SweetTech, thank you for your assistance. I ran OTL as you required, however, the only output that I received was the OTL.Txt which I am including below. I will not run the next step GMER until I hear from you about the missing EXTRAS.Txt and why we would not get it and if we need it.
OTL logfile created on: 6/15/2010 5:50:46 PM - Run 2
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\HP_Owner\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
383.00 Mb Total Physical Memory | 142.00 Mb Available Physical Memory | 37.00% Memory free
921.00 Mb Paging File | 461.00 Mb Available in Paging File | 50.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.96 Gb Total Space | 113.80 Gb Free Space | 79.60% Space Free | Partition Type: NTFS
Drive D: | 6.07 Gb Total Space | 0.71 Gb Free Space | 11.72% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SCOTTPC1
Current User Name: HP_Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\HP_Owner\My Documents\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
PRC - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - c:\Program Files\Cisco Systems\VPN client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe (Hewlett-Packard)
PRC - C:\Program Files\BellSouth\Connection Manager\CManager.exe ()
PRC - C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
PRC - C:\Program Files\BroadJump\CorrectConnect Engine\CCD.exe ()
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\HP_Owner\My Documents\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\IObit\IObit Security 360\is360mon.dll (IObit)
MOD - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\asoehook.dll (Symantec Corporation)
MOD - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Documents and Settings\HP_Owner\Local Settings\Temp\IadHide5.dll (BackWeb)
========== Win32 Services (SafeList) ========== SRV - (IS360service) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe (Symantec Corporation)
SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (CVPND) -- c:\Program Files\Cisco Systems\VPN client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
========== Driver Services (SafeList) ========== DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100604.004\IDSXpx86.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100522.001\BHDrvx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100615.005\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100615.005\NAVENG.SYS (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SRTSPX.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\ccHPx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMDS.SYS (Symantec Corporation)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (SiSkp) -- C:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation)
DRV - (SiS315) -- C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (fasttx2k) -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys (Promise Technology, Inc.)
DRV - (Pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
DRV - (SISAGP) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\R8139n51.sys (Realtek Semiconductor Corporation )
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...m...tf8&oe=utf8IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.att.net/IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010/05/26 20:15:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010/02/28 16:14:51 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2010/06/15 17:41:01 | 000,000,022 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Fidelity CorpRAS VPN Client.lnk = C:\Program Files\Cisco Systems\VPN client\vpngui.exe (Cisco Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\Connection Manager.lnk = C:\Program Files\BellSouth\Connection Manager\CManager.exe ()
O4 - Startup: C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945}
http://static.ak.fac...fbootloader.cab (Reg Error: Value error.)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862}
https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.micros...b?1238545561109 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/12/09 12:19:54 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 22:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{6b31ffb0-8471-11d9-85a5-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{6b31ffb0-8471-11d9-85a5-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/11/10 21:36:12 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (63064005534547968)
========== Files/Folders - Created Within 30 Days ========== [2010/06/15 17:27:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Owner\Recent
[2010/06/15 16:26:03 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\My Documents\OTL.exe
[2010/06/15 15:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/06/15 11:01:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/15 11:01:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/15 09:17:25 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/06/15 09:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/06/13 21:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Redirect Removal Tool[1]
[2010/06/13 20:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\Application Data\Malwarebytes
[2010/06/13 20:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/13 20:28:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/13 12:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2010/06/13 12:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\Application Data\IObit
[2010/06/13 12:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/06/13 10:21:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\Application Data\Tific
[2010/06/05 14:10:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\Application Data\Facebook
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/06/15 17:41:01 | 000,000,022 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2010/06/15 17:35:12 | 008,912,896 | ---- | M] () -- C:\Documents and Settings\HP_Owner\NTUSER.DAT
[2010/06/15 16:26:20 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\My Documents\OTL.exe
[2010/06/15 16:00:32 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\HP_Owner\Desktop\HiJackThis.lnk
[2010/06/15 15:54:43 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/15 15:52:22 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/15 15:52:17 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/15 15:51:02 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\HP_Owner\ntuser.ini
[2010/06/15 15:50:23 | 010,069,490 | -H-- | M] () -- C:\Documents and Settings\HP_Owner\Local Settings\Application Data\IconCache.db
[2010/06/15 15:16:11 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\HP_Owner\Local Settings\Application Data\housecall.guid.cache
[2010/06/15 11:54:28 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/15 11:02:01 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/13 12:24:25 | 000,000,744 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IObit Security 360.lnk
[2010/06/13 12:15:30 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2010/06/13 09:57:21 | 000,000,731 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/13 09:57:21 | 000,000,281 | -HS- | M] () -- C:\boot.ini
[2010/06/13 09:57:21 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/12 20:43:42 | 000,007,162 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\cc_20100612_204324.reg
[2010/06/10 19:28:25 | 000,196,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/10 18:28:06 | 000,715,730 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\Cat.DB
[2010/06/09 21:14:39 | 000,507,858 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/09 21:14:39 | 000,445,700 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/09 21:14:39 | 000,072,780 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/07 20:00:11 | 000,000,746 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - HP_Owner.job
[2010/06/06 15:38:07 | 000,082,712 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\00401.tif
[2010/06/06 15:36:34 | 000,147,064 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\00813.tif
[2010/06/06 15:36:28 | 000,173,414 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\00812.tif
[2010/06/06 15:36:21 | 000,043,120 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\00811.tif
[2010/06/01 21:04:47 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\zombiewords.mic
[2010/06/01 20:47:39 | 000,007,390 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\ZOMBIEwordsonly2.xml
[2010/06/01 20:46:14 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\ZOMBIEwordsonly.doc
[2010/06/01 19:25:10 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/05/30 18:07:18 | 000,164,864 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\zombiegood.mic
[2010/05/30 18:03:30 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\ZOMBIE SURVIVAL.doc
[2010/05/30 17:55:55 | 000,182,272 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\zombie.mic
[2010/05/30 17:36:12 | 000,015,526 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\zombie.jpg
[2010/05/30 17:34:24 | 000,017,138 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\ZOMBIE SURVIVAL2.xml
[2010/05/25 20:15:14 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2010/05/23 15:24:21 | 000,001,724 | -H-- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\Default.rdp
[2010/05/16 18:57:21 | 000,500,139 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\JASCOTTpen2.GIF
[2010/05/16 18:55:18 | 000,296,720 | ---- | M] () -- C:\Documents and Settings\HP_Owner\My Documents\JASCOTTpen1.GIF
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/06/15 15:16:11 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\HP_Owner\Local Settings\Application Data\housecall.guid.cache
[2010/06/15 15:12:00 | 000,002,453 | ---- | C] () -- C:\Documents and Settings\HP_Owner\Desktop\HiJackThis.lnk
[2010/06/15 13:51:35 | 402,182,144 | -HS- | C] () -- C:\hiberfil.sys
[2010/06/15 11:54:28 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/15 11:02:01 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/13 12:24:25 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IObit Security 360.lnk
[2010/06/13 12:15:30 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2010/06/12 21:29:27 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2010/06/12 21:29:27 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/06/12 21:29:26 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\PMB Media Check Tool.lnk
[2010/06/12 20:43:28 | 000,007,162 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\cc_20100612_204324.reg
[2010/06/06 15:38:05 | 000,082,712 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\00401.tif
[2010/06/06 15:36:33 | 000,147,064 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\00813.tif
[2010/06/06 15:36:27 | 000,173,414 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\00812.tif
[2010/06/06 15:36:21 | 000,043,120 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\00811.tif
[2010/06/01 20:49:06 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\zombiewords.mic
[2010/06/01 20:47:38 | 000,007,390 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\ZOMBIEwordsonly2.xml
[2010/06/01 20:41:31 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\ZOMBIEwordsonly.doc
[2010/05/30 18:04:31 | 000,164,864 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\zombiegood.mic
[2010/05/30 17:50:55 | 000,182,272 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\zombie.mic
[2010/05/30 17:36:02 | 000,015,526 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\zombie.jpg
[2010/05/30 17:34:24 | 000,017,138 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\ZOMBIE SURVIVAL2.xml
[2010/05/30 17:02:56 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\ZOMBIE SURVIVAL.doc
[2010/05/16 18:57:19 | 000,500,139 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\JASCOTTpen2.GIF
[2010/05/16 18:55:16 | 000,296,720 | ---- | C] () -- C:\Documents and Settings\HP_Owner\My Documents\JASCOTTpen1.GIF
[2010/03/21 16:39:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2009/02/04 19:41:29 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2007/01/24 20:31:50 | 000,029,752 | ---- | C] () -- C:\WINDOWS\System32\InstHelper.dll
[2007/01/24 20:31:12 | 000,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007/01/24 20:31:09 | 000,193,584 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2005/08/09 18:13:31 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/09 18:13:31 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/08/09 18:12:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/07/10 20:47:00 | 000,000,082 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2005/07/10 20:45:55 | 001,680,896 | ---- | C] () -- C:\WINDOWS\System32\LTCLR13n.dll
[2005/07/10 20:45:54 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2005/07/10 20:45:54 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2005/04/27 11:34:31 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\wh2robo.dll
[2005/03/30 22:58:19 | 000,002,150 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2005/02/28 00:00:39 | 000,007,996 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/02/26 20:14:31 | 000,007,115 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
[2005/02/26 20:13:57 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2004/12/09 12:17:29 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/12/09 12:17:29 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/12/09 12:17:29 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/12/09 12:17:29 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/12/09 12:17:29 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/12/09 12:17:28 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/12/09 12:09:41 | 000,190,524 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/12/09 12:09:41 | 000,103,579 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2004/10/22 17:35:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/10/21 22:21:50 | 000,014,529 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/10/21 22:21:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/10/21 21:55:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/10/21 21:00:46 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/10/21 20:17:08 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/10/21 20:17:08 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/10/21 20:15:49 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/10/21 19:55:39 | 000,000,903 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/10/21 19:36:39 | 000,000,549 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/09/14 02:35:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/20 06:14:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/20 06:14:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/04/11 02:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1998/10/11 00:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
========== LOP Check ========== [2010/06/13 12:24:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2008/10/18 17:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/01/23 16:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/08/18 19:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2009/08/10 20:46:58 | 000,000,786 | ---- | M] () -- C:\administrativeInfo.dbf
[2005/04/11 21:37:42 | 000,007,680 | ---- | M] () -- C:\albumImagesTable.cdx
[2005/04/11 21:37:42 | 000,000,424 | ---- | M] () -- C:\albumImagesTable.dbf
[2005/04/11 21:37:42 | 000,004,608 | ---- | M] () -- C:\albumTable.cdx
[2005/04/11 21:37:42 | 000,000,584 | ---- | M] () -- C:\albumTable.dbf
[2004/12/09 12:19:54 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2005/02/21 21:51:57 | 004,783,390 | ---- | M] () -- C:\BellSouthIW.re~
[2005/02/21 21:39:46 | 000,000,213 | RHS- | M] () -- C:\BOOT.BAK
[2010/06/13 09:57:21 | 000,000,281 | -HS- | M] () -- C:\boot.ini
[2009/08/10 19:42:41 | 000,000,000 | ---- | M] () -- C:\CB_Server_Errors.txt
[2004/08/04 08:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2004/10/21 19:51:26 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2005/04/11 21:37:42 | 000,003,072 | ---- | M] () -- C:\EXIFTable.cdx
[2005/04/11 21:37:42 | 000,000,488 | ---- | M] () -- C:\EXIFTable.dbf
[2008/09/13 20:22:40 | 000,000,115 | ---- | M] () -- C:\FtpCmd.txt
[2010/06/15 15:52:17 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys
[2004/10/21 20:15:49 | 000,000,002 | -H-- | M] () -- C:\hpbi.log
[2009/03/08 10:56:39 | 000,525,372 | ---- | M] () -- C:\hpfr3840.log
[2005/04/11 21:37:42 | 000,009,216 | ---- | M] () -- C:\imageTable.cdx
[2005/04/11 21:37:42 | 000,000,936 | ---- | M] () -- C:\imageTable.dbf
[2005/04/11 21:37:42 | 000,000,512 | ---- | M] () -- C:\imageTable.fpt
[2004/10/21 19:51:26 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/04/11 21:37:42 | 000,006,144 | ---- | M] () -- C:\keywordImagesTable.cdx
[2005/04/11 21:37:42 | 000,000,360 | ---- | M] () -- C:\keywordImagesTable.dbf
[2005/04/11 21:37:42 | 000,004,608 | ---- | M] () -- C:\keywordTable.cdx
[2005/04/11 21:37:42 | 000,000,456 | ---- | M] () -- C:\keywordTable.dbf
[2009/08/10 19:42:47 | 000,000,378 | ---- | M] () -- C:\managedFolderTable.dbf
[2004/10/21 19:51:26 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/16 18:04:49 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/15 15:52:16 | 603,979,776 | -HS- | M] () -- C:\pagefile.sys
[2009/08/10 20:46:58 | 000,004,608 | ---- | M] () -- C:\pathnameTable.cdx
[2009/08/10 19:42:47 | 000,001,490 | ---- | M] () -- C:\pathnameTable.dbf
[2005/04/11 21:37:42 | 000,006,144 | ---- | M] () -- C:\ROFImagesTable.cdx
[2005/04/11 21:37:42 | 000,000,360 | ---- | M] () -- C:\ROFImagesTable.dbf
[2005/04/11 21:37:42 | 000,003,072 | ---- | M] () -- C:\ROFTable.cdx
[2005/04/11 21:37:42 | 000,000,392 | ---- | M] () -- C:\ROFTable.dbf
[2010/06/15 12:15:52 | 000,038,834 | ---- | M] () -- C:\TDSSKiller.2.3.2.0_15.06.2010_12.15.13_log.txt
[2009/01/31 12:17:40 | 000,054,209 | ---- | M] () -- C:\vrq.log
[2008/08/09 14:36:49 | 000,000,146 | ---- | M] () -- C:\YServer.txt
[1 C:\*.tmp files -> C:\*.tmp -> ]
< %systemroot%\*. /mp /s > < %systemroot%\system32\user32.dll /md5 >[2008/04/13 20:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >[2008/04/13 20:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\system32\*.dll /lockedfiles >[2010/05/04 13:20:32 | 000,347,136 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2010/05/04 13:20:33 | 000,214,528 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav >[2004/10/21 12:41:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/10/21 12:41:46 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/10/21 12:41:45 | 000,868,352 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\drivers\*.sys /180 >[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
[2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2009/12/31 12:50:03 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys
[2010/02/28 16:13:22 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
[2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/11/05 19:06:06 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5mu.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
< End of report >