The save command did not appear to work with both options. It reads: Error 105 Invalid or incomplete switch.
OTL logfile created on: 7/7/2010 8:02:34 PM - Run 4
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Albert\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 4.46 Gb Free Space | 11.97% Space Free | Partition Type: NTFS
Drive D: | 12.54 Gb Total Space | 0.90 Gb Free Space | 7.16% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 232.83 Gb Total Space | 43.96 Gb Free Space | 18.88% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
Drive H: | 483.69 Mb Total Space | 93.98 Mb Free Space | 19.43% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
Computer Name: ALBERT
Current User Name: Albert
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Minimal
Quick Scan
========== Processes (SafeList) ========== PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Documents and Settings\Albert\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - F:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Oracle\Information Rights Management\Desktop\sealmon.exe (Oracle Corporation)
PRC - F:\Program Files\Adobe2\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
PRC - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
PRC - C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe (YourWare Solutions )
PRC - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation)
PRC - C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\dlcdcoms.exe ( )
PRC - C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe (Dell)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\NetWaiting\netwaiting.exe ()
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Albert\Desktop\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (avg8emc) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (usnjsvc) -- C:\Program Files\MSN Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
SRV - (dlcd_device) -- C:\WINDOWS\System32\dlcdcoms.exe ( )
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL =
http://www.google.co...l...&channel=usIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
http://www.google.co...l...&channel=usIE - HKLM\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...m...tf8&oe=utf8IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKCU\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "
http://slirsredirect...x-en-us&query="FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.google.com/"FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:5.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems:
[email protected]:7
FF - prefs.js..extensions.enabledItems: {12e4c684-c03e-4e4d-85bc-0c065e7a9489}:5.23.2.10
FF - prefs.js..extensions.enabledItems:
[email protected]:1.5.3
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.23
FF - prefs.js..extensions.enabledItems: CrystalFox_Qute@BigRedBrent:3.7
FF - prefs.js..keyword.URL: "
http://slirsredirect...b-en-us&query="FF - prefs.js..network.proxy.type: ""
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/07 14:18:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/07 14:18:47 | 00,000,000 | ---D | M]
[2008/06/17 16:54:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Mozilla\Extensions
[2010/07/07 15:51:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions
[2010/06/07 15:16:32 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81b1}
[2009/05/18 22:02:18 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2009/10/20 12:18:57 | 00,000,000 | ---D | M] (SHOUTcast Radio Toolbar) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}
[2010/06/07 15:16:19 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{1476ff20-0a3c-11db-9cd8-0800200c9a66}
[2008/06/19 20:11:32 | 00,000,000 | ---D | M] (Abstract Classic) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{2fbc1200-ad13-11db-abbd-0800200c9a66}
[2010/06/07 15:16:24 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{359faf50-e061-11dd-ad8b-0800200c9a66}
[2009/08/23 12:20:23 | 00,000,000 | ---D | M] (Boost for Facebook) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca}
[2009/03/21 23:48:54 | 00,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010/06/07 15:16:13 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{6E1A2A2E-AE2A-4A26-A812-46F54288379E}
[2010/06/07 15:16:16 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{a81bafeb-b6ed-4501-aa17-15a2b3857e56}
[2008/04/19 21:37:54 | 00,000,000 | ---D | M] (Blue Ice 2) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2009/08/23 12:20:25 | 00,000,000 | ---D | M] (Fast Video Download) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010/07/06 13:00:01 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/07/03 03:30:46 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/06/27 00:29:21 | 00,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009/10/14 10:22:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\
[email protected][2009/08/23 12:20:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\
[email protected][2009/08/23 12:20:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\CrystalFox_Qute@BigRedBrent
[2010/06/07 15:16:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\
[email protected][2010/06/07 15:16:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\
[email protected][2010/06/07 15:12:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\
[email protected][2009/05/28 15:27:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\extensions\
[email protected][2009/01/04 23:18:36 | 00,001,899 | ---- | M] () -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\searchplugins\flickr-tags.xml
[2007/05/06 23:43:37 | 00,002,386 | ---- | M] () -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\searchplugins\siteadvisor.xml
[2009/10/20 12:19:08 | 00,001,189 | ---- | M] () -- C:\Documents and Settings\Albert\Application Data\Mozilla\Firefox\Profiles\p6i9mjrs.default\searchplugins\winamp-search.xml
[2010/07/07 13:40:02 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/11 21:41:43 | 00,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
[2008/09/10 01:09:32 | 00,079,216 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npContribute.dll
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - F:\Program Files\Adobe2\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (SHOUTcast Loader) - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (SHOUTcast Radio Toolbar) - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - F:\Program Files\Adobe2\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (SHOUTcast Radio Toolbar) - {0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] F:\Program Files\Adobe2\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] F:\Program Files\Adobe2\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [DLCDCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.DLL ()
O4 - HKLM..\Run: [dlcdmon.exe] C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe (Dell)
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iPhoneVideoConverter_upgrade] C:\Program Files\E-Zsoft\iPhoneVideoConverter\iPhoneVideoConverter.exe (E-Z soft)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] F:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [sealmon.exe] C:\Program Files\Oracle\Information Rights Management\Desktop\sealmon.exe (Oracle Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SpybotSnD] C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [FreeRAM XP] C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe (YourWare Solutions )
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Albert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B}
http://asp.mathxl.co...GenXInstall.cab (TTestGenXInstallObject)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
http://download.mcaf...01/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC}
http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A}
http://zone.msn.com/...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421}
http://asp.mathxl.co...nstallAsst2.cab (Pearson Installation Assistant 2)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CEDDF50D-9FA7-41A8-BCD0-6350D1ED2306}
https://care.windstr...aller_3-0-0.cab (SecurityManager Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7}
http://download.micr...04/clearadj.cab (CTAdjust Class)
O16 - DPF: {EEC9DBCC-04AD-4A1B-BEA7-C6DAD9515D5A}
http://asp.mathxl.co.../EconPlayer.cab (Pearson MyEconLab Player Control)
O16 - DPF: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01}
https://care.windstr...TELControls.cab (ConnectivityTester Class)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 04:43:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/12/01 22:32:56 | 00,000,000 | ---D | M] - F:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2008/02/25 10:30:42 | 00,000,054 | RHS- | M] () - F:\autorun.in_2.org -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 14 Days ========== [2010/07/07 14:24:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/07 14:14:02 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/07/07 14:09:26 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/07 13:48:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Albert\Desktop\Pwnage
[2010/07/07 09:56:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/07/07 09:44:29 | 00,000,000 | ---D | C] -- C:\george
[2010/07/07 00:29:11 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/07/06 22:22:32 | 00,882,672 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\Albert\Desktop\SPTDinst-v169-x86.exe
[2010/07/06 13:00:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Albert\Application Data\QuickScan
[2010/07/06 12:50:15 | 01,013,584 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Albert\Desktop\TDSSKiller.exe
[2010/07/06 10:09:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\edmbqvqgw
[2010/07/05 22:03:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/07/05 22:02:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2010/07/05 22:02:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/03 03:30:45 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2010/07/03 03:30:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/07/03 03:29:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe(2)
[2010/07/02 01:05:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/06/24 21:05:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Albert\Desktop\Music
[2010/06/24 21:05:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Albert\Desktop\Pictures
[2010/05/17 23:09:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/05/17 23:04:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/01/20 04:00:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/06/15 22:10:54 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/06/15 22:10:54 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/06/15 22:10:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/10/09 09:33:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2006/08/06 20:21:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2006/06/12 17:38:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2006/06/04 23:41:33 | 01,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdserv.dll
[2006/06/04 23:41:33 | 01,134,592 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdusb1.dll
[2006/06/04 23:41:33 | 00,638,976 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdpmui.dll
[2006/06/04 23:41:33 | 00,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdprox.dll
[2006/06/04 23:41:33 | 00,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdpplc.dll
[2006/06/04 23:41:32 | 00,774,144 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdhbn3.dll
[2006/06/04 23:41:32 | 00,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdcomc.dll
[2006/06/04 23:41:32 | 00,483,328 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdlmpm.dll
[2006/06/04 23:41:32 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdcomm.dll
[3 C:\Documents and Settings\Albert\My Documents\*.tmp files -> C:\Documents and Settings\Albert\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Albert\Desktop\*.tmp files -> C:\Documents and Settings\Albert\Desktop\*.tmp -> ]
========== Files - Modified Within 14 Days ========== [2010/07/07 20:01:51 | 15,204,352 | ---- | M] () -- C:\Documents and Settings\Albert\ntuser.dat
[2010/07/07 19:38:00 | 00,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555433744-3350049914-2593877280-1005UA.job
[2010/07/07 19:38:00 | 00,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555433744-3350049914-2593877280-1005Core.job
[2010/07/07 19:14:00 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/07 19:14:00 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/07 18:10:13 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/07/07 15:45:33 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/07 15:44:11 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/07/07 15:44:11 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/07/07 15:44:10 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/07/07 15:44:09 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/07/07 15:42:28 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/07 15:42:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/07 15:42:24 | 21,374,56640 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/07 15:41:09 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Albert\ntuser.ini
[2010/07/07 14:26:32 | 00,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/07/07 13:56:27 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Albert\My Documents\~$rapio Albert Trevino.doc
[2010/07/07 13:25:33 | 00,000,310 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/07 13:25:22 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/06 22:22:35 | 00,882,672 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\Albert\Desktop\SPTDinst-v169-x86.exe
[2010/07/06 19:39:49 | 00,000,767 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/06 19:39:49 | 00,000,279 | RHS- | M] () -- C:\boot.ini
[2010/07/06 13:53:16 | 00,077,312 | ---- | M] () -- C:\Documents and Settings\Albert\Desktop\mbr.exe
[2010/07/06 04:33:29 | 00,000,963 | ---- | M] () -- C:\Documents and Settings\Albert\Desktop\Spybot - Search & Destroy.lnk
[2010/07/04 14:58:26 | 03,726,344 | R--- | M] () -- C:\Documents and Settings\Albert\Desktop\george.exe
[2010/07/02 01:01:08 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\Albert\My Documents\Serapio Albert Trevino.doc
[2010/07/02 00:56:51 | 00,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2010/07/02 00:56:49 | 00,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2010/07/01 09:33:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/30 17:25:08 | 01,013,584 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Albert\Desktop\TDSSKiller.exe
[2010/06/24 20:54:09 | 00,182,034 | ---- | M] () -- C:\Documents and Settings\Albert\Desktop\TONIGHT_mixdown.pk
[2010/06/24 20:54:08 | 18,632,432 | ---- | M] () -- C:\Documents and Settings\Albert\Desktop\TONIGHT_mixdown.wav
[2010/06/24 20:52:22 | 00,399,594 | ---- | M] () -- C:\Documents and Settings\Albert\Desktop\BYYOURSIDE_mixdown.pk
[2010/06/24 20:52:19 | 40,910,064 | ---- | M] () -- C:\Documents and Settings\Albert\Desktop\BYYOURSIDE_mixdown.wav
[2010/06/24 20:02:42 | 25,210,608 | ---- | M] () -- C:\Documents and Settings\Albert\Desktop\CRSNEVERTOOLATE_mixdown.wav
[2010/06/24 20:02:42 | 00,246,274 | ---- | M] () -- C:\Documents and Settings\Albert\Desktop\CRSNEVERTOOLATE_mixdown.pk
[3 C:\Documents and Settings\Albert\My Documents\*.tmp files -> C:\Documents and Settings\Albert\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Albert\Desktop\*.tmp files -> C:\Documents and Settings\Albert\Desktop\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/07/07 20:01:47 | 00,278,528 | ---- | C] () -- C:\Documents and Settings\Albert\Desktop\MBRWiz.exe
[2010/07/07 14:26:32 | 00,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/07/07 13:56:27 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Albert\My Documents\~$rapio Albert Trevino.doc
[2010/07/06 13:53:16 | 00,077,312 | ---- | C] () -- C:\Documents and Settings\Albert\Desktop\mbr.exe
[2010/07/06 04:41:16 | 21,374,56640 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/04 15:04:41 | 03,726,344 | R--- | C] () -- C:\Documents and Settings\Albert\Desktop\george.exe
[2010/07/02 01:01:07 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\Albert\My Documents\Serapio Albert Trevino.doc
[2010/06/24 21:05:28 | 06,903,157 | ---- | C] () -- C:\Documents and Settings\Albert\Desktop\Young_Jeezy_-_Done_It(Instrumental).mp3
[2010/06/24 21:05:28 | 02,538,937 | ---- | C] () -- C:\Documents and Settings\Albert\Desktop\Tonight.mp3
[2010/06/24 20:54:09 | 00,182,034 | ---- | C] () -- C:\Documents and Settings\Albert\Desktop\TONIGHT_mixdown.pk
[2010/06/24 20:53:25 | 18,632,432 | ---- | C] () -- C:\Documents and Settings\Albert\Desktop\TONIGHT_mixdown.wav
[2010/06/24 20:52:22 | 00,399,594 | ---- | C] () -- C:\Documents and Settings\Albert\Desktop\BYYOURSIDE_mixdown.pk
[2010/06/24 20:50:45 | 40,910,064 | ---- | C] () -- C:\Documents and Settings\Albert\Desktop\BYYOURSIDE_mixdown.wav
[2010/06/24 19:56:50 | 00,246,274 | ---- | C] () -- C:\Documents and Settings\Albert\Desktop\CRSNEVERTOOLATE_mixdown.pk
[2010/06/24 19:56:10 | 25,210,608 | ---- | C] () -- C:\Documents and Settings\Albert\Desktop\CRSNEVERTOOLATE_mixdown.wav
[2010/06/24 03:30:41 | 15,204,352 | ---- | C] () -- C:\Documents and Settings\Albert\ntuser.dat
[2010/05/29 21:46:12 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\Albert\Application Data\czyiwa.dat
[2010/05/23 23:47:33 | 01,060,864 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2010/05/23 23:47:33 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2010/05/18 18:37:47 | 00,000,736 | ---- | C] () -- C:\Documents and Settings\Albert\Application Data\net.telestream.ustreamproducer.prefs.xml
[2009/10/28 18:06:22 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Albert\Application Data\downloads.m3u
[2009/10/24 17:11:15 | 00,000,029 | ---- | C] () -- C:\Documents and Settings\Albert\Application Data\default.rss
[2008/10/24 18:34:38 | 00,000,022 | ---- | C] () -- C:\WINDOWS\iexplore.ini
[2008/10/20 21:36:03 | 00,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2008/09/20 16:02:02 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008/09/20 16:02:02 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008/08/27 18:41:21 | 00,002,048 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008/07/12 13:07:18 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/06/29 18:06:50 | 00,782,336 | ---- | C] () -- C:\WINDOWS\System32\IlmImf.dll
[2008/06/29 18:06:50 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\pmtf1.dll
[2008/06/29 18:06:50 | 00,204,288 | ---- | C] () -- C:\WINDOWS\System32\pmtf3.dll
[2008/06/29 18:06:50 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\pmexr.dll
[2008/06/29 18:06:50 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmbm.dll
[2008/06/29 18:06:49 | 00,353,280 | ---- | C] () -- C:\WINDOWS\System32\pmtf2.dll
[2008/06/29 18:06:49 | 00,229,376 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib2.dll
[2008/06/29 18:06:49 | 00,216,064 | ---- | C] () -- C:\WINDOWS\System32\pmjp.dll
[2008/06/29 18:06:49 | 00,112,128 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib3.dll
[2008/06/29 18:06:48 | 00,266,240 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib.dll
[2008/05/18 10:54:52 | 00,000,072 | ---- | C] () -- C:\WINDOWS\wb.ini
[2008/05/18 10:39:10 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll
[2007/03/14 21:42:50 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/02/26 16:44:32 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/27 17:30:09 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/12/29 19:52:45 | 00,447,777 | ---- | C] () -- C:\WINDOWS\System32\DAE.dll.rsr
[2006/09/15 20:10:58 | 00,000,574 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/08/29 22:05:54 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[2006/06/17 17:18:08 | 00,000,013 | ---- | C] () -- C:\WINDOWS\System32\MSVC60SVV.DLL
[2006/06/13 20:57:43 | 00,125,952 | ---- | C] () -- C:\Documents and Settings\Albert\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/06/13 01:43:55 | 00,000,196 | ---- | C] () -- C:\Documents and Settings\Albert\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
[2006/06/12 23:33:06 | 00,000,104 | RHS- | C] () -- C:\WINDOWS\System32\1DB60C6654.sys
[2006/06/12 23:32:18 | 00,061,678 | ---- | C] () -- C:\Documents and Settings\Albert\Application Data\PFP120JPR.{PB
[2006/06/12 23:32:18 | 00,012,358 | ---- | C] () -- C:\Documents and Settings\Albert\Application Data\PFP120JCM.{PB
[2006/06/12 18:26:22 | 00,006,580 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/06/12 18:26:22 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\54660CB61D.sys
[2006/06/12 16:00:35 | 00,000,129 | ---- | C] () -- C:\Documents and Settings\Albert\Local Settings\Application Data\fusioncache.dat
[2006/06/05 00:31:03 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/05 00:19:35 | 00,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/06/05 00:14:45 | 00,000,206 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/06/05 00:08:38 | 00,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/06/04 23:41:33 | 00,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlcdutil.dll
[2006/06/04 23:41:33 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlcdjswr.dll
[2006/06/04 23:41:33 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcdinsr.dll
[2006/06/04 23:41:33 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcdvs.dll
[2006/06/04 23:41:33 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcdcur.dll
[2006/06/04 23:41:32 | 00,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcdinsb.dll
[2006/06/04 23:41:32 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcdins.dll
[2006/06/04 23:41:32 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcdcub.dll
[2006/06/04 23:41:32 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcdcu.dll
[2006/06/04 23:41:31 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcdcfg.dll
[2006/06/04 23:40:57 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/06/04 23:39:29 | 00,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 04:37:24 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/05 14:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 17:05:54 | 00,000,611 | ---- | C] () -- C:\WINDOWS\System32\dlcdplc.ini
[2005/04/09 10:04:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001/09/24 07:59:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll
[2001/08/23 14:00:00 | 00,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys
[1999/01/22 13:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ========== [2009/08/13 15:07:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Ableton
[2007/02/26 16:49:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\acccore
[2007/03/03 15:46:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Aim
[2008/06/17 12:55:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Antares
[2008/09/01 19:00:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Applied Acoustics Systems
[2010/07/03 03:30:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\BitTorrent
[2006/06/15 18:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Cakewalk
[2009/10/11 22:16:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\com.adobe.ExMan
[2010/01/10 20:42:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\dBpoweramp
[2006/12/29 19:57:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Digidesign
[2010/06/14 21:23:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\DiskAid
[2008/04/19 18:54:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Flickr
[2006/11/09 18:20:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\flightgear.org
[2006/06/25 16:48:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Kazaa Lite
[2006/06/17 22:52:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Leadertech
[2007/02/11 01:59:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\MP3Downloads
[2009/05/12 06:33:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\MPEG Streamclip
[2006/08/29 22:03:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Nikon
[2007/02/28 19:27:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Opera
[2008/03/15 19:50:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\PACE Anti-Piracy
[2010/06/03 12:36:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Pamela
[2009/08/20 15:59:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Propellerhead Software
[2010/07/06 13:02:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\QuickScan
[2007/01/26 18:05:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Red Chair Software
[2009/02/02 21:23:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\SealedMedia
[2008/08/27 23:03:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Steinberg
[2009/11/27 12:13:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\SystemRequirementsLab
[2009/12/22 15:08:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\uTorrent
[2010/05/18 18:37:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Vara Software
[2007/03/04 17:25:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Viewpoint
[2008/08/27 11:20:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\VSO_HWE
[2009/06/12 16:59:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Waves Audio
[2008/11/30 23:59:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\WinFF
[2010/06/14 22:35:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Wirecast
[2010/03/24 20:19:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Albert\Application Data\Xilisoft
[2009/08/13 15:07:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2009/05/03 20:51:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2005/08/16 20:54:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2006/08/29 22:05:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2008/10/02 10:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iZotope
[2008/10/24 18:34:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2008/10/29 01:15:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2006/08/29 22:03:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2008/03/15 19:50:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2009/08/11 19:28:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2009/10/20 12:18:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SHOUTcast Radio Toolbar
[2010/05/18 18:37:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Telestream
[2008/09/17 01:48:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/08/29 22:05:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2009/05/03 20:51:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/10/14 22:33:26 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{152EF68B-16AC-49D3-A3E6-E39F7613A2D7}
[2009/10/14 21:43:56 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{2E36EF44-3E35-4623-B1DD-517C334DF1C5}
[2010/07/07 14:26:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/14 22:33:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/25 16:18:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/10/13 12:07:27 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/14 12:54:39 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D3409287-B0B7-40DE-981C-3CAD8C8EE6A8}
[2009/10/14 12:52:10 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
[2010/07/07 15:44:09 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2010/07/07 18:10:13 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2010/07/07 15:44:10 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2010/07/07 15:44:11 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2010/07/07 15:44:11 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
========== Purity Check ========== < End of report >
MBRWiz - Version 3.0.48 beta for Windows
Copyright © 2002-2010 Roger Layton
http://mbrwizard.com -----------------------------------------------------------------------------
Disk: 0 MBR/GPT: None
Size: 54.49GB CHS: 7113 255 63
Sectors: 114270345 Disk Signature: 0xE686F016
Partitions: 4 Partition Order: 1 2 3 4
Media Type: Fixed Interface: IDE
Description: Hitachi HTS541060G9SA00
-----------------------------------------------------------------------------
Pos Idx Type/Name Size Boot Hide Start Sector Total Sectors DL Vol Label
--- --- --------- ---- ---- ---- -------------- -------------- -- -----------
1 1 DE-Dell 47M No No 63 96,327 <None>
2 2 07-NTFS 37G Yes No 96,390 78,108,030 C: <None>
3 3 07-NTFS 13G No No 78,220,485 26,298,405 D: Backup
4 4 DB-C.DOS 4.6G No No 104,518,890 9,735,390 <None>
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
Disk: 1 MBR/GPT: None
Size: 483.88MB CHS: 1 255 63
Sectors: 990976 Disk Signature: 0x00000000
Partitions: 0 Partition Order:
Media Type: Removable Interface: USB
Description: WD 2500BMV External
-----------------------------------------------------------------------------
Pos Idx Type/Name Size Boot Hide Start Sector Total Sectors DL Vol Label
--- --- --------- ---- ---- ---- -------------- -------------- -- -----------
No partitions found on this disk
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
Disk: 2 MBR/GPT: None
Size: 232.89GB CHS: 30401 255 63
Sectors: 488397168 Disk Signature: 0x5C74AE42
Partitions: 1 Partition Order: 1
Media Type: Fixed Interface: WD 2500BMV External
Description: WD 2500BMV External
-----------------------------------------------------------------------------
Pos Idx Type/Name Size Boot Hide Start Sector Total Sectors DL Vol Label
--- --- --------- ---- ---- ---- -------------- -------------- -- -----------
1 1 0C-FAT32X 232G No No 63 488,392,002 F: My Passport
-----------------------------------------------------------------------------