OTL logfile created on: 12/21/2011 6:27:14 AM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Downloads\Geek to Go
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 1.20 Gb Available Physical Memory | 60.39% Memory free
3.84 Gb Paging File | 2.99 Gb Available in Paging File | 77.96% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 25.38 Gb Free Space | 34.07% Space Free | Partition Type: NTFS
 
Computer Name: USER-W05P6ZM3U6 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/12/21 06:11:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Downloads\Geek to Go\OTL.exe
PRC - [2011/12/15 08:41:50 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/12/14 07:04:16 | 000,107,000 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2011/12/12 23:09:09 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011/11/28 10:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/11/28 10:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2011/11/28 10:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/10/03 04:06:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\javaw.exe
PRC - [2011/10/03 04:06:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\java.exe
PRC - [2011/03/21 13:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/09/16 11:06:03 | 000,622,504 | ---- | M] () -- C:\Program Files\OnlyWire\OnlyWireWindows.exe
PRC - [2010/05/19 15:20:44 | 012,776,728 | ---- | M] () -- C:\Program Files\RegCure\RegCure.exe
PRC - [2009/05/25 17:31:09 | 000,733,188 | ---- | M] (NCH Software) -- C:\Program Files\NCH Swift Sound\MSRS\msrs.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 16:12:14 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2004/04/06 18:35:10 | 000,929,904 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\incdsrv.exe
PRC - [2001/10/23 22:31:16 | 000,147,456 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
PRC - [2001/10/02 11:34:58 | 000,094,208 | ---- | M] () -- C:\Program Files\Netropa\Multimedia Keyboard\Traymon.exe
PRC - [2001/09/17 12:48:42 | 000,090,112 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Onscreen Display\osd.exe
PRC - [2001/08/06 13:41:48 | 000,028,672 | ---- | M] () -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011/12/21 00:28:01 | 001,651,200 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11122100\algo.dll
MOD - [2011/12/20 12:03:17 | 001,650,688 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11122001\algo.dll
MOD - [2011/12/19 15:49:56 | 000,241,528 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11122100\aswRep.dll
MOD - [2011/12/19 15:49:56 | 000,241,528 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11122001\aswRep.dll
MOD - [2011/11/08 12:46:02 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/03/21 13:10:36 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 13:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/09/16 11:06:03 | 000,622,504 | ---- | M] () -- C:\Program Files\OnlyWire\OnlyWireWindows.exe
MOD - [2010/05/19 15:20:46 | 000,077,592 | ---- | M] () -- C:\Program Files\RegCure\zlibwapi.dll
MOD - [2010/05/19 15:20:44 | 012,776,728 | ---- | M] () -- C:\Program Files\RegCure\RegCure.exe
MOD - [2010/05/19 15:20:44 | 000,541,976 | ---- | M] () -- C:\Program Files\RegCure\AutoUpdate.dll
MOD - [2001/10/02 11:34:58 | 000,094,208 | ---- | M] () -- C:\Program Files\Netropa\Multimedia Keyboard\Traymon.exe
MOD - [2001/08/06 13:41:48 | 000,028,672 | ---- | M] () -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
MOD - [2000/06/08 09:09:00 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\msiosd32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011/11/28 10:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2011/11/28 10:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/05/25 17:31:09 | 000,733,188 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files\NCH Swift Sound\MSRS\msrs.exe -- (MSRSService)
SRV - [2004/04/06 18:35:10 | 000,929,904 | ---- | M] (Ahead Software AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\incdsrv.exe -- (InCDsrv)
SRV - [2001/08/06 13:41:48 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe -- (nhksrv)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/11/28 09:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011/11/28 09:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 09:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 09:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011/11/28 09:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 09:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 09:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 09:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 09:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/06/28 12:10:45 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2009/01/06 18:00:08 | 004,968,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/06/24 09:45:18 | 000,113,896 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2008/02/25 05:39:08 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2007/12/17 16:14:06 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007/08/21 15:50:54 | 000,030,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l251x86.sys -- (AtcL002)
DRV - [2007/05/15 14:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/08/12 18:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/04/06 18:40:10 | 000,025,600 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2004/04/06 18:39:20 | 000,089,472 | ---- | M] (Ahead Software AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2003/12/05 01:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/10/15 14:43:18 | 000,006,656 | ---- | M] (Netropa Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Msikbd2k.sys -- (msikbd2k)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr8/*http://www.yahoo.com/ext/search/search.html
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-21-1482476501-115176313-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1482476501-115176313-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1
IE - HKU\S-1-5-21-1482476501-115176313-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1482476501-115176313-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B4 86 92 31 41 9D CB 01  [binary data]
IE - HKU\S-1-5-21-1482476501-115176313-682003330-500\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1482476501-115176313-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.startup.homepage: "http://www.isoregister.com/login.php|about:myworld"
FF - prefs.js..extensions.enabledItems: {b01bf10c-302a-11da-b67b-000d60ca027b}:2.6.1
FF - prefs.js..flock.keyword.provider: "Yahoo!"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine:  File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/15 08:42:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5.5\extensions\\Components: C:\Program Files\Flock\components [2011/12/15 08:41:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5.5\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/12/15 08:41:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.6.1\extensions\\Components: C:\Program Files\Flock\components [2011/12/15 08:41:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.6.1\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/12/15 08:41:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/28 13:37:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2011/12/14 07:04:58 | 000,000,000 | ---D | M]
 
[2009/05/29 06:36:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2009/12/02 06:32:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2009/05/29 06:36:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2010/11/20 12:07:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions
[2010/04/03 18:18:50 | 000,000,000 | ---D | M] (Free Traffic Bar Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{0ed0633c-a54d-47f1-94e7-5bded41ae674}
[2010/04/03 18:18:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{0ed0633c-a54d-47f1-94e7-5bded41ae674}-trash
[2010/07/12 08:15:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/24 10:58:49 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2009/10/12 08:25:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2010/08/03 07:40:54 | 000,000,000 | ---D | M] (AddThis) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2010/04/03 18:18:34 | 000,000,000 | ---D | M] (AniWeather) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
[2010/08/29 09:03:09 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/04/03 18:18:35 | 000,000,000 | ---D | M] (Firefox Showcase) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2010/07/11 15:28:45 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/07/12 08:15:18 | 000,000,000 | ---D | M] ("CoolPreviews") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010/07/12 08:13:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/19 06:09:07 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/05/18 06:35:51 | 000,000,000 | ---D | M] ("Dictionary.com Toolbar") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/04/03 18:17:51 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/07/19 06:09:07 | 000,000,000 | ---D | M] ("MultirowBookmarksToolbar") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2010/04/03 18:18:46 | 000,000,000 | ---D | M] (bit.ly preview) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\bitlypreview@jay.ridgeway
[2010/04/03 18:18:38 | 000,000,000 | ---D | M] ("CyberSearch") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\cybersearch@cybernetnews.com
[2010/04/06 17:44:10 | 000,000,000 | ---D | M] (Read It Later) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\isreaditlater@ideashower.com
[2008/12/19 22:30:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\keyscrambler@qfx.software.corporation
[2010/07/12 08:15:21 | 000,000,000 | ---D | M] ("Multiple Tab Handler") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\multipletab@piro.sakura.ne.jp
[2010/07/12 08:13:07 | 000,000,000 | ---D | M] (Cooliris) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\piclens@cooliris.com
[2009/10/12 08:31:34 | 000,000,000 | ---D | M] (QuickDrag) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\quickdrag@mozilla.ktechcomputing.com
[2010/04/03 18:18:48 | 000,000,000 | ---D | M] (SEO Blogger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\seo-blogger@wordtracker.com
[2009/11/24 11:00:40 | 000,000,000 | ---D | M] (SeoQuake Plugin - Seolinx) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\seoquake-plugin-seolinx@seoquake.com
[2010/08/29 09:03:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\staged-xpis
[2010/07/12 08:13:46 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zdunryuk.default\extensions\tineye@ideeinc.com
 
[color=#E56717]========== Chrome  ==========[/color]
 
 
O1 HOSTS File: ([2001/08/23 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Free Traffic Bar Toolbar) - {0ed0633c-a54d-47f1-94e7-5bded41ae674} - C:\Program Files\Free_Traffic_Bar\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (ShopperReports) - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (SmartShopper Inc.)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SQplus) - {CCF078EE-B071-4C40-9E57-F7B5962E8C95} - C:\Program Files\SeoQuake\SQplus.dll ()
O3 - HKLM\..\Toolbar: (Free Traffic Bar Toolbar) - {0ed0633c-a54d-47f1-94e7-5bded41ae674} - C:\Program Files\Free_Traffic_Bar\prxtbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (SeoQuake) - {9C590067-8A6A-4db6-B052-069283790B04} - C:\Program Files\SeoQuake\SeoQuake.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1482476501-115176313-682003330-500\..\Toolbar\WebBrowser: (Free Traffic Bar Toolbar) - {0ED0633C-A54D-47F1-94E7-5BDED41AE674} - C:\Program Files\Free_Traffic_Bar\prxtbFre0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1482476501-115176313-682003330-500\..\Toolbar\WebBrowser: (Mp3Rocket Toolbar) - {4C350B19-6CA1-4569-B14C-296D8D65300B} - "C:\Program Files\MP3 Rocket Toolbar\mp3rockettb.dll" File not found
O3 - HKU\S-1-5-21-1482476501-115176313-682003330-500\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe (Netropa Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1482476501-115176313-682003330-500..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\OnlyWire.LNK = C:\Program Files\OnlyWire\OnlyWireWindows.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-1482476501-115176313-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-1482476501-115176313-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-21-1482476501-115176313-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-1482476501-115176313-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1482476501-115176313-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-1482476501-115176313-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (SmartShopper Inc.)
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (SmartShopper Inc.)
O15 - HKU\S-1-5-21-1482476501-115176313-682003330-500\..Trusted Domains: istockphoto.com ([secure] https in Trusted sites)
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} http://www.worldwinner.com/games/v46/scrabblecubes/scrabblecubes.cab (ScrabbleCubes Control)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0DA69429-A757-4D6F-A827-DB1AF052DDAF} https://mytbb.primus.ca/webportal/plugins/VA.cab ()
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Monopoly%20Here%20and%20Now/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} http://www.bestmark.com/support/ScriptX.cab (MeadCo ScriptX)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2E4A92AB-F2C0-456A-9935-B715439790D7} https://www.permissionresearch.com/Config/CSetup_hooking_xp.cab (Setup Class)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/67.11/uploader2.cab (UploadListView Class)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab (Bejeweled Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1193513582156 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1218068981281 (MUWebControl Class)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (Reg Error: Key error.)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.4/jinstall-14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Yahtzee/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://googleonline.webex.com/client/T27LC/nbr/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4E47413-1CF5-4193-BB25-7C4AF7982CA6}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/27 10:45:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/12/15 08:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/12/15 08:42:24 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2011/12/15 08:41:56 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2011/12/15 08:41:55 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2011/12/15 08:41:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/12/14 07:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\RoboForm
[2011/12/14 07:05:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\RoboForm
[2011/12/12 23:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/04 07:18:40 | 000,463,699 | ---- | C] (Tilman Hausherr) -- C:\Program Files\Setup.exe
[2008/09/07 15:55:04 | 000,207,872 | ---- | C] (Funkytoad.com) -- C:\Program Files\ZonedOut.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/12/21 06:02:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/21 05:53:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-115176313-682003330-500UA.job
[2011/12/20 23:04:39 | 000,000,114 | -H-- | M] () -- C:\WINDOWS\popcreg.dat
[2011/12/20 23:04:39 | 000,000,038 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2011/12/20 22:27:53 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B3373D59-21A2-40B0-B7E0-6FE630ED01A1}.job
[2011/12/20 22:27:03 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/20 22:24:42 | 000,000,245 | ---- | M] () -- C:\WINDOWS\Msiosd.ini
[2011/12/20 22:24:22 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1482476501-115176313-682003330-500.job
[2011/12/20 22:24:18 | 000,000,032 | ---- | M] () -- C:\WINDOWS\MMKEYBD.INI
[2011/12/20 22:24:09 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/20 22:24:08 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\FreeFileViewerUpdateChecker.job
[2011/12/20 22:24:06 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Startup.job
[2011/12/20 22:23:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/20 18:53:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-115176313-682003330-500Core1cc06789b3ca7ac.job
[2011/12/20 18:00:00 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2011/12/20 17:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2011/12/18 04:25:01 | 000,000,388 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2011/12/18 03:46:00 | 000,000,454 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2011/12/16 02:29:01 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2011/12/15 08:44:30 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1482476501-115176313-682003330-500.job
[2011/12/15 08:42:24 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2011/12/15 08:41:56 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2011/12/15 08:41:55 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2011/12/15 08:41:52 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011/12/15 03:21:06 | 000,497,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 03:03:45 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/02 21:30:51 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/29 20:30:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/11/28 10:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/28 10:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/28 09:54:38 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011/11/28 09:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/28 09:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/28 09:53:22 | 000,195,416 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011/11/28 09:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/28 09:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/28 09:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/28 09:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/28 09:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/28 09:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/11/23 05:25:32 | 001,859,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2011/11/23 05:25:32 | 001,859,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/11/17 16:50:43 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2010/06/28 13:36:17 | 000,023,113 | ---- | C] () -- C:\WINDOWS\hpqins15.dat
[2010/06/27 11:22:35 | 000,205,415 | ---- | C] () -- C:\WINDOWS\hpwins26.dat
[2010/06/27 11:22:35 | 000,000,370 | ---- | C] () -- C:\WINDOWS\hpwmdl26.dat
[2010/02/10 14:32:34 | 000,000,047 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Best10Player.upd
[2010/02/10 14:32:13 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\best10freeleads.dbf
[2010/02/10 14:32:13 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\best10freeleads.DBT
[2009/12/11 23:01:23 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/10/17 11:00:38 | 000,516,096 | ---- | C] () -- C:\WINDOWS\iwexec.exe
[2009/08/25 23:11:39 | 000,000,031 | ---- | C] () -- C:\WINDOWS\warhead.ini
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/27 20:32:14 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\windriver32.ini
[2009/07/07 18:16:42 | 000,000,058 | ---- | C] () -- C:\WINDOWS\menumake.INI
[2009/06/28 13:28:10 | 000,001,163 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/06/23 07:40:03 | 000,161,542 | ---- | C] () -- C:\WINDOWS\Webmaster Email Extractor Uninstaller.exe
[2009/05/23 06:43:25 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009/05/23 06:43:25 | 000,012,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009/05/17 04:56:11 | 000,000,296 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2009/05/17 04:56:11 | 000,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2009/05/17 04:56:11 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2008/11/15 11:24:01 | 000,000,114 | -H-- | C] () -- C:\WINDOWS\popcreg.dat
[2008/11/15 09:24:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2008/09/07 16:23:10 | 000,038,213 | ---- | C] () -- C:\Program Files\ZonedOut.chm
[2008/08/11 15:09:00 | 000,000,148 | ---- | C] () -- C:\WINDOWS\BAGO.INI
[2008/06/02 11:43:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/03/05 18:26:18 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/04 20:54:22 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2008/01/22 19:35:13 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/01/21 20:14:15 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/12/19 02:54:15 | 000,000,032 | ---- | C] () -- C:\WINDOWS\MMKEYBD.INI
[2007/12/18 14:40:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/12/18 14:40:23 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2007/12/18 14:40:23 | 000,000,245 | ---- | C] () -- C:\WINDOWS\Msiosd.ini
[2007/12/11 08:20:50 | 001,358,156 | ---- | C] () -- C:\WINDOWS\System32\model.dat
[2007/12/11 08:19:27 | 000,966,656 | ---- | C] () -- C:\WINDOWS\System32\LDPackage.dll
[2007/11/21 14:14:04 | 000,000,041 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/11/20 08:05:20 | 000,000,014 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/11/18 21:16:59 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2007/11/16 17:36:10 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2007/11/16 17:36:10 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2007/11/16 17:36:10 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2007/11/16 17:36:10 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2007/11/16 17:36:10 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2007/11/16 17:36:10 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2007/11/16 17:36:10 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2007/11/16 17:36:10 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2007/11/16 17:36:10 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2007/11/16 17:36:10 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2007/11/16 17:36:10 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2007/11/16 17:36:10 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2007/11/16 17:36:10 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2007/11/16 17:36:10 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2007/11/16 17:36:10 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2007/11/16 17:36:10 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/16 17:30:42 | 000,000,044 | ---- | C] () -- C:\WINDOWS\PERFV100V350.ini
[2007/11/15 09:46:01 | 000,000,173 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2007/11/15 09:45:48 | 000,040,129 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2007/11/15 09:45:41 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007/10/30 19:27:31 | 000,009,418 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/10/28 09:30:52 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2007/10/27 19:10:01 | 000,372,736 | R--- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2007/10/27 11:42:15 | 000,000,794 | ---- | C] () -- C:\WINDOWS\lrun32.ini
[2007/10/27 11:41:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI
[2007/10/27 11:32:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/27 11:22:50 | 000,200,704 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll
[2007/10/27 10:51:31 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/10/27 10:51:17 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/10/27 10:47:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/10/27 10:42:35 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/10/27 03:37:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/10/27 03:36:02 | 000,497,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/08/03 06:29:06 | 000,023,134 | ---- | C] () -- C:\Program Files\s.php
[2007/08/03 06:11:28 | 000,004,062 | ---- | C] () -- C:\Program Files\list.php
[2007/08/02 23:18:40 | 000,042,122 | ---- | C] () -- C:\Program Files\functions.php
[2007/08/02 23:00:52 | 000,001,483 | ---- | C] () -- C:\Program Files\silent_post.php
[2007/08/02 19:57:18 | 000,006,020 | ---- | C] () -- C:\Program Files\bouncechecker.php
[2007/07/29 18:28:18 | 000,025,750 | ---- | C] () -- C:\Program Files\sendmails.php
[2007/07/27 21:54:28 | 000,041,433 | ---- | C] () -- C:\Program Files\manual.html
[2007/07/24 18:45:04 | 000,000,518 | ---- | C] () -- C:\Program Files\subhandler.php
[2007/07/24 18:36:42 | 000,002,588 | ---- | C] () -- C:\Program Files\sub_wrapper.php
[2007/07/19 01:50:48 | 000,003,128 | ---- | C] () -- C:\Program Files\get_config_vars.php
[2007/07/18 20:52:18 | 000,000,254 | ---- | C] () -- C:\Program Files\PKG-INFO
[2007/07/18 20:51:20 | 000,000,313 | ---- | C] () -- C:\Program Files\setup.py
[2007/07/18 20:42:36 | 000,006,712 | ---- | C] () -- C:\Program Files\example_config.xml
[2007/07/18 20:42:36 | 000,000,082 | ---- | C] () -- C:\Program Files\._example_config.xml
[2007/07/18 20:41:06 | 000,002,669 | ---- | C] () -- C:\Program Files\ChangeLog
[2007/07/18 20:33:30 | 000,069,239 | ---- | C] () -- C:\Program Files\sitemap_gen.py
[2007/07/17 02:23:36 | 000,015,338 | ---- | C] () -- C:\Program Files\mailbursts.php
[2007/07/17 01:01:16 | 000,009,114 | ---- | C] () -- C:\Program Files\defs.sql
[2007/07/17 00:19:06 | 000,010,917 | ---- | C] () -- C:\Program Files\messages.php
[2007/07/16 22:41:50 | 000,004,661 | ---- | C] () -- C:\Program Files\tagref.html
[2007/07/16 22:08:16 | 000,022,380 | ---- | C] () -- C:\Program Files\admin.php
[2007/07/16 15:29:10 | 000,002,896 | ---- | C] () -- C:\Program Files\edit_config.php
[2007/07/07 19:48:48 | 000,003,027 | ---- | C] () -- C:\Program Files\get_config_vars_funky.php
[2007/07/01 15:53:46 | 000,017,369 | ---- | C] () -- C:\Program Files\responders.php
[2007/06/26 11:36:52 | 000,000,305 | ---- | C] () -- C:\Program Files\tinyMCE_simple.php
[2007/06/26 11:36:48 | 000,001,666 | ---- | C] () -- C:\Program Files\tinyMCE_full.php
[2007/06/26 11:36:42 | 000,000,398 | ---- | C] () -- C:\Program Files\tinyMCE.php
[2007/06/24 19:47:06 | 000,001,111 | ---- | C] () -- C:\Program Files\README
[2007/06/24 11:44:14 | 000,009,405 | ---- | C] () -- C:\Program Files\mailchecker-verbose.php
[2007/06/24 11:42:14 | 000,009,406 | ---- | C] () -- C:\Program Files\mailchecker.php
[2007/06/22 06:46:38 | 000,000,486 | ---- | C] () -- C:\Program Files\config.php
[2007/06/22 05:53:38 | 000,000,914 | ---- | C] () -- C:\Program Files\logout.php
[2007/06/22 05:40:04 | 000,003,654 | ---- | C] () -- C:\Program Files\regexps.php
[2007/06/22 05:40:00 | 000,004,079 | ---- | C] () -- C:\Program Files\blacklist.php
[2007/06/22 05:30:28 | 000,001,357 | ---- | C] () -- C:\Program Files\tools.php
[2007/06/22 05:16:30 | 000,010,690 | ---- | C] () -- C:\Program Files\bouncers.php
[2007/06/17 09:06:46 | 000,000,912 | ---- | C] () -- C:\Program Files\check_install.php
[2007/06/17 08:15:18 | 000,000,238 | ---- | C] () -- C:\Program Files\popup_js.php
[2007/06/14 13:08:56 | 000,009,845 | ---- | C] () -- C:\Program Files\move_subscriber.php
[2007/06/04 11:37:36 | 000,001,741 | ---- | C] () -- C:\Program Files\evilness-filter.php
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2006/12/15 14:49:28 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\VoissUtils.dll
[2005/06/16 12:41:30 | 000,001,791 | ---- | C] () -- C:\Program Files\COPYING
[2005/06/16 12:41:30 | 000,000,023 | ---- | C] () -- C:\Program Files\AUTHORS
[2005/02/15 10:22:54 | 000,000,356 | ---- | C] () -- C:\Program Files\index.php
[2004/08/02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001/08/23 04:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 04:00:00 | 000,436,710 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 04:00:00 | 000,069,600 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 04:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 04:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/15 16:48:32 | 000,170,585 | ---- | C] () -- C:\WINDOWS\System32\MCPrintX.dll
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52B72A7C
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F2F06F2
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:538DC028
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:77248999
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A6F413D
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AA243C48
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AFFC859A
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EA34E08F

< End of report >