Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Ms Tool Removal


  • Please log in to reply

#1
Althea

Althea

    New Member

  • Member
  • Pip
  • 1 posts
OTL Extras logfile created on: 3/31/2011 5:15:02 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Momdukes\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 75.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.31 Gb Total Space | 23.41 Gb Free Space | 31.50% Space Free | Partition Type: NTFS

Computer Name: ALTHEA | User Name: Momdukes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5191:TCP" = 5191:TCP:*:Enabled:The Browser Highlighter XCOM

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Program Files\iWin Games\iWinGames.exe" = C:\Program Files\iWin Games\iWinGames.exe:*:Enabled:iWin Games application. -- (iWin Inc.)
"C:\Program Files\iWin Games\WebUpdater.exe" = C:\Program Files\iWin Games\WebUpdater.exe:*:Enabled:iWin Games updater.
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Tencent\QQ Games\QQGames.exe" = C:\Program Files\Tencent\QQ Games\QQGames.exe:*:Enabled:QQ Games -- (Tencent America LLC)
"C:\Program Files\Tencent\QQ Games\QQGamesD.exe" = C:\Program Files\Tencent\QQ Games\QQGamesD.exe:*:Enabled:QQ Games Downloader -- ()
"C:\Program Files\Tencent\QQ Games\Update\Update.exe" = C:\Program Files\Tencent\QQ Games\Update\Update.exe:*:Enabled:QQ Games Updater -- ()
"C:\Program Files\tbh\base\bin\tbhDaemon.exe" = C:\Program Files\tbh\base\bin\tbhDaemon.exe:*:Enabled:The Browser Highlighter - Daemon -- ()
"C:\Program Files\tbh\monitor\bin\tbhMonitor.exe" = C:\Program Files\tbh\monitor\bin\tbhMonitor.exe:*:Enabled:The Browser Highlighter - Monitor -- ()
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Disabled:AIM
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Loader
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Disabled:Google Talk
"C:\Documents and Settings\Momdukes\My Documents\Downloads\facebook-pic00005267.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.)
"C:\Documents and Settings\Momdukes\My Documents\Downloads\PIC9486242742133-JPG-www.facebook.com.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
"C:\Documents and Settings\Momdukes\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Momdukes\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{005F78AF-110D-398A-8430-BE98950A1E22}" = Google Talk Plugin
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{10C69612-017B-45F5-B986-7D113D5A2EA3}" = MSN Toolbar
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1" = Internet Saving Optimizer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{24A494F3-5B5F-4183-9F7D-9CE82812C1FC}" = tsp patch
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java™ 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3B62CF95-5E25-4720-A3D6-B4A2B0501961}" = Browser Highlighter - Firefox
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{448E2D77-E504-4221-B2C2-93646B344729}" = Mouse Suite for Desktop Computers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BF18ED6-C888-4BCF-A4AF-AC7A16305BC1}" = GemSafe Standard Edition 5.1
"{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{53183B25-FBDC-4B95-856A-DCDD69DFEE18}" = Intel® PRO Alerting Agent
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EC5F187-9D2B-4051-8906-88656819A869}" = Dell Drivers MSI
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.12.4
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119341293}" = Escape from Frankenstein’s Castle
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{87841AF8-C785-42FF-A76E-CC0F0C2816CC}" = ATI Catalyst Control Center
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{9593C6E5-205E-45C3-B785-05CF146CA76A}" = biolsp patch
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5096216-7703-409E-B85A-8A6EE7395128}}_is1" = System Search Dispatcher
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EA536059-6D12-4E0E-9FB2-DA912AFAB3F1}" = upekmsi
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ECC22AFA-B905-4A6A-8072-10F52B9E09B7}" = Wave Infrastructure Installer
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EF05BA0F-AC15-4D12-AC5C-276225F5E751}" = Gemalto
"{F1802FA6-54E9-4B24-BD2A-B50866819795}" = EMBASSY Trust Suite by Wave Systems
"{FEC193E4-6C5F-40E9-A249-7D8C8404A9EC}" = NTRU TCG Software Stack
"{FEFA34C3-6C95-492A-9F30-0B0B23689389}" = SpyHunter
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"amg-jessicascupcakecafe" = Jessica's Cupcake Cafe
"am-theclockworkmanthehiddenworld" = The Clockwork Man - The Hidden World
"ASIO4ALL" = ASIO4ALL
"ATI Display Driver" = ATI Display Driver
"BabylonToolbar" = Babylon toolbar
"BFG-A Girl in the City" = A Girl in the City
"BfgBar" = Big Fish Games Toolbar 2.0
"BFG-Burger Bustle" = Burger Bustle
"BFGC" = Big Fish Games: Game Manager
"BFG-Chronicles of Mystery - Tree of Life" = Chronicles of Mystery: Tree of Life
"BFG-Dark Tales - Edgar Allan Poe's The Black Cat Collector's Edition" = Dark Tales: ™ Edgar Allan Poe's The Black Cat Collector's Edition
"BFG-Death at Fairing Point - A Dana Knightstone Novel" = Death at Fairing Point: A Dana Knightstone Novel
"BFG-Dying_for_Daylight" = Charlaine Harris: Dying for Daylight
"BFG-Echoes of Sorrow" = Echoes of Sorrow
"BFG-Lost Chronicles - Salem" = Lost Chronicles: Salem
"BFG-Mystery Age - The Dark Priests" = Mystery Age: The Dark Priests
"BFG-Mystery Case Files - Dire Grove Strategy Guide" = Mystery Case Files&reg;: Dire Grove ™ Strategy Guide
"BFG-Puppet Show - Souls of the Innocent Collectors Edition" = Puppet Show: Souls of the Innocent Collector's Edition
"BFG-Shades of Death - Royal Blood" = Shades of Death: Royal Blood
"BFG-Shadow Wolf Mysteries - Curse of the Full Moon Collector's Edition" = Shadow Wolf Mysteries: Curse of the Full Moon Collector's Edition
"BFG-Shiver - Vanishing Hitchhiker Collector's Edition" = Shiver: Vanishing Hitchhiker Collector's Edition
"BFG-Spirit Seasons - Little Ghost Story" = Spirit Seasons: Little Ghost Story
"BFG-Stray Souls - Dollhouse Story" = Stray Souls: Dollhouse Story
"BFG-Stray Souls - Dollhouse Story Collector's Edition" = Stray Souls: Dollhouse Story Collector's Edition
"BFG-The Mystery of the Crystal Portal - Beyond the Horizon" = The Mystery of the Crystal Portal: Beyond the Horizon
"BFG-The Stroke of Midnight" = The Stroke of Midnight
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"DictionaryBossbar Uninstall" = DictionaryBoss
"dreamchronicles" = Dream Chronicles
"Family Mystery - The Story of Amy" = Family Mystery - The Story of Amy
"FL Studio 9" = FL Studio 9
"Free File Opener_is1" = Free File Opener v2011.6.0.4
"GameHouse" = GameHouse
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Hardcore" = Hardcore
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"iWinArcade" = iWin Games (remove only)
"MESOL" = Intel® Active Management Technology
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenAL" = OpenAL
"QQ Games" = QQ Games
"RealArcade" = RealArcade
"RealPlayer 12.0" = RealPlayer
"Search Toolbar" = Search Toolbar
"SearchAssist" = SearchAssist
"verizontb" = Verizon Toolbar
"VLC media player" = VLC media player 1.1.5
"vReveal" = vReveal
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Web Games Player Plugin" = Web Games Player Plugin
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/30/2011 5:31:52 AM | Computer Name = ALTHEA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9584156

Error - 3/30/2011 5:31:52 AM | Computer Name = ALTHEA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9584156

Error - 3/30/2011 5:31:54 AM | Computer Name = ALTHEA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/30/2011 5:31:54 AM | Computer Name = ALTHEA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9586109

Error - 3/30/2011 5:31:54 AM | Computer Name = ALTHEA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9586109

Error - 3/30/2011 5:31:56 AM | Computer Name = ALTHEA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/30/2011 5:31:56 AM | Computer Name = ALTHEA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9588063

Error - 3/30/2011 5:31:56 AM | Computer Name = ALTHEA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9588063

Error - 3/30/2011 5:31:58 AM | Computer Name = ALTHEA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/30/2011 5:31:58 AM | Computer Name = ALTHEA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9590016

[ System Events ]
Error - 3/31/2011 5:05:44 AM | Computer Name = ALTHEA | Source = Service Control Manager | ID = 7034
Description = The COM+ System Application service terminated unexpectedly. It has
done this 3 time(s).

Error - 3/31/2011 5:06:37 AM | Computer Name = ALTHEA | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 2 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 3/31/2011 5:07:37 AM | Computer Name = ALTHEA | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 3 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 3/31/2011 5:08:37 AM | Computer Name = ALTHEA | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 4 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 3/31/2011 5:09:38 AM | Computer Name = ALTHEA | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 5 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 3/31/2011 5:10:38 AM | Computer Name = ALTHEA | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Apple Mobile Device service
to connect.

Error - 3/31/2011 5:10:38 AM | Computer Name = ALTHEA | Source = Service Control Manager | ID = 7000
Description = The Apple Mobile Device service failed to start due to the following
error: %%1053

Error - 3/31/2011 5:13:09 AM | Computer Name = ALTHEA | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 3/31/2011 5:13:09 AM | Computer Name = ALTHEA | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 3/31/2011 5:13:09 AM | Computer Name = ALTHEA | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
It has done this 1 time(s).


< End of report >




OTL logfile created on: 3/31/2011 5:18:52 AM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Momdukes\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 72.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.31 Gb Total Space | 23.41 Gb Free Space | 31.50% Space Free | Partition Type: NTFS

Computer Name: ALTHEA | User Name: Momdukes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/31 05:18:25 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Momdukes\My Documents\Downloads\OTL(2).scr
PRC - [2011/03/23 22:44:04 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/03/31 05:18:25 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Momdukes\My Documents\Downloads\OTL(2).scr
MOD - [2011/03/05 22:38:51 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 01:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 01:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (iWinTrusted)
SRV - [2011/03/17 14:25:36 | 000,723,872 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2010/09/05 15:50:33 | 000,431,616 | ---- | M] (Faronics Corporation) [Auto | Stopped] -- C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe -- (DF5Serv)
SRV - [2010/06/24 21:13:45 | 001,552,384 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2010/06/24 21:13:45 | 000,737,280 | ---- | M] (Wave Systems Corp.) [Auto | Stopped] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2010/06/24 21:13:45 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2010/06/24 21:13:41 | 000,192,512 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - [2010/06/24 21:13:40 | 000,486,400 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2010/02/19 20:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/10/22 14:57:44 | 000,070,952 | ---- | M] () [Auto | Stopped] -- C:\Program Files\tbh\monitor\bin\tbhMonitor.exe -- (tbhMonitor.exe)
SRV - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/10/03 16:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/06/12 18:09:16 | 002,521,880 | ---- | M] (Intel) [Auto | Stopped] -- C:\Program Files\Intel\AMT\UNS.exe -- (UNS) Intel®
SRV - [2007/06/12 18:09:16 | 000,183,064 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\AMT\atchksrv.exe -- (atchksrv) Intel®
SRV - [2007/06/12 18:09:14 | 000,109,336 | ---- | M] (Intel) [Auto | Stopped] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) Intel®
SRV - [2007/01/23 04:58:04 | 000,133,968 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)


========== Driver Services (SafeList) ==========

DRV - [2010/06/24 21:13:41 | 000,161,280 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2010/06/24 21:13:41 | 000,018,176 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WaveFDE.sys -- (WaveFDE)
DRV - [2010/06/24 21:13:39 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Afc.sys -- (Afc)
DRV - [2010/01/27 17:10:44 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/02/11 05:36:42 | 000,151,192 | ---- | M] (Faronics Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\DeepFrz.sys -- (DeepFrz)
DRV - [2007/12/28 15:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/10/07 15:05:06 | 002,455,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/09/24 20:12:48 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2007/09/07 11:57:14 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2007/07/23 19:42:12 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2007/07/23 16:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 16:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 16:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 16:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 16:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 16:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 16:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 16:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 15:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 15:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/06/01 15:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxmouse.sys -- (pmxmouse)
DRV - [2007/05/24 18:56:00 | 000,014,336 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2007/01/23 04:45:44 | 000,042,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Asfalrt.sys -- (AsfAlrt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1080830
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://home.peoplepc.com/search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1080830

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1080830
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/...GO&form=ZGAPHP"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.0.19
FF - prefs.js..extensions.enabledItems: [email protected]:2.2.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {03a13e92-bfed-419a-9b3b-072b6a1534a2}:3.3.0.19
FF - prefs.js..extensions.enabledItems: {30421e54-3b57-4e5b-947c-9b6beea57683}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {5c99e1f0-a422-47be-8be3-a38148ed1615}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {6847DFAE-037A-400c-A524-27F0A281B692}:2.0.0
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {96ce3418-8ef3-45b5-8808-de5dbe03fb13}:6.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..keyword.URL: "http://www.google.co...lient&hl=en&q="


FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\DictionaryBoss\bar\1.bin [2011/02/18 19:03:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/03/18 16:04:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/31 04:27:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 22:44:09 | 000,000,000 | ---D | M]

[2009/04/05 15:46:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Extensions
[2011/03/31 04:08:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions
[2011/01/23 02:24:51 | 000,000,000 | ---D | M] (TranslatorBar 1.12 Community Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{03a13e92-bfed-419a-9b3b-072b6a1534a2}
[2010/04/28 17:48:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/23 14:35:39 | 000,000,000 | ---D | M] (Productivity 1.12 Community Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{30421e54-3b57-4e5b-947c-9b6beea57683}
[2010/07/23 18:53:42 | 000,000,000 | ---D | M] (setupgo Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{5c99e1f0-a422-47be-8be3-a38148ed1615}
[2010/03/17 20:21:47 | 000,000,000 | ---D | M] (Big Fish Games Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{6847DFAE-037A-400c-A524-27F0A281B692}
[2010/08/14 14:38:45 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/12/06 09:38:13 | 000,000,000 | ---D | M] (Verizon Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
[2011/01/07 01:04:58 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/01/29 18:33:49 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/03/31 04:32:30 | 000,000,000 | ---D | M] (The Browser Highlighter) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2011/01/23 02:24:51 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2011/01/04 18:29:59 | 000,000,000 | ---D | M] (Feed Filter) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2010/12/28 01:58:51 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2010/10/23 01:32:41 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2011/03/17 20:43:11 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2009/04/05 23:29:07 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\aim-search.xml
[2011/03/17 20:43:12 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\bing-zugo.xml
[2009/09/26 21:04:25 | 000,001,727 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\causes-search.xml
[2011/01/07 02:56:17 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\conduit.xml
[2010/01/01 14:49:09 | 000,000,938 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\facebook.xml
[2011/02/16 20:25:42 | 000,009,932 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\mywebsearch.xml
[2011/03/31 00:29:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/15 15:43:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/15 10:25:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/15 18:06:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/18 16:04:17 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011/02/18 19:03:41 | 000,000,000 | ---D | M] (DictionaryBoss) -- C:\PROGRAM FILES\DICTIONARYBOSS\BAR\1.BIN
[2009/02/16 01:07:32 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2009/07/02 11:19:28 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010/12/28 01:58:51 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2010/11/13 16:05:02 | 000,002,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bingober9819187.xml
[2009/09/24 20:42:51 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png
[2009/09/24 20:42:47 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml
[2010/08/11 16:39:58 | 000,002,465 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\verizontb.xml

O1 HOSTS File: ([2010/10/12 04:41:11 | 000,000,727 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.1\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Updater For Verizon Toolbar) - {96673559-e653-4cdc-8923-f89347a952c0} - C:\Program Files\verizontb\auxi\verizonAu.dll (Visicom Media)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Big Fish Games Toolbar) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files\BfgBar\bfg.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files\verizontb\verizonDx.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (DictionaryBoss) - {3042df7a-e900-4389-9b94-923df0daa57e} - File not found
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.1\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Big Fish Games Toolbar) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files\BfgBar\bfg.dll ()
O3 - HKLM\..\Toolbar: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files\verizontb\verizonDx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DictionaryBoss) - {3042DF7A-E900-4389-9B94-923DF0DAA57E} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [atchk] C:\Program Files\Intel\AMT\atchk.exe (Intel Corporation)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.1\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMX Daemon] C:\WINDOWS\System32\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
O4 - HKLM..\Run: [tbhSystray] C:\Program Files\tbh\base\bin\tbhSystray.exe (eBay)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [DW6] File not found
O4 - HKCU..\Run: [OfficeSyncProcess] File not found
O4 - HKCU..\Run: [Search Protection] File not found
O4 - HKCU..\RunOnce: [pKl01812jBoCp01812] C:\Documents and Settings\All Users\Application Data\pKl01812jBoCp01812\pKl01812jBoCp01812.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Reg Error: Key error.)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/...ader.5.8.05.cab (Bebo Uploader Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mortimer%20Beckett%20and%20the%20Time%20Paradox/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.232,93.188.161.232
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\gemsafe: DllName - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
O24 - Desktop Components:0 () - http://a8.sphotos.ak...9_3388786_n.jpg
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Momdukes\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Momdukes\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2552870c-380a-11de-9b80-002170323113}\Shell\AutoRun\command - "" = E:\.\RapidBlogManager.exe
O33 - MountPoints2\{c617805c-9de4-11df-9d4e-002170323113}\Shell - "" = AutoRun
O33 - MountPoints2\{c617805c-9de4-11df-9d4e-002170323113}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c617805c-9de4-11df-9d4e-002170323113}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk /k:C *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: LanmanWorkstation - File not found
NetSvcs: Messenger - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2011/03/31 04:48:58 | 000,000,000 | ---D | C] -- C:\834f29e3572dd74196c51ba2
[2011/03/31 04:48:54 | 000,000,000 | ---D | C] -- C:\f31a3c10f1bf3823b783ac7a
[2011/03/31 04:48:38 | 000,000,000 | ---D | C] -- C:\be5c01085c56505e65ee15c78e4029
[2011/03/31 04:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\pKl01812jBoCp01812
[2011/03/31 00:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Start Menu\Programs\SpyHunter
[2011/03/31 00:17:58 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2011/03/30 17:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Shiver - Vanishing Hitchhiker Collector's Edition
[2011/03/30 17:45:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Shiver - Vanishing Hitchhiker Collector's Edition
[2011/03/27 20:05:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FreeFileOpener
[2011/03/27 20:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFileOpener
[2011/03/24 13:50:31 | 000,000,000 | ---D | C] -- C:\Program Files\Shades of Death - Royal Blood
[2011/03/24 13:50:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Shades of Death - Royal Blood
[2011/03/23 19:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Stray Souls - Dollhouse Story
[2011/03/23 19:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Stray Souls - Dollhouse Story
[2011/03/22 23:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\BlitPop
[2011/03/22 23:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Echoes of Sorrow
[2011/03/22 23:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Echoes of Sorrow
[2011/03/18 16:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/03/18 16:04:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/03/17 20:43:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Application Data\Uniblue
[2011/03/17 20:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\PackageAware
[2011/03/17 20:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2011/03/08 14:18:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Application Data\Dying for Daylight Shared
[2011/03/08 14:18:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Application Data\Dying for Daylight
[2011/03/08 14:17:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Dying for Daylight
[2011/03/08 14:14:31 | 000,000,000 | ---D | C] -- C:\Program Files\Dying_for_Daylight
[2011/03/08 14:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dying_for_Daylight
[2011/03/07 17:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games
[2011/03/07 16:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Application Data\Nucleosys
[2011/03/07 16:02:35 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2011/03/07 16:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2011/03/07 15:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Shadow Wolf Mysteries - Curse of the Full Moon
[2011/03/05 22:39:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\Real
[2011/03/05 22:38:44 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011/03/05 22:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2011/03/05 22:38:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2011/03/05 22:38:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Application Data\Real
[2011/03/05 21:17:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Start Menu\Programs\Dell Inc
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/31 05:19:09 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{99455203-9436-41B9-88B4-7F76186F3E2C}.job
[2011/03/31 05:04:06 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\WavXMapDrive.bat
[2011/03/31 05:03:55 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-472125488-3704590697-1693983179-1005.job
[2011/03/31 05:03:53 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-472125488-3704590697-1693983179-1005.job
[2011/03/31 05:03:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/31 05:03:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/31 05:03:51 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2011/03/31 05:03:51 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\79ecb240.job
[2011/03/31 05:03:50 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2011/03/31 05:03:34 | 2111,418,368 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/31 05:01:47 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/03/31 04:48:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/31 04:06:31 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\PC Medkit.job
[2011/03/31 04:03:00 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-472125488-3704590697-1693983179-1005UA.job
[2011/03/31 00:18:00 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\Momdukes\Desktop\SpyHunter.lnk
[2011/03/30 17:46:21 | 000,001,963 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Shiver - Vanishing Hitchhiker Collector's Edition.lnk
[2011/03/30 17:46:21 | 000,001,264 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2011/03/30 14:03:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-472125488-3704590697-1693983179-1005Core.job
[2011/03/28 19:24:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/27 20:05:58 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Microsoft\Internet Explorer\Quick Launch\Free File Opener.lnk
[2011/03/27 20:05:58 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Free File Opener.lnk
[2011/03/25 04:43:48 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/24 13:51:01 | 000,001,789 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Shades of Death - Royal Blood.lnk
[2011/03/23 19:42:26 | 000,001,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Stray Souls - Dollhouse Story.lnk
[2011/03/22 23:45:15 | 000,001,642 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Echoes of Sorrow.lnk
[2011/03/21 22:44:29 | 000,008,117 | ---- | M] () -- C:\Documents and Settings\Momdukes\My Documents\suni5.jpg
[2011/03/18 17:51:29 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/18 16:04:23 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/03/18 16:04:04 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011/03/17 20:32:16 | 000,027,523 | ---- | M] () -- C:\Documents and Settings\Momdukes\My Documents\Kyle.odp
[2011/03/14 21:22:59 | 000,494,416 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/14 21:22:59 | 000,089,606 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/10 04:05:15 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/08 14:15:06 | 000,001,686 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Dying_for_Daylight.lnk
[2011/03/07 16:02:35 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2011/03/07 15:21:01 | 000,001,417 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk
[2011/03/07 15:21:01 | 000,001,399 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/31 05:01:47 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/03/31 00:18:00 | 000,001,979 | ---- | C] () -- C:\Documents and Settings\Momdukes\Desktop\SpyHunter.lnk
[2011/03/30 17:46:21 | 000,001,963 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Shiver - Vanishing Hitchhiker Collector's Edition.lnk
[2011/03/30 17:46:21 | 000,001,264 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2011/03/27 20:05:58 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\Momdukes\Application Data\Microsoft\Internet Explorer\Quick Launch\Free File Opener.lnk
[2011/03/27 20:05:58 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Free File Opener.lnk
[2011/03/24 13:51:01 | 000,001,789 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Shades of Death - Royal Blood.lnk
[2011/03/23 19:42:26 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Stray Souls - Dollhouse Story.lnk
[2011/03/22 23:45:15 | 000,001,642 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Echoes of Sorrow.lnk
[2011/03/21 22:44:32 | 000,008,117 | ---- | C] () -- C:\Documents and Settings\Momdukes\My Documents\suni5.jpg
[2011/03/18 16:04:23 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/03/17 20:32:15 | 000,027,523 | ---- | C] () -- C:\Documents and Settings\Momdukes\My Documents\Kyle.odp
[2011/03/08 14:15:06 | 000,001,686 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Dying_for_Daylight.lnk
[2011/03/07 15:21:01 | 000,001,399 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk
[2011/03/05 22:39:17 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-472125488-3704590697-1693983179-1005.job
[2011/03/05 22:39:17 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-472125488-3704590697-1693983179-1005.job
[2011/02/04 18:44:54 | 000,062,912 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/14 20:52:54 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/10/16 16:40:12 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\Momdukes\Application Data\prefsdb.dat
[2010/03/21 12:36:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/02/16 02:17:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/01/06 19:00:31 | 000,000,190 | ---- | C] () -- C:\WINDOWS\settings.ini
[2009/12/04 12:41:04 | 014,497,312 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/12/04 12:40:31 | 000,300,064 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/09/09 23:19:30 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/09/09 23:19:30 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/09/09 23:18:52 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/09/09 23:18:52 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/09/09 23:18:51 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/09/02 18:27:02 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\ex23567.dat
[2009/09/02 18:26:35 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\mmsmark2.dat
[2009/08/27 21:41:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ResortingToDanger.INI
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/05/01 18:13:32 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\RegHero.exe
[2009/05/01 18:13:32 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\PopWait.exe
[2009/04/17 22:40:16 | 000,000,045 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/04/17 22:40:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2009/04/05 23:10:43 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2009/04/05 15:46:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/26 19:13:40 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/15 14:14:23 | 000,014,530 | ---- | C] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\slot1.mm1
[2009/02/01 21:20:52 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/01/27 01:20:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\WavXMapDrive.bat
[2009/01/27 01:11:17 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2009/01/27 01:10:16 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2009/01/27 01:10:15 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2009/01/25 13:12:49 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\fusioncache.dat
[2008/08/29 20:56:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/29 20:50:05 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FontZoom.exe
[2008/08/29 20:50:05 | 000,131,070 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2008/08/29 20:35:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/08/29 20:32:04 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2008/08/29 20:32:02 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/08/29 20:32:02 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/08/29 20:32:02 | 000,972,072 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/08/29 20:32:01 | 000,156,671 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/08/29 20:32:01 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2008/08/29 20:32:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008/08/29 20:27:20 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/13 16:42:30 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2007/09/13 16:42:30 | 000,471,040 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2007/09/13 16:42:28 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2007/09/13 16:42:28 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2007/09/13 16:42:28 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2007/09/13 16:42:28 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2007/09/13 16:42:26 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2007/09/13 16:42:26 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2007/09/13 16:42:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2007/09/13 16:42:26 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2007/09/13 16:36:24 | 000,438,272 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2007/09/13 16:32:36 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\CacheFP.exe
[2007/09/12 17:05:08 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2007/09/12 17:04:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2007/09/12 17:04:26 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2007/09/12 17:04:06 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2007/09/12 17:03:44 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2007/09/12 17:03:24 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2007/09/12 17:03:04 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2007/09/12 17:02:44 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2007/09/12 17:02:22 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2007/09/12 17:02:02 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2007/09/10 11:53:26 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2007/06/15 12:19:20 | 000,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2007/03/20 16:44:02 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.ini
[2007/02/28 06:03:32 | 000,080,720 | ---- | C] () -- C:\WINDOWS\System32\AsfBios.dll
[2007/01/23 04:45:40 | 000,025,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2006/08/14 13:02:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2006/06/12 10:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2004/09/10 15:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 15:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/08/11 18:24:19 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstet.dat
[2004/08/11 18:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 18:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 18:06:43 | 000,294,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 18:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/11 18:00:28 | 000,494,416 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 18:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/11 18:00:28 | 000,089,606 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 18:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/11 18:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/11 18:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/11 18:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/11 18:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/11 18:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/11 18:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/11 18:00:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

========== LOP Check ==========

[2009/08/06 21:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3rd Eye Solutions
[2010/07/04 11:56:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Absolutist
[2009/01/28 15:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AdventureChronicles1
[2010/04/09 17:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Entertainment
[2010/10/22 12:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2010/12/03 14:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarSouthpoint
[2009/02/09 22:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ApeZone
[2010/04/15 23:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BanzaiInteractive
[2009/08/19 16:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BarbarianGames
[2009/10/08 23:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Becky Brogan
[2010/08/02 19:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bicyclestudios
[2011/03/07 15:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2010/09/12 11:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Splash Games
[2009/04/01 21:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Black Blob Studios
[2010/12/19 21:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blg
[2009/08/08 12:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Candy Factory
[2010/12/23 09:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Casual Arts
[2009/07/29 14:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CasualForge
[2010/12/06 09:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cateia Games
[2010/10/18 17:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Column of the Maya
[2009/06/12 03:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comcast
[2010/10/17 14:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrioGames
[2009/09/05 14:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cupcakecafe
[2010/10/30 00:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deadtime Stories
[2009/12/04 12:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DigiData
[2011/03/08 14:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dying for Daylight
[2010/10/15 05:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elephant Games
[2010/08/22 14:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Exorcist DS 1
[2009/04/10 21:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Far Mills
[2010/11/22 18:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Farm Fishes
[2009/06/18 11:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fashion Finder
[2009/08/29 19:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fillup
[2010/03/21 17:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2010/07/04 11:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Floodlight Games
[2010/08/21 15:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\freshgames
[2010/11/22 12:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2010/12/20 16:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Funny Bear Studio
[2010/10/25 18:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2010/10/12 17:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gamers Digital
[2009/08/29 20:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\game_fillup_v2_usa
[2009/07/28 10:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2010/12/07 21:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2009/03/02 20:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gold Casual Games
[2010/12/11 18:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Green Clover Games
[2009/08/31 20:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HideAndSecret3
[2010/11/24 13:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitPoint Studios
[2009/02/12 19:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HoverBee Studios
[2010/07/24 21:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Immortal Lovers
[2009/06/24 16:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IntDreams
[2010/05/15 13:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intenium
[2009/04/02 11:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin
[2009/02/04 23:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2011/01/05 18:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2011/03/07 17:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games
[2009/07/15 12:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Little Games Company
[2010/12/18 18:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LittleGamesCompany
[2010/07/04 11:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2010/11/07 13:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/02/13 09:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mushroom Age
[2009/04/03 13:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MysteryChronicles
[2010/06/18 18:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MythPeople
[2011/01/21 19:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Namco
[2010/02/25 11:17:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nevosoft
[2009/02/03 17:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nick Chase A Detective Story
[2009/01/27 01:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2009/01/28 16:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Games
[2010/11/13 17:23:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/01/03 20:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Particles
[2011/03/31 04:11:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pKl01812jBoCp01812
[2011/01/31 22:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/02/15 16:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayPond
[2010/01/07 13:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros
[2010/11/14 19:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2009/08/21 19:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Princess Isabella
[2010/08/29 00:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Redrum
[2010/11/07 12:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RVLGames
[2011/01/25 17:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/11/16 19:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScreenSeven
[2010/07/20 17:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simajo The Travel Móstery Game
[2009/05/21 10:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Slapdash Games
[2009/09/25 19:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SOS
[2009/03/20 13:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpecialBit
[2010/02/13 21:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SugarGames
[2010/07/04 11:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[2009/05/14 11:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/07/04 11:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TeleportGamesLtd
[2010/12/23 10:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/05 23:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tencent
[2010/07/04 11:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Inquisitor
[2010/01/06 12:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Mirror Mysteries
[2010/03/30 15:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Top Evidence
[2009/07/25 15:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/02/06 19:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virtualized Applications
[2010/10/08 04:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2009/01/27 01:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2009/04/02 11:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/08/14 16:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/01/10 01:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\2monkeys
[2010/07/18 21:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\A Gypsy's Tale - The Tower of Secrets
[2010/06/20 17:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Absolutist
[2010/10/24 16:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Aerohills
[2009/07/02 11:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Aisle 5 Games, Inc
[2010/04/09 17:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Alawar Entertainment
[2010/12/03 14:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\AlawarSouthpoint
[2009/05/03 14:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Anabel
[2010/08/07 14:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Anarchy
[2010/10/17 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Artifex Mundi
[2011/03/30 17:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Artogon
[2010/10/27 12:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Awem
[2009/04/21 09:43:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Azuaz Games
[2010/03/08 18:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\AzuazGames
[2011/02/28 00:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Azureus
[2010/12/28 14:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BabylonToolbar
[2010/04/15 23:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BanzaiInteractive
[2009/08/19 16:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BarbarianGames
[2009/01/28 12:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BeachPartyCraze
[2010/04/11 10:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BfgBar
[2010/08/02 19:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Bicyclestudios
[2011/01/20 17:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Big Fish Games
[2010/09/12 11:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Big Splash Games
[2009/06/19 14:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BlamGames
[2010/12/19 21:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\blg
[2010/12/21 09:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Boolat Games
[2011/02/17 20:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Boomzap
[2009/03/01 13:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BrandX Games
[2010/08/07 18:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Brunhilda_bfg
[2009/06/01 13:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\CallingID
[2009/06/19 17:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Camel101
[2010/12/23 09:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Casual Arts
[2009/07/29 14:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\CasualForge
[2009/12/05 13:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Cat's Eye Games
[2009/02/27 12:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\cerasus.media
[2010/08/13 14:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ChaYoWo Games
[2010/10/18 17:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Column of the Maya
[2011/02/07 19:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/10/30 18:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\comcasttb
[2010/03/11 14:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\DarkParablesBriarRose_BFG
[2010/10/29 17:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\DayTerium
[2011/01/25 16:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Dekovir
[2010/07/19 15:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\DigirononGames
[2009/09/07 10:30:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\DivoGames
[2010/01/08 18:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Dragon Altar Games
[2010/12/08 21:35:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Dreamsdwell Stories 2
[2011/03/08 14:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Dying for Daylight
[2011/03/08 14:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Dying for Daylight Shared
[2010/12/04 01:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\EleFun Games
[2010/10/15 05:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Elephant Games
[2010/08/26 11:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Enki Games
[2009/06/25 11:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Enlightenus
[2010/09/18 16:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Enlightenus2_BFG
[2010/12/03 16:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ERS G-Studio
[2011/02/17 18:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ERS Game Studios
[2009/03/14 00:36:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Eyeblaster
[2010/08/10 21:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Fabulous Finds
[2010/07/04 11:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Facebook
[2011/01/03 20:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\FBI
[2010/03/21 17:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Flood Light Games
[2010/06/17 17:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Floodlight Games
[2011/01/02 17:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\FlyWheelGames
[2010/09/12 19:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Freezetag
[2010/08/21 15:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\freshgames
[2011/03/23 20:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Friday's games
[2010/12/11 16:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Frogwares
[2010/08/23 14:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Fugazo
[2010/12/15 23:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\funkitron
[2009/06/30 21:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Gaijin Ent
[2009/12/13 18:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Game Mill Entertainment
[2010/10/25 18:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GameHouse
[2009/08/30 11:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GameHousev1001
[2009/07/24 16:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GameInvest
[2010/11/26 12:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GameMill Entertainment
[2010/10/12 17:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Gamers Digital
[2010/10/17 15:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Games
[2010/05/14 19:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GamesCafe
[2010/02/06 00:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Gestalt Games
[2010/03/11 12:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GetRightToGo
[2010/09/05 12:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Ghost Ship Studios
[2010/12/07 21:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\gogii
[2010/07/21 12:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Gold Casual Games
[2009/08/10 10:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GraveyardShift
[2010/12/11 18:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Green Clover Games
[2011/03/08 12:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HdO Adventure
[2010/11/30 14:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HillStoneAnimationStudios
[2010/05/10 21:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HillStoneAnimationStudios_MBV
[2009/04/21 19:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HiT-MM
[2010/11/24 13:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HitPoint Studios
[2010/06/21 18:08:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Hotdog Hotshot
[2009/07/26 12:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HSA
[2009/12/10 17:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\iMaxGen
[2010/07/24 21:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Immortal Lovers
[2009/01/28 18:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Internet Saving Optimizer
[2009/06/19 19:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\IronCode
[2009/01/27 13:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Island
[2009/04/02 11:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\iWin
[2010/12/02 23:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Jane s Hotel 3
[2010/10/19 13:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Jetdogs Studios
[2009/01/26 18:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Jetsetter
[2010/08/23 16:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\JoyBits
[2010/05/01 14:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Lazy Turtle Games
[2010/03/24 18:02:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\LegacyInteractive
[2009/07/15 12:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Little Games Company
[2010/05/08 14:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Little Noir Stories
[2010/12/18 18:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\LittleGamesCompany
[2009/03/15 13:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Lost in the City
[2009/08/20 20:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MA
[2010/11/05 18:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MA2
[2010/05/02 20:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Magic3
[2009/09/06 18:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MagicBall4
[2010/05/27 17:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MagicIndie
[2010/05/26 03:02:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ManyCam
[2010/08/08 19:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Mariaglorum
[2009/07/23 15:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MegaplexMadnessSummerBlockbuster
[2010/11/28 13:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Meridian93
[2010/06/19 15:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Merscom
[2010/05/21 23:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MotionDSP
[2009/01/27 03:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MSNInstaller
[2009/07/02 17:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\My Games
[2010/08/11 15:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MysteriousCaseOfJekyllAndHyde
[2010/12/18 13:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Mystery of Mortlake Mansion
[2011/01/21 19:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Namco
[2010/03/15 19:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Nevosoft
[2011/03/07 16:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Nucleosys
[2009/01/26 18:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Oberon Games
[2010/11/13 16:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Oberon Media
[2010/07/25 20:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Odian Games
[2010/11/29 15:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Old Castle
[2009/03/21 16:53:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\OpenOffice.org
[2010/07/23 16:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Orneon
[2010/11/07 20:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\OtherSide Realm of Eons
[2010/10/16 16:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\perfect future studio
[2009/10/11 13:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Ph03nixNewMedia
[2011/01/07 21:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Phantasmat_bf_ce1
[2010/07/26 20:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Pi Eye Games
[2011/01/31 22:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\PlayFirst
[2010/10/21 11:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\PlayPond
[2009/11/24 17:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Playrix Entertainment
[2010/01/07 13:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\PoBros
[2009/02/27 19:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Pogo Games
[2010/03/16 18:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\QB9
[2009/04/05 23:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\QQ Games Plugin
[2010/09/03 14:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\quickclick
[2009/06/30 15:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Quirky Games
[2009/01/30 17:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\RobinsonCrusoe
[2009/09/12 20:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Sanna
[2010/12/03 22:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Scholastic
[2010/11/16 19:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ScreenSeven
[2009/02/20 12:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SecretIslandEng
[2010/03/31 17:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Settlement. Colossus
[2010/05/27 19:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SevenSails
[2010/08/14 18:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ShaoLin
[2009/04/15 17:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Shape games
[2009/08/02 16:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\she_is_a_shadow
[2010/11/05 19:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ShinyTales
[2010/07/20 19:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Silverback Productions
[2010/06/11 21:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Skunk Studios
[2011/01/16 17:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Sleepwalker Games
[2011/02/16 17:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SoftGrid Client
[2010/12/31 16:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Spark Plug Games
[2010/08/28 14:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Specialbit
[2009/02/03 22:26:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SpinTop
[2010/11/28 14:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SpinTop Games
[2009/08/28 19:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SprillRichiEng
[2009/09/30 15:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Sudden Games LLC
[2010/05/20 21:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SulusGames
[2010/12/03 13:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Supermarket Mania 2
[2010/06/23 18:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TeleportGamesLtd
[2010/09/11 10:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Ten Heavens
[2010/06/01 23:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\The Inquisitor
[2009/01/28 04:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Thinstall
[2010/11/07 15:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ThreeDays2
[2011/01/22 18:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TikisLab
[2010/09/06 12:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TitanicMystery
[2010/09/09 17:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TOMI2.THE GATES OF FATE
[2010/03/30 15:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Top Evidence
[2010/08/28 00:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Total Eclipse
[2011/02/06 19:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TP
[2010/03/08 20:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TripleHippo
[2011/03/17 20:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Uniblue
[2010/11/14 13:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\URSE Games
[2009/07/04 17:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\V-Games
[2009/09/27 13:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\VampireSaga
[2010/12/04 12:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Vast Studios
[2010/04/26 18:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\VendelGAMES
[2009/01/31 14:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ViquaSoft
[2011/01/29 01:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Virtual Prophecy
[2011/03/25 18:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Vogat Interactive
[2009/01/27 01:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Wave Systems Corp
[2010/09/14 19:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Whisper of a Rose Saves
[2011/01/25 22:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\WhiteBirdsProductions
[2010/11/08 19:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\World-LooM
[2009/07/14 10:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\YoudaGames
[2011/03/31 05:03:51 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\Tasks\79ecb240.job
[2011/03/31 04:06:31 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\PC Medkit.job
[2011/03/31 05:19:09 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{99455203-9436-41B9-88B4-7F76186F3E2C}.job
[2011/03/31 05:03:51 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2011/03/31 05:03:50 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2011/03/31 05:13:03 | 000,737,033 | ---- | M] () MD5=245915834676B13FF07FFE85399C1F5C -- C:\Documents and Settings\Momdukes\My Documents\Downloads\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\i386\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
[2004/08/04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

========== Files - Unicode (All) ==========
[2009/12/04 12:40:22 | 000,000,040 | ---- | M] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
[2009/12/04 12:40:22 | 000,000,040 | ---- | C] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩

< End of report >


OTL logfile created on: 3/31/2011 5:22:16 AM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Momdukes\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 72.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.31 Gb Total Space | 23.37 Gb Free Space | 31.45% Space Free | Partition Type: NTFS

Computer Name: ALTHEA | User Name: Momdukes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/31 05:18:25 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Momdukes\My Documents\Downloads\OTL(2).scr
PRC - [2011/03/23 22:44:04 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/03/31 05:18:25 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Momdukes\My Documents\Downloads\OTL(2).scr
MOD - [2011/03/05 22:38:51 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 01:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 01:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (iWinTrusted)
SRV - [2011/03/17 14:25:36 | 000,723,872 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2010/09/05 15:50:33 | 000,431,616 | ---- | M] (Faronics Corporation) [Auto | Stopped] -- C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe -- (DF5Serv)
SRV - [2010/06/24 21:13:45 | 001,552,384 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2010/06/24 21:13:45 | 000,737,280 | ---- | M] (Wave Systems Corp.) [Auto | Stopped] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2010/06/24 21:13:45 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2010/06/24 21:13:41 | 000,192,512 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - [2010/06/24 21:13:40 | 000,486,400 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2010/02/19 20:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/10/22 14:57:44 | 000,070,952 | ---- | M] () [Auto | Stopped] -- C:\Program Files\tbh\monitor\bin\tbhMonitor.exe -- (tbhMonitor.exe)
SRV - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/10/03 16:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/06/12 18:09:16 | 002,521,880 | ---- | M] (Intel) [Auto | Stopped] -- C:\Program Files\Intel\AMT\UNS.exe -- (UNS) Intel®
SRV - [2007/06/12 18:09:16 | 000,183,064 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\AMT\atchksrv.exe -- (atchksrv) Intel®
SRV - [2007/06/12 18:09:14 | 000,109,336 | ---- | M] (Intel) [Auto | Stopped] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) Intel®
SRV - [2007/01/23 04:58:04 | 000,133,968 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)


========== Driver Services (SafeList) ==========

DRV - [2010/06/24 21:13:41 | 000,161,280 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2010/06/24 21:13:41 | 000,018,176 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WaveFDE.sys -- (WaveFDE)
DRV - [2010/06/24 21:13:39 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Afc.sys -- (Afc)
DRV - [2010/01/27 17:10:44 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/02/11 05:36:42 | 000,151,192 | ---- | M] (Faronics Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\DeepFrz.sys -- (DeepFrz)
DRV - [2007/12/28 15:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/10/07 15:05:06 | 002,455,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/09/24 20:12:48 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2007/09/07 11:57:14 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2007/07/23 19:42:12 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2007/07/23 16:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 16:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 16:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 16:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 16:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 16:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 16:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 16:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 15:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 15:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/06/01 15:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxmouse.sys -- (pmxmouse)
DRV - [2007/05/24 18:56:00 | 000,014,336 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2007/01/23 04:45:44 | 000,042,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Asfalrt.sys -- (AsfAlrt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1080830
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://home.peoplepc.com/search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1080830

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1080830
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/...GO&form=ZGAPHP"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.0.19
FF - prefs.js..extensions.enabledItems: [email protected]:2.2.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {03a13e92-bfed-419a-9b3b-072b6a1534a2}:3.3.0.19
FF - prefs.js..extensions.enabledItems: {30421e54-3b57-4e5b-947c-9b6beea57683}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {5c99e1f0-a422-47be-8be3-a38148ed1615}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {6847DFAE-037A-400c-A524-27F0A281B692}:2.0.0
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {96ce3418-8ef3-45b5-8808-de5dbe03fb13}:6.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..keyword.URL: "http://www.google.co...lient&hl=en&q="


FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\DictionaryBoss\bar\1.bin [2011/02/18 19:03:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/03/18 16:04:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/31 04:27:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 22:44:09 | 000,000,000 | ---D | M]

[2009/04/05 15:46:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Extensions
[2011/03/31 04:08:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions
[2011/01/23 02:24:51 | 000,000,000 | ---D | M] (TranslatorBar 1.12 Community Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{03a13e92-bfed-419a-9b3b-072b6a1534a2}
[2010/04/28 17:48:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/23 14:35:39 | 000,000,000 | ---D | M] (Productivity 1.12 Community Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{30421e54-3b57-4e5b-947c-9b6beea57683}
[2010/07/23 18:53:42 | 000,000,000 | ---D | M] (setupgo Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{5c99e1f0-a422-47be-8be3-a38148ed1615}
[2010/03/17 20:21:47 | 000,000,000 | ---D | M] (Big Fish Games Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{6847DFAE-037A-400c-A524-27F0A281B692}
[2010/08/14 14:38:45 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/12/06 09:38:13 | 000,000,000 | ---D | M] (Verizon Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
[2011/01/07 01:04:58 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/01/29 18:33:49 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/03/31 04:32:30 | 000,000,000 | ---D | M] (The Browser Highlighter) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2011/01/23 02:24:51 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2011/01/04 18:29:59 | 000,000,000 | ---D | M] (Feed Filter) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2010/12/28 01:58:51 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2010/10/23 01:32:41 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2011/03/17 20:43:11 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
[2009/04/05 23:29:07 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\aim-search.xml
[2011/03/17 20:43:12 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\bing-zugo.xml
[2009/09/26 21:04:25 | 000,001,727 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\causes-search.xml
[2011/01/07 02:56:17 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\conduit.xml
[2010/01/01 14:49:09 | 000,000,938 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\facebook.xml
[2011/02/16 20:25:42 | 000,009,932 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\mywebsearch.xml
[2011/03/31 00:29:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/15 15:43:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/15 10:25:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/15 18:06:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/18 16:04:17 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011/02/18 19:03:41 | 000,000,000 | ---D | M] (DictionaryBoss) -- C:\PROGRAM FILES\DICTIONARYBOSS\BAR\1.BIN
[2009/02/16 01:07:32 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2009/07/02 11:19:28 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010/12/28 01:58:51 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2010/11/13 16:05:02 | 000,002,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bingober9819187.xml
[2009/09/24 20:42:51 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png
[2009/09/24 20:42:47 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml
[2010/08/11 16:39:58 | 000,002,465 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\verizontb.xml

O1 HOSTS File: ([2010/10/12 04:41:11 | 000,000,727 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.1\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Updater For Verizon Toolbar) - {96673559-e653-4cdc-8923-f89347a952c0} - C:\Program Files\verizontb\auxi\verizonAu.dll (Visicom Media)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Big Fish Games Toolbar) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files\BfgBar\bfg.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files\verizontb\verizonDx.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (DictionaryBoss) - {3042df7a-e900-4389-9b94-923df0daa57e} - File not found
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.1\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Big Fish Games Toolbar) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files\BfgBar\bfg.dll ()
O3 - HKLM\..\Toolbar: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files\verizontb\verizonDx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DictionaryBoss) - {3042DF7A-E900-4389-9B94-923DF0DAA57E} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [atchk] C:\Program Files\Intel\AMT\atchk.exe (Intel Corporation)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.1\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMX Daemon] C:\WINDOWS\System32\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
O4 - HKLM..\Run: [tbhSystray] C:\Program Files\tbh\base\bin\tbhSystray.exe (eBay)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [DW6] File not found
O4 - HKCU..\Run: [OfficeSyncProcess] File not found
O4 - HKCU..\Run: [Search Protection] File not found
O4 - HKCU..\RunOnce: [pKl01812jBoCp01812] C:\Documents and Settings\All Users\Application Data\pKl01812jBoCp01812\pKl01812jBoCp01812.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Reg Error: Key error.)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/...ader.5.8.05.cab (Bebo Uploader Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mortimer%20Beckett%20and%20the%20Time%20Paradox/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.232,93.188.161.232
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\gemsafe: DllName - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
O24 - Desktop Components:0 () - http://a8.sphotos.ak...9_3388786_n.jpg
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Momdukes\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Momdukes\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2552870c-380a-11de-9b80-002170323113}\Shell\AutoRun\command - "" = E:\.\RapidBlogManager.exe
O33 - MountPoints2\{c617805c-9de4-11df-9d4e-002170323113}\Shell - "" = AutoRun
O33 - MountPoints2\{c617805c-9de4-11df-9d4e-002170323113}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c617805c-9de4-11df-9d4e-002170323113}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk /k:C *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: LanmanWorkstation - File not found
NetSvcs: Messenger - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2011/03/31 04:48:58 | 000,000,000 | ---D | C] -- C:\834f29e3572dd74196c51ba2
[2011/03/31 04:48:54 | 000,000,000 | ---D | C] -- C:\f31a3c10f1bf3823b783ac7a
[2011/03/31 04:48:38 | 000,000,000 | ---D | C] -- C:\be5c01085c56505e65ee15c78e4029
[2011/03/31 04:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\pKl01812jBoCp01812
[2011/03/31 00:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Start Menu\Programs\SpyHunter
[2011/03/31 00:17:58 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2011/03/30 17:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Shiver - Vanishing Hitchhiker Collector's Edition
[2011/03/30 17:45:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Shiver - Vanishing Hitchhiker Collector's Edition
[2011/03/27 20:05:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FreeFileOpener
[2011/03/27 20:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFileOpener
[2011/03/24 13:50:31 | 000,000,000 | ---D | C] -- C:\Program Files\Shades of Death - Royal Blood
[2011/03/24 13:50:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Shades of Death - Royal Blood
[2011/03/23 19:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Stray Souls - Dollhouse Story
[2011/03/23 19:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Stray Souls - Dollhouse Story
[2011/03/22 23:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\BlitPop
[2011/03/22 23:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Echoes of Sorrow
[2011/03/22 23:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Echoes of Sorrow
[2011/03/18 16:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/03/18 16:04:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/03/17 20:43:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Application Data\Uniblue
[2011/03/17 20:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\PackageAware
[2011/03/17 20:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2011/03/08 14:18:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Application Data\Dying for Daylight Shared
[2011/03/08 14:18:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Application Data\Dying for Daylight
[2011/03/08 14:17:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Dying for Daylight
[2011/03/08 14:14:31 | 000,000,000 | ---D | C] -- C:\Program Files\Dying_for_Daylight
[2011/03/08 14:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dying_for_Daylight
[2011/03/07 17:16:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games
[2011/03/07 16:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Application Data\Nucleosys
[2011/03/07 16:02:35 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2011/03/07 16:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2011/03/07 15:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Shadow Wolf Mysteries - Curse of the Full Moon
[2011/03/05 22:39:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\Real
[2011/03/05 22:38:44 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011/03/05 22:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2011/03/05 22:38:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2011/03/05 22:38:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Application Data\Real
[2011/03/05 21:17:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Momdukes\Start Menu\Programs\Dell Inc
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/31 05:19:09 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{99455203-9436-41B9-88B4-7F76186F3E2C}.job
[2011/03/31 05:04:06 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\WavXMapDrive.bat
[2011/03/31 05:03:55 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-472125488-3704590697-1693983179-1005.job
[2011/03/31 05:03:53 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-472125488-3704590697-1693983179-1005.job
[2011/03/31 05:03:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/31 05:03:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/31 05:03:51 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2011/03/31 05:03:51 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\79ecb240.job
[2011/03/31 05:03:50 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2011/03/31 05:03:34 | 2111,418,368 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/31 05:01:47 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/03/31 04:48:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/31 04:06:31 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\PC Medkit.job
[2011/03/31 04:03:00 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-472125488-3704590697-1693983179-1005UA.job
[2011/03/31 00:18:00 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\Momdukes\Desktop\SpyHunter.lnk
[2011/03/30 17:46:21 | 000,001,963 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Shiver - Vanishing Hitchhiker Collector's Edition.lnk
[2011/03/30 17:46:21 | 000,001,264 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2011/03/30 14:03:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-472125488-3704590697-1693983179-1005Core.job
[2011/03/28 19:24:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/27 20:05:58 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Microsoft\Internet Explorer\Quick Launch\Free File Opener.lnk
[2011/03/27 20:05:58 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Free File Opener.lnk
[2011/03/25 04:43:48 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/24 13:51:01 | 000,001,789 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Shades of Death - Royal Blood.lnk
[2011/03/23 19:42:26 | 000,001,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Stray Souls - Dollhouse Story.lnk
[2011/03/22 23:45:15 | 000,001,642 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Echoes of Sorrow.lnk
[2011/03/21 22:44:29 | 000,008,117 | ---- | M] () -- C:\Documents and Settings\Momdukes\My Documents\suni5.jpg
[2011/03/18 17:51:29 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/18 16:04:23 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/03/18 16:04:04 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011/03/17 20:32:16 | 000,027,523 | ---- | M] () -- C:\Documents and Settings\Momdukes\My Documents\Kyle.odp
[2011/03/14 21:22:59 | 000,494,416 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/14 21:22:59 | 000,089,606 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/10 04:05:15 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/08 14:15:06 | 000,001,686 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Dying_for_Daylight.lnk
[2011/03/07 16:02:35 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2011/03/07 15:21:01 | 000,001,417 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk
[2011/03/07 15:21:01 | 000,001,399 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/31 05:01:47 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/03/31 00:18:00 | 000,001,979 | ---- | C] () -- C:\Documents and Settings\Momdukes\Desktop\SpyHunter.lnk
[2011/03/30 17:46:21 | 000,001,963 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Shiver - Vanishing Hitchhiker Collector's Edition.lnk
[2011/03/30 17:46:21 | 000,001,264 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2011/03/27 20:05:58 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\Momdukes\Application Data\Microsoft\Internet Explorer\Quick Launch\Free File Opener.lnk
[2011/03/27 20:05:58 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Free File Opener.lnk
[2011/03/24 13:51:01 | 000,001,789 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Shades of Death - Royal Blood.lnk
[2011/03/23 19:42:26 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Stray Souls - Dollhouse Story.lnk
[2011/03/22 23:45:15 | 000,001,642 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Echoes of Sorrow.lnk
[2011/03/21 22:44:32 | 000,008,117 | ---- | C] () -- C:\Documents and Settings\Momdukes\My Documents\suni5.jpg
[2011/03/18 16:04:23 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/03/17 20:32:15 | 000,027,523 | ---- | C] () -- C:\Documents and Settings\Momdukes\My Documents\Kyle.odp
[2011/03/08 14:15:06 | 000,001,686 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Dying_for_Daylight.lnk
[2011/03/07 15:21:01 | 000,001,399 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk
[2011/03/05 22:39:17 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-472125488-3704590697-1693983179-1005.job
[2011/03/05 22:39:17 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-472125488-3704590697-1693983179-1005.job
[2011/02/04 18:44:54 | 000,062,912 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/14 20:52:54 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/10/16 16:40:12 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\Momdukes\Application Data\prefsdb.dat
[2010/03/21 12:36:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/02/16 02:17:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/01/06 19:00:31 | 000,000,190 | ---- | C] () -- C:\WINDOWS\settings.ini
[2009/12/04 12:41:04 | 014,497,312 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/12/04 12:40:31 | 000,300,064 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/09/09 23:19:30 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/09/09 23:19:30 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/09/09 23:18:52 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/09/09 23:18:52 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/09/09 23:18:51 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/09/02 18:27:02 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\ex23567.dat
[2009/09/02 18:26:35 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\mmsmark2.dat
[2009/08/27 21:41:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ResortingToDanger.INI
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/05/01 18:13:32 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\RegHero.exe
[2009/05/01 18:13:32 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\PopWait.exe
[2009/04/17 22:40:16 | 000,000,045 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/04/17 22:40:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2009/04/05 23:10:43 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2009/04/05 15:46:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/26 19:13:40 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/15 14:14:23 | 000,014,530 | ---- | C] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\slot1.mm1
[2009/02/01 21:20:52 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/01/27 01:20:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\WavXMapDrive.bat
[2009/01/27 01:11:17 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2009/01/27 01:10:16 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2009/01/27 01:10:15 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2009/01/25 13:12:49 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Momdukes\Local Settings\Application Data\fusioncache.dat
[2008/08/29 20:56:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/29 20:50:05 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FontZoom.exe
[2008/08/29 20:50:05 | 000,131,070 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2008/08/29 20:35:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/08/29 20:32:04 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2008/08/29 20:32:02 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/08/29 20:32:02 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/08/29 20:32:02 | 000,972,072 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/08/29 20:32:01 | 000,156,671 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/08/29 20:32:01 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2008/08/29 20:32:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008/08/29 20:27:20 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/13 16:42:30 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2007/09/13 16:42:30 | 000,471,040 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2007/09/13 16:42:28 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2007/09/13 16:42:28 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2007/09/13 16:42:28 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2007/09/13 16:42:28 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2007/09/13 16:42:26 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2007/09/13 16:42:26 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2007/09/13 16:42:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2007/09/13 16:42:26 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2007/09/13 16:36:24 | 000,438,272 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2007/09/13 16:32:36 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\CacheFP.exe
[2007/09/12 17:05:08 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2007/09/12 17:04:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2007/09/12 17:04:26 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2007/09/12 17:04:06 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2007/09/12 17:03:44 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2007/09/12 17:03:24 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2007/09/12 17:03:04 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2007/09/12 17:02:44 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2007/09/12 17:02:22 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2007/09/12 17:02:02 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2007/09/10 11:53:26 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2007/06/15 12:19:20 | 000,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2007/03/20 16:44:02 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.ini
[2007/02/28 06:03:32 | 000,080,720 | ---- | C] () -- C:\WINDOWS\System32\AsfBios.dll
[2007/01/23 04:45:40 | 000,025,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2006/08/14 13:02:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2006/06/12 10:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2004/09/10 15:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 15:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/08/11 18:24:19 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstet.dat
[2004/08/11 18:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 18:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 18:06:43 | 000,294,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 18:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/11 18:00:28 | 000,494,416 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 18:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/11 18:00:28 | 000,089,606 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 18:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/11 18:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/11 18:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/11 18:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/11 18:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/11 18:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/11 18:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/11 18:00:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

========== LOP Check ==========

[2009/08/06 21:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3rd Eye Solutions
[2010/07/04 11:56:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Absolutist
[2009/01/28 15:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AdventureChronicles1
[2010/04/09 17:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Entertainment
[2010/10/22 12:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2010/12/03 14:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarSouthpoint
[2009/02/09 22:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ApeZone
[2010/04/15 23:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BanzaiInteractive
[2009/08/19 16:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BarbarianGames
[2009/10/08 23:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Becky Brogan
[2010/08/02 19:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bicyclestudios
[2011/03/07 15:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2010/09/12 11:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Splash Games
[2009/04/01 21:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Black Blob Studios
[2010/12/19 21:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blg
[2009/08/08 12:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Candy Factory
[2010/12/23 09:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Casual Arts
[2009/07/29 14:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CasualForge
[2010/12/06 09:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cateia Games
[2010/10/18 17:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Column of the Maya
[2009/06/12 03:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comcast
[2010/10/17 14:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrioGames
[2009/09/05 14:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cupcakecafe
[2010/10/30 00:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deadtime Stories
[2009/12/04 12:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DigiData
[2011/03/08 14:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dying for Daylight
[2010/10/15 05:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elephant Games
[2010/08/22 14:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Exorcist DS 1
[2009/04/10 21:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Far Mills
[2010/11/22 18:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Farm Fishes
[2009/06/18 11:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fashion Finder
[2009/08/29 19:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fillup
[2010/03/21 17:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2010/07/04 11:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Floodlight Games
[2010/08/21 15:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\freshgames
[2010/11/22 12:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2010/12/20 16:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Funny Bear Studio
[2010/10/25 18:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2010/10/12 17:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gamers Digital
[2009/08/29 20:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\game_fillup_v2_usa
[2009/07/28 10:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2010/12/07 21:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2009/03/02 20:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gold Casual Games
[2010/12/11 18:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Green Clover Games
[2009/08/31 20:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HideAndSecret3
[2010/11/24 13:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitPoint Studios
[2009/02/12 19:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HoverBee Studios
[2010/07/24 21:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Immortal Lovers
[2009/06/24 16:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IntDreams
[2010/05/15 13:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intenium
[2009/04/02 11:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin
[2009/02/04 23:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2011/01/05 18:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2011/03/07 17:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games
[2009/07/15 12:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Little Games Company
[2010/12/18 18:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LittleGamesCompany
[2010/07/04 11:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2010/11/07 13:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/02/13 09:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mushroom Age
[2009/04/03 13:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MysteryChronicles
[2010/06/18 18:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MythPeople
[2011/01/21 19:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Namco
[2010/02/25 11:17:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nevosoft
[2009/02/03 17:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nick Chase A Detective Story
[2009/01/27 01:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2009/01/28 16:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Games
[2010/11/13 17:23:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/01/03 20:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Particles
[2011/03/31 04:11:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pKl01812jBoCp01812
[2011/01/31 22:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/02/15 16:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayPond
[2010/01/07 13:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros
[2010/11/14 19:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2009/08/21 19:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Princess Isabella
[2010/08/29 00:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Redrum
[2010/11/07 12:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RVLGames
[2011/01/25 17:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/11/16 19:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScreenSeven
[2010/07/20 17:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simajo The Travel Móstery Game
[2009/05/21 10:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Slapdash Games
[2009/09/25 19:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SOS
[2009/03/20 13:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpecialBit
[2010/02/13 21:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SugarGames
[2010/07/04 11:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[2009/05/14 11:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/07/04 11:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TeleportGamesLtd
[2010/12/23 10:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/05 23:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tencent
[2010/07/04 11:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Inquisitor
[2010/01/06 12:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Mirror Mysteries
[2010/03/30 15:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Top Evidence
[2009/07/25 15:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/02/06 19:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virtualized Applications
[2010/10/08 04:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2009/01/27 01:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2009/04/02 11:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/08/14 16:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/01/10 01:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\2monkeys
[2010/07/18 21:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\A Gypsy's Tale - The Tower of Secrets
[2010/06/20 17:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Absolutist
[2010/10/24 16:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Aerohills
[2009/07/02 11:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Aisle 5 Games, Inc
[2010/04/09 17:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Alawar Entertainment
[2010/12/03 14:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\AlawarSouthpoint
[2009/05/03 14:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Anabel
[2010/08/07 14:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Anarchy
[2010/10/17 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Artifex Mundi
[2011/03/30 17:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Artogon
[2010/10/27 12:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Awem
[2009/04/21 09:43:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Azuaz Games
[2010/03/08 18:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\AzuazGames
[2011/02/28 00:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Azureus
[2010/12/28 14:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BabylonToolbar
[2010/04/15 23:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BanzaiInteractive
[2009/08/19 16:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BarbarianGames
[2009/01/28 12:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BeachPartyCraze
[2010/04/11 10:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BfgBar
[2010/08/02 19:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Bicyclestudios
[2011/01/20 17:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Big Fish Games
[2010/09/12 11:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Big Splash Games
[2009/06/19 14:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BlamGames
[2010/12/19 21:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\blg
[2010/12/21 09:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Boolat Games
[2011/02/17 20:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Boomzap
[2009/03/01 13:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\BrandX Games
[2010/08/07 18:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Brunhilda_bfg
[2009/06/01 13:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\CallingID
[2009/06/19 17:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Camel101
[2010/12/23 09:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Casual Arts
[2009/07/29 14:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\CasualForge
[2009/12/05 13:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Cat's Eye Games
[2009/02/27 12:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\cerasus.media
[2010/08/13 14:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ChaYoWo Games
[2010/10/18 17:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Column of the Maya
[2011/02/07 19:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/10/30 18:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\comcasttb
[2010/03/11 14:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\DarkParablesBriarRose_BFG
[2010/10/29 17:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\DayTerium
[2011/01/25 16:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Dekovir
[2010/07/19 15:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\DigirononGames
[2009/09/07 10:30:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\DivoGames
[2010/01/08 18:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Dragon Altar Games
[2010/12/08 21:35:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Dreamsdwell Stories 2
[2011/03/08 14:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Dying for Daylight
[2011/03/08 14:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Dying for Daylight Shared
[2010/12/04 01:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\EleFun Games
[2010/10/15 05:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Elephant Games
[2010/08/26 11:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Enki Games
[2009/06/25 11:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Enlightenus
[2010/09/18 16:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Enlightenus2_BFG
[2010/12/03 16:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ERS G-Studio
[2011/02/17 18:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ERS Game Studios
[2009/03/14 00:36:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Eyeblaster
[2010/08/10 21:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Fabulous Finds
[2010/07/04 11:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Facebook
[2011/01/03 20:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\FBI
[2010/03/21 17:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Flood Light Games
[2010/06/17 17:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Floodlight Games
[2011/01/02 17:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\FlyWheelGames
[2010/09/12 19:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Freezetag
[2010/08/21 15:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\freshgames
[2011/03/23 20:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Friday's games
[2010/12/11 16:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Frogwares
[2010/08/23 14:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Fugazo
[2010/12/15 23:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\funkitron
[2009/06/30 21:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Gaijin Ent
[2009/12/13 18:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Game Mill Entertainment
[2010/10/25 18:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GameHouse
[2009/08/30 11:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GameHousev1001
[2009/07/24 16:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GameInvest
[2010/11/26 12:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GameMill Entertainment
[2010/10/12 17:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Gamers Digital
[2010/10/17 15:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Games
[2010/05/14 19:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GamesCafe
[2010/02/06 00:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Gestalt Games
[2010/03/11 12:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GetRightToGo
[2010/09/05 12:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Ghost Ship Studios
[2010/12/07 21:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\gogii
[2010/07/21 12:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Gold Casual Games
[2009/08/10 10:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\GraveyardShift
[2010/12/11 18:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Green Clover Games
[2011/03/08 12:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HdO Adventure
[2010/11/30 14:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HillStoneAnimationStudios
[2010/05/10 21:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HillStoneAnimationStudios_MBV
[2009/04/21 19:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HiT-MM
[2010/11/24 13:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HitPoint Studios
[2010/06/21 18:08:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Hotdog Hotshot
[2009/07/26 12:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\HSA
[2009/12/10 17:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\iMaxGen
[2010/07/24 21:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Immortal Lovers
[2009/01/28 18:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Internet Saving Optimizer
[2009/06/19 19:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\IronCode
[2009/01/27 13:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Island
[2009/04/02 11:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\iWin
[2010/12/02 23:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Jane s Hotel 3
[2010/10/19 13:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Jetdogs Studios
[2009/01/26 18:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Jetsetter
[2010/08/23 16:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\JoyBits
[2010/05/01 14:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Lazy Turtle Games
[2010/03/24 18:02:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\LegacyInteractive
[2009/07/15 12:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Little Games Company
[2010/05/08 14:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Little Noir Stories
[2010/12/18 18:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\LittleGamesCompany
[2009/03/15 13:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Lost in the City
[2009/08/20 20:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MA
[2010/11/05 18:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MA2
[2010/05/02 20:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Magic3
[2009/09/06 18:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MagicBall4
[2010/05/27 17:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MagicIndie
[2010/05/26 03:02:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ManyCam
[2010/08/08 19:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Mariaglorum
[2009/07/23 15:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MegaplexMadnessSummerBlockbuster
[2010/11/28 13:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Meridian93
[2010/06/19 15:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Merscom
[2010/05/21 23:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MotionDSP
[2009/01/27 03:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MSNInstaller
[2009/07/02 17:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\My Games
[2010/08/11 15:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\MysteriousCaseOfJekyllAndHyde
[2010/12/18 13:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Mystery of Mortlake Mansion
[2011/01/21 19:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Namco
[2010/03/15 19:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Nevosoft
[2011/03/07 16:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Nucleosys
[2009/01/26 18:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Oberon Games
[2010/11/13 16:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Oberon Media
[2010/07/25 20:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Odian Games
[2010/11/29 15:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Old Castle
[2009/03/21 16:53:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\OpenOffice.org
[2010/07/23 16:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Orneon
[2010/11/07 20:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\OtherSide Realm of Eons
[2010/10/16 16:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\perfect future studio
[2009/10/11 13:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Ph03nixNewMedia
[2011/01/07 21:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Phantasmat_bf_ce1
[2010/07/26 20:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Pi Eye Games
[2011/01/31 22:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\PlayFirst
[2010/10/21 11:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\PlayPond
[2009/11/24 17:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Playrix Entertainment
[2010/01/07 13:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\PoBros
[2009/02/27 19:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Pogo Games
[2010/03/16 18:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\QB9
[2009/04/05 23:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\QQ Games Plugin
[2010/09/03 14:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\quickclick
[2009/06/30 15:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Quirky Games
[2009/01/30 17:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\RobinsonCrusoe
[2009/09/12 20:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Sanna
[2010/12/03 22:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Scholastic
[2010/11/16 19:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ScreenSeven
[2009/02/20 12:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SecretIslandEng
[2010/03/31 17:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Settlement. Colossus
[2010/05/27 19:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SevenSails
[2010/08/14 18:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ShaoLin
[2009/04/15 17:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Shape games
[2009/08/02 16:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\she_is_a_shadow
[2010/11/05 19:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ShinyTales
[2010/07/20 19:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Silverback Productions
[2010/06/11 21:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Skunk Studios
[2011/01/16 17:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Sleepwalker Games
[2011/02/16 17:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SoftGrid Client
[2010/12/31 16:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Spark Plug Games
[2010/08/28 14:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Specialbit
[2009/02/03 22:26:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SpinTop
[2010/11/28 14:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SpinTop Games
[2009/08/28 19:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SprillRichiEng
[2009/09/30 15:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Sudden Games LLC
[2010/05/20 21:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\SulusGames
[2010/12/03 13:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Supermarket Mania 2
[2010/06/23 18:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TeleportGamesLtd
[2010/09/11 10:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Ten Heavens
[2010/06/01 23:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\The Inquisitor
[2009/01/28 04:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Thinstall
[2010/11/07 15:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ThreeDays2
[2011/01/22 18:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TikisLab
[2010/09/06 12:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TitanicMystery
[2010/09/09 17:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TOMI2.THE GATES OF FATE
[2010/03/30 15:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Top Evidence
[2010/08/28 00:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Total Eclipse
[2011/02/06 19:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TP
[2010/03/08 20:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\TripleHippo
[2011/03/17 20:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Uniblue
[2010/11/14 13:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\URSE Games
[2009/07/04 17:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\V-Games
[2009/09/27 13:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\VampireSaga
[2010/12/04 12:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Vast Studios
[2010/04/26 18:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\VendelGAMES
[2009/01/31 14:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\ViquaSoft
[2011/01/29 01:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Virtual Prophecy
[2011/03/25 18:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Vogat Interactive
[2009/01/27 01:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Wave Systems Corp
[2010/09/14 19:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\Whisper of a Rose Saves
[2011/01/25 22:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\WhiteBirdsProductions
[2010/11/08 19:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\World-LooM
[2009/07/14 10:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Momdukes\Application Data\YoudaGames
[2011/03/31 05:03:51 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\Tasks\79ecb240.job
[2011/03/31 04:06:31 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\PC Medkit.job
[2011/03/31 05:19:09 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{99455203-9436-41B9-88B4-7F76186F3E2C}.job
[2011/03/31 05:03:51 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2011/03/31 05:03:50 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2011/03/31 05:13:03 | 000,737,033 | ---- | M] () MD5=245915834676B13FF07FFE85399C1F5C -- C:\Documents and Settings\Momdukes\My Documents\Downloads\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\i386\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
[2004/08/04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

========== Files - Unicode (All) ==========
[2009/12/04 12:40:22 | 000,000,040 | ---- | M] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
[2009/12/04 12:40:22 | 000,000,040 | ---- | C] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩

< End of report >
  • 0

Advertisements


#2
Gammo

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hi,

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://home.peoplepc.com/search
    SRV - [2009/10/22 14:57:44 | 000,070,952 | ---- | M] () [Auto | Stopped] -- C:\Program Files\tbh\monitor\bin\tbhMonitor.exe -- (tbhMonitor.exe)
    FF - prefs.js..extensions.enabledItems: [email protected]:1.0
    FF - prefs.js..extensions.enabledItems: [email protected]:3.3.0.19
    FF - prefs.js..extensions.enabledItems: [email protected]:1.2
    FF - prefs.js..extensions.enabledItems: {03a13e92-bfed-419a-9b3b-072b6a1534a2}:3.3.0.19
    FF - prefs.js..extensions.enabledItems: {30421e54-3b57-4e5b-947c-9b6beea57683}:3.2.5.2
    FF - prefs.js..extensions.enabledItems: {5c99e1f0-a422-47be-8be3-a38148ed1615}:2.7.1.3
    FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
    FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
    FF - prefs.js..extensions.enabledItems: [email protected]:1.1
    FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\DictionaryBoss\bar\1.bin [2011/02/18 19:03:41 | 000,000,000 | ---D | M]
    [2011/01/23 02:24:51 | 000,000,000 | ---D | M] (TranslatorBar 1.12 Community Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{03a13e92-bfed-419a-9b3b-072b6a1534a2}
    [2010/12/23 14:35:39 | 000,000,000 | ---D | M] (Productivity 1.12 Community Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{30421e54-3b57-4e5b-947c-9b6beea57683}
    [2010/07/23 18:53:42 | 000,000,000 | ---D | M] (setupgo Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{5c99e1f0-a422-47be-8be3-a38148ed1615}
    [2010/08/14 14:38:45 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
    [2011/01/07 01:04:58 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
    [2011/03/31 04:32:30 | 000,000,000 | ---D | M] (The Browser Highlighter) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
    [2011/01/23 02:24:51 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
    [2011/03/17 20:43:11 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\extensions\[email protected]
    [2011/03/17 20:43:12 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\bing-zugo.xml
    [2009/09/26 21:04:25 | 000,001,727 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\causes-search.xml
    [2011/01/07 02:56:17 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\conduit.xml
    [2011/02/16 20:25:42 | 000,009,932 | ---- | M] () -- C:\Documents and Settings\Momdukes\Application Data\Mozilla\Firefox\Profiles\rk672wum.default\searchplugins\mywebsearch.xml
    [2011/02/18 19:03:41 | 000,000,000 | ---D | M] (DictionaryBoss) -- C:\PROGRAM FILES\DICTIONARYBOSS\BAR\1.BIN
    [2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
    [2009/09/24 20:42:51 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png
    [2009/09/24 20:42:47 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
    O2 - BHO: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No CLSID value found.
    O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (DictionaryBoss) - {3042df7a-e900-4389-9b94-923df0daa57e} - File not found
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
    O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (DictionaryBoss) - {3042DF7A-E900-4389-9B94-923DF0DAA57E} - File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [tbhSystray] C:\Program Files\tbh\base\bin\tbhSystray.exe (eBay)
    O4 - HKCU..\RunOnce: [pKl01812jBoCp01812] C:\Documents and Settings\All Users\Application Data\pKl01812jBoCp01812\pKl01812jBoCp01812.exe ()
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.232,93.188.161.232
    O33 - MountPoints2\{2552870c-380a-11de-9b80-002170323113}\Shell\AutoRun\command - "" = E:\.\RapidBlogManager.exe
    O33 - MountPoints2\{c617805c-9de4-11df-9d4e-002170323113}\Shell - "" = AutoRun
    O33 - MountPoints2\{c617805c-9de4-11df-9d4e-002170323113}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{c617805c-9de4-11df-9d4e-002170323113}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
    [2011/03/31 04:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\pKl01812jBoCp01812
    [2011/03/17 20:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
    [8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [2011/03/31 05:03:51 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
    [2011/03/31 05:03:51 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\79ecb240.job
    [2011/03/31 05:03:50 | 000,000,294 | -H-- | M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
    [2011/03/31 05:01:47 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
    [2011/03/31 04:06:31 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\PC Medkit.job
    [2009/09/02 18:27:02 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\ex23567.dat
    [2009/09/02 18:26:35 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\mmsmark2.dat
    [2009/12/04 12:40:22 | 000,000,040 | ---- | M] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
    [2009/12/04 12:40:22 | 000,000,040 | ---- | C] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
    [2009/05/01 18:13:32 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\RegHero.exe
    [2009/05/01 18:13:32 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\PopWait.exe
    
    :Services
    
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "5191:TCP"=-
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\tbh\base\bin\tbhDaemon.exe"=-
    "C:\Program Files\tbh\monitor\bin\tbhMonitor.exe"=-
    "C:\Documents and Settings\Momdukes\My Documents\Downloads\facebook-pic00005267.exe"=-
    "C:\Documents and Settings\Momdukes\My Documents\Downloads\PIC9486242742133-JPG-www.facebook.com.exe"=-
    
    :Files
    ipconfig /flushdns /c
    C:\Program Files\tbh
    C:\Documents and Settings\Momdukes\My Documents\Downloads\facebook-pic00005267.exe
    C:\Documents and Settings\Momdukes\My Documents\Downloads\PIC9486242742133-JPG-www.facebook.com.exe
    c:\windows\nvsvc32.exe
    C:\Program Files\DictionaryBoss
    C:\Program Files\ConduitEngine
    C:\Program Files\Vuze_Remote
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them:

    Click me

    If you can't disable them then just continue on.

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP