OTL logfile created on: 12/21/2009 2:00:47 AM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Jeremy\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
382.00 Mb Total Physical Memory | 94.00 Mb Available Physical Memory | 25.00% Memory free
919.00 Mb Paging File | 332.00 Mb Available in Paging File | 36.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 2.58 Gb Free Space | 4.62% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JER
Current User Name: Jeremy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2009/12/21 01:58:09 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy\Desktop\OTL.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/09/21 22:14:27 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/09/21 22:14:27 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/09/13 18:52:50 | 01,048,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2009/07/02 17:36:52 | 00,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/03/08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/04/13 19:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/28 13:30:48 | 00,936,960 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2007/06/25 09:34:58 | 00,082,608 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 3400 Series\ezprint.exe
PRC - [2007/06/25 09:34:56 | 00,291,504 | ---- | M] () -- C:\Program Files\Lexmark 3400 Series\lxcymon.exe
PRC - [2007/06/20 05:28:56 | 00,537,264 | ---- | M] ( ) -- C:\WINDOWS\system32\lxcycoms.exe
PRC - [2007/05/23 09:12:46 | 01,314,816 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2007/01/04 17:13:54 | 00,240,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2006/12/06 07:12:20 | 00,282,624 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2006/12/05 18:38:58 | 00,707,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX3000.exe
PRC - [2006/10/23 07:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/09/25 19:52:48 | 00,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1156939992\ee\aolsoftware.exe
PRC - [2005/05/09 18:16:15 | 00,192,512 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe
PRC - [2005/04/11 12:00:00 | 00,339,968 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005/04/11 08:31:26 | 00,360,448 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2005/04/01 17:11:14 | 00,794,624 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
PRC - [2005/03/04 14:16:18 | 00,098,304 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\Shared\hpqwmi.exe
PRC - [2005/02/22 18:32:14 | 00,038,912 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005/02/02 07:12:22 | 00,102,492 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005/02/02 07:11:12 | 00,692,316 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2004/08/04 03:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2003/08/27 10:29:46 | 00,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
========== Modules (SafeList) ========== MOD - [2009/12/21 01:58:09 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy\Desktop\OTL.exe
MOD - [2005/02/02 07:12:14 | 00,069,724 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (iPodService)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/09/21 22:14:27 | 01,028,432 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/07/02 17:36:52 | 00,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2007/06/20 05:28:56 | 00,537,264 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxcycoms.exe -- (lxcy_device)
SRV - [2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007/01/04 17:13:54 | 00,240,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2006/10/23 07:50:35 | 00,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/04/11 08:31:26 | 00,360,448 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2005/03/04 14:16:18 | 00,098,304 | R--- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files\HPQ\Shared\hpqwmi.exe -- (hpqwmi)
SRV - [2005/02/22 18:32:14 | 00,038,912 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2003/08/27 10:29:46 | 00,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.my.yahoo.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {2E1AAFF1-3641-2B95-6123-3F71C605C3BE} - No CLSID value found.
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1156939992\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [lxcymon.exe] C:\Program Files\Lexmark 3400 Series\lxcymon.exe ()
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CyberDefender Early Detection Center] C:\Program Files\CyberDefender\AntiSpyware\cdasf9.exe (CyberDefender Corp.)
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (Sun Microsystems, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01}
http://site.ebrary.c...s/ebraryRdr.cab (Infotl Control)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.micros...tes/ieawsdc.cab (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0441781A-3075-4C8F-9FDB-A6BCAE8769A1}
http://downloads.com.../vmLauncher.cab (vmLaunch Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94}
http://pcpitstop.com...p/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/SCRABBLE/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1}
http://downloads.ewi...oOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}
http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}
http://photo.walgree...eensActivia.cab (Snapfish Activia)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
http://download.mcaf...01/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0}
http://upload.facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}
http://cdn.scan.onec...lscbase5036.cab (Windows Live Safety Center Base Module)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC}
http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913}
http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD}
http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389}
http://download.mcaf...,26/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/SCRABBLE/Images/armhelper.ocx (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044}
http://webcam1.pghar...activex/AMC.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{765f85ac-c572-11dc-89ae-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{765f85ac-c572-11dc-89ae-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{765f85ac-c572-11dc-89ae-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\Jeremy\Application Data\iolo\) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/04/29 22:41:02 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (52639325338206208)
========== Files/Folders - Created Within 14 Days ========== [2009/12/21 01:58:03 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeremy\Desktop\OTL.exe
[2009/12/21 01:18:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer
[2009/12/21 01:17:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/12/19 23:33:19 | 00,000,000 | ---D | C] -- C:\5a441410766cf4a51a7099
[2009/12/15 15:58:34 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/15 15:57:58 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2009/12/15 13:48:38 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Jeremy\Recent
[2009/12/15 13:44:03 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/12/15 05:41:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy\Application Data\Malwarebytes
[2009/12/15 05:41:08 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/15 05:40:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/12/15 05:40:54 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/15 05:40:52 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/15 04:34:22 | 00,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2009/12/15 04:34:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy\Application Data\Uniblue
[2009/12/15 04:34:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/12/15 04:31:57 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2009/12/12 09:35:01 | 00,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2009/12/12 09:35:01 | 00,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2009/12/12 09:35:00 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2009/12/12 09:34:59 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2009/12/12 09:34:59 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2009/12/12 09:34:58 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2009/12/12 09:34:56 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2009/12/12 09:34:56 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2009/12/12 09:34:54 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2009/12/12 09:34:53 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2009/12/12 09:34:52 | 00,053,248 | ---- | C] (
http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2009/12/12 09:32:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy\Desktop\SmitfraudFix
[2009/12/11 21:56:12 | 00,000,000 | ---D | C] -- C:\Program Files\CyberDefender
[2009/12/11 15:57:23 | 00,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/07/22 02:01:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/05/06 22:41:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/10/10 15:32:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google
[2008/03/23 09:00:00 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyinpa.dll
[2008/03/23 09:00:00 | 00,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyiesc.dll
[2008/03/23 09:00:00 | 00,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhcp.dll
[2008/03/23 08:59:59 | 01,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyserv.dll
[2008/03/23 08:59:59 | 00,995,328 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyusb1.dll
[2008/03/23 08:59:59 | 00,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyprox.dll
[2008/03/23 08:59:59 | 00,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypplc.dll
[2008/03/23 08:59:58 | 00,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypmui.dll
[2008/03/23 08:59:58 | 00,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcylmpm.dll
[2008/03/23 08:59:56 | 00,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhbn3.dll
[2008/03/23 08:59:54 | 00,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomc.dll
[2008/03/23 08:59:54 | 00,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomm.dll
[2007/12/25 05:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2007/07/12 11:31:44 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006/12/29 11:07:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2006/12/29 07:05:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL
[2006/04/13 03:11:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2005/04/29 22:40:57 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 14 Days ========== [2009/12/21 02:03:00 | 00,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/12/21 01:58:09 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy\Desktop\OTL.exe
[2009/12/21 01:41:47 | 00,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/12/21 01:33:33 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/21 01:31:23 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/21 01:30:55 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/21 01:30:42 | 40,113,3568 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/21 01:29:04 | 05,767,168 | -H-- | M] () -- C:\Documents and Settings\Jeremy\NTUSER.DAT
[2009/12/21 01:29:04 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Jeremy\ntuser.ini
[2009/12/21 01:25:45 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/12/21 00:07:23 | 00,000,951 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/20 22:39:43 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E8039235-C547-429E-801B-05C1AAAB5744}.job
[2009/12/18 16:53:28 | 00,209,408 | ---- | M] () -- C:\Documents and Settings\Jeremy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/18 00:28:50 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/16 23:15:06 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/12/15 15:58:36 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Jeremy\Desktop\HijackThis.lnk
[2009/12/15 15:58:26 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2009/12/15 05:41:18 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/15 03:38:23 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\Jeremy\Desktop\Christmas List.doc
[2009/12/12 10:10:05 | 00,003,622 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2009/12/11 21:57:19 | 00,000,222 | R--- | M] () -- C:\Documents and Settings\Jeremy\Desktop\PC Support.url
[2009/12/11 21:57:18 | 00,000,852 | R--- | M] () -- C:\Documents and Settings\Jeremy\Desktop\CyberDefender.lnk
[2009/12/10 03:35:21 | 00,462,426 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/10 03:35:20 | 00,079,650 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/10 03:35:16 | 00,551,500 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/07 10:03:21 | 00,294,912 | ---- | M] () -- C:\Documents and Settings\Jeremy\My Documents\Jeremy.fdy
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2009/12/21 01:25:43 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/12/15 15:58:36 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Jeremy\Desktop\HijackThis.lnk
[2009/12/15 05:41:17 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/14 03:39:54 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/12 09:41:11 | 00,003,622 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2009/12/12 09:34:57 | 00,075,776 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2009/12/12 09:34:55 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2009/12/12 09:34:54 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2009/12/11 21:57:19 | 00,000,222 | R--- | C] () -- C:\Documents and Settings\Jeremy\Desktop\PC Support.url
[2009/12/11 21:57:18 | 00,000,852 | R--- | C] () -- C:\Documents and Settings\Jeremy\Desktop\CyberDefender.lnk
[2009/11/28 01:41:06 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\Jeremy\Local Settings\Application Data\housecall.guid.cache
[2008/06/28 02:45:49 | 00,010,752 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/10 19:07:20 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/06/10 19:03:26 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/06/10 19:03:26 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/05/22 17:18:54 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/03/23 09:02:35 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcyvs.dll
[2008/03/23 09:02:30 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxcycoin.dll
[2008/03/23 09:01:27 | 00,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcydrs.dll
[2008/03/23 09:01:27 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcycaps.dll
[2008/03/23 09:01:26 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcycnv4.dll
[2008/03/23 09:00:00 | 00,274,432 | ---- | C] () -- C:\WINDOWS\System32\lxcyinst.dll
[2008/01/10 21:03:17 | 00,167,936 | R--- | C] () -- C:\WINDOWS\System32\GBInf.dll
[2007/12/25 05:11:34 | 00,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2007/07/26 22:28:32 | 00,000,045 | ---- | C] () -- C:\WINDOWS\System32\RPVersion.ini
[2007/07/24 14:47:31 | 00,015,498 | ---- | C] () -- C:\WINDOWS\VX3000.ini
[2007/06/29 11:46:39 | 00,000,035 | ---- | C] () -- C:\WINDOWS\DAVIDSON.INI
[2007/06/29 11:46:39 | 00,000,028 | ---- | C] () -- C:\WINDOWS\KIDPHON.INI
[2007/06/26 18:07:37 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/01/23 15:15:22 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2006/12/13 22:27:52 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2006/09/14 20:40:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2006/09/14 19:15:23 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL
[2006/08/05 07:13:44 | 00,000,032 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI
[2006/05/07 04:05:03 | 00,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/03/19 12:11:20 | 00,003,245 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2006/03/13 03:11:19 | 00,209,408 | ---- | C] () -- C:\Documents and Settings\Jeremy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/03/05 01:14:54 | 00,000,008 | ---- | C] () -- C:\Documents and Settings\Jeremy\Application Data\usb.dat.bin
[2006/03/03 12:02:04 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/03/03 11:57:37 | 00,000,952 | ---- | C] () -- C:\Documents and Settings\Jeremy\Application Data\wklnhst.dat
[2005/04/30 00:30:44 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/04/30 00:30:44 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/04/30 00:30:44 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/04/30 00:30:44 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/04/30 00:30:44 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/04/30 00:30:44 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/04/30 00:17:21 | 00,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/02/12 03:33:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/07 08:16:44 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 08:10:08 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/13 13:46:34 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2002/03/13 15:46:46 | 00,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll
[1999/01/22 13:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/08/16 05:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
========== LOP Check ========== [2009/02/20 02:59:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\16261
[2009/02/20 00:42:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\19251
[2009/02/10 06:42:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1A203
[2009/01/12 23:27:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\21A5
[2009/02/19 23:20:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4242
[2009/04/28 01:32:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A271
[2008/01/10 21:03:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Agilix
[2007/09/24 09:36:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/12/15 04:38:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2007/12/25 05:13:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2005/04/30 00:47:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/11/26 22:37:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2009/12/02 02:40:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2009/11/14 15:12:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/03/03 12:33:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/12/15 04:35:11 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2009/05/06 22:12:55 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2008/01/10 21:34:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Blackboard
[2008/06/24 07:46:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Comcast
[2006/08/05 07:38:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Earthlink
[2008/01/02 15:25:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\FrostWire
[2008/09/27 22:37:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\GetRightToGo
[2008/01/07 22:17:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\HorizonWimba
[2006/03/05 00:09:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\InterVideo
[2007/12/25 05:13:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\iolo
[2006/09/14 20:37:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Leadertech
[2009/12/02 02:41:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\LimeWire
[2006/08/05 07:01:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\MSNInstaller
[2006/09/14 20:39:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\muvee Technologies
[2009/10/02 11:59:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Participatory Culture Foundation
[2009/10/02 15:59:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\PCF-VLC
[2006/03/13 03:48:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\QuitCounter
[2007/12/05 19:02:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Snapfish
[2007/09/26 20:31:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\SpinTop
[2006/03/03 11:57:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Template
[2009/12/15 04:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Uniblue
[2006/09/06 19:49:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Walgreens
[2009/12/16 23:15:06 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/12/21 01:41:47 | 00,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/12/20 22:39:43 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E8039235-C547-429E-801B-05C1AAAB5744}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2006/03/04 10:17:50 | 00,010,920 | ---- | M] () -- C:\aolconnfix.exe
< MD5 for: AGP440.SYS >[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 19:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 03:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 03:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >[2004/08/04 03:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s > ========== Files - Unicode (All) ==========[2007/10/25 18:12:34 | 00,000,000 | ---D | M](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\Міcrosoft.NET
[2007/09/24 10:38:57 | 00,000,000 | ---D | M](C:\Program Files\A?pPatch) -- C:\Program Files\AрpPatch
[2007/09/24 10:38:57 | 00,000,000 | ---D | M](C:\Program Files\A?pPatch) -- C:\Program Files\AрpPatch
[2007/09/24 09:58:29 | 00,000,000 | ---D | M](C:\Program Files\A?pPatch\A?pPatch) -- C:\Program Files\AрpPatch\AрpPatch
[2007/09/24 09:58:26 | 00,000,000 | ---D | M](C:\WINDOWS\s?stem32) -- C:\WINDOWS\sуstem32
[2007/09/24 09:58:26 | 00,000,000 | ---D | C](C:\WINDOWS\s?stem32) -- C:\WINDOWS\sуstem32
[2007/09/22 09:38:36 | 00,000,000 | ---D | C](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\Міcrosoft.NET
(C:\Program Files\A?pPatch) -- C:\Program Files\AрpPatch
========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D5907B8
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Sign In
Create Account
