Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Erratic loading of desktop and shutdown problems


  • Please log in to reply

#1
mlwjackson

mlwjackson

    Member

  • Member
  • PipPipPip
  • 131 posts
For several months I have had intermitant problems with the desktop not loading in a system running Windows XP. The machine boots but does not load the desktop icons. I just get the blank desktop without taskbar or anything. In addition, on a few occassions the desktop has loaded but the icons on the desktop would not respond to either right or left click. Presently, it usually takes two or three start attempts to get the desktop up and running. On a fairly frequent basis I get a message upon attmepting to shutdown that explorer.exe is not responding. When I tell it to close now the screen goes black but the machine frequently does not shutdown. I have to hold the power button to get it to shutdown. On occassion I also get blue screens that report that there has been some sort of conflict then the machine proceeds with a memory dump and a restart. I have not particularily associated the memory dump with the desktop problems. Does this appear to be malware related or just a corrupt explorer.ese file?



OTL logfile created on: 3/28/2011 2:18:13 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\default\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 66.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.70 Gb Free Space | 17.99% Space Free | Partition Type: FAT32
Drive F: | 29.29 Gb Total Space | 8.46 Gb Free Space | 28.88% Space Free | Partition Type: NTFS
Drive G: | 29.29 Gb Total Space | 6.98 Gb Free Space | 23.83% Space Free | Partition Type: NTFS
Drive H: | 15.94 Gb Total Space | 10.04 Gb Free Space | 63.01% Space Free | Partition Type: NTFS
Drive I: | 1397.26 Gb Total Space | 1357.34 Gb Free Space | 97.14% Space Free | Partition Type: NTFS

Computer Name: P4 | User Name: default | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\default\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\WINDOWS\SYSTEM32\lxdwcoms.exe ( )
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\SYSTEM32\LxrJD31s.exe ()
PRC - C:\Program Files\Logitech\MouseWare\SYSTEM\EM_EXEC.EXE (Logitech Inc.)
PRC - C:\Program Files\Dantz\Retrospect\wdsvc.exe (Dantz Development Corporation)
PRC - C:\Program Files\Dantz\Retrospect\RETRORUN.EXE (Dantz Development Corporation)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\default\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (Check Point Software Technologies)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll (Microsoft Corporation)
MOD - C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL (Logitech Inc.)
MOD - C:\Program Files\Logitech\MouseWare\SYSTEM\LgWndHk.dll (Logitech Inc.)


========== Win32 Services (SafeList) ==========

SRV - (CmdAgent) -- File not found
SRV - (0093941301329008mcinstcleanup) McAfee Application Installer Cleanup (0093941301329008) -- C:\WINDOWS\TEMP\0093941301329008mcinst.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (vsmon) -- C:\WINDOWS\System32\ZONELABS\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (lxdw_device) -- C:\WINDOWS\System32\lxdwcoms.exe ( )
SRV - (lxdwCATSCustConnectService) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdwserv.exe ()
SRV - (LxrJD31s) -- C:\WINDOWS\System32\LxrJD31s.exe ()
SRV - (RetroWDSvc) -- C:\Program Files\Dantz\Retrospect\wdsvc.exe (Dantz Development Corporation)
SRV - (Retrospect Helper) -- C:\Program Files\Dantz\Retrospect\rthlpsvc.exe (Dantz Development Corporation)
SRV - (RetroLauncher) -- C:\Program Files\Dantz\Retrospect\RETRORUN.EXE (Dantz Development Corporation)


========== Driver Services (SafeList) ==========

DRV - (MpKsl4cea0944) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{38365C3E-2C54-47C6-AD62-753AEFC20BF2}\MpKsl4cea0944.sys (Microsoft Corporation)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (vsdatant) -- C:\WINDOWS\SYSTEM32\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (CmdMon) -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdmon.sys (Comodo Research Lab., Inc.)
DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (nvatabus) -- C:\WINDOWS\System32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\SYSTEM32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\SYSTEM32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (LxrJD31d) -- C:\WINDOWS\SYSTEM32\DRIVERS\LxrJD31d.sys ()
DRV - (AmdK8) -- C:\WINDOWS\SYSTEM32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (ati2mtag) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (LMouFlt2) -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFlt2.Sys (Logitech, Inc.)
DRV - (L8042pr2) -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042pr2.Sys (Logitech, Inc.)
DRV - (LHidUsb) -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidUsb.Sys (Logitech, Inc.)
DRV - (LHidFlt2) -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidFlt2.Sys (Logitech, Inc.)
DRV - (AN983) -- C:\WINDOWS\SYSTEM32\DRIVERS\an983.sys (ADMtek Incorporated.)
DRV - (es1371) Creative AudioPCI (ES1371,ES1373) (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\es1371mp.sys (Creative Technology Ltd.)
DRV - (HCF_MSFT) -- C:\WINDOWS\SYSTEM32\DRIVERS\HCF_MSFT.sys (Conexant)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010/07/31 18:22:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2008/07/31 09:18:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/23 17:23:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2004/07/26 08:45:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2006/04/08 21:36:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2008/08/31 21:40:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\default\Application Data\Mozilla\Extensions
[2010/09/19 22:58:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\default\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2004/07/26 08:46:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\default\Application Data\Mozilla\Firefox\Profiles\default.yeh\extensions
[2009/09/07 15:13:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\default\Application Data\Mozilla\Firefox\Profiles\default.yeh\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
[2009/09/16 17:27:00 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\default\Application Data\Mozilla\Firefox\Profiles\default.yeh\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2004/07/26 08:46:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2004/01/13 22:09:26 | 000,176,176 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2006/10/16 20:35:34 | 000,046,665 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll
[2006/10/16 20:35:36 | 000,013,386 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcdec.dll
[2006/10/16 20:35:36 | 000,092,746 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcext.dll
[2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/09/19 21:33:02 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2009/03/20 19:05:22 | 000,303,140 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 171203.com
O1 - Hosts: 10471 more lines...
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - C:\Program Files\ZoneAlarm\tbZon1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\Logi_MwX.Exe (Logitech Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: alltel.com ([care] http in Trusted sites)
O15 - HKCU\..Trusted Domains: alltel.com ([care] https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Internet)
O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} https://activation.a...aller_2-0-0.cab (Reg Error: Value error.)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/b...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1219366213218 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...7867.6608912037 (Reg Error: Key error.)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.h...nosticsxp2k.cab (Reg Error: Key error.)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1....loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macrom...abs/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://sjhlex.webex...nbr/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (ginamsi.dll) - C:\WINDOWS\System32\ginamsi.dll ()
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Desktop\P4 Backup\My Pictures\Photo0054.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Desktop\P4 Backup\My Pictures\Photo0054.bmp
O28 - HKLM ShellExecuteHooks: {20d8bda1-1958-11d6-b00f-00b0d0c6b6a5} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2000/06/08 17:00:00 | 000,000,079 | -HS- | M] () - C:\AUTOEXEC.DOS -- [ FAT32 ]
O32 - AutoRun File - [2000/06/21 10:26:20 | 000,000,069 | -H-- | M] () - C:\AUTOEXEC.PTT -- [ FAT32 ]
O32 - AutoRun File - [2001/12/21 09:01:54 | 000,000,201 | ---- | M] () - C:\autoexec.bat -- [ FAT32 ]
O32 - AutoRun File - [2009/02/28 14:51:37 | 000,000,067 | ---- | M] () - I:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{13ac997c-78bf-11dc-9386-0019dbbbb33c}\Shell - "" = AutoRun
O33 - MountPoints2\{13ac997c-78bf-11dc-9386-0019dbbbb33c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{13ac997c-78bf-11dc-9386-0019dbbbb33c}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{7e1f4390-324d-11db-99a5-00045a4e47ed}\Shell - "" = AutoRun
O33 - MountPoints2\{7e1f4390-324d-11db-99a5-00045a4e47ed}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7e1f4390-324d-11db-99a5-00045a4e47ed}\Shell\AutoRun\command - "" = I:\LaunchU3.exe
O33 - MountPoints2\{cdf9fea0-8e51-11de-bf84-0019dbbbb33c}\Shell - "" = AutoRun
O33 - MountPoints2\{cdf9fea0-8e51-11de-bf84-0019dbbbb33c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cdf9fea0-8e51-11de-bf84-0019dbbbb33c}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{f58373d0-9e1a-11da-9884-00045a4e47ed}\Shell\AutoRun\command - "" = I:\JDSecure\Windows\JDSecure31.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SsiEfr.exe) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2067/11/20 15:42:38 | 000,092,672 | ---- | C] (Networks Associates Technologies, Inc.) -- C:\WINDOWS\System32\CsLsp.dll
[2011/03/28 14:15:31 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\default\Desktop\OTL.exe
[2011/03/28 12:16:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/07/29 16:00:13 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDWhcp.dll
[2009/07/29 16:00:12 | 001,069,056 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwserv.dll
[2009/07/29 16:00:12 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwusb1.dll
[2009/07/29 16:00:12 | 000,651,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwpmui.dll
[2009/07/29 16:00:12 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwinpa.dll
[2009/07/29 16:00:12 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwiesc.dll
[2009/07/29 16:00:11 | 000,679,936 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwhbn3.dll
[2009/07/29 16:00:11 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwlmpm.dll
[2009/07/29 16:00:11 | 000,328,360 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwih.exe
[2009/07/29 16:00:10 | 000,594,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwcoms.exe
[2009/07/29 16:00:09 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwcomc.dll
[2009/07/29 16:00:09 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwcomm.dll
[2009/07/29 16:00:09 | 000,369,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwcfg.exe
[2007/07/28 20:15:57 | 004,697,094 | ---- | C] (Atomic Games, Inc. and Microsoft Corporation) -- C:\Program Files\ccdemo.exe
[5 C:\WINDOWS\System\*.tmp files -> C:\WINDOWS\System\*.tmp -> ]
[234 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[23 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2067/11/20 15:42:38 | 000,092,672 | ---- | M] (Networks Associates Technologies, Inc.) -- C:\WINDOWS\System32\CsLsp.dll
[2011/03/28 14:21:00 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8F7B9B5C-954C-4CC7-B128-9D0DD4256F2B}.job
[2011/03/28 14:19:00 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011/03/28 14:15:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\default\Desktop\OTL.exe
[2011/03/28 14:02:38 | 000,125,952 | ---- | M] () -- C:\Documents and Settings\default\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/28 13:48:04 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\PCHealth Scheduler for Data Collection.job
[2011/03/28 12:27:06 | 000,033,801 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/03/28 12:16:20 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/03/28 12:11:10 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\QIC Messenger Bkup.job
[2011/03/28 12:10:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/28 12:10:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/21 23:18:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/21 22:55:20 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/03/14 21:41:18 | 000,000,135 | ---- | M] () -- C:\Documents and Settings\default\Desktop\Insight Broadband Webmail.URL
[2011/03/14 21:25:40 | 000,002,599 | ---- | M] () -- C:\Documents and Settings\default\Desktop\Microsoft Word.lnk
[2011/03/14 17:09:02 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\QIC Messenger Periodic.job
[2011/03/14 16:16:32 | 000,003,079 | ---- | M] () -- C:\WINDOWS\winros.ini
[2011/03/14 09:53:02 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/03/14 09:31:16 | 000,375,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/11 16:26:06 | 000,006,601 | ---- | M] () -- C:\WINDOWS\default8.xlb
[2011/03/11 12:22:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/11 11:15:34 | 2079,801,344 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011/03/11 10:32:38 | 000,000,075 | ---- | M] () -- C:\WINDOWS\TaxACT08.ini
[2011/03/07 22:28:14 | 000,000,229 | ---- | M] () -- C:\Documents and Settings\default\Desktop\SurvivalBlog.com.url
[2011/03/07 13:42:46 | 000,000,121 | ---- | M] () -- C:\Documents and Settings\default\Desktop\41a720amended.pdf (applicationpdf Object).URL
[2011/03/07 13:39:24 | 000,000,123 | ---- | M] () -- C:\Documents and Settings\default\Desktop\41A7200002_bcclosed.pdf (applicationpdf Object).URL
[2011/03/07 11:41:10 | 000,056,320 | ---- | M] () -- C:\Documents and Settings\default\Desktop\41A720LLET.pdf
[5 C:\WINDOWS\System\*.tmp files -> C:\WINDOWS\System\*.tmp -> ]
[234 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[23 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/07 22:28:13 | 000,000,229 | ---- | C] () -- C:\Documents and Settings\default\Desktop\SurvivalBlog.com.url
[2011/03/07 13:42:44 | 000,000,121 | ---- | C] () -- C:\Documents and Settings\default\Desktop\41a720amended.pdf (applicationpdf Object).URL
[2011/03/07 13:39:23 | 000,000,123 | ---- | C] () -- C:\Documents and Settings\default\Desktop\41A7200002_bcclosed.pdf (applicationpdf Object).URL
[2011/03/07 11:41:08 | 000,056,320 | ---- | C] () -- C:\Documents and Settings\default\Desktop\41A720LLET.pdf
[2011/01/18 22:00:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhotoSuite.INI
[2009/07/29 16:06:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdwvs.dll
[2009/07/29 16:06:02 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\lxdwcoin.dll
[2009/07/29 16:05:36 | 001,036,288 | ---- | C] () -- C:\WINDOWS\System32\lxdwdrs.dll
[2009/07/29 16:05:36 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdwcaps.dll
[2009/07/29 16:05:36 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdwcnv4.dll
[2009/07/29 16:05:13 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxdwoem.dll
[2009/07/29 16:05:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXDWPMON.DLL
[2009/07/29 16:05:13 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXDWFXPU.DLL
[2009/07/29 16:01:00 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdwrwrd.ini
[2009/07/29 16:00:13 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\LXDWinst.dll
[2009/07/29 16:00:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdwgrd.dll
[2009/03/16 08:57:56 | 000,000,075 | ---- | C] () -- C:\WINDOWS\TaxACT08.ini
[2008/07/14 10:54:55 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2008/07/01 21:25:15 | 000,056,208 | ---- | C] () -- C:\Program Files\N
[2008/03/20 20:39:42 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2008/02/16 14:52:54 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2007/10/28 09:16:05 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
[2007/10/28 09:06:55 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/10/03 09:55:21 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SUSBKey.dll
[2007/10/03 09:55:21 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ginamsi.dll
[2007/10/03 09:31:34 | 000,001,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2007/08/08 16:30:12 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll
[2007/08/02 18:11:28 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll
[2007/08/02 18:11:14 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll
[2007/07/27 15:49:02 | 000,225,355 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll
[2007/07/27 15:49:02 | 000,196,683 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll
[2007/07/25 08:53:02 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2007/06/13 11:10:34 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerUninstaller.exe
[2006/08/28 06:09:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/28 06:09:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/08/28 06:09:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/28 05:09:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/28 05:09:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/08/28 05:09:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/28 05:09:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/08/28 05:09:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/28 05:09:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/28 05:09:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/08/28 05:09:00 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/05/31 15:41:19 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/05/18 08:58:33 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006/05/18 08:58:32 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006/04/08 21:36:09 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallThunderbird.exe
[2006/04/08 17:27:41 | 000,000,715 | ---- | C] () -- C:\WINDOWS\extend.dat
[2006/04/08 17:22:14 | 000,000,011 | ---- | C] () -- C:\WINDOWS\exchng.ini
[2006/04/08 14:13:06 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2006/04/07 20:04:09 | 000,000,185 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2006/04/07 20:04:07 | 000,000,947 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/04/07 20:04:06 | 000,007,406 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2006/02/15 07:02:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2006/02/15 07:02:46 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31c.exe
[2006/02/15 07:02:46 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2006/02/15 07:02:45 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2006/02/15 07:02:45 | 000,071,168 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31s.exe
[2006/02/15 07:02:45 | 000,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2006/01/27 15:10:50 | 000,000,166 | ---- | C] () -- C:\WINDOWS\OBCSample.INI
[2005/12/05 20:25:22 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll
[2005/12/05 13:37:10 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll
[2005/07/17 20:33:40 | 000,433,152 | ---- | C] () -- C:\WINDOWS\System32\aswBoot.exe
[2005/07/15 22:16:32 | 000,000,115 | ---- | C] () -- C:\Documents and Settings\default\Application Data\fusioncache.dat
[2005/07/15 22:11:26 | 000,003,360 | ---- | C] () -- C:\WINDOWS\System32\MSWTHK16.DLL
[2004/09/02 07:59:13 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/26 08:46:06 | 000,099,965 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2004/07/26 08:45:40 | 000,010,245 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2004/06/30 15:04:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SDelete.dll
[2004/03/11 15:45:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\sx83p32.dll
[2004/03/11 11:35:14 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/03/10 14:35:26 | 000,000,042 | ---- | C] () -- C:\WINDOWS\ib.ini
[2004/03/10 14:35:23 | 000,027,136 | ---- | C] () -- C:\WINDOWS\toFront.dll
[2004/03/10 14:35:23 | 000,026,624 | ---- | C] () -- C:\WINDOWS\GetIe.dll
[2004/02/04 17:11:28 | 000,125,952 | ---- | C] () -- C:\Documents and Settings\default\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/02/04 13:08:35 | 000,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2004/02/04 13:08:35 | 000,000,674 | ---- | C] () -- C:\WINDOWS\TSC.ini
[2004/02/04 13:07:31 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/02/04 10:44:09 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/02/04 09:16:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/02/04 09:11:32 | 000,001,001 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/02/04 09:11:31 | 000,004,150 | ---- | C] () -- C:\WINDOWS\LnkStub.dat
[2004/02/04 09:07:06 | 000,000,038 | ---- | C] () -- C:\WINDOWS\backdoor.ini
[2004/02/04 09:07:05 | 000,033,463 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/02/04 09:07:05 | 000,012,693 | ---- | C] () -- C:\WINDOWS\it_mime.ini
[2004/02/04 09:07:05 | 000,012,484 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2004/02/04 09:07:05 | 000,007,885 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2004/02/04 09:07:05 | 000,005,550 | ---- | C] () -- C:\WINDOWS\WINSIG.ini
[2004/02/04 09:07:05 | 000,005,068 | ---- | C] () -- C:\WINDOWS\DELETEFI.INI
[2004/02/04 09:07:05 | 000,004,051 | ---- | C] () -- C:\WINDOWS\unwise32.ini
[2004/02/04 09:07:05 | 000,004,051 | ---- | C] () -- C:\WINDOWS\unwise.ini
[2004/02/04 09:07:05 | 000,003,719 | ---- | C] () -- C:\WINDOWS\HPRCSS08.INI
[2004/02/04 09:07:05 | 000,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2004/02/04 09:07:05 | 000,003,079 | ---- | C] () -- C:\WINDOWS\winros.ini
[2004/02/04 09:07:05 | 000,002,721 | ---- | C] () -- C:\WINDOWS\READER.ini
[2004/02/04 09:07:05 | 000,002,511 | ---- | C] () -- C:\WINDOWS\HPRDJC08.INI
[2004/02/04 09:07:05 | 000,002,347 | ---- | C] () -- C:\WINDOWS\FONTSMRT.INI
[2004/02/04 09:07:05 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini
[2004/02/04 09:07:05 | 000,001,202 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/02/04 09:07:05 | 000,001,146 | ---- | C] () -- C:\WINDOWS\HPRDJC03.INI
[2004/02/04 09:07:05 | 000,000,933 | ---- | C] () -- C:\WINDOWS\mrun32.ini
[2004/02/04 09:07:05 | 000,000,788 | ---- | C] () -- C:\WINDOWS\photoimpression.ini
[2004/02/04 09:07:05 | 000,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2004/02/04 09:07:05 | 000,000,767 | ---- | C] () -- C:\WINDOWS\efscan.ini
[2004/02/04 09:07:05 | 000,000,530 | ---- | C] () -- C:\WINDOWS\rem-net.ini
[2004/02/04 09:07:05 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini
[2004/02/04 09:07:05 | 000,000,379 | ---- | C] () -- C:\WINDOWS\I_VIEW32.INI
[2004/02/04 09:07:05 | 000,000,363 | ---- | C] () -- C:\WINDOWS\LUMVEPAC.INI
[2004/02/04 09:07:05 | 000,000,358 | ---- | C] () -- C:\WINDOWS\itserver.ini
[2004/02/04 09:07:05 | 000,000,300 | ---- | C] () -- C:\WINDOWS\JETSUITE.INI
[2004/02/04 09:07:05 | 000,000,256 | ---- | C] () -- C:\WINDOWS\EPSON 1250 Installer.ini
[2004/02/04 09:07:05 | 000,000,225 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2004/02/04 09:07:05 | 000,000,225 | ---- | C] () -- C:\WINDOWS\HP PRECISIONSCAN PRO.INI
[2004/02/04 09:07:05 | 000,000,143 | ---- | C] () -- C:\WINDOWS\QAWIN32.INI
[2004/02/04 09:07:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\SigTools.ini
[2004/02/04 09:07:05 | 000,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2004/02/04 09:07:05 | 000,000,057 | ---- | C] () -- C:\WINDOWS\SHAREMEM.INI
[2004/02/04 09:07:05 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2004/02/04 09:07:05 | 000,000,050 | ---- | C] () -- C:\WINDOWS\PhotoFantasy.ini
[2004/02/04 09:07:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\ITClient.ini
[2004/02/04 09:07:05 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2004/02/04 09:07:05 | 000,000,028 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/02/04 09:07:05 | 000,000,028 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/02/04 09:07:05 | 000,000,024 | ---- | C] () -- C:\WINDOWS\FreeCD.ini
[2004/02/04 09:07:05 | 000,000,021 | ---- | C] () -- C:\WINDOWS\efaxview.ini
[2004/02/04 09:07:05 | 000,000,020 | ---- | C] () -- C:\WINDOWS\InfModM.ini
[2004/02/04 09:07:05 | 000,000,016 | ---- | C] () -- C:\WINDOWS\RealityFusion.ini
[2004/02/04 09:07:05 | 000,000,015 | ---- | C] () -- C:\WINDOWS\wgedit.ini
[2004/02/04 09:07:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\REGSET.INI
[2004/02/04 09:07:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PSINTEL.INI
[2004/02/04 09:07:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\progman.ini
[2004/02/04 09:07:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FONESYNC.INI
[2004/02/04 09:03:36 | 000,023,032 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/02/04 08:57:58 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/02/04 08:57:09 | 000,375,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/02/04 08:45:00 | 000,487,738 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/02/04 08:44:59 | 000,089,724 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/02/04 08:44:46 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/01/13 16:49:24 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\Yodelizer.dll
[2003/09/03 21:32:07 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2003/08/12 22:06:25 | 000,000,134 | ---- | C] () -- C:\WINDOWS\PGPsdk.dat
[2003/06/02 21:54:07 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\LFCMP61N.DLL
[2003/06/02 21:54:07 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\Lfpng61n.dll
[2003/03/31 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/03/31 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/03/31 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/03/31 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/03/31 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/03/31 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/03/31 12:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/03/31 12:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2003/02/27 17:15:24 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2003/02/19 16:02:44 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\hpgt33.dll
[2002/04/24 17:11:39 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ATI2EVXX.EXE
[2002/04/24 17:11:39 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\ATI2EVXX.DLL
[2002/01/26 22:28:33 | 000,000,152 | ---- | C] () -- C:\WINDOWS\msrstr.dat
[2002/01/23 20:45:33 | 000,181,760 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2001/12/14 13:34:46 | 000,164,864 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll
[2001/10/27 13:51:40 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2001/10/26 21:47:25 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2001/10/26 21:47:25 | 000,003,136 | ---- | C] () -- C:\WINDOWS\Ade001.bin
[2001/08/23 08:00:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\msrecr40(2).dll
[2001/08/22 16:08:17 | 000,100,352 | ---- | C] () -- C:\WINDOWS\System32\pg32conv.dll
[2001/07/28 16:36:50 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\Fpl.dll
[2001/07/28 16:36:49 | 000,332,800 | ---- | C] () -- C:\WINDOWS\System32\Fpxlib.dll
[2001/07/28 16:36:49 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Jpeglib.dll
[2001/07/28 16:36:48 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2001/07/28 15:47:34 | 000,149,504 | ---- | C] () -- C:\WINDOWS\Unwise32.exe
[2001/07/28 14:43:38 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2001/07/28 14:43:20 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2001/07/28 14:42:32 | 001,294,336 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2A6.dll
[2001/07/28 14:42:32 | 001,261,568 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M6.dll
[2001/07/28 14:42:32 | 001,228,800 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M5.dll
[2001/07/28 14:42:32 | 001,105,920 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P6.dll
[2001/07/28 14:42:31 | 001,052,672 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P5.dll
[2001/07/28 14:42:11 | 001,093,632 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2PX.dll
[2001/07/28 14:42:11 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EnrouteStitch.dll
[2001/07/28 14:42:11 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2.dll
[2001/07/22 14:45:24 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\MIBStats.dll
[2001/07/18 16:22:40 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\unzdll.dll
[2001/07/18 09:25:08 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\LTFIL61N.DLL
[2001/07/18 09:25:08 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\MSWTHK32.DLL
[2001/07/18 09:16:46 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\dbcapi.dll
[2001/07/18 09:16:46 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\proxydll.dll
[2001/07/09 22:34:28 | 000,149,504 | ---- | C] () -- C:\WINDOWS\MPMUNWISE.EXE
[2001/07/09 22:31:38 | 000,167,456 | ---- | C] () -- C:\WINDOWS\System32\Bocof.dll
[2001/07/09 22:31:38 | 000,082,864 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2001/07/09 22:26:44 | 000,057,344 | ---- | C] () -- C:\WINDOWS\uninstBVRP.dll
[2001/06/27 12:31:00 | 000,039,611 | ---- | C] () -- C:\WINDOWS\System32\biosid.exe
[2001/01/24 06:31:18 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\prntfix.exe
[2000/04/14 16:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[1999/09/04 18:23:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\FM20ENU(2).DLL
[1999/09/04 18:23:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\FM20(2).DLL
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1998/08/16 06:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1998/08/09 11:07:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\MSSTDFMT(2).DLL
[1997/08/14 00:00:00 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\XLREC.DLL
[1997/08/14 00:00:00 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\RECNCL.DLL
[1997/08/14 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1980/01/01 00:00:00 | 000,163,872 | RH-- | C] () -- C:\WINDOWS\HWINFO.DAT
[1980/01/01 00:00:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ICMFILTER.DLL
[1980/01/01 00:00:00 | 000,023,357 | -H-- | C] () -- C:\Program Files\folder.htt
[1980/01/01 00:00:00 | 000,018,939 | ---- | C] () -- C:\WINDOWS\SETVER.EXE
[1980/01/01 00:00:00 | 000,001,646 | ---- | C] () -- C:\WINDOWS\MSDOS.SYS

========== LOP Check ==========

[2004/09/02 07:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2005/04/17 19:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2005/07/15 22:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Equis
[2006/04/06 09:23:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2006/04/24 11:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2007/09/26 20:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2007/10/11 16:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2007/10/28 08:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/04/19 22:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/09 16:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSignal
[2009/07/29 16:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7600 Series
[2009/08/10 17:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R
[2009/08/28 17:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark 7600 Series
[2004/02/04 09:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\InterTrust
[2004/02/04 09:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\MGI
[2004/02/04 09:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\ACD Systems
[2004/02/04 10:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\PGP
[2005/07/15 21:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\ApplicationHistory
[2006/04/08 11:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\Eisenworld
[2006/04/08 21:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\Thunderbird
[2006/04/24 11:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\TuneUp Software
[2007/09/01 19:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\Gradekeeper
[2007/10/12 08:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\Printer Info Cache
[2008/11/09 16:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\eSignal
[2009/07/29 16:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\7600 Series
[2009/08/10 17:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\Lexmark Productivity Studio
[2009/12/27 09:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\PCHealth
[2010/02/01 12:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\ImgBurn
[2010/07/31 18:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\ZoneAlarm
[2010/07/31 18:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\Conduit
[2010/07/31 18:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\default\Application Data\CheckPoint
[2010/08/04 23:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS\Tasks\Tune-up Application Start.job
[2011/03/28 13:48:04 | 000,000,360 | ---- | M] () -- C:\WINDOWS\Tasks\PCHealth Scheduler for Data Collection.job
[2011/03/28 14:19:00 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2010/10/18 01:00:02 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Maintenance-Defragment programs.job
[2011/03/28 12:11:10 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\QIC Messenger Bkup.job
[2010/04/01 00:30:00 | 000,000,530 | ---- | M] () -- C:\WINDOWS\Tasks\Maintenance-Disk cleanup.job
[2011/02/01 17:25:02 | 000,000,420 | ---- | M] () -- C:\WINDOWS\Tasks\QIC Autoupdate.job
[2011/03/14 17:09:02 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\QIC Messenger Periodic.job
[2011/01/14 17:15:02 | 000,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2011/03/14 09:53:02 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/03/28 14:21:00 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{8F7B9B5C-954C-4CC7-B128-9D0DD4256F2B}.job
[2011/03/28 12:16:20 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP