Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Generic Host Process for Win32 Services encountered a problem and need


  • Please log in to reply

#1
Royal42

Royal42

    New Member

  • Member
  • Pip
  • 1 posts
Hello, I've been having a problem occur for about close to a week and half now, where after a few minutes after booting up, a box would come up saying "Generic Host Process for Win32 Services encountered a problem and needed to close." and then after a few minutes after my taskbar would turn to the old classic grey look or My Audio Mixer would not be functioning. Then I would have to restart my computer. I System Restored back before this all started happening and it's still doing it. I ran Malwarebytes' Anti-Malware and nothing showed up. I was told that this was the cause of a Root Kit Virus, but i wasnt sure.

P.S: Also at times, I would check my Processes And Svchost.exe would be maxing out my memory. Not sure If related or different problem entirely.

Thanks In Advance.
Royal.



OTL logfile created on: 4/20/2011 3:15:01 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 500 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.13 Gb Total Space | 14.90 Gb Free Space | 21.25% Space Free | Partition Type: NTFS
Drive D: | 4.38 Gb Total Space | 0.51 Gb Free Space | 11.53% Space Free | Partition Type: FAT32

Computer Name: YOUR-478655FD08 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/19 18:20:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/04/18 12:20:20 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/11/11 14:55:56 | 000,057,072 | -H-- | M] (Microsoft Corporation) -- c:\Documents and Settings\Owner\Desktop\Royal's Folder\ZuneBusEnum.exe
PRC - [2010/10/05 20:26:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
PRC - [2010/09/02 11:38:28 | 000,176,408 | ---- | M] (iWin Inc.) -- C:\Program Files\iWin Games\iWinTrusted.exe
PRC - [2010/07/27 06:15:50 | 001,573,888 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\ATT-SST\McciTrayApp.exe
PRC - [2010/07/27 05:47:14 | 000,315,392 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciServiceHost.exe
PRC - [2010/07/09 02:30:30 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/09/26 12:07:00 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe


========== Modules (SafeList) ==========

MOD - [2011/04/19 18:20:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/07/27 05:47:12 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (6to4)
SRV - [2010/11/11 14:57:04 | 000,268,528 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Documents and Settings\Owner\Desktop\Royal's Folder\WMZuneComm.exe -- (WMZuneComm)
SRV - [2010/11/11 14:57:02 | 000,444,656 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Documents and Settings\Owner\Desktop\Royal's Folder\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/11/11 14:55:56 | 006,351,600 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Documents and Settings\Owner\Desktop\Royal's Folder\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010/11/11 14:55:56 | 000,057,072 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- c:\Documents and Settings\Owner\Desktop\Royal's Folder\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2010/11/02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/09/02 11:38:28 | 000,176,408 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2010/07/27 05:47:14 | 000,315,392 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\McciServiceHost.exe -- (McciServiceHost)
SRV - [2010/04/04 03:11:30 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)


========== Driver Services (SafeList) ==========

DRV - [2011/04/19 03:05:39 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010/12/24 18:35:37 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nocashio.sys -- (nocashio)
DRV - [2010/09/16 21:01:39 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/07/27 05:47:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/07/27 05:47:10 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/06/09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/05/07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009/12/01 16:49:54 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/11/02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/09/26 12:07:00 | 003,644,800 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/07/29 14:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/07/29 14:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/03/17 05:51:16 | 001,033,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/03/17 05:50:36 | 000,221,440 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2005/03/17 05:50:32 | 000,705,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 16:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "PageRage Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Inbox Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.21
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:11.0.2.556
FF - prefs.js..extensions.enabledItems: [email protected]:11.0.2.556


FF - HKLM\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0849}: C:\Program Files\iWin Games\firefox\ [2011/02/11 09:11:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/18 12:20:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/20 12:41:58 | 000,000,000 | ---D | M]

[2011/03/30 15:08:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/04/20 10:52:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\extensions
[2011/02/05 23:16:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/17 04:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/02/10 12:03:02 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}(2)
[2011/04/17 04:30:29 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}(2)
[2011/04/17 04:27:00 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2011/03/09 00:48:43 | 000,000,000 | ---D | M] ("Flash Video Downloader (Youtube Downloader)") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\extensions\[email protected]
[2011/04/17 04:30:32 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\extensions\[email protected](2).com
[2011/04/17 04:27:00 | 000,000,000 | ---D | M] ("Inbox Toolbar") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\extensions\[email protected](2).com
[2010/12/30 17:15:20 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\searchplugins\conduit.xml
[2011/03/31 08:09:30 | 000,002,292 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\searchplugins\inbox-search.xml
[2010/12/09 11:17:40 | 000,005,529 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\hxcjd315.default\searchplugins\SearchquWebSearch.xml
[2011/04/20 10:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/04 23:53:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/19 03:37:28 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011/04/19 03:37:25 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011/02/04 23:52:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/17 04:30:41 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS SAVEVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2011/02/04 23:52:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/07/26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010/12/09 11:17:40 | 000,005,529 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml

Hosts file not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.7.254
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/26 14:04:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/09/24 11:31:48 | 000,000,084 | ---- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2004/09/13 19:15:24 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/20 14:30:20 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/04/20 14:26:06 | 000,519,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTM.exe
[2011/04/20 14:19:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Backup
[2011/04/20 14:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\New Folder
[2011/04/19 18:20:41 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/04/19 13:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\PCHealth
[2011/04/19 12:03:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2011/04/19 04:44:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2011/04/19 03:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Kaspersky Internet Security 2011
[2011/04/19 03:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2011/04/19 03:05:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2011/04/19 03:05:39 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011/04/19 03:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2011/04/17 21:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Real
[2011/04/17 18:36:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft
[2011/04/17 04:39:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/04/17 04:39:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FLV to MP4 Converter
[2011/04/17 04:39:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\CCleaner
[2011/04/17 04:39:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FLV to WMV Convert
[2011/04/17 04:39:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
[2011/04/17 04:39:43 | 000,000,000 | ---D | C] -- C:\Program Files\Screaming Bee
[2011/04/17 04:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/17 04:39:40 | 000,000,000 | ---D | C] -- C:\Program Files\SpongeBob Diner Dash
[2011/04/17 04:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpongeBob Diner Dash
[2011/04/17 04:33:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/04/17 04:29:46 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011/04/17 04:29:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SystemRequirementsLab
[2011/04/17 04:29:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Skulltag
[2011/04/17 04:29:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Maniac Mansion Deluxe
[2011/04/17 04:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Full Tilt Poker
[2011/04/17 04:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Glulxe
[2011/04/17 00:52:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun(2)
[2011/04/15 20:27:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/04/15 19:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/04/15 19:18:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/04/15 15:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2011/04/15 14:02:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/04/15 14:02:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/04/15 13:52:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\{1D93ADE4-06A5-4DD0-8D2C-2979B6CA23BF}
[2011/04/11 01:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\New Folder (2)
[2011/04/03 20:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\sm-ssc
[2011/03/31 08:10:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\RebateInformer
[2011/03/31 08:09:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\PCPowerSpeed
[2011/03/31 08:08:57 | 000,000,000 | ---D | C] -- C:\Program Files\PCPowerSpeed
[2011/03/31 08:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\RebateInformer
[2011/03/31 08:08:21 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2011/03/31 08:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Inbox Toolbar
[2011/03/30 15:08:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\searchqutoolbar
[2011/03/30 15:08:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Savevid Toolbar
[2011/03/30 15:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{4DC9D39F-E342-4826-8E99-5A0EFA8682D7}
[2011/03/30 15:07:56 | 000,000,000 | ---D | C] -- C:\Program Files\Savevid
[2011/03/28 22:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Emicsoft Studio
[2011/03/28 22:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Emicsoft Studio
[2011/03/23 00:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[21 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/20 15:16:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3DB68866-A5D1-454A-9AA6-992001C431B8}.job
[2011/04/20 14:36:46 | 000,030,277 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/04/20 14:36:36 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1008715299-2912668750-1370728213-1003.job
[2011/04/20 14:36:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/20 14:36:24 | 1307,037,696 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/20 14:26:09 | 000,519,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTM.exe
[2011/04/20 14:03:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/20 12:41:58 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/04/19 22:56:27 | 000,000,855 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2011/04/19 18:20:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/04/19 13:06:53 | 000,181,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/19 13:02:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/19 12:03:36 | 000,110,080 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/19 04:03:07 | 000,115,267 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/04/19 04:03:07 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011/04/19 03:14:38 | 000,000,213 | ---- | M] () -- C:\WINDOWS\System32\winset.ini
[2011/04/19 03:05:39 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011/04/18 10:00:11 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2011/04/18 10:00:10 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/04/17 21:07:17 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/17 03:45:21 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/04/17 03:20:59 | 000,464,302 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/17 03:20:59 | 000,080,376 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/17 00:41:18 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/17 00:04:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Mjikil.bin
[2011/04/17 00:04:32 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1008715299-2912668750-1370728213-1003.job
[2011/04/16 23:30:08 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Vrujacolalocup.dat
[2011/04/09 15:53:00 | 001,361,851 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Nerf Herder - Mr Blue Sky.mp3
[2011/04/06 00:16:42 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/03/27 19:26:39 | 000,007,860 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2011/03/23 00:19:15 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[21 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/20 12:41:58 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/04/19 17:56:09 | 1307,037,696 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/19 04:57:29 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/04/19 03:07:50 | 000,115,267 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/04/19 03:07:50 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011/04/18 15:48:52 | 000,000,213 | ---- | C] () -- C:\WINDOWS\System32\winset.ini
[2011/04/18 10:00:11 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2011/04/18 10:00:10 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2011/04/17 21:07:17 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/15 13:52:39 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Vrujacolalocup.dat
[2011/04/15 13:52:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Mjikil.bin
[2011/04/09 15:52:52 | 001,361,851 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Nerf Herder - Mr Blue Sky.mp3
[2011/04/06 00:16:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/03/23 00:23:59 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/02/23 01:09:21 | 000,000,021 | ---- | C] () -- C:\WINDOWS\clofghls.dll
[2011/02/23 01:07:07 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2011/02/10 05:25:07 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011/02/10 05:25:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2011/01/22 23:31:11 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/12/24 18:35:36 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\nocashio.sys
[2010/12/14 22:34:10 | 000,000,139 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/11/17 00:29:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2010/11/04 19:36:08 | 000,000,192 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010/11/04 15:50:47 | 000,000,793 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/11/02 11:08:46 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010/11/02 11:08:46 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010/11/02 11:08:46 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010/10/26 19:36:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/10/13 00:35:43 | 000,001,350 | ---- | C] () -- C:\WINDOWS\cdiemu.ini
[2010/09/20 04:31:00 | 000,033,576 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/07 12:17:04 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/09/07 08:16:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2010/09/07 03:10:14 | 000,007,860 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2010/08/14 08:36:42 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/06/01 01:02:18 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/25 17:44:00 | 000,000,065 | ---- | C] () -- C:\WINDOWS\pspvc_path.ini
[2010/04/09 15:08:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\zmbv.dll
[2010/04/05 20:36:20 | 000,110,080 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/04 03:24:07 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/04/04 03:20:50 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/04/04 03:20:11 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010/04/04 03:20:00 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/04/04 03:19:41 | 000,000,004 | ---- | C] () -- C:\WINDOWS\Pix11.dat
[2010/04/04 03:15:44 | 000,471,300 | ---- | C] () -- C:\WINDOWS\wallpe.exe
[2010/04/04 03:01:42 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2009/09/20 04:21:20 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/09/20 04:21:18 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/09/20 04:21:18 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/09/20 04:21:17 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/09/20 04:21:15 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/09/20 04:21:15 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2009/09/20 04:21:15 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009/09/20 04:21:14 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/09/20 04:21:11 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/09/20 04:21:11 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2009/09/20 04:21:09 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2009/09/09 18:01:40 | 000,027,675 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2008/09/02 23:32:22 | 004,912,113 | ---- | C] () -- C:\WINDOWS\System32\jcodec.dll
[2008/09/02 23:32:22 | 000,018,181 | ---- | C] () -- C:\WINDOWS\System32\jcodecsh.dll
[2006/01/17 15:05:40 | 000,003,177 | -H-- | C] () -- C:\Documents and Settings\Owner\Application Data\Ownerlog.dat
[2005/06/18 11:00:52 | 000,070,018 | ---- | C] () -- C:\WINDOWS\System32\akrip32.dll
[2004/08/27 06:50:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/27 05:54:47 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2004/08/26 14:07:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/26 14:01:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/26 12:12:43 | 000,001,430 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/26 12:12:43 | 000,000,490 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 12:12:13 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/26 12:12:10 | 000,464,302 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/26 12:12:10 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/26 12:12:10 | 000,080,376 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/26 12:12:10 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/26 12:12:08 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/26 12:12:07 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/26 12:12:05 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/26 12:12:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/26 12:11:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/26 12:11:54 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/26 12:11:46 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/26 06:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/26 06:54:01 | 000,181,528 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== LOP Check ==========

[2011/02/05 02:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2011/02/04 21:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTYToolbar
[2010/09/16 21:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/02/11 09:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2011/01/22 23:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leawo
[2010/10/21 03:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/09/09 00:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2010/11/10 07:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/02/11 09:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2011/03/03 18:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2011/02/10 05:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2011/04/01 23:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/02/05 04:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TERMINAL Studio
[2010/04/04 03:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/04/17 04:30:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{4DC9D39F-E342-4826-8E99-5A0EFA8682D7}
[2010/12/16 22:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.bsnes
[2011/03/06 17:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.doomseeker
[2011/04/17 04:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\24A63297B4574B483A348F86B2F8AF3B
[2011/02/05 03:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\acccore
[2010/09/26 00:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Audacity
[2010/10/27 22:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
[2010/11/09 00:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\fofix
[2011/04/17 04:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\fretsonfire
[2011/04/17 04:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FrostWire
[2011/01/24 15:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2011/04/17 04:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Inbox Toolbar
[2011/01/12 07:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\iWin
[2011/02/11 09:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\iWinArcade
[2011/01/22 23:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leawo
[2010/11/28 00:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mind Control Software
[2011/01/22 23:32:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Moyea
[2011/01/22 16:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Music Recognition
[2011/02/04 18:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PCFix
[2011/04/17 04:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PCPowerSpeed
[2010/11/28 00:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PlayFirst
[2011/03/31 08:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\RebateInformer
[2011/01/24 15:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ringtone
[2010/04/04 03:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2010/12/08 01:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Schism Tracker
[2011/03/03 18:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Screaming Bee
[2011/04/17 04:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\searchqutoolbar
[2011/04/17 04:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\sm-ssc
[2010/10/11 21:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Stella
[2010/12/02 00:25:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Synthesia
[2011/04/17 04:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SystemRequirementsLab
[2010/09/07 03:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2011/04/17 03:45:21 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/04/20 15:16:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3DB68866-A5D1-454A-9AA6-992001C431B8}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3550AA2
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F662888F

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP