqlcsw32.dll -- (SqlCSS)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/23 09:39:40 | 000,161,144 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist Express Customer\309\g2ax_service.exe -- (GoToAssist Express Customer)
SRV - [2005/02/23 15:56:12 | 000,053,248 | ---- | M] (Computer Associates) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe -- (LogWatch)
SRV - [2004/04/07 10:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Stopped] -- C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe -- (AOL ACS)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/08/17 06:49:54 | 000,138,496 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Afc.sys -- (Afc)
DRV - [2004/09/17 12:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/11/17 19:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 19:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 19:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 14:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-21-1637448945-1350835239-854875492-500\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\S-1-5-21-1637448945-1350835239-854875492-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKU\S-1-5-21-1637448945-1350835239-854875492-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@ei.CouponAlert_2p.com/Plugin: C:\Program Files\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=3.0: C:\Program Files\Virtual Earth 3D\ [2009/03/21 08:28:56 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
 
 
Hosts file not found
O2 - BHO: (Coupons.com Toolbar) - {37153479-1976-43c3-a1ee-557513977b64} - C:\Program Files\Coupons.com\prxtbCou0.dll (Conduit Ltd.)
O2 - BHO: (Mapit Toolbar) - {46a21652-3f93-437d-aac0-caa1f6713da0} - C:\Program Files\Mapit\prxtbMap0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Coupons.com Toolbar) - {37153479-1976-43c3-a1ee-557513977b64} - C:\Program Files\Coupons.com\prxtbCou0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Mapit Toolbar) - {46a21652-3f93-437d-aac0-caa1f6713da0} - C:\Program Files\Mapit\prxtbMap0.dll (Conduit Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Coupons.com Toolbar) - {37153479-1976-43C3-A1EE-557513977B64} - C:\Program Files\Coupons.com\prxtbCou0.dll (Conduit Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Mapit Toolbar) - {46A21652-3F93-437D-AAC0-CAA1F6713DA0} - C:\Program Files\Mapit\prxtbMap0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Coupons.com Toolbar) - {37153479-1976-43C3-A1EE-557513977B64} - C:\Program Files\Coupons.com\prxtbCou0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Mapit Toolbar) - {46A21652-3F93-437D-AAC0-CAA1F6713DA0} - C:\Program Files\Mapit\prxtbMap0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Qwest Personal Digital Vault] "C:\Program Files\CenturyLink Personal Digital Vault\QwestPersonalDigitalVault.exe" /m File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe (Adobe Systems, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1637448945-1350835239-854875492-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist Express Customer: DllName - (C:\Program Files\Citrix\GoToAssist Express Customer\309\g2ax_winlogon.dll) - C:\Program Files\Citrix\GoToAssist Express Customer\309\g2ax_winlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\sqlesw32: DllName - (sqlesw32.dll) - C:\WINDOWS\System32\sqlesw32.dll ()
O20 - Winlogon\Notify\Sqlseses: DllName - (sqlesw32.dll) - C:\WINDOWS\System32\sqlesw32.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\web\wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\web\wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 11:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/12/08 10:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\NirSoft BlueScreenView
[2011/12/08 10:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2011/12/08 10:02:13 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/12/06 22:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\LP
[2011/12/06 21:52:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2011/12/06 21:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/06 21:51:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/12/06 21:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/06 20:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2011/12/06 20:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2011/12/06 20:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Corel
[2011/12/06 20:23:57 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2011/12/06 20:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2011/12/06 20:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2011/12/06 20:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\SendTo
[2011/12/06 20:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Recent
[2011/12/06 20:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2011/12/06 20:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2011/12/06 20:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2011/12/06 20:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2011/12/06 20:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Application Data
[2011/12/06 20:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2011/12/06 20:23:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies
[2011/12/06 20:23:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Wildtangent
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Templates
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Symantec
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\NetHood
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Musicmatch
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Dell Accessories
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Dell
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\CCWin
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\BVRP Software
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory
[2011/12/06 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2011/12/06 19:56:50 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/12/06 19:56:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2011/11/28 11:59:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/11/27 21:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2011/11/27 21:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/11/27 16:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\PriceGong
[2011/11/27 16:10:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Conduit
[2011/11/27 16:10:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Mapit
[2011/11/27 16:10:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Coupons.com
[2011/11/19 06:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/11/16 13:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/11/16 13:15:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/11/16 13:15:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/11/16 12:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\5E36C
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/12/08 10:10:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/08 10:06:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/08 10:04:33 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/08 10:00:25 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/08 09:40:47 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2011/12/08 09:40:46 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2011/12/08 08:11:36 | 000,028,160 | ---- | M] () -- C:\WINDOWS\System32\dll.dll
[2011/12/06 21:51:58 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/06 19:57:03 | 000,000,304 | RHS- | M] () -- C:\boot.ini
[2011/12/06 19:41:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2011/12/06 19:40:54 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2011/11/30 07:42:32 | 000,296,595 | ---- | M] () -- C:\WINDOWS\System32\shimg.dll
[2011/11/28 12:03:47 | 000,100,926 | ---- | M] () -- C:\WINDOWS\System32\itusbcore.dat
[2011/11/28 12:03:47 | 000,000,196 | ---- | M] () -- C:\WINDOWS\System32\itlsvc.dat
[2011/11/28 10:46:27 | 000,037,888 | ---- | M] () -- C:\WINDOWS\System32\sqlesw32.dll
[2011/11/28 10:41:10 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2011/11/28 10:41:05 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2011/11/28 08:41:09 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2011/11/28 08:41:09 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2011/11/28 08:35:19 | 000,000,245 | -HS- | M] () -- C:\BOOT.BAK
[2011/11/28 07:40:35 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2011/11/28 07:40:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2011/11/28 06:40:40 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2011/11/28 06:40:38 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2011/11/28 05:40:44 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2011/11/28 05:40:37 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2011/11/28 04:44:58 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2011/11/28 04:44:53 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2011/11/28 03:41:25 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2011/11/28 03:41:24 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2011/11/28 02:41:08 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2011/11/28 02:41:02 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2011/11/28 01:41:40 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/11/28 01:41:14 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/11/28 00:49:20 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/11/28 00:49:06 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2011/11/27 23:41:27 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2011/11/27 23:41:18 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2011/11/27 22:41:21 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2011/11/27 22:41:13 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2011/11/27 21:40:22 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2011/11/27 21:40:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2011/11/27 20:40:42 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2011/11/27 20:40:36 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2011/11/27 18:40:56 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2011/11/27 18:40:49 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2011/11/27 17:42:22 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2011/11/27 17:42:16 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2011/11/27 16:41:13 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2011/11/27 16:41:07 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2011/11/27 15:52:56 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/27 15:40:38 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2011/11/27 15:40:37 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2011/11/27 14:40:47 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2011/11/27 14:40:46 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2011/11/27 13:40:17 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2011/11/27 13:40:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2011/11/27 13:36:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\SDH24u.com.b
[2011/11/27 13:36:17 | 000,111,616 | ---- | M] () -- C:\WINDOWS\System32\SDH24u.com_
[2011/11/27 13:36:17 | 000,111,616 | ---- | M] () -- C:\WINDOWS\System32\SDH24u.com
[2011/11/27 13:36:17 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\jw26oNSeH.dat
[2011/11/27 13:32:03 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2011/11/23 02:29:57 | 000,054,156 | ---- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/11/19 06:03:02 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/11/14 11:21:38 | 000,007,520 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011/11/14 11:21:38 | 000,000,056 | RHS- | M] () -- C:\WINDOWS\System32\B4FBF8641D.sys
[2011/11/12 06:03:18 | 000,232,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/12 03:12:53 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/12 03:11:41 | 000,442,888 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/12 03:11:41 | 000,072,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/12 03:07:36 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2100/02/24 14:15:04 | 000,000,821 | ---- | C] () -- C:\WINDOWS\Lexmark_ICM.ini
[2100/02/16 16:09:06 | 000,000,062 | ---- | C] () -- C:\WINDOWS\System32\LXASUSCI.INI
[2011/12/06 22:11:45 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\dll.dll
[2011/12/06 21:51:58 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/06 20:24:03 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Corel Paint Shop Pro X.lnk
[2011/12/06 20:24:03 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\America Online 9.0.lnk
[2011/12/06 20:24:02 | 000,002,007 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Play Games.lnk
[2011/12/06 20:24:02 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Musicmatch Jukebox.lnk
[2011/12/06 20:24:02 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2011/12/06 20:24:02 | 000,000,683 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/06 20:24:02 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/12/06 20:23:58 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
[2011/12/06 20:23:58 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2011/12/06 20:23:58 | 000,000,642 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2011/12/06 19:56:55 | 000,000,245 | -HS- | C] () -- C:\BOOT.BAK
[2011/12/06 19:56:53 | 000,260,288 | RHS- | C] () -- C:\cmldr
[2011/11/28 12:03:47 | 000,100,926 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
[2011/11/28 12:03:47 | 000,000,196 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
[2011/11/28 10:46:27 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\sqlesw32.dll
[2011/11/28 07:40:36 | 000,111,616 | ---- | C] () -- C:\WINDOWS\System32\SDH24u.com
[2011/11/27 13:36:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SDH24u.com.b
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2011/11/27 13:32:03 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\jw26oNSeH.dat
[2011/11/27 13:32:02 | 000,111,616 | ---- | C] () -- C:\WINDOWS\System32\SDH24u.com_
[2011/11/27 13:32:02 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2011/11/27 13:32:02 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2011/11/27 13:32:02 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2011/11/27 13:32:02 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2011/11/27 13:32:02 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2011/11/27 13:32:02 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2011/11/27 13:32:02 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2011/11/27 13:32:02 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2011/11/27 13:32:02 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2011/11/27 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2011/11/27 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2011/11/27 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2011/11/27 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2011/11/27 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2011/11/27 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2011/11/27 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2011/11/27 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2011/11/27 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2011/11/27 13:32:02 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2011/11/19 06:03:02 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/11/16 13:50:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/11 19:29:02 | 000,296,595 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
[2011/09/28 03:02:48 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/09/27 15:23:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~1kAlMiG2Kb7FzPr
[2011/09/27 15:23:09 | 000,000,208 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~1kAlMiG2Kb7FzP
[2011/09/27 15:22:24 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1kAlMiG2Kb7FzP
[2009/11/14 18:56:54 | 000,077,352 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2009/10/31 13:23:59 | 000,157,529 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2009/10/31 13:23:59 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2009/03/14 13:25:15 | 000,000,081 | ---- | C] () -- C:\WINDOWS\PARSONS.INI
[2008/12/06 09:03:23 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2008/12/06 09:03:23 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2008/12/06 09:03:23 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2008/12/06 09:03:23 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2008/12/06 09:03:23 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2008/12/06 09:03:23 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2008/12/06 09:03:23 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2008/12/06 09:03:23 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/12/06 09:03:22 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2008/12/06 09:03:22 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2008/12/06 09:03:22 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2008/12/06 09:03:22 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2008/12/06 09:03:22 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2008/12/06 09:03:22 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2008/12/06 09:03:22 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2008/12/06 09:03:22 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2008/12/06 09:00:23 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPCX4400.ini
[2008/08/17 14:10:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2007/12/12 17:09:53 | 000,000,031 | ---- | C] () -- C:\WINDOWS\uccspecc.sys
[2007/12/08 12:49:07 | 000,000,020 | ---- | C] () -- C:\WINDOWS\ACMonitor_X83.ini
[2007/12/08 12:47:38 | 000,004,672 | ---- | C] () -- C:\WINDOWS\System32\LXASUSCI.DLL
[2007/03/05 06:45:02 | 000,000,004 | ---- | C] () -- C:\WINDOWS\uccspecb.sys
[2006/06/17 10:58:43 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\B4FBF8641D.sys
[2006/05/30 09:10:13 | 000,000,022 | ---- | C] () -- C:\WINDOWS\CRIBBAGE.INI
[2006/05/26 12:24:27 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/05/25 10:23:30 | 000,002,262 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2006/05/24 21:15:47 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\1D64F8FBB4.sys
[2006/05/24 21:15:46 | 000,007,520 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/05/23 14:44:14 | 000,004,214 | ---- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2006/05/15 22:30:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/15 22:26:14 | 000,000,173 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/05/15 22:21:48 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/05/15 22:19:54 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/05/15 22:15:08 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/05/15 21:54:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/05/15 21:54:08 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/05/15 21:54:06 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 06:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 11:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 11:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 11:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 11:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 10:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 10:57:15 | 000,232,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 10:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 10:51:20 | 000,442,888 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 10:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 10:51:20 | 000,072,154 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 10:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 10:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 10:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 10:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 10:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 10:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 10:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 10:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 10:50:53 | 000,138,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\afd.sys
[2004/03/17 06:12:48 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2004/03/17 06:11:51 | 000,005,428 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2002/04/10 13:11:04 | 000,000,173 | ---- | C] () -- C:\WINDOWS\X83_DS.ini
[2002/03/04 22:33:24 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\LXASBCE.DLL
[2001/10/03 12:40:11 | 000,172,095 | ---- | C] () -- C:\WINDOWS\WaitPrintReg.exe
[2001/05/28 12:26:24 | 000,131,584 | ---- | C] () -- C:\WINDOWS\Ptlic32.exe
[2001/03/05 14:07:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXASICO.DLL
[2001/01/05 13:34:30 | 000,016,812 | ---- | C] () -- C:\WINDOWS\System32\lxas2kpm.dll
[2001/01/05 12:08:02 | 000,008,427 | ---- | C] () -- C:\WINDOWS\System32\lxas2kui.dll
[2000/10/24 09:08:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2000/10/24 09:08:33 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1997/10/24 14:56:36 | 000,000,643 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2006/05/25 10:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2006/05/25 10:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/12/06 14:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008/12/06 09:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james beyerlein\Application Data\Leadertech
[2008/08/20 16:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james beyerlein\Application Data\Netscape
[2011/12/06 22:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james beyerlein\Application Data\PriceGong
[2011/08/11 06:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2011/11/28 10:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\PriceGong
[2011/11/28 00:49:06 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2011/11/28 04:44:58 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2011/11/28 05:40:37 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2011/11/28 05:40:44 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2011/11/28 06:40:38 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2011/11/28 06:40:40 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2011/11/28 07:40:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2011/11/28 07:40:35 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2011/11/28 08:41:09 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2011/11/28 08:41:09 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2011/12/08 09:40:46 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2011/11/28 00:49:20 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2011/12/08 09:40:47 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2011/11/28 10:41:10 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2011/11/28 10:41:05 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2011/11/27 13:32:03 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2011/11/27 13:32:03 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2011/11/27 13:40:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2011/11/27 13:40:17 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2011/11/27 14:40:46 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2011/11/28 01:41:14 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2011/11/27 14:40:47 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2011/11/27 15:40:37 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2011/11/27 15:40:38 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2011/11/27 16:41:07 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2011/11/27 16:41:13 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2011/11/27 17:42:16 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2011/11/27 17:42:22 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2011/11/27 18:40:49 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2011/11/27 18:40:56 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2011/12/06 19:40:54 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2011/11/28 01:41:40 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2011/12/06 19:41:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2011/11/27 20:40:36 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2011/11/27 20:40:42 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2011/11/27 21:40:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2011/11/27 21:40:22 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2011/11/27 22:41:21 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2011/11/27 22:41:13 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2011/11/27 23:41:27 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2011/11/27 23:41:18 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2011/11/28 02:41:02 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2011/11/28 02:41:08 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2011/11/28 03:41:24 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2011/11/28 03:41:25 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2011/11/28 04:44:53 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >