[code] OTS logfile created on: 3/7/2014 6:41:22 AM - Run 1 OTS by OldTimer - Version 3.1.47.2 Folder = C:\Documents and Settings\user1\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,014.00 Mb Total Physical Memory | 428.00 Mb Available Physical Memory | 42.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 80.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 64.51 Gb Total Space | 42.23 Gb Free Space | 65.47% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 8.22 Gb Free Space | 82.16% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: COMPUTER11 Current User Name: user1 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\user1\Desktop\OTS.exe -> [2014/03/07 06:00:45 | 000,646,656 | ---- | M] (OldTimer Tools) msmpeng.exe -> c:\Program Files\Microsoft Security Client\MsMpEng.exe -> [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) msseces.exe -> C:\Program Files\Microsoft Security Client\msseces.exe -> [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) mbamservice.exe -> C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -> [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) mbamgui.exe -> C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe -> [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) mbamscheduler.exe -> C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -> [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) ppshared.exe -> C:\Program Files\PeoplePC\ISP8500\Browser\PPShared.exe -> [2013/02/28 22:58:00 | 000,087,840 | ---- | M] () bartshel.exe -> C:\Program Files\PeoplePC\ISP8500\Browser\BartShel.exe -> [2013/02/28 22:57:59 | 000,172,832 | ---- | M] () ioloservicemanager.exe -> C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -> [2010/03/16 19:05:26 | 000,704,432 | ---- | M] () peoplepc.exe -> C:\Program Files\PeoplePC Accelerated\PeoplePC.exe -> [2009/08/18 12:30:08 | 000,985,143 | ---- | M] () explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) [Modules - No Company Name] ppcinstall.dll -> C:\Program Files\PeoplePC\ISP8500\Bin\PPCInstall.dll -> [2013/03/01 22:40:44 | 000,293,152 | ---- | M] () users.dll -> C:\Program Files\PeoplePC\ISP8500\SmartDialer\Users\Users.dll -> [2013/02/28 22:58:10 | 000,041,760 | ---- | M] () phonebook.dll -> C:\Program Files\PeoplePC\ISP8500\SmartDialer\Phonebooks\PhoneBook.dll -> [2013/02/28 22:58:09 | 000,132,896 | ---- | M] () locations.dll -> C:\Program Files\PeoplePC\ISP8500\SmartDialer\Locations\Locations.dll -> [2013/02/28 22:58:08 | 000,063,776 | ---- | M] () dialer.dll -> C:\Program Files\PeoplePC\ISP8500\SmartDialer\DLL\Dialer.dll -> [2013/02/28 22:58:06 | 000,128,800 | ---- | M] () customdial.dll -> C:\Program Files\PeoplePC\ISP8500\SmartDialer\DLL\CustomDial.dll -> [2013/02/28 22:58:04 | 000,051,488 | ---- | M] () callrecord.dll -> C:\Program Files\PeoplePC\ISP8500\SmartDialer\CallRecordManager\CallRecord.dll -> [2013/02/28 22:58:03 | 000,090,400 | ---- | M] () ppshared.exe -> C:\Program Files\PeoplePC\ISP8500\Browser\PPShared.exe -> [2013/02/28 22:58:00 | 000,087,840 | ---- | M] () bartshel.exe -> C:\Program Files\PeoplePC\ISP8500\Browser\BartShel.exe -> [2013/02/28 22:57:59 | 000,172,832 | ---- | M] () xpras.dll -> C:\Program Files\PeoplePC\ISP8500\Bin\XPRas.dll -> [2013/02/28 22:57:51 | 000,051,488 | ---- | M] () ppcresenglish.dll -> C:\Program Files\PeoplePC\ISP8500\Bin\PPCResEnglish.dll -> [2013/02/28 22:57:48 | 000,031,008 | ---- | M] () ppcoxml.dll -> C:\Program Files\PeoplePC\ISP8500\Bin\PPCOXML.dll -> [2013/02/28 22:57:47 | 000,073,504 | ---- | M] () ppcofso.dll -> C:\Program Files\PeoplePC\ISP8500\Bin\PPCOfso.dll -> [2013/02/28 22:57:44 | 000,063,776 | ---- | M] () pacesync.dll -> C:\Program Files\PeoplePC\ISP8500\Bin\PaceSync.dll -> [2013/02/28 22:57:42 | 000,100,640 | ---- | M] () isputil8.dll -> C:\Program Files\PeoplePC\ISP8500\Bin\ISPUtil8.dll -> [2013/02/28 22:57:39 | 000,102,176 | ---- | M] () inimod.dll -> C:\Program Files\PeoplePC\ISP8500\Bin\IniMod.dll -> [2013/02/28 22:57:38 | 000,014,112 | ---- | M] () ioloservicemanager.exe -> C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -> [2010/03/16 19:05:26 | 000,704,432 | ---- | M] () bindecompressor.pyd -> C:\Program Files\PeoplePC Accelerated\binDecompressor.pyd -> [2009/08/18 12:31:20 | 000,077,981 | ---- | M] () cse.pyd -> C:\Program Files\PeoplePC Accelerated\cse.pyd -> [2009/08/18 12:31:16 | 000,020,480 | ---- | M] () prldecoder.pyd -> C:\Program Files\PeoplePC Accelerated\prldecoder.pyd -> [2009/08/18 12:31:14 | 000,102,549 | ---- | M] () zlib.pyd -> C:\Program Files\PeoplePC Accelerated\zlib.pyd -> [2009/08/18 12:31:10 | 000,065,536 | ---- | M] () iictranscoder.pyd -> C:\Program Files\PeoplePC Accelerated\iictranscoder.pyd -> [2009/08/18 12:31:06 | 000,426,136 | ---- | M] () _bsddb.pyd -> C:\Program Files\PeoplePC Accelerated\_bsddb.pyd -> [2009/08/18 12:30:10 | 000,622,651 | ---- | M] () _sre.pyd -> C:\Program Files\PeoplePC Accelerated\_sre.pyd -> [2009/08/18 12:30:10 | 000,057,401 | ---- | M] () _socket.pyd -> C:\Program Files\PeoplePC Accelerated\_socket.pyd -> [2009/08/18 12:30:10 | 000,049,212 | ---- | M] () select.pyd -> C:\Program Files\PeoplePC Accelerated\select.pyd -> [2009/08/18 12:30:10 | 000,020,539 | ---- | M] () peoplepc.exe -> C:\Program Files\PeoplePC Accelerated\PeoplePC.exe -> [2009/08/18 12:30:08 | 000,985,143 | ---- | M] () hpbhealr.dll -> C:\WINDOWS\system32\HPBHEALR.DLL -> [2003/02/25 00:49:56 | 000,094,274 | ---- | M] () [Win32 Services - Safe List] (HidServ) Human Interface Device Access [Disabled | Stopped] -> -> File not found (HPSupportSolutionsFrameworkService) HP Support Solutions Framework Service [Auto | Stopped] -> C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe -> [2014/02/05 14:39:00 | 000,047,416 | ---- | M] (Hewlett-Packard Company) (AdobeFlashPlayerUpdateSvc) Adobe Flash Player Update Service [Disabled | Stopped] -> C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -> [2014/02/05 10:07:09 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) (MsMpSvc) Microsoft Antimalware Service [Auto | Running] -> c:\Program Files\Microsoft Security Client\MsMpEng.exe -> [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) (MBAMService) MBAMService [Auto | Running] -> C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -> [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) (MBAMScheduler) MBAMScheduler [Auto | Running] -> C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -> [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) (ioloSystemService) iolo System Service [Auto | Running] -> C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -> [2010/03/16 19:05:26 | 000,704,432 | ---- | M] () (ioloFileInfoList) iolo FileInfoList Service [Auto | Running] -> C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -> [2010/03/16 19:05:26 | 000,704,432 | ---- | M] () (SynapseUpdateSvc) Synapse Update Manager [Disabled | Stopped] -> C:\Program Files\Fuji Medical System\Synapse\Workstation\SynapseUpdateManager.exe -> [2010/02/21 22:55:04 | 000,197,120 | ---- | M] (FUJIFILM Medical Systems U.S.A., Inc.) (PACS Client Updater) PACS Client Updater [Disabled | Stopped] -> C:\Program Files\Agfa\IMPAX Client\Agfa.Client.Updater.Service.exe -> [2009/08/06 17:35:54 | 000,024,576 | ---- | M] (Agfa Healthcare) (BcmSqlStartupSvc) Business Contact Manager SQL Server Startup Service [Disabled | Stopped] -> C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -> [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) (SentinelProtectionServer) Sentinel Protection Server [Disabled | Stopped] -> C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -> [2008/07/11 06:05:00 | 000,226,592 | ---- | M] (SafeNet, Inc) (SentinelKeysServer) Sentinel Keys Server [Disabled | Stopped] -> C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -> [2008/07/11 00:02:10 | 000,328,992 | ---- | M] (SafeNet, Inc.) (pdfcDispatcher) PDF Document Manager [Disabled | Stopped] -> C:\Program Files\PDF Complete\pdfsvc.exe -> [2007/08/07 12:59:50 | 000,540,184 | ---- | M] (PDF Complete Inc) (IviRegMgr) IviRegMgr [Disabled | Stopped] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) (Pml Driver HPZ12) Pml Driver HPZ12 [Disabled | Stopped] -> C:\WINDOWS\system32\hpzipm12.exe -> [2003/10/22 12:19:22 | 000,065,536 | ---- | M] (HP) [Driver Services - Safe List] (MBAMProtector) MBAMProtector [File_System | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mbam.sys -> [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) (cpudrv) cpudrv [Kernel | On_Demand | Stopped] -> C:\Program Files\SystemRequirementsLab\cpudrv.sys -> [2011/06/02 10:08:34 | 000,011,336 | ---- | M] () (Sentinel) Sentinel [Kernel | Auto | Running] -> C:\WINDOWS\System32\Drivers\SENTINEL.SYS -> [2008/07/11 06:05:00 | 000,092,712 | ---- | M] (SafeNet, Inc.) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.sys -> [2007/01/30 13:57:50 | 004,474,368 | ---- | M] (Realtek Semiconductor Corp.) (iAimFP4) iAimFP4 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wVchNTxx.sys -> [2004/08/03 12:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) (iAimFP3) iAimFP3 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wSiINTxx.sys -> [2004/08/03 12:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) (iAimTV5) iAimTV5 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wATV10nt.sys -> [2004/08/03 12:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) (iAimTV4) iAimTV4 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wCh7xxNT.sys -> [2004/08/03 12:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) (iAimTV6) iAimTV6 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wATV06nt.sys -> [2004/08/03 12:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) (iAimTV3) iAimTV3 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wATV04nt.sys -> [2004/08/03 12:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) (iAimTV1) iAimTV1 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wATV02NT.sys -> [2004/08/03 12:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) (iAimTV0) iAimTV0 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wATV01nt.sys -> [2004/08/03 12:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) (iAimFP7) iAimFP7 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wADV09NT.sys -> [2004/08/03 12:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) (iAimFP5) iAimFP5 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wADV07nt.sys -> [2004/08/03 12:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) (iAimFP6) iAimFP6 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wADV08NT.sys -> [2004/08/03 12:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) (i81x) i81x [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\i81xnt5.sys -> [2004/08/03 12:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) (iAimFP0) iAimFP0 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wADV01nt.sys -> [2004/08/03 12:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) (iAimFP1) iAimFP1 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wADV02NT.sys -> [2004/08/03 12:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) (iAimFP2) iAimFP2 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wADV05NT.sys -> [2004/08/03 12:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) (MDGSPIRO) Midmark Spirometer USB Driver (mdgspr.sys) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mdgspr.sys -> [2004/07/29 12:20:02 | 000,018,216 | ---- | M] (Midmark Diagnostics Group) (SPIROLDR) Midmark Spirometer USB Loader(mdgspldr.sys) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mdgspldr.sys -> [2004/07/29 12:11:50 | 000,017,448 | ---- | M] (Midmark Diagnostics Group) (Symmpi) Symmpi [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symmpi.sys -> [2002/04/04 01:32:06 | 000,028,416 | R--- | M] (LSI Logic) (BCMModem) BCM V.90 56K Modem [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMDM.sys -> [2001/08/17 13:28:00 | 000,871,388 | ---- | M] (BCM) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://home.peoplepc.com/search -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.hp.com -> HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{3D31A26E-04D4-4B45-AFD4-DA4E1AE4AF1B}" [HKLM] -> C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiFld.dll [Synapse UrlSearchHook Class] -> [2010/04/28 16:15:54 | 003,245,440 | ---- | M] (FUJIFILM Medical Systems U.S.A., Inc.) HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.hp.com -> HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{3D31A26E-04D4-4B45-AFD4-DA4E1AE4AF1B}" [HKLM] -> C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiFld.dll [Synapse UrlSearchHook Class] -> [2010/04/28 16:15:54 | 003,245,440 | ---- | M] (FUJIFILM Medical Systems U.S.A., Inc.) HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: Main\\"Start Page" -> http://www.hp.com -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: Main\\"Start Page" -> http://www.hp.com -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\] > -> -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\: Main\\"Start Page" -> http://home.peoplepc.com/websearch -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\: "ProxyEnable" -> 1 -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\: "ProxyOverride" -> -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\: "ProxyServer" -> http=localhost:8080 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> < FireFox Extensions [User Folders] > -> < HOSTS File > ([2004/08/04 03:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {33414365-E6C7-460d-880A-A163BD69E84D} [HKLM] -> C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiFld.dll [Synapse BHO Class] -> [2010/04/28 16:15:54 | 003,245,440 | ---- | M] (FUJIFILM Medical Systems U.S.A., Inc.) {512ACF1B-64D9-4928-B382-A80556F28DB4} [HKLM] -> C:\Program Files\PeoplePC, Inc\Toolbar\ElnkPuB.dll [ElnkPubBHO Class] -> [2013/01/02 23:22:26 | 000,256,440 | ---- | M] (PeoplePC, Inc.) {656EC4B7-072B-4698-B504-2A414C1F0037} [HKLM] -> C:\Program Files\PeoplePC Accelerated\prpl_IePopupBlocker.dll [Accelerator Plugin] -> [2009/08/18 13:12:14 | 000,202,264 | ---- | M] (Propel Software Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2012/02/27 08:47:54 | 000,325,408 | ---- | M] (Sun Microsystems, Inc.) {9579D574-D4D8-4335-9560-FE8641A013BD} [HKLM] -> C:\Program Files\PeoplePC, Inc\Toolbar\ProtctIE.dll [ElnkProtectionBHO Class] -> [2013/01/02 23:22:30 | 000,432,568 | ---- | M] (PeoplePC, Inc.) AutorunsDisabled [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{C7768536-96F8-4001-B1A2-90EE21279187}" [HKLM] -> C:\Program Files\PeoplePC, Inc\Toolbar\Toolbar.dll [PeoplePC Toolbar] -> [2013/01/02 23:22:32 | 001,153,464 | ---- | M] (PeoplePC, Inc.) "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\] > -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{C7768536-96F8-4001-B1A2-90EE21279187}" [HKLM] -> C:\Program Files\PeoplePC, Inc\Toolbar\Toolbar.dll [PeoplePC Toolbar] -> [2013/01/02 23:22:32 | 001,153,464 | ---- | M] (PeoplePC, Inc.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Bart Station" -> C:\Program Files\PeoplePC\ISP8500\BIN\PPCOLink.exe [C:\Program Files\PeoplePC\ISP8500\BIN\PPCOLink.exe -STATION] -> [2013/02/28 22:57:45 | 000,026,912 | ---- | M] () "MSC" -> c:\Program Files\Microsoft Security Client\msseces.exe ["c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) < Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < user1 Startup Folder > -> C:\Documents and Settings\user1\Start Menu\Programs\Startup -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009] > -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\] > -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\Software\Microsoft\Internet Explorer\MenuExt\ -> Refresh Pa&ge with Full Quality -> C:\Program Files\PeoplePC Accelerated\pac-page.html [C:\Program Files\PeoplePC Accelerated\pac-page.html] -> [2009/08/18 13:11:28 | 000,000,407 | ---- | M] () Refresh Pi&cture with Full Quality -> C:\Program Files\PeoplePC Accelerated\pac-image.html [C:\Program Files\PeoplePC Accelerated\pac-image.html] -> [2009/08/18 13:11:28 | 000,000,888 | ---- | M] () < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\] > -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\] > -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-925058173-3912707714-2379387614-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {04B6290C-97B8-49A1-B0A3-1312254F7C54} [HKLM] -> https://mrhsportal.corp.munroeregional.com/portal/applets/SharedSession.dll [SharedSessionService Class] -> {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [HKLM] -> http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab [Office Genuine Advantage Validation Tool] -> {1FBD11EF-1260-11D1-87A7-444553540001} [HKLM] -> https://ssl.pacs.raocala.com/osd/SynapseWorkstationInf.cab [Synapse] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab [Java Plug-in 1.6.0_31] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab [Reg Error: Key error.] -> {9554D93D-C653-4AFD-854C-AF61F7BF7F42} [HKLM] -> https://ssl.pacs.raocala.com/osd/synapseWorkstationInf.cab [Synapse Workstation Class] -> {A08D2318-19E6-4332-A741-87FBBD3984CD} [HKLM] -> https://mrhsportal.corp.munroeregional.com/portal/mckesson/eig/viewer/mckapprun.cab [McKesson Application Launcher Control] -> {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab [Reg Error: Key error.] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] -> {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab [Java Plug-in 1.6.0_31] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab [Java Plug-in 1.6.0_31] -> {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} [HKLM] -> http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab [SysInfo Class] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> {EB29B81A-7351-4890-8BCE-58127C3545F9} [HKLM] -> https://mrhsportal.corp.munroeregional.com/portal/applets/mckntauth.ocx [Mckntauth Control] -> {F88E6FA9-579E-4AE9-8DDA-C48BB36B0A32} [HKLM] -> https://ssl.pacs.raocala.com/osd/x86/win95/FujiInst.cab [SynapseInstallHelper Class] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> Domain -> trinitypediatrics.lan -> IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles "MaxScriptStatements" -> Reg Error: Invalid data type. "Use My Stylesheet" -> Reg Error: Invalid data type. < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\WINDOWS\system32\userinit.exe -> C:\WINDOWS\system32\userinit.exe -> [2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> NavLogon -> Reg Error: Value error. -> File not found < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\OP\op.exe" -> [C:\OP\op.exe:*:Enabled:Office Practicum ] -> File not found "C:\Program Files\Medisoft\Bin\MAPA.EXE" -> C:\Program Files\Medisoft\Bin\MAPA.EXE [C:\Program Files\Medisoft\Bin\MAPA.EXE:*:Enabled:MAPA] -> [2007/03/22 15:52:28 | 017,432,576 | ---- | M] () "C:\Program Files\Medisoft\Bin\Ohp.exe" -> C:\Program Files\Medisoft\Bin\Ohp.exe [C:\Program Files\Medisoft\Bin\Ohp.exe:*:Enabled:Ohp] -> [2007/03/22 15:58:46 | 009,209,344 | ---- | M] () "C:\WINDOWS\SMINST\Scheduler.exe" -> C:\WINDOWS\SMINST\Scheduler.exe [C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler ] -> [2006/04/24 12:42:06 | 000,888,832 | ---- | M] () "C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE" -> C:\WINDOWS\System32\spool\drivers\w32x86\3\HP1006MC.EXE [C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE] -> [2007/09/10 14:12:44 | 000,069,632 | ---- | M] (Software 2000 Limited) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> D:\Autorun.inf [[AUTORUN] | ShellExecute=Info.exe protect.ed 480 480 | ] -> D:\Autorun.inf [ NTFS ] -> [2004/04/30 19:01:00 | 000,000,053 | -HS- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Documents and Settings\user1\Desktop\OTS.exe -> [2014/03/07 06:00:43 | 000,646,656 | ---- | C] (OldTimer Tools) Recent -> C:\Documents and Settings\user1\Recent -> [2014/03/07 05:38:01 | 000,000,000 | RH-D | C] WOLFCODERS ScreenSnag -> C:\Documents and Settings\All Users\Start Menu\Programs\WOLFCODERS ScreenSnag -> [2014/03/01 07:07:26 | 000,000,000 | ---D | C] WOLFCODERS ScreenSnag -> C:\Program Files\WOLFCODERS ScreenSnag -> [2014/03/01 07:07:20 | 000,000,000 | ---D | C] Hp -> C:\Program Files\Hp -> [2014/02/28 20:33:40 | 000,000,000 | ---D | C] PopCap Games -> C:\Documents and Settings\All Users\Start Menu\Programs\PopCap Games -> [2014/02/28 19:44:01 | 000,000,000 | ---D | C] PopCap Games -> C:\Program Files\PopCap Games -> [2014/02/28 19:43:52 | 000,000,000 | ---D | C] SystemRequirementsLab -> C:\Program Files\SystemRequirementsLab -> [2014/02/28 15:59:51 | 000,000,000 | ---D | C] SlimWare Utilities Inc -> C:\Documents and Settings\user1\Local Settings\Application Data\SlimWare Utilities Inc -> [2014/02/28 10:23:25 | 000,000,000 | ---D | C] Downloaded Installers -> C:\Documents and Settings\All Users\Documents\Downloaded Installers -> [2014/02/28 09:22:45 | 000,000,000 | ---D | C] System Mechanic -> C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic -> [2014/02/27 17:21:33 | 000,000,000 | ---D | C] IncContxMenu.dll -> C:\WINDOWS\System32\IncContxMenu.dll -> [2014/02/27 17:21:32 | 000,093,096 | ---- | C] (iolo technologies, LLC) iolo -> C:\Program Files\iolo -> [2014/02/27 17:20:53 | 000,000,000 | ---D | C] PeoplePC Online -> C:\Documents and Settings\All Users\Start Menu\Programs\PeoplePC Online -> [2014/02/27 13:04:30 | 000,000,000 | ---D | C] PeoplePC Accelerated -> C:\Program Files\PeoplePC Accelerated -> [2014/02/27 13:04:24 | 000,000,000 | ---D | C] PeoplePC, Inc -> C:\Program Files\PeoplePC, Inc -> [2014/02/27 13:01:00 | 000,000,000 | ---D | C] PeoplePC -> C:\Program Files\Common Files\PeoplePC -> [2014/02/27 13:00:14 | 000,000,000 | ---D | C] PeoplePC -> C:\Program Files\PeoplePC -> [2014/02/27 13:00:13 | 000,000,000 | ---D | C] ElevatedDiagnostics -> C:\Documents and Settings\user1\Application Data\ElevatedDiagnostics -> [2014/02/27 12:55:14 | 000,000,000 | ---D | C] Windows PowerShell 1.0 -> C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0 -> [2014/02/27 12:55:10 | 000,000,000 | ---D | C] Malwarebytes' Anti-Malware -> C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware -> [2014/02/27 12:54:57 | 000,000,000 | ---D | C] windowspowershell -> C:\WINDOWS\System32\windowspowershell -> [2014/02/26 20:18:49 | 000,000,000 | ---D | C] AdwCleaner -> C:\AdwCleaner -> [2014/02/26 16:36:02 | 000,000,000 | ---D | C] mbam-setup-1.75.0.1300.exe -> C:\Documents and Settings\user1\My Documents\mbam-setup-1.75.0.1300.exe -> [2014/02/26 10:54:26 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) Malwarebytes -> C:\Documents and Settings\user1\Application Data\Malwarebytes -> [2014/02/26 10:54:08 | 000,000,000 | ---D | C] Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2014/02/26 10:53:57 | 000,000,000 | ---D | C] mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2014/02/26 10:53:51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2014/02/26 10:53:51 | 000,000,000 | ---D | C] CCleaner -> C:\Program Files\CCleaner -> [2014/02/26 08:06:33 | 000,000,000 | ---D | C] CCleaner -> C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner -> [2014/02/25 17:54:38 | 000,000,000 | ---D | C] Intel -> C:\Intel -> [2014/02/25 12:33:22 | 000,000,000 | ---D | C] My Videos -> C:\Documents and Settings\user1\My Documents\My Videos -> [2014/02/22 12:07:46 | 000,000,000 | R--D | C] PeoplePC Online -> C:\Documents and Settings\user1\Application Data\PeoplePC Online -> [2014/02/21 14:24:31 | 000,000,000 | ---D | C] PeoplePC Online -> C:\Documents and Settings\All Users\Application Data\PeoplePC Online -> [2014/02/21 14:24:31 | 000,000,000 | ---D | C] iolo -> C:\Documents and Settings\LocalService\Application Data\iolo -> [2014/02/21 12:37:03 | 000,000,000 | ---D | C] iolo -> C:\Documents and Settings\user1\Application Data\iolo -> [2014/02/21 12:32:54 | 000,000,000 | ---D | C] iolo -> C:\Documents and Settings\All Users\Application Data\iolo -> [2014/02/21 12:32:54 | 000,000,000 | ---D | C] PrivacIE -> C:\Documents and Settings\user1\PrivacIE -> [2014/02/21 10:07:35 | 000,000,000 | -HSD | C] Google -> C:\Documents and Settings\user1\Local Settings\Application Data\Google -> [2014/02/21 10:06:19 | 000,000,000 | ---D | C] IECompatCache -> C:\Documents and Settings\user1\IECompatCache -> [2014/02/21 10:04:10 | 000,000,000 | -HSD | C] modemcsa.sys -> C:\WINDOWS\System32\dllcache\modemcsa.sys -> [2014/02/21 09:56:42 | 000,016,128 | ---- | C] (Microsoft Corporation) BCMDM.sys -> C:\WINDOWS\System32\drivers\BCMDM.sys -> [2014/02/21 09:56:25 | 000,871,388 | ---- | C] (BCM) bcmdm.sys -> C:\WINDOWS\System32\dllcache\bcmdm.sys -> [2014/02/21 09:56:25 | 000,871,388 | ---- | C] (BCM) Administrative Tools -> C:\Documents and Settings\user1\Start Menu\Programs\Administrative Tools -> [2014/02/21 09:32:47 | 000,000,000 | R--D | C] PCHealth -> C:\Documents and Settings\user1\Local Settings\Application Data\PCHealth -> [2014/02/21 09:32:13 | 000,000,000 | ---D | C] PeoplePal -> C:\Documents and Settings\user1\Application Data\PeoplePal -> [2014/02/21 09:17:49 | 000,000,000 | ---D | C] unPPC.exe -> C:\WINDOWS\System32\unPPC.exe -> [2014/02/21 09:15:36 | 000,073,192 | ---- | C] (PeoplePC) ppcwebi.dll -> C:\WINDOWS\System32\ppcwebi.dll -> [2014/02/21 09:15:35 | 000,042,784 | ---- | C] (PeoplePC, Inc.) MFC71.DLL -> C:\WINDOWS\System32\MFC71.DLL -> [2014/02/21 09:15:32 | 001,060,864 | ---- | C] (Microsoft Corporation) ATL71.dll -> C:\WINDOWS\System32\ATL71.dll -> [2014/02/21 09:15:31 | 000,089,088 | ---- | C] (Microsoft Corporation) ATL70.dll -> C:\WINDOWS\System32\ATL70.dll -> [2014/02/21 09:15:31 | 000,084,992 | ---- | C] (Microsoft Corporation) Macromedia -> C:\Documents and Settings\user1\Application Data\Macromedia -> [2014/02/21 09:14:50 | 000,000,000 | ---D | C] Adobe -> C:\Documents and Settings\user1\Application Data\Adobe -> [2014/02/21 09:14:50 | 000,000,000 | ---D | C] IETldCache -> C:\Documents and Settings\user1\IETldCache -> [2014/02/20 15:03:36 | 000,000,000 | -HSD | C] Microsoft -> C:\Documents and Settings\user1\Application Data\Microsoft -> [2014/02/20 15:02:48 | 000,000,000 | --SD | C] SendTo -> C:\Documents and Settings\user1\SendTo -> [2014/02/20 15:02:48 | 000,000,000 | RH-D | C] Application Data -> C:\Documents and Settings\user1\Application Data -> [2014/02/20 15:02:48 | 000,000,000 | RH-D | C] Startup -> C:\Documents and Settings\user1\Start Menu\Programs\Startup -> [2014/02/20 15:02:48 | 000,000,000 | R--D | C] Start Menu -> C:\Documents and Settings\user1\Start Menu -> [2014/02/20 15:02:48 | 000,000,000 | R--D | C] My Pictures -> C:\Documents and Settings\user1\My Documents\My Pictures -> [2014/02/20 15:02:48 | 000,000,000 | R--D | C] My Music -> C:\Documents and Settings\user1\My Documents\My Music -> [2014/02/20 15:02:48 | 000,000,000 | R--D | C] My Documents -> C:\Documents and Settings\user1\My Documents -> [2014/02/20 15:02:48 | 000,000,000 | R--D | C] Favorites -> C:\Documents and Settings\user1\Favorites -> [2014/02/20 15:02:48 | 000,000,000 | R--D | C] Accessories -> C:\Documents and Settings\user1\Start Menu\Programs\Accessories -> [2014/02/20 15:02:48 | 000,000,000 | R--D | C] Cookies -> C:\Documents and Settings\user1\Cookies -> [2014/02/20 15:02:48 | 000,000,000 | -HSD | C] Templates -> C:\Documents and Settings\user1\Templates -> [2014/02/20 15:02:48 | 000,000,000 | -H-D | C] PrintHood -> C:\Documents and Settings\user1\PrintHood -> [2014/02/20 15:02:48 | 000,000,000 | -H-D | C] NetHood -> C:\Documents and Settings\user1\NetHood -> [2014/02/20 15:02:48 | 000,000,000 | -H-D | C] Local Settings -> C:\Documents and Settings\user1\Local Settings -> [2014/02/20 15:02:48 | 000,000,000 | -H-D | C] Symantec -> C:\Documents and Settings\user1\Local Settings\Application Data\Symantec -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] Symantec -> C:\Documents and Settings\user1\Application Data\Symantec -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] Sun -> C:\Documents and Settings\user1\Application Data\Sun -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] Seven Zip -> C:\Documents and Settings\user1\Local Settings\Application Data\Seven Zip -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] SampleView -> C:\Documents and Settings\user1\Application Data\SampleView -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] Microsoft Help -> C:\Documents and Settings\user1\Local Settings\Application Data\Microsoft Help -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] Microsoft -> C:\Documents and Settings\user1\Local Settings\Application Data\Microsoft -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] InstallShield -> C:\Documents and Settings\user1\Application Data\InstallShield -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] Identities -> C:\Documents and Settings\user1\Application Data\Identities -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] Desktop -> C:\Documents and Settings\user1\Desktop -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] ApplicationHistory -> C:\Documents and Settings\user1\Local Settings\Application Data\ApplicationHistory -> [2014/02/20 15:02:48 | 000,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] OTS.exe -> C:\Documents and Settings\user1\Desktop\OTS.exe -> [2014/03/07 06:00:45 | 000,646,656 | ---- | M] (OldTimer Tools) Microsoft Antimalware Scheduled Scan.job -> C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job -> [2014/03/07 05:43:23 | 000,000,384 | -H-- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2014/03/07 05:33:55 | 000,001,158 | ---- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2014/03/07 05:33:08 | 1063,768,064 | -HS- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2014/03/07 05:33:08 | 000,002,048 | --S- | M] () cc_20140301_160455.reg -> C:\Documents and Settings\user1\My Documents\cc_20140301_160455.reg -> [2014/03/01 16:04:58 | 000,001,222 | ---- | M] () WOLFCODERS ScreenSnag.lnk -> C:\Documents and Settings\All Users\Desktop\WOLFCODERS ScreenSnag.lnk -> [2014/03/01 07:07:26 | 000,000,705 | ---- | M] () Peggle Deluxe.lnk -> C:\Documents and Settings\All Users\Desktop\Peggle Deluxe.lnk -> [2014/02/28 19:45:36 | 000,000,870 | ---- | M] () Play More Great Games!.url -> C:\Documents and Settings\All Users\Desktop\Play More Great Games!.url -> [2014/02/28 19:45:36 | 000,000,200 | ---- | M] () Bejeweled 2 Deluxe.lnk -> C:\Documents and Settings\All Users\Desktop\Bejeweled 2 Deluxe.lnk -> [2014/02/28 19:44:01 | 000,000,937 | ---- | M] () System Mechanic.lnk -> C:\Documents and Settings\user1\Desktop\System Mechanic.lnk -> [2014/02/27 17:21:38 | 000,001,689 | ---- | M] () PeoplePC Help.LNK -> C:\Documents and Settings\All Users\Desktop\PeoplePC Help.LNK -> [2014/02/27 13:04:31 | 000,001,855 | ---- | M] () PeoplePC Online.LNK -> C:\Documents and Settings\All Users\Desktop\PeoplePC Online.LNK -> [2014/02/27 13:04:30 | 000,001,810 | ---- | M] () PeoplePC Online.LNK -> C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\PeoplePC Online.LNK -> [2014/02/27 13:04:30 | 000,001,796 | ---- | M] () Adobe Flash Player Updater.job -> C:\WINDOWS\tasks\Adobe Flash Player Updater.job -> [2014/02/27 10:45:46 | 000,000,830 | ---- | M] () GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2014/02/27 10:45:28 | 000,000,882 | ---- | M] () GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2014/02/27 10:45:25 | 000,000,886 | ---- | M] () cc_20140227_075537.reg -> C:\Documents and Settings\user1\My Documents\cc_20140227_075537.reg -> [2014/02/27 07:55:40 | 000,000,390 | ---- | M] () PandaCloudAntivirus.exe -> C:\Documents and Settings\user1\Desktop\PandaCloudAntivirus.exe -> [2014/02/27 07:21:22 | 000,845,944 | ---- | M] () Launch Internet Explorer Browser.lnk -> C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2014/02/27 07:14:41 | 000,000,815 | ---- | M] () Malwarebytes Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk -> [2014/02/26 10:54:03 | 000,000,784 | ---- | M] () mbam-setup-1.75.0.1300.exe -> C:\Documents and Settings\user1\My Documents\mbam-setup-1.75.0.1300.exe -> [2014/02/26 10:53:25 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) cc_20140225_175700.reg -> C:\Documents and Settings\user1\My Documents\cc_20140225_175700.reg -> [2014/02/25 17:57:04 | 000,011,438 | ---- | M] () CCleaner.lnk -> C:\Documents and Settings\All Users\Desktop\CCleaner.lnk -> [2014/02/25 17:54:38 | 000,000,682 | ---- | M] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2014/02/22 21:07:39 | 000,492,186 | ---- | M] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2014/02/22 21:07:39 | 000,090,750 | ---- | M] () Windows Media Player.lnk -> C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -> [2014/02/22 12:07:35 | 000,000,800 | ---- | M] () ioloBootDefrag.cfg -> C:\WINDOWS\System32\ioloBootDefrag.cfg -> [2014/02/21 15:38:53 | 000,000,386 | ---- | M] () mfc45.dll -> C:\WINDOWS\System32\mfc45.dll -> [2014/02/21 12:33:06 | 000,074,703 | ---- | M] () boot.ini -> C:\boot.ini -> [2014/02/20 15:08:19 | 000,000,211 | RHS- | M] () ie4uinit.exe -> C:\WINDOWS\System32\ie4uinit.exe -> [2014/02/06 03:54:08 | 000,174,592 | ---- | M] (Microsoft Corporation) ie4uinit.exe -> C:\WINDOWS\System32\dllcache\ie4uinit.exe -> [2014/02/06 03:54:08 | 000,174,592 | ---- | M] (Microsoft Corporation) wininet.dll -> C:\WINDOWS\System32\dllcache\wininet.dll -> [2014/02/05 18:26:52 | 000,920,064 | ---- | M] (Microsoft Corporation) vgx.dll -> C:\WINDOWS\System32\dllcache\vgx.dll -> [2014/02/05 18:26:51 | 000,759,296 | ---- | M] (Microsoft Corporation) urlmon.dll -> C:\WINDOWS\System32\dllcache\urlmon.dll -> [2014/02/05 18:26:50 | 001,216,000 | ---- | M] (Microsoft Corporation) mstime.dll -> C:\WINDOWS\System32\mstime.dll -> [2014/02/05 18:26:49 | 000,611,840 | ---- | M] (Microsoft Corporation) mstime.dll -> C:\WINDOWS\System32\dllcache\mstime.dll -> [2014/02/05 18:26:49 | 000,611,840 | ---- | M] (Microsoft Corporation) occache.dll -> C:\WINDOWS\System32\dllcache\occache.dll -> [2014/02/05 18:26:49 | 000,206,848 | ---- | M] (Microsoft Corporation) url.dll -> C:\WINDOWS\System32\url.dll -> [2014/02/05 18:26:49 | 000,105,984 | ---- | M] (Microsoft Corporation) url.dll -> C:\WINDOWS\System32\dllcache\url.dll -> [2014/02/05 18:26:49 | 000,105,984 | ---- | M] (Microsoft Corporation) mshtml.dll -> C:\WINDOWS\System32\dllcache\mshtml.dll -> [2014/02/05 18:26:48 | 006,021,120 | ---- | M] (Microsoft Corporation) mshtmled.dll -> C:\WINDOWS\System32\dllcache\mshtmled.dll -> [2014/02/05 18:26:48 | 000,067,072 | ---- | M] (Microsoft Corporation) msfeedsbs.dll -> C:\WINDOWS\System32\msfeedsbs.dll -> [2014/02/05 18:26:44 | 000,055,296 | ---- | M] (Microsoft Corporation) msfeedsbs.dll -> C:\WINDOWS\System32\dllcache\msfeedsbs.dll -> [2014/02/05 18:26:44 | 000,055,296 | ---- | M] (Microsoft Corporation) msfeeds.dll -> C:\WINDOWS\System32\msfeeds.dll -> [2014/02/05 18:26:43 | 000,630,272 | ---- | M] (Microsoft Corporation) msfeeds.dll -> C:\WINDOWS\System32\dllcache\msfeeds.dll -> [2014/02/05 18:26:43 | 000,630,272 | ---- | M] (Microsoft Corporation) licmgr10.dll -> C:\WINDOWS\System32\licmgr10.dll -> [2014/02/05 18:26:43 | 000,043,520 | ---- | M] (Microsoft Corporation) licmgr10.dll -> C:\WINDOWS\System32\dllcache\licmgr10.dll -> [2014/02/05 18:26:43 | 000,043,520 | ---- | M] (Microsoft Corporation) jsproxy.dll -> C:\WINDOWS\System32\jsproxy.dll -> [2014/02/05 18:26:43 | 000,025,600 | ---- | M] (Microsoft Corporation) jsproxy.dll -> C:\WINDOWS\System32\dllcache\jsproxy.dll -> [2014/02/05 18:26:43 | 000,025,600 | ---- | M] (Microsoft Corporation) iertutil.dll -> C:\WINDOWS\System32\dllcache\iertutil.dll -> [2014/02/05 18:26:42 | 002,006,016 | ---- | M] (Microsoft Corporation) inetcpl.cpl -> C:\WINDOWS\System32\inetcpl.cpl -> [2014/02/05 18:26:42 | 001,469,440 | ---- | M] (Microsoft Corporation) inetcpl.cpl -> C:\WINDOWS\System32\dllcache\inetcpl.cpl -> [2014/02/05 18:26:42 | 001,469,440 | ---- | M] (Microsoft Corporation) jsdbgui.dll -> C:\WINDOWS\System32\dllcache\jsdbgui.dll -> [2014/02/05 18:26:42 | 000,522,240 | ---- | M] (Microsoft Corporation) iepeers.dll -> C:\WINDOWS\System32\iepeers.dll -> [2014/02/05 18:26:41 | 000,184,320 | ---- | M] (Microsoft Corporation) iepeers.dll -> C:\WINDOWS\System32\dllcache\iepeers.dll -> [2014/02/05 18:26:41 | 000,184,320 | ---- | M] (Microsoft Corporation) ieframe.dll -> C:\WINDOWS\System32\dllcache\ieframe.dll -> [2014/02/05 18:26:40 | 011,113,472 | ---- | M] (Microsoft Corporation) iedvtool.dll -> C:\WINDOWS\System32\dllcache\iedvtool.dll -> [2014/02/05 18:26:38 | 000,743,424 | ---- | M] (Microsoft Corporation) iedkcs32.dll -> C:\WINDOWS\System32\iedkcs32.dll -> [2014/02/05 18:26:37 | 000,387,584 | ---- | M] (Microsoft Corporation) iedkcs32.dll -> C:\WINDOWS\System32\dllcache\iedkcs32.dll -> [2014/02/05 18:26:37 | 000,387,584 | ---- | M] (Microsoft Corporation) corpol.dll -> C:\WINDOWS\System32\dllcache\corpol.dll -> [2014/02/05 18:26:37 | 000,018,944 | ---- | M] (Microsoft Corporation) corpol.dll -> C:\WINDOWS\System32\corpol.dll -> [2014/02/05 18:26:37 | 000,018,944 | ---- | M] (Microsoft Corporation) html.iec -> C:\WINDOWS\System32\html.iec -> [2014/02/05 17:24:05 | 000,385,024 | ---- | M] (Microsoft Corporation) FlashPlayerApp.exe -> C:\WINDOWS\System32\FlashPlayerApp.exe -> [2014/02/05 10:07:07 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) FlashPlayerCPLApp.cpl -> C:\WINDOWS\System32\FlashPlayerCPLApp.cpl -> [2014/02/05 10:07:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) [Files - No Company Name] hiberfil.sys -> C:\hiberfil.sys -> [2014/03/06 16:17:48 | 1063,768,064 | -HS- | C] () cc_20140301_160455.reg -> C:\Documents and Settings\user1\My Documents\cc_20140301_160455.reg -> [2014/03/01 16:04:57 | 000,001,222 | ---- | C] () WOLFCODERS ScreenSnag.lnk -> C:\Documents and Settings\All Users\Desktop\WOLFCODERS ScreenSnag.lnk -> [2014/03/01 07:07:26 | 000,000,705 | ---- | C] () Peggle Deluxe.lnk -> C:\Documents and Settings\All Users\Desktop\Peggle Deluxe.lnk -> [2014/02/28 19:45:36 | 000,000,870 | ---- | C] () Play More Great Games!.url -> C:\Documents and Settings\All Users\Desktop\Play More Great Games!.url -> [2014/02/28 19:44:02 | 000,000,200 | ---- | C] () Bejeweled 2 Deluxe.lnk -> C:\Documents and Settings\All Users\Desktop\Bejeweled 2 Deluxe.lnk -> [2014/02/28 19:44:01 | 000,000,937 | ---- | C] () System Mechanic.lnk -> C:\Documents and Settings\user1\Desktop\System Mechanic.lnk -> [2014/02/27 17:21:38 | 000,001,689 | ---- | C] () Incinerator.dll -> C:\WINDOWS\System32\Incinerator.dll -> [2014/02/27 17:21:30 | 002,315,688 | ---- | C] () iolobtdfg.exe -> C:\WINDOWS\System32\iolobtdfg.exe -> [2014/02/27 17:21:03 | 000,030,208 | ---- | C] () smrgdf.exe -> C:\WINDOWS\System32\smrgdf.exe -> [2014/02/27 17:21:03 | 000,012,288 | ---- | C] () PeoplePC Help.LNK -> C:\Documents and Settings\All Users\Desktop\PeoplePC Help.LNK -> [2014/02/27 13:04:31 | 000,001,855 | ---- | C] () PeoplePC Online.LNK -> C:\Documents and Settings\All Users\Desktop\PeoplePC Online.LNK -> [2014/02/27 13:04:30 | 000,001,810 | ---- | C] () PeoplePC Online.LNK -> C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\PeoplePC Online.LNK -> [2014/02/27 13:04:30 | 000,001,796 | ---- | C] () ppcpanel.cpl -> C:\WINDOWS\System32\ppcpanel.cpl -> [2014/02/27 13:00:12 | 000,061,440 | ---- | C] () PPCOUNIN.exe -> C:\WINDOWS\System32\PPCOUNIN.exe -> [2014/02/27 13:00:12 | 000,058,144 | ---- | C] () PPCClean.exe -> C:\WINDOWS\System32\PPCClean.exe -> [2014/02/27 13:00:11 | 000,041,592 | ---- | C] () cc_20140227_075537.reg -> C:\Documents and Settings\user1\My Documents\cc_20140227_075537.reg -> [2014/02/27 07:55:39 | 000,000,390 | ---- | C] () PandaCloudAntivirus.exe -> C:\Documents and Settings\user1\Desktop\PandaCloudAntivirus.exe -> [2014/02/27 07:20:56 | 000,845,944 | ---- | C] () Malwarebytes Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk -> [2014/02/26 10:54:03 | 000,000,784 | ---- | C] () cc_20140225_175700.reg -> C:\Documents and Settings\user1\My Documents\cc_20140225_175700.reg -> [2014/02/25 17:57:02 | 000,011,438 | ---- | C] () CCleaner.lnk -> C:\Documents and Settings\All Users\Desktop\CCleaner.lnk -> [2014/02/25 17:54:38 | 000,000,682 | ---- | C] () Windows Media Player.lnk -> C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -> [2014/02/22 12:07:35 | 000,000,800 | ---- | C] () ioloBootDefrag.cfg -> C:\WINDOWS\System32\ioloBootDefrag.cfg -> [2014/02/21 12:37:22 | 000,000,386 | ---- | C] () mfc45.dll -> C:\WINDOWS\System32\mfc45.dll -> [2014/02/21 12:33:06 | 000,074,703 | ---- | C] () unPPC6000.exe -> C:\WINDOWS\System32\unPPC6000.exe -> [2014/02/21 09:15:36 | 000,070,432 | ---- | C] () PPCInfo.exe -> C:\WINDOWS\System32\PPCInfo.exe -> [2014/02/21 09:15:35 | 000,256,288 | ---- | C] () RegHero.exe -> C:\WINDOWS\System32\RegHero.exe -> [2014/02/21 09:15:35 | 000,034,136 | ---- | C] () PopWait.exe -> C:\WINDOWS\System32\PopWait.exe -> [2014/02/21 09:15:34 | 000,029,984 | ---- | C] () Internet Explorer.lnk -> C:\Documents and Settings\user1\Start Menu\Programs\Internet Explorer.lnk -> [2014/02/20 15:03:36 | 000,000,803 | ---- | C] () Windows Media Player.lnk -> C:\Documents and Settings\user1\Start Menu\Programs\Windows Media Player.lnk -> [2014/02/20 15:02:59 | 000,000,788 | ---- | C] () Launch Internet Explorer Browser.lnk -> C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2014/02/20 15:02:50 | 000,000,815 | ---- | C] () Show Desktop.scf -> C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf -> [2014/02/20 15:02:50 | 000,000,079 | ---- | C] () Remote Assistance.lnk -> C:\Documents and Settings\user1\Start Menu\Programs\Remote Assistance.lnk -> [2014/02/20 15:02:49 | 000,001,503 | ---- | C] () Outlook Express.lnk -> C:\Documents and Settings\user1\Start Menu\Programs\Outlook Express.lnk -> [2014/02/20 15:02:49 | 000,000,738 | ---- | C] () op_mainfrm.ini -> C:\WINDOWS\op_mainfrm.ini -> [2012/07/18 15:35:15 | 000,000,259 | ---- | C] () datecheck.ini -> C:\WINDOWS\datecheck.ini -> [2012/07/18 15:35:15 | 000,000,025 | ---- | C] () [File - Lop Check] SampleView -> C:\Documents and Settings\Administrator\Application Data\SampleView -> [2007/10/09 01:14:41 | 000,000,000 | ---D | M] Connexin Software -> C:\Documents and Settings\All Users\Application Data\Connexin Software -> [2010/05/17 12:36:56 | 000,000,000 | ---D | M] iolo -> C:\Documents and Settings\All Users\Application Data\iolo -> [2014/02/28 19:04:35 | 000,000,000 | ---D | M] PeoplePC Online -> C:\Documents and Settings\All Users\Application Data\PeoplePC Online -> [2014/02/21 14:24:31 | 000,000,000 | ---D | M] TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2009/10/23 11:35:35 | 000,000,000 | ---D | M] {623D32E9-0C62-4453-AD44-98B31F52A5E1} -> C:\Documents and Settings\All Users\Application Data\{623D32E9-0C62-4453-AD44-98B31F52A5E1} -> [2007/10/09 01:29:19 | 000,000,000 | ---D | M] SampleView -> C:\Documents and Settings\Default User\Application Data\SampleView -> [2007/10/09 01:14:41 | 000,000,000 | ---D | M] iolo -> C:\Documents and Settings\LocalService\Application Data\iolo -> [2014/02/21 12:37:03 | 000,000,000 | ---D | M] ElevatedDiagnostics -> C:\Documents and Settings\user1\Application Data\ElevatedDiagnostics -> [2014/02/27 12:55:14 | 000,000,000 | ---D | M] iolo -> C:\Documents and Settings\user1\Application Data\iolo -> [2014/02/27 17:16:39 | 000,000,000 | ---D | M] PeoplePal -> C:\Documents and Settings\user1\Application Data\PeoplePal -> [2014/02/26 08:06:32 | 000,000,000 | ---D | M] PeoplePC Online -> C:\Documents and Settings\user1\Application Data\PeoplePC Online -> [2014/02/21 14:24:31 | 000,000,000 | ---D | M] SampleView -> C:\Documents and Settings\user1\Application Data\SampleView -> [2007/10/09 01:14:41 | 000,000,000 | ---D | M] [File - Purity Scan] [Custom Scans] < netsvcs > < BASESERVICES > < %SYSTEMDRIVE%\*.exe > < c:\program files (x86)\Google\Desktop > < c:\program files\Google\Desktop > < dir "%systemdrive%\*" /S /A:L /C > Volume in drive C has no label. Volume Serial Number is 6972-9742 Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices 02/22/2014 09:07 PM 2.0.0.0__b03f5f7f11d50a3a 0 File(s) 0 bytes Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote 02/22/2014 09:07 PM 2.0.0.0__b03f5f7f11d50a3a 0 File(s) 0 bytes Total Files Listed: 0 File(s) 0 bytes 2 Dir(s) 45,347,000,320 bytes free < MD5 Scans Start> < %systemdrive%\RPCSS.DLL /md5 /s > rpcss.dll : MD5=24B5D53B9ACCC1E2EDCF0A878D6659D4 -> C:\WINDOWS\$NtServicePackUninstall$\rpcss.dll -> [2009/02/09 05:01:53 | 000,401,408 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=2589FE6015A316C0F5D5112B4DA7B509 -> C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll -> [2008/04/13 19:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=2589FE6015A316C0F5D5112B4DA7B509 -> C:\WINDOWS\ServicePackFiles\i386\rpcss.dll -> [2008/04/13 19:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=2589FE6015A316C0F5D5112B4DA7B509 -> C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\rpcss.dll -> [2008/04/13 19:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=5C83A4408604F737717AB96371201680 -> C:\WINDOWS\$NtUninstallKB894391$\rpcss.dll -> [2004/08/04 03:00:00 | 000,395,776 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=6B27A5C03DFB94B4245739065431322C -> C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\rpcss.dll -> [2009/02/09 07:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=6B27A5C03DFB94B4245739065431322C -> C:\WINDOWS\system32\dllcache\rpcss.dll -> [2009/02/09 07:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=6B27A5C03DFB94B4245739065431322C -> C:\WINDOWS\system32\rpcss.dll -> [2009/02/09 07:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=9222562D44021B988B9F9F62207FB6F2 -> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll -> [2009/02/09 05:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=C369DF215D352B6F3A0B8C3469AA34F8 -> C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll -> [2005/07/25 23:20:40 | 000,398,336 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=C8061F289E000703E7672916B7FE1571 -> C:\WINDOWS\$NtUninstallKB902400$\rpcss.dll -> [2005/04/28 14:31:11 | 000,395,776 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=CE94A2BD25E3E9F4D46A7373FF455C6D -> C:\WINDOWS\$NtUninstallKB956572_0$\rpcss.dll -> [2005/07/25 23:39:49 | 000,397,824 | ---- | M] (Microsoft Corporation) rpcss.dll : MD5=DA383FB39A6F1C445F3AFC94B3EB1248 -> C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll -> [2005/04/28 14:35:01 | 000,396,288 | ---- | M] (Microsoft Corporation) < MD5 Scans End> Restore point Set: OTS Restore Point (0) [Alternate Data Streams] @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:44FF837E < End of report > [/code]