Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Desktop Icons Flashing / Letters erase as typing

Started by marklmail , Dec 20 2009 11:12 AM

  • Please log in to reply

#1
marklmail
Posted 20 December 2009 - 11:12 AM

marklmail

    New Member

  • Member
  • Pip
  • 1 posts
Sorry I can't type more about my problem. THey letters keep disappearing. THANK YOU! My email is [email protected]

OTL Extras logfile created on: 12/20/2009 11:50:54 AM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 368.00 Mb Available Physical Memory | 36.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.97 Gb Total Space | 7.48 Gb Free Space | 5.19% Space Free | Partition Type: NTFS
Drive D: | 5.07 Gb Total Space | 0.61 Gb Free Space | 12.04% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-9K1AY6X2A2
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5900:TCP" = 5900:TCP:*:Enabled:@xpsp2res.dll,-22009
"6005:TCP" = 6005:TCP:*:Enabled:@xpsp2res.dll,-22009
"6006:TCP" = 6006:TCP:*:Enabled:@xpsp2res.dll,-22009
"6002:UDP" = 6002:UDP:*:Enabled:@xpsp2res.dll,-22009
"6003:UDP" = 6003:UDP:*:Enabled:@xpsp2res.dll,-22009
"6004:UDP" = 6004:UDP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5900:TCP" = 5900:TCP:*:Enabled:@xpsp2res.dll,-22009
"6005:TCP" = 6005:TCP:*:Enabled:@xpsp2res.dll,-22009
"6006:TCP" = 6006:TCP:*:Enabled:@xpsp2res.dll,-22009
"6002:UDP" = 6002:UDP:*:Enabled:@xpsp2res.dll,-22009
"6003:UDP" = 6003:UDP:*:Enabled:@xpsp2res.dll,-22009
"6004:UDP" = 6004:UDP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"#Windows#\slave.exe" = C:\WINDOWS\slave.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"%windir%\slave.exe" = %windir%\slave.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed -- File not found
"C:\Program Files\Common Files\AOL\1109249798\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1109249798\EE\AOLServiceHost.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" = C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe:*:Enabled:Dreamweaver MX 2004 -- (Macromedia, Inc.)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found
"#Windows#\slave.exe" = C:\WINDOWS\slave.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"%windir%\slave.exe" = %windir%\slave.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files\HiDownload\hidownload.exe" = C:\Program Files\HiDownload\hidownload.exe:*:Enabled:download rtsp/mms/http/ftp -- (HiDownload Software)
"C:\Program Files\Pando Networks\Pando\pando.exe" = C:\Program Files\Pando Networks\Pando\pando.exe:*:Disabled:pando -- File not found
"C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe:*:Enabled:QuickBooks 2007 Data Manager -- (iAnywhere Solutions, Inc.)
"C:\Program Files\Noguska\NolaPro\Apache\bin\Apache.exe" = C:\Program Files\Noguska\NolaPro\Apache\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\att-nap\McciBrowser.exe" = C:\Program Files\att-nap\McciBrowser.exe:*:Enabled:motivebrowser.exe -- (Motive Communications, Inc.)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files\ATT-HSI\McciBrowser.exe" = C:\Program Files\ATT-HSI\McciBrowser.exe:*:Enabled:motivebrowser.exe -- (Motive Communications, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01F9D88C-3C86-4E82-840A-101A3221F67A}" = Microsoft Money 2003
"{02B42D23-10F2-4862-ADA4-3DF1EA0021B2}" = Microsoft Money 2003 System Pack
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{098637A9-C208-4398-8374-853151D35200}" = SkinsHP2
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0D00056E-1A0A-4DDC-A81B-81581770DABA}" = Motorola mobile PhoneTools
"{0DCCE3F4-E888-40E8-8AE5-CF8058F25631}" = DVC5.1 Driver
"{11946FA8-329A-4DDF-B867-A32781FED8EE}" = HPImageZone
"{155FBB0D-0EE9-42D1-9E41-15E08F691033}" = Microsoft Producer for Microsoft Office PowerPoint 2003
"{158BC6C5-5950-4FDD-BE33-0294668923F2}" = Samsung DVC Media 5.1
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{262C7F33-8251-432E-88C1-E9F42A53F8F0}" = PDFill PDF Editor with FREE PDF Writer and Tools
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{27AE9A0B-DD59-402D-87A1-7D0128B7D372}" = MozyHome Remote Backup
"{2A267BC6-F77F-4DD4-825F-7AEB1F68B4B1}" = HpSdpAppCoreApp
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{3038191A-5316-4203-A57C-E8C144FA909F}" = Verint Codec Install
"{305B23E7-F8D8-4B92-83AA-5AE0D0090DE7}" = Unload
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{42948B02-7191-40CF-92AA-4E330869B28B}" = HPIZ Fix2
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{49672EC2-171B-47B4-8CE7-50D7806360D7}" = Windows Live Sign-in Assistant
"{4A0BB402-E957-4320-99D1-814322F8D8AD}" = Helix Producer Plus 9
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{55584E16-4D70-44EE-93DD-F144E8B7D4B7}" = QuickBooks Product Listing Service
"{5878FF02-3B8F-4309-B4E5-0D3DB6F2E8E6}" = iTunes
"{59D98250-CFEB-4A0B-A737-FC7CADE27852}" = CuteFTP 7 Home
"{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5C650855-4C2B-418F-A747-8B3D8E3FF2A8}" = TrayApp
"{5D7F0A0E-369E-46C0-9F99-FAB21A064781}" = HP Photo and Imaging 2.0 - Photosmart Cameras
"{6014A70F-D391-405E-A4C6-7BDE54250719}" = SnagIt 7
"{62B3B82F-B9B1-4D8C-B5D1-C3DAEA1F73AA}" = PhotoGallery
"{642B473F-2584-4C21-AB10-6D1EF28BD601}" = QuickProjects
"{6450335D-D87C-4003-812F-7E879866A74E}" = Business Plan Pro 2006
"{64887FC8-F0AD-42B5-B052-3E52D64CA4B3}" = Visual Communicator Bin Files
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69E6A869-8B59-4619-A9E9-58DDFA7C05B8}" = 3ds max 6
"{6E4D4E0B-02F6-46C1-BAE5-1B6B2E486A7B}" = Microsoft Office Live Meeting 2007
"{6E65247F-58F9-41CA-BE69-0316F7907170}" = Disc2Phone
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7279647E-8661-48DF-998E-E7DCC3E6955D}" = Microsoft Office Live Meeting 2005
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}" = ArcSoft ShowBiz 2
"{7BBD57D6-09B1-4CC3-9664-A0D53EE25247}" = PSShortcutsP
"{7E545666-F422-45FD-B3DF-C0B99A1A579F}" = QuickBooks Pro 2007
"{7F8D4C4E-EC31-4B5A-9DB6-1D74AD1209DA}" = Visual Communicator Studio
"{84464E93-0222-42E5-8CCE-A618F86210F3}" = SkinsHP1
"{84E5434D-6558-4BAB-BA44-E57D587FA14B}" = SeasideSoft Photo Resizer
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{8F7A4D82-B168-4F89-99C2-B9873EC877AF}" = HP Image Zone Express
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90260409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Web Components
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90529245-9C54-45B5-BBB3-B180CA04F248}" = Search Settings
"{90AD8C11-ED4A-4AE7-BB70-7740C452C999}" = Visual J# .NET Redistributable Package
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{939740B5-0064-4779-854A-8C1086181C05}" = Macromedia FreeHand MXa
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = RecordNow!
"{98386532-89B5-42FF-AC49-60C0D9DBD8B1}" = CreativeProjects
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD Player
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D8CC8C1-797F-46DB-88EE-ABB463258B29}" = Payroll SB 2006
"{9F59C3AE-81B0-4EF6-9762-D674BB079705}" = Nokia Software Updater
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Pro
"{B2D7CE29-614A-4ACC-8BFE-009EB3A244C9}" = Windows Defender
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{B9266252-00CB-4140-B740-DE88FC0F7609}" = hpmdtab
"{BAD00139-E284-4F6C-AA94-FB637462DEEB}" = Palo Alto Software's Application Manager 8.2
"{C224DBAC-57F4-40FD-BB83-09DB532CCD68}" = HPSystemDiagnostics
"{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}" = Microsoft Plus! Digital Media Edition
"{C98F2FE6-5AF5-11D6-8209-00D0B701C7B5}" = Terayon DOCSIS Modem
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB0888EE-96D8-4713-84DC-36462C33AEB4}" = Bazooka Scanner
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEA5EF64-B694-4B79-9A2C-0FF738906A1D}" = DriverGuide Toolkit
"{CF07F56D-F9FD-45CB-8E2B-48786B5B5723}" = Director
"{CFD1B282-555D-494d-8231-4175C2AF08C2}" = PrintScreen
"{E05895C5-FE97-4334-8D73-B0089FD07CE3}" = Multimedia Card Reader
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E583ED6F-BD99-4066-A420-C815BF692B69}" = Macromedia Fireworks MX 2004
"{E87F02CB-1B49-4E0B-93C2-1A8C6FFBD9AD}" = AutoPayrollTrial
"{EB807EB6-5179-48B7-98D4-7B4934A57A81}" = Documents To Go
"{ED3DE33F-B1C5-47BE-97B5-159F8C344092}" = ArcSoft ShowBiz DVD 2
"{EFCE5837-FC21-11D6-9D24-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_02
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F419D20A-7719-4639-8E30-C073A040D878}" = HP Deskjet Preloaded Printer Drivers
"{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}" = Palm Desktop by ACCESS
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Batch Converter" = Advanced Batch Converter
"AFPL Ghostscript 8.53" = AFPL Ghostscript 8.53
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"All ATI Software" = ATI - Software Uninstall Utility
"All To AVI VCD SVCD DVD MPEG Converter_is1" = All To AVI VCD SVCD DVD MPEG Converter 1.2
"Any Video Converter_is1" = Any Video Converter 2.5.6
"Athena" = WebCam for MSN Messenger
"ATI Display Driver" = ATI Display Driver
"ATT-SST" = AT&T Self Support Tool
"ATTToolbar" = AT&T Toolbar
"avast!" = avast! Antivirus
"AVG8Uninstall" = AVG 8.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Audio Tools 4.4_is1" = AVS Audio Tools version 4.4
"BellsouthHelpCenter4.0b_is1" = FastAccess® DSL Help Center 4.1
"bitRipper" = bitRipper
"CCleaner" = CCleaner (remove only)
"CdaC13Ba" = SafeCast Shared Components
"Citrix ICA Web Client" = MetaFrame Presentation Server Web Client for Win32
"DjVu" = Lizardtech DjVu Control (autoinstall)
"doPDF 5 printer_is1" = doPDF 5.0 printer
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows Driver Package - Nokia Modem (06/01/2009 4.1)
"Easy Screen Capture" = Easy Screen Capture
"ERUNT_is1" = ERUNT 1.1j
"ExpressBurn" = Express Burn
"EXPStudio's Audio Converter FREE" = EXPStudio's Audio Converter FREE
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)
"FileZilla Client" = FileZilla Client 3.0.8.1
"FormatFactory" = FormatFactory 1.70
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.6.0
"FTP Voyager_is1" = FTP Voyager 12.3
"HiDownload_is1" = HiDownload 5.2
"HijackThis" = HijackThis 1.99.1
"HP DeskScan II" = HP DeskScan II
"hp officejet g series 1107352594" = hp officejet g series
"HP Photo & Imaging" = HP Photo & Imaging 3.0
"HPTOOLKIT" = toolkit
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{E05895C5-FE97-4334-8D73-B0089FD07CE3}" = Multimedia Card Reader
"Instant CD & DVD Burner_is1" = Instant CD & DVD Burner
"Java Web Start" = Java Web Start
"kdx" = Secure Delivery
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Visual J# .NET Redistributable Package(ENU) v1.0.4205" = Microsoft Visual J# .NET Redistributable Package(ENU) v1.0.4205
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSN Music Assistant" = MSN Music Assistant
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Net Transport_is1" = Net Transport 1.87.258
"Nimo_CORP" = Nimo Lite Pack v1.0 (Remove Only)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"PdaNet_is1" = PdaNet 3.21 for Treo 650/680
"PdaReach_is1" = PdaReach 1.55
"PDF Editor 2" = PDF Editor 2
"PeerGuardian pr14_is1" = PeerGuardian v1.99 pr14
"Port Magic" = Pure Networks Port Magic
"Privacy Eraser Pro_is1" = Privacy Eraser Pro 4.02
"PS2" = PS2
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"RM Converter_is1" = RM Converter 1.40
"RM to AVI MPEG WMV VCD SVCD DVD Converter_is1" = RM to AVI MPEG WMV VCD SVCD DVD Converter 1.2.3
"Rm To AVI VCD SVCD DVD MPEG Converter Pro_is1" = Rm To AVI VCD SVCD DVD MPEG Converter Pro 1.3
"Shockwave" = Shockwave
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"Spyware Terminator_is1" = Spyware Terminator
"ST6UNST #1" = ScreenPrint32 v3.5
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"VerintCodecsWebInstall" = Verint Multimedia Support Package
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"WavePad" = WavePad Uninstall
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WebCEO55_is1" = Web CEO 6.5
"WGA" = Windows Genuine Advantage Validation Tool
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinMX" = WinMX
"WinPcapInst" = WinPcap 3.1 beta
"WinZip" = WinZip
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Xpress Mail Personal Edition" = Xpress Mail Personal Edition
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in
"Adobe Reader for Palm OS" = Adobe Reader for Palm OS, 3.05

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/17/2009 2:17:01 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: An internal certificate chaining error has occurred.

Error - 12/17/2009 2:17:01 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: An internal certificate chaining error has occurred.

Error - 12/19/2009 5:20:05 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/19/2009 5:20:05 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/19/2009 5:20:13 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.

Error - 12/19/2009 5:20:26 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 10.0.6856.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/19/2009 5:20:26 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 10.0.6856.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/19/2009 8:20:33 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 4530, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 12/19/2009 8:20:33 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 12/19/2009 8:20:37 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 4530, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

[ Media Center Events ]
Error - 3/19/2007 1:29:51 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 3/19/2007 1:29:51 PM. You may need to reschedule your recordings.

Error - 11/10/2007 11:43:17 AM | Computer Name = YOUR-9K1AY6X2A2 | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 11/10/2007 10:43:17 AM. You may need to reschedule your recordings.

Error - 2/22/2009 10:53:45 AM | Computer Name = YOUR-9K1AY6X2A2 | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 2/22/2009 9:53:45 AM. You may need to reschedule your recordings.

Error - 4/25/2009 8:53:30 AM | Computer Name = YOUR-9K1AY6X2A2 | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 4/25/2009 8:53:30 AM. You may need to reschedule your recordings.

Error - 9/21/2009 8:36:40 AM | Computer Name = YOUR-9K1AY6X2A2 | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 9/21/2009 8:36:40 AM. You may need to reschedule your recordings.

[ System Events ]
Error - 12/17/2009 12:33:11 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 12/17/2009 12:33:12 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 12/17/2009 12:33:13 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 12/17/2009 12:33:14 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 12/17/2009 12:33:15 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 12/17/2009 12:33:16 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 12/17/2009 12:33:17 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 12/17/2009 12:33:18 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 12/17/2009 12:33:19 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 12/17/2009 12:33:20 PM | Computer Name = YOUR-9K1AY6X2A2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\D.


< End of report >


12:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/200912:08 PM 12/20/2009OTL logfile created on: 12/20/2009 11:50:54 AM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 368.00 Mb Available Physical Memory | 36.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.97 Gb Total Space | 7.48 Gb Free Space | 5.19% Space Free | Partition Type: NTFS
Drive D: | 5.07 Gb Total Space | 0.61 Gb Free Space | 12.04% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-9K1AY6X2A2
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/12/20 11:49:55 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2009/11/24 18:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 18:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 18:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 18:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 18:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/07/04 14:04:12 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/07/04 14:04:07 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/06/09 15:41:55 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/05/26 07:57:44 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/05/02 08:56:58 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/03/08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/02/06 16:02:14 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/09/23 09:45:29 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe
PRC - [2008/09/06 15:09:14 | 00,413,696 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2008/05/09 11:36:36 | 00,606,720 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/04 09:00:12 | 05,701,632 | ---- | M] () -- C:\Program Files\Noguska\NolaPro\Apache\mysql\bin\mysqld-nt.exe
PRC - [2006/09/01 17:53:48 | 00,233,552 | ---- | M] (Trend Micro Inc.) -- C:\@\SeCURiTy\Trend Micro\OfficeScan\Client\OfcPfwSvc.exe
PRC - [2006/05/15 17:24:33 | 00,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/02/21 19:39:16 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2005/10/09 19:17:00 | 00,020,541 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Noguska\NolaPro\Apache\bin\Apache.exe
PRC - [2004/12/08 03:03:33 | 00,054,784 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2004/07/21 15:26:36 | 00,176,241 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
PRC - [2003/08/28 21:05:42 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe


========== Modules (SafeList) ==========

MOD - [2009/12/20 11:49:55 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (MpfService)
SRV - File not found [Auto | Stopped] -- -- (lxdu_device)
SRV - [2009/11/24 18:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 18:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 18:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 18:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/07/04 14:04:07 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/06/09 15:41:55 | 00,185,089 | ---- | M] (Avira GmbH) [Disabled | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/06/09 15:41:55 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/06/02 09:10:08 | 00,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/05/26 07:57:44 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/02/06 16:02:14 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/12/04 16:38:04 | 00,078,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Mozy\mozybackup.exe -- (MozyBackup)
SRV - [2008/09/23 09:45:29 | 00,303,104 | ---- | M] (Motive Communications, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService)
SRV - [2008/05/09 11:36:36 | 00,606,720 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2008/04/13 19:12:02 | 00,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation)
SRV - [2007/05/04 09:00:12 | 05,701,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Noguska\NolaPro\Apache\mysql\bin\mysqld-nt.exe -- (MySQLNoguskaNolaPro)
SRV - [2007/01/26 19:08:45 | 00,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2006/09/25 13:54:22 | 00,451,136 | ---- | M] (Apple Computer, Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2006/09/16 20:08:00 | 00,071,184 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2006/09/01 17:53:48 | 00,233,552 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\@\SeCURiTy\Trend Micro\OfficeScan\Client\OfcPfwSvc.exe -- (OfcPfwSvc)
SRV - [2006/09/01 17:41:12 | 00,618,584 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\@\SeCURiTy\Trend Micro\OfficeScan\Client\tmlisten.exe -- (tmlisten)
SRV - [2006/05/15 17:24:33 | 02,086,592 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/05/15 17:24:33 | 00,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/04/03 17:12:14 | 00,014,032 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/02/21 19:39:16 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2005/10/09 19:17:00 | 00,020,541 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\Noguska\NolaPro\Apache\bin\Apache.exe -- (ApacheNoguskaNolaPro)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/03/17 08:44:08 | 00,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2004/12/08 03:03:33 | 00,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2004/09/15 17:44:18 | 00,282,112 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\TraySoft\PhoneTray\PhoneTray.exe -- (PhoneTray)
SRV - [2004/07/21 15:26:36 | 00,176,241 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2004/07/15 00:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
SRV - [2004/04/21 21:10:00 | 00,516,096 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2004/02/03 09:07:32 | 00,086,016 | ---- | M] (NetGroup - Politecnico di Torino) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.713
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "local"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8080

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/07/17 13:17:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/19 19:06:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/19 19:06:34 | 00,000,000 | ---D | M]

[2009/06/23 09:23:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2009/12/20 10:51:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\fi2cgy5n.default\extensions
[2009/06/08 09:54:23 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: (518810 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localmachine # ***Inserted By STOPzilla***
O1 - Hosts: 127.0.0.1 downloads.aaa1screensavers.com #[Bargin Buddy]
O1 - Hosts: 127.0.0.1 dl.aaascreensavers.com
O1 - Hosts: 127.0.0.1 abcsearch.com
O1 - Hosts: 127.0.0.1 admin.abcsearch.com
O1 - Hosts: 127.0.0.1 www3.abcsearch.com #[Browseraid]
O1 - Hosts: 127.0.0.1 www.abcsearch.com
O1 - Hosts: 127.0.0.1 abc517.net #[Trojan.Mitglieder.H]
O1 - Hosts: 127.0.0.1 absoluagency.com #[Trojan.StartPage.H]
O1 - Hosts: 127.0.0.1 acestats.com
O1 - Hosts: 127.0.0.1 www.acestats.com
O1 - Hosts: 127.0.0.1 actualnames.com #[Parasite.ActualNames][Spyware.ActualNames]
O1 - Hosts: 127.0.0.1 www.actualnames.com
O1 - Hosts: 127.0.0.1 ad-up.com
O1 - Hosts: 127.0.0.1 www.ad-up.com
O1 - Hosts: 127.0.0.1 adatom.com
O1 - Hosts: 127.0.0.1 aesp.adatom.com
O1 - Hosts: 127.0.0.1 adbest.com
O1 - Hosts: 127.0.0.1 adserv.adbonus.com
O1 - Hosts: 127.0.0.1 www.adbonus.com
O1 - Hosts: 127.0.0.1 ad2.adcept.net
O1 - Hosts: 127.0.0.1 ad3.adcept.net
O1 - Hosts: 127.0.0.1 www.adcept.net
O1 - Hosts: 127.0.0.1 adcomplete.com
O1 - Hosts: 127.0.0.1 www.adcomplete.com
O1 - Hosts: 16516 more lines...
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll (Google Inc.)
O2 - BHO: (NTIECatcher Class) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll (Xi)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll (Vendio Services, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 34 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} https://costax.net/o...ll/WinNTChk.cab (ObjWinNTCheck Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} http://housecall-bet...all/xscan60.cab (HouseCall Control)
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} https://costax.net/o...ll/setupini.cab (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class)
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} https://costax.net/o...stall/setup.cab (OfficeScan Corp Edition Web-Deployment SetupCtrl Class)
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://www.lizardtec...ntrol_en_US.cab (DjVuCtl Class)
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternati.../00/alttiff.cab (AlternaTIFF ActiveX)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} http://protect.micro...b?1098314407703 (MSSecurityAdvisor Class)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} http://www.symantec....sa/LSSupCtl.cab (LSSupCtl Class)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://www.runaware....phin/wficat.cab (Citrix ICA Client)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} http://software-dl.r...ip/RdxIE601.cab (Reg Error: Key error.)
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} https://costax.net/o.../RemoveCtrl.cab (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1244058373109 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} http://ftp.hp.com/pu...er/isetupML.cab (InstallShield International Setup Player)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1....loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {C1A30C78-808C-4ADF-B5EF-27F164626548} file:///C:/Documents%20and%20Settings/Administrator/Local%20Settings/Temp/VerintPlayback.cab (SamuraiCtrl Class)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.1_02)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} http://www.symantec....sa/SymAData.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://unicacorp.we...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {F7A05BAC-9778-410A-9CDE-BFBD4D5D2B7F} http://216.249.24.62...geWell-ipix.cab (iPIX Media Send Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {F89688C0-370E-4E5D-A473-299B383A41E5} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/15 20:31:51 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 03:02:32 | 00,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2003/12/08 14:52:46 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - C:\WINDOWS\system32\nwwks.dll (Microsoft Corporation)
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17173478272663552)

========== Files/Folders - Created Within 14 Days ==========

[2009/12/20 11:49:44 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/12/19 20:21:06 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/12/19 20:21:06 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/12/19 20:21:05 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/12/19 20:21:00 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/12/19 20:21:00 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/12/19 20:21:00 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/12/19 20:21:00 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/12/19 20:21:00 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/12/19 20:20:39 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/12/19 20:20:33 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/12/19 19:56:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/19 19:55:36 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/19 19:54:49 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/12/19 19:49:52 | 00,410,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\TFC.exe
[2009/12/19 19:09:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\ArcSoft
[2009/12/19 19:08:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\WinBatch
[2009/12/19 19:08:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[2009/12/19 19:08:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\U3
[2009/12/17 11:23:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\New Folder(2)
[2009/12/09 18:33:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/12/07 14:40:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
[2009/12/07 14:40:11 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/11/02 12:59:15 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/08/03 18:27:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/06/23 09:25:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/04/25 18:42:39 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/04/25 18:42:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/11/14 12:40:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/05/22 13:27:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2007/02/28 01:36:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
[2007/01/04 13:19:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help
[2007/01/04 13:19:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Help
[2006/12/11 20:26:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL

========== Files - Modified Within 14 Days ==========

[2009/12/20 11:49:55 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/12/20 11:48:06 | 00,525,256 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/20 11:48:06 | 00,107,012 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/20 11:48:04 | 00,642,474 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/20 11:46:45 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/20 11:43:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/20 11:43:22 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/20 11:43:19 | 10,731,39712 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/20 11:31:42 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/12/20 11:18:17 | 00,103,080 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/12/20 11:13:46 | 00,331,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/20 11:04:55 | 00,001,867 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/20 10:55:48 | 09,736,192 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2009/12/20 10:55:48 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2009/12/19 20:21:07 | 00,001,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/12/19 20:21:00 | 00,002,677 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/12/19 19:57:01 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/19 19:55:41 | 00,000,622 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/12/19 19:55:40 | 00,000,603 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/12/19 19:54:52 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Administrator\Desktop\SysRestorePoint.exe
[2009/12/19 19:50:00 | 00,410,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\TFC.exe
[2009/12/19 18:35:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/12/18 12:58:49 | 00,021,635 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MYMRelease121809.pdf
[2009/12/18 12:40:11 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/16 09:13:08 | 00,033,159 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Ameriprise PA.pdf
[2009/12/15 11:24:48 | 00,293,376 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.exe
[2009/12/14 18:24:16 | 00,066,512 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\nikon_001.jpg
[2009/12/13 19:02:13 | 00,000,406 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20091213_190209.reg
[2009/12/11 18:01:05 | 00,003,986 | ---- | M] () -- C:\WINDOWS\mozy.blk
[2009/12/11 18:01:05 | 00,003,762 | ---- | M] () -- C:\WINDOWS\mozy.flt
[2009/12/10 17:28:29 | 00,001,346 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20091210_172825.reg
[2009/12/08 12:34:20 | 00,027,694 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\woman2.jpg
[2009/12/08 12:13:33 | 00,020,338 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\woman1.gif
[2009/12/08 07:58:19 | 00,013,283 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\m&a_001.jpg
[2009/12/07 17:06:44 | 00,000,948 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20091207_170638.reg
[2009/12/07 15:16:39 | 01,863,660 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\CIMG6539.JPG

========== Files Created - No Company Name ==========

[2009/12/20 10:57:56 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/12/19 20:21:07 | 00,001,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/12/19 20:20:39 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/12/19 19:55:41 | 00,000,622 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/12/19 19:55:40 | 00,000,603 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/12/18 12:16:17 | 00,021,635 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MYMRelease121809.pdf
[2009/12/16 09:03:17 | 00,033,159 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Ameriprise PA.pdf
[2009/12/15 11:24:48 | 00,293,376 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.exe
[2009/12/14 18:24:15 | 00,066,512 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\nikon_001.jpg
[2009/12/13 19:02:12 | 00,000,406 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20091213_190209.reg
[2009/12/10 17:28:27 | 00,001,346 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20091210_172825.reg
[2009/12/08 12:34:44 | 00,027,694 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\woman2.jpg
[2009/12/08 12:14:06 | 00,020,338 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\woman1.gif
[2009/12/08 07:54:46 | 00,013,283 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\m&a_001.jpg
[2009/12/07 17:06:40 | 00,000,948 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20091207_170638.reg
[2009/12/07 15:16:22 | 01,863,660 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\CIMG6539.JPG
[2008/05/15 20:51:37 | 00,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2008/04/22 07:11:18 | 00,216,304 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008/03/03 15:12:52 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2007/08/23 17:51:37 | 00,000,006 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/02/04 00:33:21 | 00,007,903 | ---- | C] () -- C:\WINDOWS\cfgall.ini
[2007/01/31 15:02:09 | 00,002,352 | ---- | C] () -- C:\WINDOWS\KeePass.ini
[2007/01/08 17:26:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/01/02 13:28:30 | 00,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/01/02 13:18:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2006/10/12 08:29:33 | 00,000,080 | RHS- | C] () -- C:\WINDOWS\System32\BD61C95466.dll
[2006/09/19 09:16:33 | 02,198,024 | ---- | C] () -- C:\Program Files\pdfedit!.exe
[2006/05/06 17:38:55 | 00,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2006/05/06 11:42:51 | 00,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/03/09 19:33:39 | 00,000,156 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2005/03/03 09:15:49 | 00,061,678 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PFP120JPR.{PB
[2005/03/03 09:15:49 | 00,012,358 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PFP120JCM.{PB
[2005/03/03 09:15:40 | 00,000,152 | RHS- | C] () -- C:\WINDOWS\System32\BD61C95466.sys
[2005/03/03 09:15:31 | 00,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/02/24 07:53:08 | 00,000,101 | ---- | C] () -- C:\WINDOWS\upst.ini
[2005/02/24 07:53:08 | 00,000,030 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/02/17 03:12:54 | 00,025,157 | ---- | C] () -- C:\WINDOWS\RMAgentOutput.dll
[2005/02/17 03:12:00 | 00,126,976 | ---- | C] () -- C:\WINDOWS\dllTSCLIBMT.dll
[2005/02/02 08:56:36 | 00,002,737 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2005/02/02 08:55:47 | 00,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2005/01/25 17:16:49 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\SDVC03.drv
[2004/12/21 16:12:49 | 00,000,600 | ---- | C] () -- C:\WINDOWS\abc.INI
[2004/12/09 06:02:00 | 00,000,504 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/28 11:07:06 | 00,006,812 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2004/11/27 21:40:30 | 00,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2004/10/20 16:15:13 | 00,000,156 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/10/01 17:33:46 | 00,000,679 | ---- | C] () -- C:\WINDOWS\TSC.ini
[2004/05/27 15:49:38 | 00,016,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\P2k.sys
[2004/03/25 18:53:48 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\TTSServer.dll
[2004/03/25 18:50:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Setup32.INI
[2004/03/18 11:50:52 | 00,000,896 | ---- | C] () -- C:\WINDOWS\System32\hpsj16.dll
[2004/03/18 11:50:52 | 00,000,687 | ---- | C] () -- C:\WINDOWS\System32\drivers\hpscan16.sys
[2004/03/18 11:50:51 | 00,000,057 | ---- | C] () -- C:\WINDOWS\HPDS23.INI
[2004/03/18 11:40:21 | 00,000,520 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2004/03/14 14:03:02 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\FTPStubInstUtils.dll
[2004/03/04 09:43:40 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\SN4Codec.dll
[2004/01/23 10:38:03 | 00,001,191 | ---- | C] () -- C:\WINDOWS\WTAPI.INI
[2004/01/23 10:37:54 | 00,016,384 | ---- | C] () -- C:\WINDOWS\hpu.dll
[2004/01/23 10:37:45 | 00,000,482 | ---- | C] () -- C:\WINDOWS\WINHELP.INI
[2004/01/15 06:01:00 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2004/01/07 20:31:20 | 00,000,030 | ---- | C] () -- C:\WINDOWS\Showbiz20.ini
[2003/12/30 16:34:44 | 00,000,027 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/12/26 01:24:01 | 00,002,389 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2003/11/12 03:54:00 | 01,243,136 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll
[2003/11/12 03:54:00 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/09/17 21:00:37 | 00,000,196 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
[2003/09/17 19:43:30 | 00,185,856 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/08/26 21:22:43 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/08/16 00:30:08 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/08/16 00:29:47 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2003/08/16 00:29:47 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/08/16 00:22:46 | 00,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/08/16 00:14:14 | 00,025,449 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2003/08/16 00:13:42 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/08/16 00:13:08 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/08/15 23:55:23 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2003/08/15 23:33:36 | 00,000,504 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2003/08/15 23:24:16 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/08/15 22:39:52 | 00,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/08/15 22:39:52 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/08/15 22:39:32 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/08/15 20:36:19 | 00,000,813 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/08/15 20:17:54 | 00,000,667 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/08/06 04:33:22 | 00,000,164 | ---- | C] () -- C:\WINDOWS\System32\psyswin32.dll
[2003/07/29 21:39:24 | 00,473,088 | ---- | C] () -- C:\WINDOWS\System32\HDBHO.dll
[2003/07/27 12:35:00 | 00,020,480 | ---- | C] () -- C:\WINDOWS\yhl.dll
[2003/07/17 14:53:50 | 00,468,480 | ---- | C] () -- C:\WINDOWS\System32\NMDll.dll
[2003/06/23 20:27:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/06/08 23:20:00 | 00,007,168 | ---- | C] () -- C:\WINDOWS\lq.dll
[2003/05/09 10:06:28 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\tjpegcodec.dll
[2003/02/26 15:47:14 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\MimicICM.dll
[2002/12/12 09:14:32 | 00,257,024 | ---- | C] () -- C:\WINDOWS\System32\qcap(2).dll
[2002/12/12 09:14:32 | 00,132,096 | ---- | C] () -- C:\WINDOWS\System32\devenum(3).dll
[2002/12/12 09:14:32 | 00,132,096 | ---- | C] () -- C:\WINDOWS\System32\devenum(2).dll
[2002/12/12 09:14:32 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2002/11/20 18:51:34 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\win2000.dll
[2002/11/01 16:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 15:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2002/05/24 10:00:00 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2002/05/24 10:00:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2002/04/21 13:30:14 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/04/01 17:16:30 | 00,454,656 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002/04/01 17:16:14 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/04/01 17:15:40 | 00,011,264 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001/12/14 13:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[1999/07/23 13:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/27 12:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 06:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2008/10/25 10:19:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\5600-6600 Series
[2009/11/17 13:04:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Any Video Converter
[2009/08/13 13:23:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ATTToolbar
[2007/12/22 13:34:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVSMedia
[2007/08/16 21:44:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DeepBurner
[2008/03/20 18:22:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FileZilla
[2004/11/11 23:25:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FotoWire
[2006/02/03 12:30:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GlobalSCAPE
[2006/08/14 17:00:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GoMeeting
[2007/01/02 13:02:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\HotSync
[2006/03/19 15:23:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICAClient
[2009/04/19 10:14:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\IEPro
[2005/10/25 10:16:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Image Zone Express
[2004/08/27 13:37:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Interact Commerce
[2004/10/21 11:59:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\InterVideo
[2004/08/27 09:52:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Kazaa Lite
[2005/01/15 18:22:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Kontiki
[2007/01/02 13:17:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2008/10/25 08:27:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Lexmark Productivity Studio
[2009/04/19 10:36:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MiniDm
[2007/05/26 14:30:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
[2009/07/17 13:29:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nokia
[2003/09/17 19:49:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Otto
[2006/03/25 15:34:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Palo Alto Software
[2009/07/17 13:29:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PC Suite
[2008/02/13 16:10:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Qtrax1
[2006/07/26 12:19:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\RelevantReach
[2006/03/20 14:40:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\RhinoSoft.com
[2003/08/16 00:14:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2007/12/22 12:15:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Search Settings
[2006/07/25 09:05:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SolidDocuments
[2009/12/19 14:47:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
[2005/10/19 07:57:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\STOPzilla!
[2003/12/14 18:45:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Template
[2008/11/25 20:19:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2007/03/19 14:09:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Viewpoint
[2008/05/15 20:51:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\webex
[2009/12/19 19:08:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinBatch
[2006/07/26 12:19:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Zeon
[2008/10/24 14:46:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\5600-6600 Series
[2009/03/19 14:13:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2009/08/13 13:23:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTToolbar
[2004/12/08 03:02:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2007/09/07 23:11:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2006/03/04 19:13:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2007/08/17 08:07:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2007/02/27 13:45:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DataViz
[2007/01/02 13:03:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2009/07/17 13:14:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/11/09 11:35:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kazaa Lite
[2007/12/22 13:05:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/06/23 18:20:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/07/17 07:03:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2003/09/17 19:49:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Otto
[2006/03/25 15:25:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Palo Alto Software
[2006/03/25 15:23:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PAS
[2009/07/17 13:27:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/03/27 11:24:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlotSoft
[2006/08/14 17:02:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2006/07/25 08:54:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments
[2008/02/02 09:03:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SongbirdVLC
[2009/12/19 19:12:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2008/03/01 23:41:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/01/24 13:18:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/12/19 19:00:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/12/19 18:35:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2005/12/06 11:29:56 | 00,010,920 | ---- | M] () -- C:\aolconnfix.exe
[2003/12/31 15:57:47 | 02,766,874 | ---- | M] () -- C:\rmtoavi(1).exe
[2004/03/18 01:27:05 | 02,766,956 | ---- | M] () -- C:\rmtoavi.exe


< MD5 for: AGP440.SYS >
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 01:07:41 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2003/08/28 21:05:30 | 00,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtUninstallQ331958$\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:42 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 02:56:42 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 02:56:44 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 02:56:44 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Pictures\Soccer:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Pictures\Party:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Pictures\Janeesa:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Pictures\Christine:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Various Artists\Modern Jazz A Collection of Seattle's Finest Jazz - Volume One:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Various Artists\Digital Empire Studio Wars:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Various Artists:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Stinkhorn\Tunguska:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Stinkhorn:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Press the Green Button\MC:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Press the Green Button:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Mudhoney\Since We've Become Translucent:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Mudhoney:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Lagbaja\We Before Me:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Lagbaja:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Jovino Santos & Neto Quarteto\Caboclo:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Jovino Santos & Neto Quarteto:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Hot Hot Heat\Make Up the Breakdown:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Hot Hot Heat:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Atomic Babies\Unhyped:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINDOWS\system32\config\systemprofile\My Documents\My Music\Atomic Babies:AFP_AfpInfo
@Alternate Data Stream - 180 bytes -> C:\Documents and Settings\Administrator\My Documents\SpectrumRebuildShow14a.wmv:Mozy.RDADS
@Alternate Data Stream - 180 bytes -> C:\Documents and Settings\Administrator\My Documents\SpectrumRebuildShow14.wmv:Mozy.RDADS
@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP