I keep getting pop ups saying i have spyware
Started by
helpme?
, May 01 2009 02:02 AM
#2
Posted 01 May 2009 - 06:00 AM
kahdah
-
- Retired Staff
-
- 15,822 posts
GeekU Teacher
Hello helpme?
Welcome to G2Go.
=====================
Download This file. Note its name and save it to your root folder, such as C:\.
Welcome to G2Go.
=====================
- Download OTListIt2 to your desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output.
- Under the Standard Registry box change it to All.
- Check the boxes beside LOP Check and Purity Check.
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
Download This file. Note its name and save it to your root folder, such as C:\.
- Disconnect from the Internet and close all running programs.
- Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
- Click on this link to see a list of programs that should be disabled.
- Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
- Allow the driver to load if asked.
- You may be prompted to scan immediately if it detects rootkit activity.
- If you are prompted to scan your system click "Yes" to begin the scan.
- If not prompted, click the "Rootkit/Malware" tab.
- On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
- Select all drives that are connected to your system to be scanned.
- Click the Scan button to begin. (Please be patient as it can take some time to complete)
- When the scan is finished, click Save to save the scan results to your Desktop.
- Save the file as Results.log and copy/paste the contents in your next reply.
- Exit the program and re-enable all active protection when done.
#3
Posted 01 May 2009 - 03:16 PM
helpme?
- Topic Starter
-
- Member
-
- 46 posts
Member
OTListIt logfile created on: 5/2/2009 1:42:43 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.2 Folder = C:\Documents and Settings\Matt\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.25 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 64.01% Memory free
1.86 Gb Paging File | 1.51 Gb Available in Paging File | 81.49% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 21.08 Gb Free Space | 29.51% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 37.24 Gb Total Space | 15.50 Gb Free Space | 41.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 1.80 Gb Total Space | 0.05 Gb Free Space | 2.73% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D967MC91
Current User Name: Matt
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (Symantec Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe (Symantec Corporation)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\windows\ld08.exe ()
PRC - C:\windows\pp06.exe ()
PRC - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Documents and Settings\Matt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\WINDOWS\TEMP\to4jr.exe ()
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\WINDOWS\TEMP\to4jr.exe ()
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\WINDOWS\system32\DL32.exe ()
PRC - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\Documents and Settings\Matt\Desktop\OTListIt2.exe (OldTimer Tools)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (DSBrokerService [On_Demand | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE (Symantec Corporation)
SRV - (MyWebSearchService [Auto | Stopped]) -- File not found
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetSvc [On_Demand | Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (NMIndexingService [On_Demand | Running]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (SNDSrvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (SymWSC [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (Symantec Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DSproct [On_Demand | Running]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntelC51 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC51.sys (Intel Corporation)
DRV - (IntelC52 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC52.sys (Intel Corporation)
DRV - (IntelC53 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC53.sys (Intel Corporation)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mohfilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mohfilt.sys (Intel Corporation)
DRV - (motccgp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\motccgp.sys (Motorola)
DRV - (motccgpfl [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\motccgpfl.sys (Motorola)
DRV - (motmodem [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\motmodem.sys (Motorola)
DRV - (motport [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\motport.sys (Motorola)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (senfilt [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\senfilt.sys (Creative Technology Ltd.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (SYMDNS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMNDIS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?g...&o=101676&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn...autosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/24 00:01:52 | 00,000,000 | ---D | M]
O1 HOSTS File: (0 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {aa014579-0c45-4c0b-b9e4-ed4655cdb69a} - C:\WINDOWS\system32\joyubaho.dll ()
O2 - BHO: (C:\WINDOWS\system32\sjg9s8guigjs.dll) - {b2ba40a2-74f0-42bd-f434-12345a2c8953} - C:\WINDOWS\system32\sjg9s8guigjs.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [CPMfb0ce139] Rundll32.exe "c:\windows\system32\zijodope.dll",a ()
O4 - HKLM..\Run: [f83fd2a5] rundll32.exe "C:\WINDOWS\system32\bawayeka.dll",b ()
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [pp] C:\windows\pp06.exe ()
O4 - HKLM..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [sysldtray] c:\windows\ld08.exe ()
O4 - HKLM..\Run: [sysmstray] c:\windows\mstre18.exe File not found
O4 - HKLM..\Run: [zonenubola] Rundll32.exe "C:\WINDOWS\system32\joriguvo.dll",s ()
O4 - HKCU..\Run: [] C:\WINDOWS\TEMP\to4jr.exe ()
O4 - HKCU..\Run: [12CFG515-K641-55SF-N66P] C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\pqlmq.exe ()
O4 - HKCU..\Run: [12ZFG94-F641-2SF-K31P-5N1ER6H6L2] C:\RECYCLER\S-1-5-21-0433423704-4049715830-891763976-3319\service.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (DT Soft Ltd)
O4 - HKCU..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup (Gteko Ltd.)
O4 - HKCU..\Run: [Diagnostic Manager] C:\DOCUME~1\Matt\LOCALS~1\Temp\777613620.exe ()
O4 - HKCU..\Run: [DL32] DL32 ()
O4 - HKCU..\Run: [Google Update] "C:\Documents and Settings\Matt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background File not found
O4 - HKCU..\Run: [reader_s] C:\Documents and Settings\Matt\reader_s.exe File not found
O4 - HKCU..\Run: [Windows Resurections] C:\WINDOWS\TEMP\to4jr.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Matt\Start Menu\Programs\Startup\FrostWire On Startup.lnk = C:\Program Files\FrostWire\FrostWire.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZCman000 File not found
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm File not found
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1....loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\pekimoka.dll) - C:\WINDOWS\system32\pekimoka.dll ()
O20 - AppInit_DLLs: (c:\windows\system32\diyusivo.dll) - c:\windows\system32\diyusivo.dll File not found
O20 - AppInit_DLLs: (c:\windows\system32\zijodope.dll) - c:\windows\system32\zijodope.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\zijodope.dll ()
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {B2BA40A2-74F0-42BD-F434-12345A2C8953} - jso8joigm409gopgmrlgd - C:\WINDOWS\system32\sjg9s8guigjs.dll ()
O22 - SharedTaskScheduler: {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - STS - c:\windows\system32\zijodope.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/01/10 14:55:15 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/05/01 10:39:26 | 00,000,190 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{a21580f8-f16c-11dd-ad67-0016760b0108}\Shell\AutoRun\command - "" = G:\system\viewer\FlipVideoforPC.exe -- File not found
O33 - MountPoints2\{a21580f8-f16c-11dd-ad67-0016760b0108}\Shell\Flip Video for PC\command - "" = G:\system\viewer\FlipVideoforPC.exe -- File not found
========== Files/Folders - Created Within 30 Days ==========
[15 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/02 01:43:21 | 00,097,020 | ---- | C] () -- C:\WINDOWS\System32\drivers\b4d325ba.sys
[2009/05/02 01:42:45 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdaas
[2009/05/02 00:39:56 | 00,286,208 | ---- | C] () -- C:\05ne2u6q.exe
[2009/05/02 00:37:07 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Matt\Desktop\OTListIt2.exe
[2009/05/02 00:35:11 | 00,100,092 | ---- | C] () -- C:\WINDOWS\System32\drivers\c7b7132f.sys
[2009/05/02 00:34:38 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jcpsfz
[2009/05/02 00:15:32 | 00,100,092 | ---- | C] () -- C:\WINDOWS\System32\drivers\a685789e.sys
[2009/05/02 00:15:10 | 00,007,680 | ---- | C] () -- C:\okex.exe
[2009/05/02 00:15:09 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xzabr
[2009/05/02 00:08:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\st_1241241976.exe
[2009/05/02 00:08:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\st_1241240974.exe
[2009/05/02 00:01:50 | 00,100,092 | ---- | C] () -- C:\WINDOWS\System32\drivers\f26e4bb2.sys
[2009/05/02 00:01:38 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jvmfo
[2009/05/02 00:01:38 | 00,007,680 | ---- | C] () -- C:\celkadaa.exe
[2009/05/01 12:01:34 | 01,407,011 | -HS- | C] () -- C:\WINDOWS\System32\uholoril.ini
[2009/05/01 04:24:23 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\giobqtyci
[2009/05/01 03:02:36 | 00,000,001 | -H-- | C] () -- C:\WINDOWS\msmark2.dat
[2009/05/01 03:02:35 | 00,000,002 | -H-- | C] () -- C:\WINDOWS\t55ft2695f44.dat
[2009/05/01 01:04:57 | 00,212,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/05/01 01:02:45 | 00,101,888 | ---- | C] () -- C:\ohkbrkoo.exe
[2009/05/01 01:02:45 | 00,000,705 | ---- | C] () -- C:\xmrgycj.exe
[2009/05/01 01:02:37 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\epakjum
[2009/05/01 01:02:33 | 00,010,752 | -H-- | C] () -- C:\WINDOWS\pp06.exe
[2009/05/01 01:02:33 | 00,000,001 | ---- | C] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/05/01 01:02:32 | 00,113,664 | ---- | C] () -- C:\xipr.exe
[2009/05/01 01:02:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\mqcd.dbt
[2009/05/01 01:02:28 | 00,000,002 | -H-- | C] () -- C:\WINDOWS\t55ft2692f44.dat
[2009/05/01 01:02:26 | 00,014,848 | ---- | C] () -- C:\WINDOWS\System32\DL32.exe
[2009/05/01 01:02:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\796525
[2009/05/01 01:01:51 | 00,093,052 | ---- | C] () -- C:\WINDOWS\System32\drivers\f6f9037e.sys
[2009/05/01 01:01:44 | 00,014,336 | -H-- | C] () -- C:\WINDOWS\ld08.exe
[2009/05/01 01:01:39 | 00,101,888 | ---- | C] () -- C:\wwmeoblk.exe
[2009/05/01 01:01:37 | 00,000,705 | ---- | C] () -- C:\pdtivk.exe
[2009/05/01 01:01:35 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\inqby.sr
[2009/05/01 01:01:34 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\ferryl.cbv
[2009/05/01 01:01:33 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\fairy.an
[2009/05/01 01:01:32 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\dolman.zt
[2009/05/01 01:01:31 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\ashl.nq
[2009/05/01 01:01:31 | 00,000,002 | ---- | C] () -- C:\-130035190
[2009/05/01 01:01:29 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/05/01 01:01:27 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/05/01 01:01:25 | 00,113,664 | ---- | C] () -- C:\WINDOWS\System32\azton.mt
[2009/05/01 00:01:24 | 00,113,664 | ---- | C] () -- C:\kggi.exe
[2009/05/01 00:01:23 | 00,015,000 | ---- | C] () -- C:\WINDOWS\System32\sjg9s8guigjs.dll
[2009/05/01 00:01:19 | 00,009,216 | ---- | C] () -- C:\WINDOWS\instsp2.exe
[2009/04/30 12:01:08 | 01,434,355 | -HS- | C] () -- C:\WINDOWS\System32\akeyawab.ini
[2009/04/30 01:16:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matt\My Documents\My Games
[2009/04/29 22:46:24 | 00,434,271 | ---- | C] (MyWebSearch.com) -- C:\Program Files\Uninstall Fun Web Products.dll
[2009/04/29 21:35:12 | 00,001,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Age of Empires III.lnk
[2009/04/29 21:35:03 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/04/29 21:34:57 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/04/29 21:32:05 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2009/04/29 21:32:05 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wstcodec.sys
[2009/04/29 21:32:05 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/04/29 21:32:05 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\streamip.sys
[2009/04/29 21:32:05 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/04/29 21:32:04 | 01,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2009/04/29 21:32:04 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/04/29 21:32:04 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2009/04/29 21:32:04 | 00,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/04/29 21:32:04 | 00,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/04/29 21:32:04 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/04/29 21:32:04 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/04/29 21:32:04 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nabtsfec.sys
[2009/04/29 21:32:04 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/04/29 21:32:04 | 00,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2009/04/29 21:32:04 | 00,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2009/04/29 21:32:04 | 00,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2009/04/29 21:32:04 | 00,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2009/04/29 21:32:04 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/04/29 21:32:04 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/04/29 21:32:04 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2009/04/29 21:32:04 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2009/04/29 21:32:04 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2009/04/29 21:32:04 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2009/04/29 21:32:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ccdecode.sys
[2009/04/29 21:32:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/04/29 21:32:04 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2009/04/29 21:32:04 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2009/04/29 21:32:04 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/04/29 21:32:04 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/04/29 21:32:04 | 00,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2009/04/29 21:32:04 | 00,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2009/04/29 21:32:04 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\slip.sys
[2009/04/29 21:32:04 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/04/29 21:32:04 | 00,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndisip.sys
[2009/04/29 21:32:04 | 00,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/04/29 21:32:04 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstee.sys
[2009/04/29 21:32:04 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/04/29 21:32:03 | 01,798,144 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedit.dll
[2009/04/29 21:32:03 | 00,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2009/04/29 21:32:03 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2009/04/29 21:32:02 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/04/29 21:32:02 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2009/04/29 21:32:01 | 00,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll
[2009/04/29 21:32:01 | 00,470,528 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2009/04/29 21:32:01 | 00,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll
[2009/04/29 21:32:01 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll
[2009/04/29 21:32:01 | 00,316,928 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll
[2009/04/29 21:32:01 | 00,257,024 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qcap.dll
[2009/04/29 21:32:01 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2009/04/29 21:32:01 | 00,132,608 | ---- | C] () -- C:\WINDOWS\System32\dllcache\devenum.dll
[2009/04/29 21:32:01 | 00,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2009/04/29 21:32:01 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll
[2009/04/29 21:32:01 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll
[2009/04/29 21:32:01 | 00,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2009/04/29 21:32:01 | 00,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys
[2009/04/29 21:32:00 | 01,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2009/04/29 21:32:00 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2009/04/29 21:32:00 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2009/04/29 21:32:00 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2009/04/29 21:32:00 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2009/04/29 21:32:00 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2009/04/29 21:32:00 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2009/04/29 21:32:00 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2009/04/29 21:32:00 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2009/04/29 21:32:00 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2009/04/29 21:32:00 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2009/04/29 21:31:59 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2009/04/29 21:31:59 | 00,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2009/04/29 21:31:59 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2009/04/29 21:31:59 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2009/04/29 21:31:59 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2009/04/29 21:31:58 | 01,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2009/04/29 21:31:58 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2009/04/29 21:31:58 | 00,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll
[2009/04/29 21:31:58 | 00,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2009/04/29 21:31:58 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll
[2009/04/29 21:31:58 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2009/04/29 21:31:58 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2009/04/29 21:31:58 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2009/04/29 21:31:58 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll
[2009/04/29 21:31:58 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2009/04/29 21:31:58 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2009/04/29 21:31:58 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2009/04/29 21:31:58 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2009/04/29 21:31:58 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2009/04/29 21:31:58 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2009/04/29 21:31:58 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2009/04/29 21:31:57 | 01,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2009/04/29 21:31:57 | 00,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2009/04/29 21:31:57 | 00,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2009/04/29 21:31:57 | 00,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2009/04/29 21:31:57 | 00,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2009/04/29 21:31:57 | 00,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2009/04/29 21:31:57 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2009/04/29 21:31:57 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2009/04/29 21:31:57 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2009/04/29 21:31:57 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2009/04/29 21:31:57 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2009/04/29 21:14:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009/04/29 21:08:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matt\My Documents\New Folder
[2009/04/29 18:30:43 | 01,434,346 | -HS- | C] () -- C:\WINDOWS\System32\eyidekoz.ini
[2009/04/29 15:09:42 | 00,313,335 | ---- | C] () -- C:\Documents and Settings\Matt\Desktop\RGT42DXWH-8c8303bf62f4c57f112f711cbe61ceb3.jpg
[2009/04/29 06:28:42 | 01,434,355 | -HS- | C] () -- C:\WINDOWS\System32\iwaroyiv.ini
[2009/04/29 01:59:36 | 17,894,21568 | ---- | C] () -- C:\Documents and Settings\Matt\My Documents\Age Of Empires 3 full DVD +crack + serial.iso
[2009/04/29 01:59:36 | 00,017,525 | ---- | C] () -- C:\Documents and Settings\Matt\My Documents\Age Of Empires 3 full DVD +crack + serial.iso.torrent
[2009/04/28 18:28:21 | 01,434,346 | -HS- | C] () -- C:\WINDOWS\System32\epihufow.ini
[2009/04/28 06:27:56 | 01,434,346 | -HS- | C] () -- C:\WINDOWS\System32\unuwasem.ini
[2009/04/27 22:45:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matt\My Documents\Downloads
[2009/04/27 22:44:48 | 00,002,237 | ---- | C] () -- C:\Documents and Settings\Matt\Desktop\Google Chrome.lnk
[2009/04/27 22:42:46 | 00,000,922 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1008038488-4230078294-407686965-1010.job
[2009/04/27 18:27:50 | 01,407,011 | -HS- | C] () -- C:\WINDOWS\System32\obufejaw.ini
[2009/04/27 06:27:38 | 01,407,033 | -HS- | C] () -- C:\WINDOWS\System32\ujitorel.ini
[2009/04/26 20:14:14 | 01,407,024 | -HS- | C] () -- C:\WINDOWS\System32\izesepap.ini
[2009/04/26 18:27:19 | 01,407,024 | -HS- | C] () -- C:\WINDOWS\System32\idebiwep.ini
[2009/04/26 08:14:12 | 01,407,024 | -HS- | C] () -- C:\WINDOWS\System32\avofowul.ini
[2009/04/25 20:13:59 | 01,407,024 | -HS- | C] () -- C:\WINDOWS\System32\ohedakin.ini
[2009/04/25 08:14:47 | 01,407,020 | -HS- | C] () -- C:\WINDOWS\System32\ebarejuz.ini
[2009/04/19 18:33:29 | 44,232,524 | ---- | C] () -- C:\Documents and Settings\Matt\My Documents\FlipVideoUpdater.exe
[2009/04/16 17:59:13 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 17:59:13 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 17:59:13 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 17:59:13 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/16 17:59:12 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 17:59:12 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 17:59:12 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 17:59:11 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 17:59:11 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 17:59:11 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 17:58:28 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 17:58:28 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 17:58:27 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/10 19:08:04 | 00,000,268 | -H-- | C] () -- C:\sqmdata00.sqm
[2009/04/10 19:08:04 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt00.sqm
[2009/04/07 23:58:08 | 00,000,000 | ---D | C] -- C:\Program Files\Palace of Chance
[2009/04/07 21:37:32 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009/04/05 15:23:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/04/05 05:12:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2009/04/05 05:08:19 | 00,000,000 | ---D | C] -- C:\Program Files\Freeze.com
[2009/04/05 05:07:56 | 00,000,416 | ---- | C] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009/04/05 05:07:50 | 00,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Richtx32.ocx
[2009/04/04 13:42:56 | 00,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{095775D4-EC01-49C4-8E44-5A922ADFEB64}.job
[2009/04/04 13:33:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/04/04 13:30:04 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/04/04 13:28:05 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/04/04 01:55:33 | 00,000,000 | ---D | C] -- C:\Program Files\FunWebProducts
[2009/04/04 01:55:32 | 00,000,000 | ---D | C] -- C:\Program Files\MyWebSearch
[2009/02/11 11:13:24 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/02/06 20:59:56 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/02/05 17:35:56 | 00,000,589 | ---- | C] () -- C:\WINDOWS\MusicStudio.INI
[2009/02/05 17:34:37 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2009/02/05 17:33:43 | 00,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009/02/05 17:33:32 | 00,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/02/02 03:23:21 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/02/02 00:01:28 | 00,081,920 | -HS- | C] () -- C:\WINDOWS\System32\beruvufi.dll
[2009/02/02 00:01:27 | 00,083,456 | -HS- | C] () -- C:\WINDOWS\System32\zijodope.dll
[2009/02/01 12:01:19 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\diyusivo.dll.vir
[2009/02/01 12:01:18 | 00,080,896 | -HS- | C] () -- C:\WINDOWS\System32\lirolohu.dll
[2009/02/01 01:02:13 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\pekimoka.dll
[2009/02/01 01:02:13 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\joyubaho.dll
[2009/02/01 01:02:13 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\joriguvo.dll
[2009/02/01 00:01:16 | 00,081,408 | -HS- | C] () -- C:\WINDOWS\System32\nugedezo.dll
[2009/02/01 00:01:14 | 00,082,432 | -HS- | C] () -- C:\WINDOWS\System32\muhoyawa.dll
[2009/02/01 00:01:14 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\likibefi.dll
[2009/01/30 12:00:53 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\kezolape.dll.vir
[2009/01/30 12:00:53 | 00,081,408 | ---- | C] () -- C:\WINDOWS\System32\bawayeka.dll
[2009/01/29 18:30:31 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\zokediye.dll
[2009/01/29 18:30:26 | 00,083,456 | -HS- | C] () -- C:\WINDOWS\System32\wafujode.dll
[2009/01/29 06:28:33 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\zosamulo.dll
[2009/01/28 18:28:02 | 00,082,432 | -HS- | C] () -- C:\WINDOWS\System32\gagagude.dll
[2009/01/28 06:27:50 | 00,083,456 | -HS- | C] () -- C:\WINDOWS\System32\vopepimi.dll
[2009/01/28 06:27:50 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\mesawunu.dll
[2009/01/27 18:27:47 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\jajakolo.dll
[2009/01/27 18:27:47 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\wajefubo.dll
[2009/01/27 06:27:36 | 00,082,432 | -HS- | C] () -- C:\WINDOWS\System32\fiwuwomi.dll
[2009/01/27 06:27:36 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\lerotiju.dll
[2009/01/26 20:14:12 | 00,082,432 | -HS- | C] () -- C:\WINDOWS\System32\pezetifu.dll
[2009/01/26 20:14:12 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\papesezi.dll
[2009/01/26 18:27:17 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\pewibedi.dll
[2009/01/26 18:27:16 | 00,082,432 | -HS- | C] () -- C:\WINDOWS\System32\yisomuhe.dll
[2009/01/26 08:14:11 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\tonojopu.dll
[2009/01/26 08:14:11 | 00,080,384 | ---- | C] () -- C:\WINDOWS\System32\luwofova.dll
[2009/01/25 20:13:57 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\lumuzasu.dll
[2009/01/25 20:13:57 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\nikadeho.dll
[2009/01/25 20:13:57 | 00,049,664 | -HS- | C] () -- C:\WINDOWS\System32\zeguzade.dll
[2009/01/25 08:14:31 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\tuyuvela.dll
[2009/01/25 08:14:31 | 00,081,408 | ---- | C] () -- C:\WINDOWS\System32\zujerabe.dll
[2007/08/26 21:45:44 | 00,438,272 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib_dec.dll
[2007/08/23 20:48:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2007/04/17 16:56:04 | 00,004,392 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/04/17 16:56:04 | 00,000,104 | RHS- | C] () -- C:\WINDOWS\System32\27DD8E1676.sys
[2006/01/31 10:29:56 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/01/31 10:13:10 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/01/31 09:53:18 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/01/31 09:53:12 | 00,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 14:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:51:28 | 00,000,617 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/10 13:51:26 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/08/10 13:51:15 | 00,212,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndis.sys
========== Files - Modified Within 30 Days ==========
[15 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/02 01:59:29 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\sodavodu
[2009/05/02 01:59:19 | 00,100,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\f26e4bb2.sys
[2009/05/02 01:59:19 | 00,100,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\a685789e.sys
[2009/05/02 01:59:19 | 00,097,020 | ---- | M] () -- C:\WINDOWS\System32\drivers\b4d325ba.sys
[2009/05/02 01:59:17 | 00,100,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\c7b7132f.sys
[2009/05/02 01:59:17 | 00,093,052 | ---- | M] () -- C:\WINDOWS\System32\drivers\f6f9037e.sys
[2009/05/02 01:55:00 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{095775D4-EC01-49C4-8E44-5A922ADFEB64}.job
[2009/05/02 01:52:48 | 00,212,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndis.sys
[2009/05/02 01:52:48 | 00,212,224 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/05/02 01:43:13 | 00,101,888 | ---- | M] () -- C:\ohkbrkoo.exe
[2009/05/02 01:43:10 | 00,000,705 | ---- | M] () -- C:\xmrgycj.exe
[2009/05/02 01:43:05 | 00,000,002 | ---- | M] () -- C:\-130035190
[2009/05/02 01:42:47 | 00,007,680 | ---- | M] () -- C:\okex.exe
[2009/05/02 01:42:37 | 00,113,664 | ---- | M] () -- C:\xipr.exe
[2009/05/02 01:42:37 | 00,113,664 | ---- | M] () -- C:\WINDOWS\System32\azton.mt
[2009/05/02 01:41:58 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009/05/02 01:41:55 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/02 01:41:53 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Matt\Local Settings\desktop.ini
[2009/05/02 01:29:05 | 00,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1008038488-4230078294-407686965-1010.job
[2009/05/02 00:52:18 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\ferryl.cbv
[2009/05/02 00:52:18 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\inqby.sr
[2009/05/02 00:52:17 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\fairy.an
[2009/05/02 00:52:17 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\dolman.zt
[2009/05/02 00:52:16 | 00,079,360 | ---- | M] () -- C:\WINDOWS\System32\ashl.nq
[2009/05/02 00:49:21 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/02 00:49:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/02 00:39:57 | 00,286,208 | ---- | M] () -- C:\05ne2u6q.exe
[2009/05/02 00:37:07 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matt\Desktop\OTListIt2.exe
[2009/05/02 00:08:55 | 00,000,000 | ---- | M] () -- C:\WINDOWS\st_1241241976.exe
[2009/05/02 00:08:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\st_1241240974.exe
[2009/05/02 00:01:58 | 00,014,848 | ---- | M] () -- C:\WINDOWS\System32\DL32.exe
[2009/05/02 00:01:52 | 00,014,336 | -H-- | M] () -- C:\WINDOWS\ld08.exe
[2009/05/02 00:01:50 | 00,101,888 | ---- | M] () -- C:\wwmeoblk.exe
[2009/05/02 00:01:44 | 00,000,705 | ---- | M] () -- C:\pdtivk.exe
[2009/05/02 00:01:38 | 00,007,680 | ---- | M] () -- C:\celkadaa.exe
[2009/05/02 00:01:36 | 00,113,664 | ---- | M] () -- C:\kggi.exe
[2009/05/02 00:01:33 | 00,015,000 | ---- | M] () -- C:\WINDOWS\System32\sjg9s8guigjs.dll
[2009/05/02 00:01:29 | 00,083,456 | -HS- | M] () -- C:\WINDOWS\System32\zijodope.dll
[2009/05/02 00:01:29 | 00,081,920 | -HS- | M] () -- C:\WINDOWS\System32\beruvufi.dll
[2009/05/02 00:01:29 | 00,009,216 | ---- | M] () -- C:\WINDOWS\instsp2.exe
[2009/05/01 14:08:14 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/01 12:23:16 | 01,407,011 | -HS- | M] () -- C:\WINDOWS\System32\uholoril.ini
[2009/05/01 12:01:21 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\diyusivo.dll.vir
[2009/05/01 12:01:20 | 00,080,896 | -HS- | M] () -- C:\WINDOWS\System32\lirolohu.dll
[2009/05/01 12:01:19 | 00,047,104 | -HS- | M] () -- C:\WINDOWS\System32\lapilivo.exe
[2009/05/01 04:24:24 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
[2009/05/01 03:02:36 | 00,000,001 | -H-- | M] () -- C:\WINDOWS\msmark2.dat
[2009/05/01 03:02:35 | 00,000,002 | -H-- | M] () -- C:\WINDOWS\t55ft2695f44.dat
[2009/05/01 03:00:00 | 00,000,494 | ---- | M] () -- C:\WINDOWS\tasks\AdwareAlert Scheduled Scan.job
[2009/05/01 02:23:07 | 01,434,355 | -HS- | M] () -- C:\WINDOWS\System32\akeyawab.ini
[2009/05/01 01:02:33 | 00,010,752 | -H-- | M] () -- C:\WINDOWS\pp06.exe
[2009/05/01 01:02:33 | 00,000,001 | ---- | M] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/05/01 01:02:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\mqcd.dbt
[2009/05/01 01:02:28 | 00,000,002 | -H-- | M] () -- C:\WINDOWS\t55ft2692f44.dat
[2009/05/01 01:01:44 | 00,051,200 | -HS- | M] () -- C:\WINDOWS\System32\likibefi.dll
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xzabr
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\user32.DLL
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jvmfo
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jcpsfz
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\giobqtyci
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gdaas
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\epakjum
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/05/01 01:01:27 | 00,262,144 | ---- | M] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/05/01 00:01:19 | 00,081,408 | -HS- | M] () -- C:\WINDOWS\System32\nugedezo.dll
[2009/05/01 00:01:15 | 00,082,432 | -HS- | M] () -- C:\WINDOWS\System32\muhoyawa.dll
[2009/05/01 00:01:15 | 00,047,104 | -HS- | M] () -- C:\WINDOWS\System32\yisusasi.exe
[2009/04/30 12:01:20 | 01,434,346 | -HS- | M] () -- C:\WINDOWS\System32\eyidekoz.ini
[2009/04/30 12:00:55 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\kezolape.dll.vir
[2009/04/30 12:00:55 | 00,081,408 | ---- | M] () -- C:\WINDOWS\System32\bawayeka.dll
[2009/04/29 21:47:19 | 00,000,896 | ---- | M] () -- C:\Documents and Settings\Matt\My Documents\My Sharing Folders.lnk
[2009/04/29 21:35:12 | 00,001,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Age of Empires III.lnk
[2009/04/29 18:38:15 | 17,894,21568 | ---- | M] () -- C:\Documents and Settings\Matt\My Documents\Age Of Empires 3 full DVD +crack + serial.iso
[2009/04/29 18:30:35 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\zokediye.dll
[2009/04/29 18:30:31 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\yojokeri.exe
[2009/04/29 18:30:30 | 00,083,456 | -HS- | M] () -- C:\WINDOWS\System32\wafujode.dll
[2009/04/29 17:34:55 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/29 15:09:42 | 00,313,335 | ---- | M] () -- C:\Documents and Settings\Matt\Desktop\RGT42DXWH-8c8303bf62f4c57f112f711cbe61ceb3.jpg
[2009/04/29 13:42:25 | 01,434,355 | -HS- | M] () -- C:\WINDOWS\System32\iwaroyiv.ini
[2009/04/29 06:28:36 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\zosamulo.dll
[2009/04/29 01:59:36 | 00,017,525 | ---- | M] () -- C:\Documents and Settings\Matt\My Documents\Age Of Empires 3 full DVD +crack + serial.iso.torrent
[2009/04/28 18:49:43 | 01,434,346 | -HS- | M] () -- C:\WINDOWS\System32\epihufow.ini
[2009/04/28 18:28:04 | 00,082,432 | -HS- | M] () -- C:\WINDOWS\System32\gagagude.dll
[2009/04/28 12:37:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/28 06:49:18 | 01,434,346 | -HS- | M] () -- C:\WINDOWS\System32\unuwasem.ini
[2009/04/28 06:27:52 | 00,083,456 | -HS- | M] () -- C:\WINDOWS\System32\vopepimi.dll
[2009/04/28 06:27:52 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\mesawunu.dll
[2009/04/27 22:44:48 | 00,002,237 | ---- | M] () -- C:\Documents and Settings\Matt\Desktop\Google Chrome.lnk
[2009/04/27 18:50:48 | 01,407,011 | -HS- | M] () -- C:\WINDOWS\System32\obufejaw.ini
[2009/04/27 18:27:49 | 00,081,920 | ---- | M] () -- C:\WINDOWS\System32\wajefubo.dll
[2009/04/27 18:27:48 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\jajakolo.dll
[2009/04/27 16:46:40 | 01,407,033 | -HS- | M] () -- C:\WINDOWS\System32\ujitorel.ini
[2009/04/27 06:27:38 | 00,082,432 | -HS- | M] () -- C:\WINDOWS\System32\fiwuwomi.dll
[2009/04/27 06:27:37 | 00,081,920 | ---- | M] () -- C:\WINDOWS\System32\lerotiju.dll
[2009/04/27 06:27:37 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\dozorenu.exe
[2009/04/26 20:26:36 | 01,407,024 | -HS- | M] () -- C:\WINDOWS\System32\izesepap.ini
[2009/04/26 20:14:14 | 00,082,432 | -HS- | M] () -- C:\WINDOWS\System32\pezetifu.dll
[2009/04/26 20:14:14 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\papesezi.dll
[2009/04/26 20:14:13 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\lurosuno.exe
[2009/04/26 18:48:53 | 01,407,024 | -HS- | M] () -- C:\WINDOWS\System32\idebiwep.ini
[2009/04/26 18:27:19 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\pewibedi.dll
[2009/04/26 18:27:18 | 00,082,432 | -HS- | M] () -- C:\WINDOWS\System32\yisomuhe.dll
[2009/04/26 18:27:18 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\yokahode.exe
[2009/04/26 08:35:34 | 01,407,024 | -HS- | M] () -- C:\WINDOWS\System32\avofowul.ini
[2009/04/26 08:14:12 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\tonojopu.dll
[2009/04/26 08:14:12 | 00,080,384 | ---- | M] () -- C:\WINDOWS\System32\luwofova.dll
[2009/04/26 08:14:12 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\tiwupeki.exe
[2009/04/25 20:35:40 | 01,407,024 | -HS- | M] () -- C:\WINDOWS\System32\ohedakin.ini
[2009/04/25 20:14:28 | 00,049,664 | -HS- | M] () -- C:\WINDOWS\System32\zeguzade.dll
[2009/04/25 20:14:00 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\lumuzasu.dll
[2009/04/25 20:13:59 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\kibajelu.exe
[2009/04/25 20:13:58 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\nikadeho.dll
[2009/04/25 08:37:19 | 01,407,020 | -HS- | M] () -- C:\WINDOWS\System32\ebarejuz.ini
[2009/04/25 08:14:34 | 00,081,408 | ---- | M] () -- C:\WINDOWS\System32\zujerabe.dll
[2009/04/25 08:14:33 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\tuyuvela.dll
[2009/04/25 08:14:33 | 00,047,616 | -HS- | M] () -- C:\WINDOWS\System32\bayoluda.exe
[2009/04/19 18:38:51 | 44,232,524 | ---- | M] () -- C:\Documents and Settings\Matt\My Documents\FlipVideoUpdater.exe
[2009/04/17 12:22:57 | 00,441,626 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/17 12:22:57 | 00,381,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/17 12:22:57 | 00,053,436 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/17 03:30:26 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/16 07:43:45 | 00,000,589 | ---- | M] () -- C:\WINDOWS\MusicStudio.INI
[2009/04/16 07:43:44 | 00,000,617 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/10 19:08:04 | 00,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/04/10 19:08:04 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/04/10 19:07:10 | 00,000,075 | -HS- | M] () -- C:\Documents and Settings\Matt\My Documents\desktop.ini
[2009/04/04 11:21:06 | 00,004,392 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/04/04 11:21:06 | 00,000,104 | RHS- | M] () -- C:\WINDOWS\System32\27DD8E1676.sys
========== LOP Check ==========
[2009/04/29 22:28:51 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/24 14:42:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/02/02 15:39:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/02/07 19:47:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2009/02/02 03:23:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009/02/02 14:45:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/02/02 14:47:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/02/06 21:14:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/02/02 14:30:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2009/02/02 23:37:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/02/07 10:50:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2006/01/31 10:19:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GTek
[2006/01/31 10:13:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009/02/05 17:34:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2009/03/18 17:58:25 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/02/14 14:57:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/02/07 19:43:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2009/02/06 21:39:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2007/08/22 18:32:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2004/08/10 14:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/02/02 03:11:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/03/16 06:27:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2006/01/31 10:12:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/11/11 13:44:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/03/18 17:57:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2009/04/05 05:12:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2009/04/29 22:26:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/04/29 02:06:31 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Matt\Application Data
[2009/04/27 20:29:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Adobe
[2009/02/04 01:10:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\AdobeUM
[2009/02/02 14:58:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\AdwareAlert
[2009/03/25 16:44:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Ahead
[2009/04/02 04:47:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Apple Computer
[2009/02/01 11:25:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Corel Photo Album
[2009/02/06 21:15:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\DAEMON Tools
[2009/02/06 21:16:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\DAEMON Tools Lite
[2009/02/06 21:15:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\DAEMON Tools Pro
[2009/04/14 13:22:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\FrostWire
[2009/02/06 03:16:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Google
[2009/02/02 14:30:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\GTek
[2004/08/10 14:08:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Identities
[2009/02/01 21:27:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Macromedia
[2009/04/29 22:33:44 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Matt\Application Data\Microsoft
[2009/02/14 14:57:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\NCH Swift Sound
[2009/02/01 19:44:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Opera
[2009/02/06 22:18:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Propellerhead Software
[2006/01/31 10:07:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Sun
[2006/01/31 10:15:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Symantec
[2009/02/14 14:17:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\The Ringtone Maker Plus
[2009/02/01 19:54:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\vlc
[2009/02/22 22:52:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\WinRAR
[2009/03/18 18:25:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Yahoo!
[2009/05/01 03:00:00 | 00,000,494 | ---- | M] () -- C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job
[2009/04/28 12:37:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/05/02 01:29:05 | 00,000,922 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1008038488-4230078294-407686965-1010.job
[2009/05/02 01:41:58 | 00,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[2009/05/02 00:49:21 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/05/02 01:55:00 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{095775D4-EC01-49C4-8E44-5A922ADFEB64}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 32256 bytes -> C:\WINDOWS\system32\svchost.exe:ext.exe
< End of report >
EXTRAS!
*********************************************************************************************
OTListIt Extras logfile created on: 5/2/2009 1:42:43 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.2 Folder = C:\Documents and Settings\Matt\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.25 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 64.01% Memory free
1.86 Gb Paging File | 1.51 Gb Available in Paging File | 81.49% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 21.08 Gb Free Space | 29.51% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 37.24 Gb Total Space | 15.50 Gb Free Space | 41.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 1.80 Gb Total Space | 0.05 Gb Free Space | 2.73% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D967MC91
Current User Name: Matt
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"80:TCP" = 80:TCP:*:Enabled:DL32
"7171:TCP" = 7171:TCP:*:Enabled:DL32
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 (Microsoft Corporation)
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL File not found
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 File not found
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 (Microsoft Corporation)
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL File not found
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 File not found
C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser (Opera Software)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 File not found
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) File not found
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire File not found
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger File not found
C:\WINDOWS\explorer.exe:*:Enabled:Explorer (Microsoft Corporation)
C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon (Microsoft Corporation)
C:\kggi.exe:*:Disabled:kggi ()
C:\WINDOWS\ld08.exe:*:Enabled:ld08 ()
C:\Documents and Settings\Matt\Local Settings\Temp\1289437642.exe:*:Enabled:1289437642 ()
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe:*:Enabled:hpotdd01 (Hewlett-Packard)
C:\WINDOWS\system32\msiexec.exe:*:Enabled:msiexec (Microsoft Corporation)
C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2C0CD17D-0B06-4700-83FA-7344B868B0A2}" = Opera 9.63
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{503AA035-41E2-4858-B31F-1E49AC66C309}" = Norton Security Center
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C26B06A9-27BB-45B0-9873-9C623EC2BA38}" = iTunes
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CA0A1E54-CE0F-4366-B09C-A87B61DC5633}" = Symantec Network Drivers Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"3ivx MPEG-4 5.0.1 Decoder" = 3ivx MPEG-4 5.0.1 Decoder (remove only)
"Acoustica Beatcraft" = Acoustica Beatcraft
"Acoustica Effects Pack" = Acoustica Effects Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"iDump" = iDump (Build: 28)
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Magic ISO Maker v5.5 (build 0273)" = Magic ISO Maker v5.5 (build 0273)
"MAGIX Screenshare US" = MAGIX Screenshare 4.3.6.1987 (US)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Adapters and Drivers
"Reason4_is1" = Reason 4.0
"Samplitude Music Studio 14 Download version US" = Samplitude Music Studio 14 Download version 14.0.2.0 (US)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.2
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/2/2009 1:02:49 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:02:57 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:03:03 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:03:10 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:03:16 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:08:11 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:08:26 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:22:39 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:36:39 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:36:52 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
[ System Events ]
Error - 5/2/2009 2:48:01 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:49:02 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:51:07 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:52:12 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:54:05 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:55:11 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:55:35 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 5/2/2009 2:57:09 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:58:15 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 3:00:15 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
< End of report >
OTListIt2 by OldTimer - Version 2.0.15.2 Folder = C:\Documents and Settings\Matt\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.25 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 64.01% Memory free
1.86 Gb Paging File | 1.51 Gb Available in Paging File | 81.49% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 21.08 Gb Free Space | 29.51% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 37.24 Gb Total Space | 15.50 Gb Free Space | 41.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 1.80 Gb Total Space | 0.05 Gb Free Space | 2.73% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D967MC91
Current User Name: Matt
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (Symantec Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe (Symantec Corporation)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\windows\ld08.exe ()
PRC - C:\windows\pp06.exe ()
PRC - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Documents and Settings\Matt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\WINDOWS\TEMP\to4jr.exe ()
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\WINDOWS\TEMP\to4jr.exe ()
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\WINDOWS\system32\DL32.exe ()
PRC - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\Documents and Settings\Matt\Desktop\OTListIt2.exe (OldTimer Tools)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (DSBrokerService [On_Demand | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE (Symantec Corporation)
SRV - (MyWebSearchService [Auto | Stopped]) -- File not found
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetSvc [On_Demand | Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (NMIndexingService [On_Demand | Running]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (SNDSrvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (SymWSC [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (Symantec Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DSproct [On_Demand | Running]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntelC51 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC51.sys (Intel Corporation)
DRV - (IntelC52 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC52.sys (Intel Corporation)
DRV - (IntelC53 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC53.sys (Intel Corporation)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mohfilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mohfilt.sys (Intel Corporation)
DRV - (motccgp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\motccgp.sys (Motorola)
DRV - (motccgpfl [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\motccgpfl.sys (Motorola)
DRV - (motmodem [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\motmodem.sys (Motorola)
DRV - (motport [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\motport.sys (Motorola)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (senfilt [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\senfilt.sys (Creative Technology Ltd.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (SYMDNS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMNDIS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?g...&o=101676&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn...autosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/24 00:01:52 | 00,000,000 | ---D | M]
O1 HOSTS File: (0 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {aa014579-0c45-4c0b-b9e4-ed4655cdb69a} - C:\WINDOWS\system32\joyubaho.dll ()
O2 - BHO: (C:\WINDOWS\system32\sjg9s8guigjs.dll) - {b2ba40a2-74f0-42bd-f434-12345a2c8953} - C:\WINDOWS\system32\sjg9s8guigjs.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [CPMfb0ce139] Rundll32.exe "c:\windows\system32\zijodope.dll",a ()
O4 - HKLM..\Run: [f83fd2a5] rundll32.exe "C:\WINDOWS\system32\bawayeka.dll",b ()
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [pp] C:\windows\pp06.exe ()
O4 - HKLM..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [sysldtray] c:\windows\ld08.exe ()
O4 - HKLM..\Run: [sysmstray] c:\windows\mstre18.exe File not found
O4 - HKLM..\Run: [zonenubola] Rundll32.exe "C:\WINDOWS\system32\joriguvo.dll",s ()
O4 - HKCU..\Run: [] C:\WINDOWS\TEMP\to4jr.exe ()
O4 - HKCU..\Run: [12CFG515-K641-55SF-N66P] C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\pqlmq.exe ()
O4 - HKCU..\Run: [12ZFG94-F641-2SF-K31P-5N1ER6H6L2] C:\RECYCLER\S-1-5-21-0433423704-4049715830-891763976-3319\service.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (DT Soft Ltd)
O4 - HKCU..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup (Gteko Ltd.)
O4 - HKCU..\Run: [Diagnostic Manager] C:\DOCUME~1\Matt\LOCALS~1\Temp\777613620.exe ()
O4 - HKCU..\Run: [DL32] DL32 ()
O4 - HKCU..\Run: [Google Update] "C:\Documents and Settings\Matt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background File not found
O4 - HKCU..\Run: [reader_s] C:\Documents and Settings\Matt\reader_s.exe File not found
O4 - HKCU..\Run: [Windows Resurections] C:\WINDOWS\TEMP\to4jr.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Matt\Start Menu\Programs\Startup\FrostWire On Startup.lnk = C:\Program Files\FrostWire\FrostWire.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZCman000 File not found
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm File not found
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1....loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\pekimoka.dll) - C:\WINDOWS\system32\pekimoka.dll ()
O20 - AppInit_DLLs: (c:\windows\system32\diyusivo.dll) - c:\windows\system32\diyusivo.dll File not found
O20 - AppInit_DLLs: (c:\windows\system32\zijodope.dll) - c:\windows\system32\zijodope.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\zijodope.dll ()
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {B2BA40A2-74F0-42BD-F434-12345A2C8953} - jso8joigm409gopgmrlgd - C:\WINDOWS\system32\sjg9s8guigjs.dll ()
O22 - SharedTaskScheduler: {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - STS - c:\windows\system32\zijodope.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/01/10 14:55:15 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/05/01 10:39:26 | 00,000,190 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{a21580f8-f16c-11dd-ad67-0016760b0108}\Shell\AutoRun\command - "" = G:\system\viewer\FlipVideoforPC.exe -- File not found
O33 - MountPoints2\{a21580f8-f16c-11dd-ad67-0016760b0108}\Shell\Flip Video for PC\command - "" = G:\system\viewer\FlipVideoforPC.exe -- File not found
========== Files/Folders - Created Within 30 Days ==========
[15 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/02 01:43:21 | 00,097,020 | ---- | C] () -- C:\WINDOWS\System32\drivers\b4d325ba.sys
[2009/05/02 01:42:45 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdaas
[2009/05/02 00:39:56 | 00,286,208 | ---- | C] () -- C:\05ne2u6q.exe
[2009/05/02 00:37:07 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Matt\Desktop\OTListIt2.exe
[2009/05/02 00:35:11 | 00,100,092 | ---- | C] () -- C:\WINDOWS\System32\drivers\c7b7132f.sys
[2009/05/02 00:34:38 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jcpsfz
[2009/05/02 00:15:32 | 00,100,092 | ---- | C] () -- C:\WINDOWS\System32\drivers\a685789e.sys
[2009/05/02 00:15:10 | 00,007,680 | ---- | C] () -- C:\okex.exe
[2009/05/02 00:15:09 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xzabr
[2009/05/02 00:08:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\st_1241241976.exe
[2009/05/02 00:08:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\st_1241240974.exe
[2009/05/02 00:01:50 | 00,100,092 | ---- | C] () -- C:\WINDOWS\System32\drivers\f26e4bb2.sys
[2009/05/02 00:01:38 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jvmfo
[2009/05/02 00:01:38 | 00,007,680 | ---- | C] () -- C:\celkadaa.exe
[2009/05/01 12:01:34 | 01,407,011 | -HS- | C] () -- C:\WINDOWS\System32\uholoril.ini
[2009/05/01 04:24:23 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\giobqtyci
[2009/05/01 03:02:36 | 00,000,001 | -H-- | C] () -- C:\WINDOWS\msmark2.dat
[2009/05/01 03:02:35 | 00,000,002 | -H-- | C] () -- C:\WINDOWS\t55ft2695f44.dat
[2009/05/01 01:04:57 | 00,212,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/05/01 01:02:45 | 00,101,888 | ---- | C] () -- C:\ohkbrkoo.exe
[2009/05/01 01:02:45 | 00,000,705 | ---- | C] () -- C:\xmrgycj.exe
[2009/05/01 01:02:37 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\epakjum
[2009/05/01 01:02:33 | 00,010,752 | -H-- | C] () -- C:\WINDOWS\pp06.exe
[2009/05/01 01:02:33 | 00,000,001 | ---- | C] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/05/01 01:02:32 | 00,113,664 | ---- | C] () -- C:\xipr.exe
[2009/05/01 01:02:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\mqcd.dbt
[2009/05/01 01:02:28 | 00,000,002 | -H-- | C] () -- C:\WINDOWS\t55ft2692f44.dat
[2009/05/01 01:02:26 | 00,014,848 | ---- | C] () -- C:\WINDOWS\System32\DL32.exe
[2009/05/01 01:02:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\796525
[2009/05/01 01:01:51 | 00,093,052 | ---- | C] () -- C:\WINDOWS\System32\drivers\f6f9037e.sys
[2009/05/01 01:01:44 | 00,014,336 | -H-- | C] () -- C:\WINDOWS\ld08.exe
[2009/05/01 01:01:39 | 00,101,888 | ---- | C] () -- C:\wwmeoblk.exe
[2009/05/01 01:01:37 | 00,000,705 | ---- | C] () -- C:\pdtivk.exe
[2009/05/01 01:01:35 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\inqby.sr
[2009/05/01 01:01:34 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\ferryl.cbv
[2009/05/01 01:01:33 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\fairy.an
[2009/05/01 01:01:32 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\dolman.zt
[2009/05/01 01:01:31 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\ashl.nq
[2009/05/01 01:01:31 | 00,000,002 | ---- | C] () -- C:\-130035190
[2009/05/01 01:01:29 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/05/01 01:01:27 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/05/01 01:01:25 | 00,113,664 | ---- | C] () -- C:\WINDOWS\System32\azton.mt
[2009/05/01 00:01:24 | 00,113,664 | ---- | C] () -- C:\kggi.exe
[2009/05/01 00:01:23 | 00,015,000 | ---- | C] () -- C:\WINDOWS\System32\sjg9s8guigjs.dll
[2009/05/01 00:01:19 | 00,009,216 | ---- | C] () -- C:\WINDOWS\instsp2.exe
[2009/04/30 12:01:08 | 01,434,355 | -HS- | C] () -- C:\WINDOWS\System32\akeyawab.ini
[2009/04/30 01:16:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matt\My Documents\My Games
[2009/04/29 22:46:24 | 00,434,271 | ---- | C] (MyWebSearch.com) -- C:\Program Files\Uninstall Fun Web Products.dll
[2009/04/29 21:35:12 | 00,001,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Age of Empires III.lnk
[2009/04/29 21:35:03 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/04/29 21:34:57 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/04/29 21:32:05 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2009/04/29 21:32:05 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wstcodec.sys
[2009/04/29 21:32:05 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/04/29 21:32:05 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\streamip.sys
[2009/04/29 21:32:05 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/04/29 21:32:04 | 01,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2009/04/29 21:32:04 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/04/29 21:32:04 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2009/04/29 21:32:04 | 00,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/04/29 21:32:04 | 00,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/04/29 21:32:04 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/04/29 21:32:04 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/04/29 21:32:04 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nabtsfec.sys
[2009/04/29 21:32:04 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/04/29 21:32:04 | 00,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2009/04/29 21:32:04 | 00,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2009/04/29 21:32:04 | 00,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2009/04/29 21:32:04 | 00,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2009/04/29 21:32:04 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/04/29 21:32:04 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/04/29 21:32:04 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2009/04/29 21:32:04 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2009/04/29 21:32:04 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2009/04/29 21:32:04 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2009/04/29 21:32:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ccdecode.sys
[2009/04/29 21:32:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/04/29 21:32:04 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2009/04/29 21:32:04 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2009/04/29 21:32:04 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/04/29 21:32:04 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/04/29 21:32:04 | 00,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2009/04/29 21:32:04 | 00,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2009/04/29 21:32:04 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\slip.sys
[2009/04/29 21:32:04 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/04/29 21:32:04 | 00,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndisip.sys
[2009/04/29 21:32:04 | 00,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/04/29 21:32:04 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstee.sys
[2009/04/29 21:32:04 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/04/29 21:32:03 | 01,798,144 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedit.dll
[2009/04/29 21:32:03 | 00,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2009/04/29 21:32:03 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2009/04/29 21:32:02 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/04/29 21:32:02 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2009/04/29 21:32:01 | 00,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll
[2009/04/29 21:32:01 | 00,470,528 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2009/04/29 21:32:01 | 00,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll
[2009/04/29 21:32:01 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll
[2009/04/29 21:32:01 | 00,316,928 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll
[2009/04/29 21:32:01 | 00,257,024 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qcap.dll
[2009/04/29 21:32:01 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2009/04/29 21:32:01 | 00,132,608 | ---- | C] () -- C:\WINDOWS\System32\dllcache\devenum.dll
[2009/04/29 21:32:01 | 00,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2009/04/29 21:32:01 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll
[2009/04/29 21:32:01 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll
[2009/04/29 21:32:01 | 00,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2009/04/29 21:32:01 | 00,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys
[2009/04/29 21:32:00 | 01,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2009/04/29 21:32:00 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2009/04/29 21:32:00 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2009/04/29 21:32:00 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2009/04/29 21:32:00 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2009/04/29 21:32:00 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2009/04/29 21:32:00 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2009/04/29 21:32:00 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2009/04/29 21:32:00 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2009/04/29 21:32:00 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2009/04/29 21:32:00 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2009/04/29 21:31:59 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2009/04/29 21:31:59 | 00,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2009/04/29 21:31:59 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2009/04/29 21:31:59 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2009/04/29 21:31:59 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2009/04/29 21:31:58 | 01,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2009/04/29 21:31:58 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2009/04/29 21:31:58 | 00,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll
[2009/04/29 21:31:58 | 00,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2009/04/29 21:31:58 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll
[2009/04/29 21:31:58 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2009/04/29 21:31:58 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2009/04/29 21:31:58 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2009/04/29 21:31:58 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll
[2009/04/29 21:31:58 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2009/04/29 21:31:58 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2009/04/29 21:31:58 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2009/04/29 21:31:58 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2009/04/29 21:31:58 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2009/04/29 21:31:58 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2009/04/29 21:31:58 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2009/04/29 21:31:57 | 01,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2009/04/29 21:31:57 | 00,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2009/04/29 21:31:57 | 00,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2009/04/29 21:31:57 | 00,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2009/04/29 21:31:57 | 00,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2009/04/29 21:31:57 | 00,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2009/04/29 21:31:57 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2009/04/29 21:31:57 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2009/04/29 21:31:57 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2009/04/29 21:31:57 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2009/04/29 21:31:57 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2009/04/29 21:14:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009/04/29 21:08:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matt\My Documents\New Folder
[2009/04/29 18:30:43 | 01,434,346 | -HS- | C] () -- C:\WINDOWS\System32\eyidekoz.ini
[2009/04/29 15:09:42 | 00,313,335 | ---- | C] () -- C:\Documents and Settings\Matt\Desktop\RGT42DXWH-8c8303bf62f4c57f112f711cbe61ceb3.jpg
[2009/04/29 06:28:42 | 01,434,355 | -HS- | C] () -- C:\WINDOWS\System32\iwaroyiv.ini
[2009/04/29 01:59:36 | 17,894,21568 | ---- | C] () -- C:\Documents and Settings\Matt\My Documents\Age Of Empires 3 full DVD +crack + serial.iso
[2009/04/29 01:59:36 | 00,017,525 | ---- | C] () -- C:\Documents and Settings\Matt\My Documents\Age Of Empires 3 full DVD +crack + serial.iso.torrent
[2009/04/28 18:28:21 | 01,434,346 | -HS- | C] () -- C:\WINDOWS\System32\epihufow.ini
[2009/04/28 06:27:56 | 01,434,346 | -HS- | C] () -- C:\WINDOWS\System32\unuwasem.ini
[2009/04/27 22:45:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matt\My Documents\Downloads
[2009/04/27 22:44:48 | 00,002,237 | ---- | C] () -- C:\Documents and Settings\Matt\Desktop\Google Chrome.lnk
[2009/04/27 22:42:46 | 00,000,922 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1008038488-4230078294-407686965-1010.job
[2009/04/27 18:27:50 | 01,407,011 | -HS- | C] () -- C:\WINDOWS\System32\obufejaw.ini
[2009/04/27 06:27:38 | 01,407,033 | -HS- | C] () -- C:\WINDOWS\System32\ujitorel.ini
[2009/04/26 20:14:14 | 01,407,024 | -HS- | C] () -- C:\WINDOWS\System32\izesepap.ini
[2009/04/26 18:27:19 | 01,407,024 | -HS- | C] () -- C:\WINDOWS\System32\idebiwep.ini
[2009/04/26 08:14:12 | 01,407,024 | -HS- | C] () -- C:\WINDOWS\System32\avofowul.ini
[2009/04/25 20:13:59 | 01,407,024 | -HS- | C] () -- C:\WINDOWS\System32\ohedakin.ini
[2009/04/25 08:14:47 | 01,407,020 | -HS- | C] () -- C:\WINDOWS\System32\ebarejuz.ini
[2009/04/19 18:33:29 | 44,232,524 | ---- | C] () -- C:\Documents and Settings\Matt\My Documents\FlipVideoUpdater.exe
[2009/04/16 17:59:13 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 17:59:13 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 17:59:13 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 17:59:13 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/16 17:59:12 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 17:59:12 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 17:59:12 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 17:59:11 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 17:59:11 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 17:59:11 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 17:58:28 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 17:58:28 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 17:58:27 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/10 19:08:04 | 00,000,268 | -H-- | C] () -- C:\sqmdata00.sqm
[2009/04/10 19:08:04 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt00.sqm
[2009/04/07 23:58:08 | 00,000,000 | ---D | C] -- C:\Program Files\Palace of Chance
[2009/04/07 21:37:32 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009/04/05 15:23:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/04/05 05:12:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2009/04/05 05:08:19 | 00,000,000 | ---D | C] -- C:\Program Files\Freeze.com
[2009/04/05 05:07:56 | 00,000,416 | ---- | C] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009/04/05 05:07:50 | 00,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Richtx32.ocx
[2009/04/04 13:42:56 | 00,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{095775D4-EC01-49C4-8E44-5A922ADFEB64}.job
[2009/04/04 13:33:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/04/04 13:30:04 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/04/04 13:28:05 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/04/04 01:55:33 | 00,000,000 | ---D | C] -- C:\Program Files\FunWebProducts
[2009/04/04 01:55:32 | 00,000,000 | ---D | C] -- C:\Program Files\MyWebSearch
[2009/02/11 11:13:24 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/02/06 20:59:56 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/02/05 17:35:56 | 00,000,589 | ---- | C] () -- C:\WINDOWS\MusicStudio.INI
[2009/02/05 17:34:37 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2009/02/05 17:33:43 | 00,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009/02/05 17:33:32 | 00,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/02/02 03:23:21 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/02/02 00:01:28 | 00,081,920 | -HS- | C] () -- C:\WINDOWS\System32\beruvufi.dll
[2009/02/02 00:01:27 | 00,083,456 | -HS- | C] () -- C:\WINDOWS\System32\zijodope.dll
[2009/02/01 12:01:19 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\diyusivo.dll.vir
[2009/02/01 12:01:18 | 00,080,896 | -HS- | C] () -- C:\WINDOWS\System32\lirolohu.dll
[2009/02/01 01:02:13 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\pekimoka.dll
[2009/02/01 01:02:13 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\joyubaho.dll
[2009/02/01 01:02:13 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\joriguvo.dll
[2009/02/01 00:01:16 | 00,081,408 | -HS- | C] () -- C:\WINDOWS\System32\nugedezo.dll
[2009/02/01 00:01:14 | 00,082,432 | -HS- | C] () -- C:\WINDOWS\System32\muhoyawa.dll
[2009/02/01 00:01:14 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\likibefi.dll
[2009/01/30 12:00:53 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\kezolape.dll.vir
[2009/01/30 12:00:53 | 00,081,408 | ---- | C] () -- C:\WINDOWS\System32\bawayeka.dll
[2009/01/29 18:30:31 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\zokediye.dll
[2009/01/29 18:30:26 | 00,083,456 | -HS- | C] () -- C:\WINDOWS\System32\wafujode.dll
[2009/01/29 06:28:33 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\zosamulo.dll
[2009/01/28 18:28:02 | 00,082,432 | -HS- | C] () -- C:\WINDOWS\System32\gagagude.dll
[2009/01/28 06:27:50 | 00,083,456 | -HS- | C] () -- C:\WINDOWS\System32\vopepimi.dll
[2009/01/28 06:27:50 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\mesawunu.dll
[2009/01/27 18:27:47 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\jajakolo.dll
[2009/01/27 18:27:47 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\wajefubo.dll
[2009/01/27 06:27:36 | 00,082,432 | -HS- | C] () -- C:\WINDOWS\System32\fiwuwomi.dll
[2009/01/27 06:27:36 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\lerotiju.dll
[2009/01/26 20:14:12 | 00,082,432 | -HS- | C] () -- C:\WINDOWS\System32\pezetifu.dll
[2009/01/26 20:14:12 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\papesezi.dll
[2009/01/26 18:27:17 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\pewibedi.dll
[2009/01/26 18:27:16 | 00,082,432 | -HS- | C] () -- C:\WINDOWS\System32\yisomuhe.dll
[2009/01/26 08:14:11 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\tonojopu.dll
[2009/01/26 08:14:11 | 00,080,384 | ---- | C] () -- C:\WINDOWS\System32\luwofova.dll
[2009/01/25 20:13:57 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\lumuzasu.dll
[2009/01/25 20:13:57 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\nikadeho.dll
[2009/01/25 20:13:57 | 00,049,664 | -HS- | C] () -- C:\WINDOWS\System32\zeguzade.dll
[2009/01/25 08:14:31 | 00,082,944 | -HS- | C] () -- C:\WINDOWS\System32\tuyuvela.dll
[2009/01/25 08:14:31 | 00,081,408 | ---- | C] () -- C:\WINDOWS\System32\zujerabe.dll
[2007/08/26 21:45:44 | 00,438,272 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib_dec.dll
[2007/08/23 20:48:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2007/04/17 16:56:04 | 00,004,392 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/04/17 16:56:04 | 00,000,104 | RHS- | C] () -- C:\WINDOWS\System32\27DD8E1676.sys
[2006/01/31 10:29:56 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/01/31 10:13:10 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/01/31 09:53:18 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/01/31 09:53:12 | 00,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 14:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:51:28 | 00,000,617 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/10 13:51:26 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/08/10 13:51:15 | 00,212,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndis.sys
========== Files - Modified Within 30 Days ==========
[15 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/02 01:59:29 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\sodavodu
[2009/05/02 01:59:19 | 00,100,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\f26e4bb2.sys
[2009/05/02 01:59:19 | 00,100,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\a685789e.sys
[2009/05/02 01:59:19 | 00,097,020 | ---- | M] () -- C:\WINDOWS\System32\drivers\b4d325ba.sys
[2009/05/02 01:59:17 | 00,100,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\c7b7132f.sys
[2009/05/02 01:59:17 | 00,093,052 | ---- | M] () -- C:\WINDOWS\System32\drivers\f6f9037e.sys
[2009/05/02 01:55:00 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{095775D4-EC01-49C4-8E44-5A922ADFEB64}.job
[2009/05/02 01:52:48 | 00,212,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndis.sys
[2009/05/02 01:52:48 | 00,212,224 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/05/02 01:43:13 | 00,101,888 | ---- | M] () -- C:\ohkbrkoo.exe
[2009/05/02 01:43:10 | 00,000,705 | ---- | M] () -- C:\xmrgycj.exe
[2009/05/02 01:43:05 | 00,000,002 | ---- | M] () -- C:\-130035190
[2009/05/02 01:42:47 | 00,007,680 | ---- | M] () -- C:\okex.exe
[2009/05/02 01:42:37 | 00,113,664 | ---- | M] () -- C:\xipr.exe
[2009/05/02 01:42:37 | 00,113,664 | ---- | M] () -- C:\WINDOWS\System32\azton.mt
[2009/05/02 01:41:58 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009/05/02 01:41:55 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/02 01:41:53 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Matt\Local Settings\desktop.ini
[2009/05/02 01:29:05 | 00,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1008038488-4230078294-407686965-1010.job
[2009/05/02 00:52:18 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\ferryl.cbv
[2009/05/02 00:52:18 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\inqby.sr
[2009/05/02 00:52:17 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\fairy.an
[2009/05/02 00:52:17 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\dolman.zt
[2009/05/02 00:52:16 | 00,079,360 | ---- | M] () -- C:\WINDOWS\System32\ashl.nq
[2009/05/02 00:49:21 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/02 00:49:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/02 00:39:57 | 00,286,208 | ---- | M] () -- C:\05ne2u6q.exe
[2009/05/02 00:37:07 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matt\Desktop\OTListIt2.exe
[2009/05/02 00:08:55 | 00,000,000 | ---- | M] () -- C:\WINDOWS\st_1241241976.exe
[2009/05/02 00:08:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\st_1241240974.exe
[2009/05/02 00:01:58 | 00,014,848 | ---- | M] () -- C:\WINDOWS\System32\DL32.exe
[2009/05/02 00:01:52 | 00,014,336 | -H-- | M] () -- C:\WINDOWS\ld08.exe
[2009/05/02 00:01:50 | 00,101,888 | ---- | M] () -- C:\wwmeoblk.exe
[2009/05/02 00:01:44 | 00,000,705 | ---- | M] () -- C:\pdtivk.exe
[2009/05/02 00:01:38 | 00,007,680 | ---- | M] () -- C:\celkadaa.exe
[2009/05/02 00:01:36 | 00,113,664 | ---- | M] () -- C:\kggi.exe
[2009/05/02 00:01:33 | 00,015,000 | ---- | M] () -- C:\WINDOWS\System32\sjg9s8guigjs.dll
[2009/05/02 00:01:29 | 00,083,456 | -HS- | M] () -- C:\WINDOWS\System32\zijodope.dll
[2009/05/02 00:01:29 | 00,081,920 | -HS- | M] () -- C:\WINDOWS\System32\beruvufi.dll
[2009/05/02 00:01:29 | 00,009,216 | ---- | M] () -- C:\WINDOWS\instsp2.exe
[2009/05/01 14:08:14 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/01 12:23:16 | 01,407,011 | -HS- | M] () -- C:\WINDOWS\System32\uholoril.ini
[2009/05/01 12:01:21 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\diyusivo.dll.vir
[2009/05/01 12:01:20 | 00,080,896 | -HS- | M] () -- C:\WINDOWS\System32\lirolohu.dll
[2009/05/01 12:01:19 | 00,047,104 | -HS- | M] () -- C:\WINDOWS\System32\lapilivo.exe
[2009/05/01 04:24:24 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
[2009/05/01 03:02:36 | 00,000,001 | -H-- | M] () -- C:\WINDOWS\msmark2.dat
[2009/05/01 03:02:35 | 00,000,002 | -H-- | M] () -- C:\WINDOWS\t55ft2695f44.dat
[2009/05/01 03:00:00 | 00,000,494 | ---- | M] () -- C:\WINDOWS\tasks\AdwareAlert Scheduled Scan.job
[2009/05/01 02:23:07 | 01,434,355 | -HS- | M] () -- C:\WINDOWS\System32\akeyawab.ini
[2009/05/01 01:02:33 | 00,010,752 | -H-- | M] () -- C:\WINDOWS\pp06.exe
[2009/05/01 01:02:33 | 00,000,001 | ---- | M] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/05/01 01:02:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\mqcd.dbt
[2009/05/01 01:02:28 | 00,000,002 | -H-- | M] () -- C:\WINDOWS\t55ft2692f44.dat
[2009/05/01 01:01:44 | 00,051,200 | -HS- | M] () -- C:\WINDOWS\System32\likibefi.dll
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xzabr
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\user32.DLL
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jvmfo
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jcpsfz
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\giobqtyci
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gdaas
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\epakjum
[2009/05/01 01:01:28 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/05/01 01:01:27 | 00,262,144 | ---- | M] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/05/01 00:01:19 | 00,081,408 | -HS- | M] () -- C:\WINDOWS\System32\nugedezo.dll
[2009/05/01 00:01:15 | 00,082,432 | -HS- | M] () -- C:\WINDOWS\System32\muhoyawa.dll
[2009/05/01 00:01:15 | 00,047,104 | -HS- | M] () -- C:\WINDOWS\System32\yisusasi.exe
[2009/04/30 12:01:20 | 01,434,346 | -HS- | M] () -- C:\WINDOWS\System32\eyidekoz.ini
[2009/04/30 12:00:55 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\kezolape.dll.vir
[2009/04/30 12:00:55 | 00,081,408 | ---- | M] () -- C:\WINDOWS\System32\bawayeka.dll
[2009/04/29 21:47:19 | 00,000,896 | ---- | M] () -- C:\Documents and Settings\Matt\My Documents\My Sharing Folders.lnk
[2009/04/29 21:35:12 | 00,001,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Age of Empires III.lnk
[2009/04/29 18:38:15 | 17,894,21568 | ---- | M] () -- C:\Documents and Settings\Matt\My Documents\Age Of Empires 3 full DVD +crack + serial.iso
[2009/04/29 18:30:35 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\zokediye.dll
[2009/04/29 18:30:31 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\yojokeri.exe
[2009/04/29 18:30:30 | 00,083,456 | -HS- | M] () -- C:\WINDOWS\System32\wafujode.dll
[2009/04/29 17:34:55 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/29 15:09:42 | 00,313,335 | ---- | M] () -- C:\Documents and Settings\Matt\Desktop\RGT42DXWH-8c8303bf62f4c57f112f711cbe61ceb3.jpg
[2009/04/29 13:42:25 | 01,434,355 | -HS- | M] () -- C:\WINDOWS\System32\iwaroyiv.ini
[2009/04/29 06:28:36 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\zosamulo.dll
[2009/04/29 01:59:36 | 00,017,525 | ---- | M] () -- C:\Documents and Settings\Matt\My Documents\Age Of Empires 3 full DVD +crack + serial.iso.torrent
[2009/04/28 18:49:43 | 01,434,346 | -HS- | M] () -- C:\WINDOWS\System32\epihufow.ini
[2009/04/28 18:28:04 | 00,082,432 | -HS- | M] () -- C:\WINDOWS\System32\gagagude.dll
[2009/04/28 12:37:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/28 06:49:18 | 01,434,346 | -HS- | M] () -- C:\WINDOWS\System32\unuwasem.ini
[2009/04/28 06:27:52 | 00,083,456 | -HS- | M] () -- C:\WINDOWS\System32\vopepimi.dll
[2009/04/28 06:27:52 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\mesawunu.dll
[2009/04/27 22:44:48 | 00,002,237 | ---- | M] () -- C:\Documents and Settings\Matt\Desktop\Google Chrome.lnk
[2009/04/27 18:50:48 | 01,407,011 | -HS- | M] () -- C:\WINDOWS\System32\obufejaw.ini
[2009/04/27 18:27:49 | 00,081,920 | ---- | M] () -- C:\WINDOWS\System32\wajefubo.dll
[2009/04/27 18:27:48 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\jajakolo.dll
[2009/04/27 16:46:40 | 01,407,033 | -HS- | M] () -- C:\WINDOWS\System32\ujitorel.ini
[2009/04/27 06:27:38 | 00,082,432 | -HS- | M] () -- C:\WINDOWS\System32\fiwuwomi.dll
[2009/04/27 06:27:37 | 00,081,920 | ---- | M] () -- C:\WINDOWS\System32\lerotiju.dll
[2009/04/27 06:27:37 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\dozorenu.exe
[2009/04/26 20:26:36 | 01,407,024 | -HS- | M] () -- C:\WINDOWS\System32\izesepap.ini
[2009/04/26 20:14:14 | 00,082,432 | -HS- | M] () -- C:\WINDOWS\System32\pezetifu.dll
[2009/04/26 20:14:14 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\papesezi.dll
[2009/04/26 20:14:13 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\lurosuno.exe
[2009/04/26 18:48:53 | 01,407,024 | -HS- | M] () -- C:\WINDOWS\System32\idebiwep.ini
[2009/04/26 18:27:19 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\pewibedi.dll
[2009/04/26 18:27:18 | 00,082,432 | -HS- | M] () -- C:\WINDOWS\System32\yisomuhe.dll
[2009/04/26 18:27:18 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\yokahode.exe
[2009/04/26 08:35:34 | 01,407,024 | -HS- | M] () -- C:\WINDOWS\System32\avofowul.ini
[2009/04/26 08:14:12 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\tonojopu.dll
[2009/04/26 08:14:12 | 00,080,384 | ---- | M] () -- C:\WINDOWS\System32\luwofova.dll
[2009/04/26 08:14:12 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\tiwupeki.exe
[2009/04/25 20:35:40 | 01,407,024 | -HS- | M] () -- C:\WINDOWS\System32\ohedakin.ini
[2009/04/25 20:14:28 | 00,049,664 | -HS- | M] () -- C:\WINDOWS\System32\zeguzade.dll
[2009/04/25 20:14:00 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\lumuzasu.dll
[2009/04/25 20:13:59 | 00,046,592 | -HS- | M] () -- C:\WINDOWS\System32\kibajelu.exe
[2009/04/25 20:13:58 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\nikadeho.dll
[2009/04/25 08:37:19 | 01,407,020 | -HS- | M] () -- C:\WINDOWS\System32\ebarejuz.ini
[2009/04/25 08:14:34 | 00,081,408 | ---- | M] () -- C:\WINDOWS\System32\zujerabe.dll
[2009/04/25 08:14:33 | 00,082,944 | -HS- | M] () -- C:\WINDOWS\System32\tuyuvela.dll
[2009/04/25 08:14:33 | 00,047,616 | -HS- | M] () -- C:\WINDOWS\System32\bayoluda.exe
[2009/04/19 18:38:51 | 44,232,524 | ---- | M] () -- C:\Documents and Settings\Matt\My Documents\FlipVideoUpdater.exe
[2009/04/17 12:22:57 | 00,441,626 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/17 12:22:57 | 00,381,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/17 12:22:57 | 00,053,436 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/17 03:30:26 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/16 07:43:45 | 00,000,589 | ---- | M] () -- C:\WINDOWS\MusicStudio.INI
[2009/04/16 07:43:44 | 00,000,617 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/10 19:08:04 | 00,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/04/10 19:08:04 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/04/10 19:07:10 | 00,000,075 | -HS- | M] () -- C:\Documents and Settings\Matt\My Documents\desktop.ini
[2009/04/04 11:21:06 | 00,004,392 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/04/04 11:21:06 | 00,000,104 | RHS- | M] () -- C:\WINDOWS\System32\27DD8E1676.sys
========== LOP Check ==========
[2009/04/29 22:28:51 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/24 14:42:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/02/02 15:39:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/02/07 19:47:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2009/02/02 03:23:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009/02/02 14:45:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/02/02 14:47:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/02/06 21:14:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/02/02 14:30:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2009/02/02 23:37:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/02/07 10:50:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2006/01/31 10:19:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GTek
[2006/01/31 10:13:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009/02/05 17:34:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2009/03/18 17:58:25 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/02/14 14:57:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/02/07 19:43:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2009/02/06 21:39:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2007/08/22 18:32:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2004/08/10 14:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/02/02 03:11:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/03/16 06:27:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2006/01/31 10:12:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/11/11 13:44:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/03/18 17:57:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2009/04/05 05:12:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2009/04/29 22:26:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/04/29 02:06:31 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Matt\Application Data
[2009/04/27 20:29:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Adobe
[2009/02/04 01:10:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\AdobeUM
[2009/02/02 14:58:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\AdwareAlert
[2009/03/25 16:44:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Ahead
[2009/04/02 04:47:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Apple Computer
[2009/02/01 11:25:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Corel Photo Album
[2009/02/06 21:15:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\DAEMON Tools
[2009/02/06 21:16:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\DAEMON Tools Lite
[2009/02/06 21:15:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\DAEMON Tools Pro
[2009/04/14 13:22:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\FrostWire
[2009/02/06 03:16:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Google
[2009/02/02 14:30:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\GTek
[2004/08/10 14:08:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Identities
[2009/02/01 21:27:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Macromedia
[2009/04/29 22:33:44 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Matt\Application Data\Microsoft
[2009/02/14 14:57:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\NCH Swift Sound
[2009/02/01 19:44:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Opera
[2009/02/06 22:18:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Propellerhead Software
[2006/01/31 10:07:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Sun
[2006/01/31 10:15:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Symantec
[2009/02/14 14:17:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\The Ringtone Maker Plus
[2009/02/01 19:54:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\vlc
[2009/02/22 22:52:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\WinRAR
[2009/03/18 18:25:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Matt\Application Data\Yahoo!
[2009/05/01 03:00:00 | 00,000,494 | ---- | M] () -- C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job
[2009/04/28 12:37:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/05/02 01:29:05 | 00,000,922 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1008038488-4230078294-407686965-1010.job
[2009/05/02 01:41:58 | 00,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[2009/05/02 00:49:21 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/05/02 01:55:00 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{095775D4-EC01-49C4-8E44-5A922ADFEB64}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 32256 bytes -> C:\WINDOWS\system32\svchost.exe:ext.exe
< End of report >
EXTRAS!
*********************************************************************************************
OTListIt Extras logfile created on: 5/2/2009 1:42:43 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.2 Folder = C:\Documents and Settings\Matt\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.25 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 64.01% Memory free
1.86 Gb Paging File | 1.51 Gb Available in Paging File | 81.49% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 21.08 Gb Free Space | 29.51% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 37.24 Gb Total Space | 15.50 Gb Free Space | 41.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 1.80 Gb Total Space | 0.05 Gb Free Space | 2.73% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D967MC91
Current User Name: Matt
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"80:TCP" = 80:TCP:*:Enabled:DL32
"7171:TCP" = 7171:TCP:*:Enabled:DL32
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 (Microsoft Corporation)
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL File not found
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 File not found
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 (Microsoft Corporation)
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL File not found
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 File not found
C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser (Opera Software)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 File not found
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) File not found
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire File not found
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger File not found
C:\WINDOWS\explorer.exe:*:Enabled:Explorer (Microsoft Corporation)
C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon (Microsoft Corporation)
C:\kggi.exe:*:Disabled:kggi ()
C:\WINDOWS\ld08.exe:*:Enabled:ld08 ()
C:\Documents and Settings\Matt\Local Settings\Temp\1289437642.exe:*:Enabled:1289437642 ()
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe:*:Enabled:hpotdd01 (Hewlett-Packard)
C:\WINDOWS\system32\msiexec.exe:*:Enabled:msiexec (Microsoft Corporation)
C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2C0CD17D-0B06-4700-83FA-7344B868B0A2}" = Opera 9.63
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{503AA035-41E2-4858-B31F-1E49AC66C309}" = Norton Security Center
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C26B06A9-27BB-45B0-9873-9C623EC2BA38}" = iTunes
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CA0A1E54-CE0F-4366-B09C-A87B61DC5633}" = Symantec Network Drivers Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"3ivx MPEG-4 5.0.1 Decoder" = 3ivx MPEG-4 5.0.1 Decoder (remove only)
"Acoustica Beatcraft" = Acoustica Beatcraft
"Acoustica Effects Pack" = Acoustica Effects Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"iDump" = iDump (Build: 28)
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Magic ISO Maker v5.5 (build 0273)" = Magic ISO Maker v5.5 (build 0273)
"MAGIX Screenshare US" = MAGIX Screenshare 4.3.6.1987 (US)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Adapters and Drivers
"Reason4_is1" = Reason 4.0
"Samplitude Music Studio 14 Download version US" = Samplitude Music Studio 14 Download version 14.0.2.0 (US)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.2
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/2/2009 1:02:49 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:02:57 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:03:03 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:03:10 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:03:16 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:08:11 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:08:26 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:22:39 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:36:39 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
Error - 5/2/2009 1:36:52 AM | Computer Name = D967MC91 | Source = MsiInstaller | ID = 11706
Description = Product: WordPerfect Office 12 -- Error 1706.No valid source could
be found for product WordPerfect Office 12. The Windows Installer cannot continue.
[ System Events ]
Error - 5/2/2009 2:48:01 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:49:02 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:51:07 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:52:12 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:54:05 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:55:11 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:55:35 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 5/2/2009 2:57:09 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 2:58:15 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 5/2/2009 3:00:15 AM | Computer Name = D967MC91 | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
< End of report >
#4
Posted 01 May 2009 - 05:15 PM
kahdah
-
- Retired Staff
-
- 15,822 posts
GeekU Teacher
VIRUT Your System is infected with Virut!!
Virut is a file infecting virus which is able to modify itself each and every time it runs. In addition, when it infects, sometimes it will destroy the file it tries to latch onto.
For these reasons, you really can't truly fix Virut. You will need to format/reinstall the operating system on this machine.
More information:
http://free.avg.com/66558
There are bugs in the viral code. When the virus produces infected files, it also creates non-functional files that also contain the virus.
http://home.mcafee.c...aspx?key=143034
What this means is we cannot proceed with any sort of fix as your legitimate files have already been corrupted and this action is, unfortunately, irreversible. I apologize but there is nothing else I can do or advise to completely clear your machine. You must reformat your pc to rid yourself of this deadly virus.W32/Virut.h is a polymorphic, entry point obscuring (EPO) file infector with IRC bot functionality. It can accept commands to download other malware on the compromised machine.
It appends to the end of the last section of executable (PE) files an encrypted copy of its code. The decryptor is polymorphic and can be located either:
Immediately before the encrypted code at the end of the last section
At the end of the code section of the infected host in 'slack-space' (assuming there is any)
At the original entry point of the host (overwriting the original host code)
#5
Posted 01 May 2009 - 09:50 PM
helpme?
- Topic Starter
-
- Member
-
- 46 posts
Member
So by reformat you mean to do what?
#6
Posted 02 May 2009 - 05:41 AM
kahdah
-
- Retired Staff
-
- 15,822 posts
GeekU Teacher
This will explain it a bit better.
http://www.sharpened...r/answer.php?58
Here is a guide to use on how to do it.
http://www.geekstogo...ws-t173729.html
http://www.sharpened...r/answer.php?58
Here is a guide to use on how to do it.
http://www.geekstogo...ws-t173729.html
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
