Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Stubborn snap-ins kept coming back.

Started by Jason Ng , Oct 03 2011 05:06 PM

  • Please log in to reply

#1
Jason Ng
Posted 03 October 2011 - 05:06 PM

Jason Ng

    New Member

  • Member
  • Pip
  • 1 posts
OTL logfile created on: 10/4/2011 6:42:46 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\user\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.36 Mb Total Physical Memory | 100.38 Mb Available Physical Memory | 19.94% Memory free
1.44 Gb Paging File | 0.72 Gb Available in Paging File | 50.13% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.35 Gb Total Space | 18.03 Gb Free Space | 65.95% Space Free | Partition Type: NTFS
Drive D: | 28.54 Gb Total Space | 28.47 Gb Free Space | 99.74% Space Free | Partition Type: NTFS

Computer Name: SMHP | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/04 06:41:38 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\My Documents\Downloads\OTL.exe
PRC - [2011/10/01 07:38:03 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/09/10 16:04:58 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2011/09/10 16:04:58 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2011/09/10 16:04:54 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2011/09/10 16:04:52 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2011/09/10 16:04:51 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/01 07:38:02 | 000,412,728 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\ppgooglenaclpluginchrome.dll
MOD - [2011/10/01 07:38:00 | 003,696,184 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\pdf.dll
MOD - [2011/10/01 07:36:54 | 000,309,816 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\Locales\en-GB.dll
MOD - [2011/10/01 07:36:24 | 000,142,568 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\avutil-51.dll
MOD - [2011/10/01 07:36:23 | 000,253,320 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\avformat-53.dll
MOD - [2011/10/01 07:36:22 | 002,403,240 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\avcodec-53.dll
MOD - [2011/10/01 05:07:32 | 006,338,720 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\gcswf32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/09/10 16:04:54 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)


========== Driver Services (SafeList) ==========

DRV - [2011/09/13 18:05:03 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/09/11 12:20:02 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2011/09/10 16:04:52 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2008/12/11 02:56:18 | 000,187,392 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2008/11/17 13:23:16 | 003,636,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2008/05/08 02:49:40 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/04/28 14:22:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2007/12/16 14:24:28 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2007/12/16 14:24:28 | 000,088,192 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gtipci21.sys -- (GTIPCI21)
DRV - [2007/06/18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/01/23 21:13:26 | 000,036,608 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/09/28 08:00:10 | 001,160,320 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2001/08/17 20:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011/09/13 18:05:09 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B9501D6-959B-42CA-9A19-591B47A7AD04}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{550F9815-0926-476E-95CA-F8DC029683EA}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/09/10 14:44:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/25 06:52:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\AVG9
[2011/09/25 06:35:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2011/09/19 12:42:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/09/19 12:41:28 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/09/11 12:22:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/09/10 22:38:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Videos
[2011/09/10 22:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/09/10 22:37:15 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2011/09/10 22:37:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2011/09/10 22:37:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2011/09/10 22:37:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2011/09/10 22:37:10 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2011/09/10 22:35:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Real
[2011/09/10 22:34:44 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\drivers\smcirda.sys
[2011/09/10 22:32:32 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/09/10 22:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/09/10 22:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011/09/10 22:32:26 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/09/10 22:32:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011/09/10 22:32:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011/09/10 22:32:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/09/10 22:32:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2011/09/10 22:32:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/09/10 22:32:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2011/09/10 22:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/09/10 22:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2011/09/10 22:31:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/09/10 22:31:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/09/10 22:31:38 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/09/10 22:31:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/09/10 22:31:12 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/09/10 22:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/09/10 22:22:56 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/09/10 22:22:56 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/09/10 22:22:56 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/09/10 22:22:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Dell
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/09/10 22:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011/09/10 22:22:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\dvdcss
[2011/09/10 21:29:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/09/10 21:26:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011/09/10 16:27:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\Wang gua gua
[2011/09/10 16:24:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\song list
[2011/09/10 16:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\Karaoka
[2011/09/10 16:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\feng hua zai jian
[2011/09/10 16:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\Zen chang Jing Dian
[2011/09/10 16:04:58 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2011/09/10 15:47:37 | 000,243,152 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2011/09/10 15:47:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG Free 9.0
[2011/09/10 15:47:31 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2011/09/10 15:47:30 | 000,029,712 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2011/09/10 15:47:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2011/09/10 15:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/09/10 15:47:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/09/10 15:46:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\Google Chrome
[2011/09/10 15:40:19 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/09/10 15:39:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Google
[2011/09/10 15:32:15 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/09/10 15:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2011/09/10 15:31:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\InstallShield
[2011/09/10 15:25:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft Help
[2011/09/10 15:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2011/09/10 15:21:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2011/09/10 15:20:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\hpqLog
[2011/09/10 15:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\hpqLog
[2011/09/10 15:20:20 | 000,000,000 | ---D | C] -- C:\swsetup
[2011/09/10 15:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Downloads
[2011/09/10 15:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero
[2011/09/10 15:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Macromedia
[2011/09/10 15:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Adobe
[2011/09/10 15:14:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Mozilla
[2011/09/10 15:14:16 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2011/09/10 15:14:13 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2011/09/10 15:14:13 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2011/09/10 15:14:13 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2011/09/10 15:14:13 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2011/09/10 15:14:12 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2011/09/10 15:14:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2011/09/10 15:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2011/09/10 15:12:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\vlc
[2011/09/10 15:12:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\The KMPlayer
[2011/09/10 15:12:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/09/10 15:11:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\The KMPlayer
[2011/09/10 15:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/09/10 15:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/09/10 15:11:46 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2011/09/10 15:11:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\WinRAR
[2011/09/10 15:11:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/09/10 15:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/09/10 15:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2011/09/10 15:01:44 | 001,160,320 | ---- | C] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys
[2011/09/10 15:01:44 | 000,068,096 | ---- | C] (Agere Systems) -- C:\WINDOWS\agrsmdel.exe
[2011/09/10 15:00:59 | 000,290,304 | ---- | C] (Texas Instruments) -- C:\WINDOWS\System32\drivers\tifm21.sys
[2011/09/10 15:00:58 | 000,088,192 | ---- | C] (Texas Instruments) -- C:\WINDOWS\System32\drivers\gtipci21.sys
[2011/09/10 15:00:58 | 000,028,672 | ---- | C] (Gemplus) -- C:\WINDOWS\cttib1.dll
[2011/09/10 15:00:57 | 000,475,136 | ---- | C] (AuthenTec, Inc.) -- C:\WINDOWS\System32\drivers\ATSwpWDF.sys
[2011/09/10 14:59:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/09/10 14:59:56 | 000,036,608 | ---- | C] (Infineon Technologies AG) -- C:\WINDOWS\System32\drivers\ifxtpm.sys
[2011/09/10 14:59:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/09/10 14:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Identities
[2011/09/10 14:56:35 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/09/10 14:56:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Pictures
[2011/09/10 14:56:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents\My Music
[2011/09/10 14:56:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Application Data\Microsoft
[2011/09/10 14:56:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user\Cookies
[2011/09/10 14:56:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\SendTo
[2011/09/10 14:56:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2011/09/10 14:56:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Application Data
[2011/09/10 14:56:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Start Menu\Programs\Startup
[2011/09/10 14:56:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Start Menu
[2011/09/10 14:56:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\My Documents
[2011/09/10 14:56:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Favorites
[2011/09/10 14:56:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Start Menu\Programs\Accessories
[2011/09/10 14:56:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Templates
[2011/09/10 14:56:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\PrintHood
[2011/09/10 14:56:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\NetHood
[2011/09/10 14:56:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\Local Settings
[2011/09/10 14:56:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Microsoft
[2011/09/10 14:56:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop
[2011/09/10 14:51:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/09/10 14:51:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/09/10 14:51:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/09/10 14:51:23 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/09/10 14:51:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/09/10 14:47:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/09/10 14:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/09/10 14:46:14 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/09/10 14:46:14 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/09/10 14:46:14 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/09/10 14:44:54 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/09/10 14:44:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/09/10 14:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011/09/10 14:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011/09/10 14:44:13 | 000,000,000 | ---D | C] -- C:\DELL
[2011/09/10 14:42:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011/09/10 14:42:39 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011/09/10 14:42:39 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011/09/10 14:42:26 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011/09/10 14:42:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011/09/10 14:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011/09/10 14:41:44 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011/09/10 14:41:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/09/10 14:41:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011/09/10 14:41:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011/09/10 14:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011/09/10 14:41:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011/09/10 14:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011/09/10 14:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011/09/10 14:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011/09/10 14:40:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/09/10 14:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011/09/10 14:40:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/09/10 14:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011/09/10 14:39:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/09/10 14:39:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011/09/10 14:39:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/09/10 14:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011/09/10 14:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/09/10 14:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/09/10 14:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011/09/10 14:38:58 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2011/09/10 14:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2011/09/10 14:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011/09/10 14:38:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011/09/10 14:38:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011/09/10 14:38:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011/09/10 14:38:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2011/09/10 14:38:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/04 06:45:04 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1229272821-1417001333-1003UA.job
[2011/10/04 05:34:27 | 086,964,035 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/10/04 05:34:04 | 000,312,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/04 05:34:04 | 000,040,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/04 05:29:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/04 05:29:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/03 20:42:08 | 000,001,479 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Solitaire.lnk
[2011/10/03 15:45:01 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1229272821-1417001333-1003Core.job
[2011/10/02 12:49:01 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/02 12:49:00 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Google Chrome.lnk
[2011/09/26 18:27:34 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Spider Solitaire.lnk
[2011/09/20 21:17:08 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/09/19 12:43:03 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/09/13 18:05:03 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2011/09/11 12:20:02 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2011/09/11 04:02:55 | 000,259,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/10 22:42:06 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Windows Media Player.lnk
[2011/09/10 22:39:01 | 000,000,024 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2011/09/10 22:37:55 | 000,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer SP.lnk
[2011/09/10 22:37:15 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2011/09/10 21:35:02 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/09/10 20:29:53 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2011/09/10 16:04:58 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2011/09/10 16:04:52 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2011/09/10 15:47:37 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2011/09/10 15:47:30 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2011/09/10 15:47:23 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2011/09/10 15:47:23 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2011/09/10 15:40:30 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Internet Explorer Browser.lnk
[2011/09/10 15:32:36 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
[2011/09/10 15:21:13 | 000,001,257 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2011/09/10 15:21:13 | 000,001,239 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2011/09/10 15:15:00 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/09/10 15:14:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/09/10 15:12:23 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/09/10 15:11:58 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\user\Desktop\KMPlayer.lnk
[2011/09/10 15:08:56 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2011/09/10 15:08:48 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2011/09/10 15:01:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ATSwpWDF_01005.Wdf
[2011/09/10 15:01:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2011/09/10 14:56:46 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/09/10 14:56:45 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/09/10 14:47:57 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/09/10 14:47:07 | 000,004,382 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/10 14:47:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/09/10 14:44:01 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/10 14:44:01 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/09/10 14:44:01 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/09/10 14:44:01 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/09/10 14:44:01 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/09/10 14:43:56 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/09/10 14:43:56 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/09/10 14:43:45 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/09/10 14:40:20 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/10 22:42:06 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Windows Media Player.lnk
[2011/09/10 22:40:27 | 000,001,479 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Solitaire.lnk
[2011/09/10 22:40:04 | 000,001,490 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Spider Solitaire.lnk
[2011/09/10 22:39:01 | 000,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/09/10 22:37:55 | 000,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer SP.lnk
[2011/09/10 22:32:36 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2011/09/10 22:32:34 | 000,004,382 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/09/10 22:32:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/09/10 22:32:28 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011/09/10 22:32:28 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011/09/10 22:32:27 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/09/10 22:32:27 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/09/10 22:32:12 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/09/10 22:32:00 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2011/09/10 22:32:00 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2011/09/10 22:32:00 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2011/09/10 22:32:00 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2011/09/10 22:32:00 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2011/09/10 22:31:59 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/09/10 22:31:59 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2011/09/10 22:31:59 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/09/10 22:31:59 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/09/10 22:31:59 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/09/10 22:31:59 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/09/10 22:31:59 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/09/10 22:31:59 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/09/10 22:31:59 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/09/10 22:31:59 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/09/10 22:31:59 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/09/10 22:31:59 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/09/10 22:31:59 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/09/10 22:31:59 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011/09/10 22:31:12 | 000,259,048 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/10 22:30:20 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2011/09/10 22:30:16 | 000,000,290 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/09/10 22:18:35 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/09/10 21:35:02 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/09/10 15:47:37 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2011/09/10 15:47:30 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2011/09/10 15:47:23 | 086,964,035 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/09/10 15:47:23 | 006,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2011/09/10 15:47:23 | 000,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2011/09/10 15:47:23 | 000,142,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2011/09/10 15:46:19 | 000,002,277 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Google Chrome.lnk
[2011/09/10 15:46:19 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/10 15:40:30 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Internet Explorer Browser.lnk
[2011/09/10 15:40:01 | 000,000,974 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1229272821-1417001333-1003UA.job
[2011/09/10 15:40:00 | 000,000,922 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1229272821-1417001333-1003Core.job
[2011/09/10 15:32:36 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
[2011/09/10 15:21:13 | 000,001,257 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2011/09/10 15:21:13 | 000,001,239 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2011/09/10 15:14:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/09/10 15:12:23 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/09/10 15:11:58 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\user\Desktop\KMPlayer.lnk
[2011/09/10 15:08:58 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2011/09/10 15:02:39 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2011/09/10 15:02:39 | 000,027,024 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2011/09/10 15:02:39 | 000,002,096 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrtrk.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrtha.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrsve.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrslv.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrsky.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrptg.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrptb.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrplk.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrnor.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrnld.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrkor.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrjpn.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrita.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrhun.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrheb.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrfra.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrfin.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxresp.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrell.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrdeu.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrdan.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrcsy.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrcht.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrchs.lrc
[2011/09/10 15:02:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\igfxrara.lrc
[2011/09/10 15:01:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ATSwpWDF_01005.Wdf
[2011/09/10 15:01:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2011/09/10 15:00:58 | 000,017,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\tiscfw.deb
[2011/09/10 14:56:45 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/09/10 14:56:37 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\user\Start Menu\Programs\Outlook Express.lnk
[2011/09/10 14:56:35 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/09/10 14:56:35 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\user\Start Menu\Programs\Internet Explorer.lnk
[2011/09/10 14:56:30 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\user\Start Menu\Programs\Remote Assistance.lnk
[2011/09/10 14:56:30 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\user\Start Menu\Programs\Windows Media Player.lnk
[2011/09/10 14:47:57 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/09/10 14:47:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/09/10 14:46:07 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/09/10 14:45:43 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/09/10 14:45:36 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/09/10 14:45:35 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/09/10 14:45:33 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/09/10 14:45:20 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/09/10 14:45:13 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/09/10 14:45:10 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/09/10 14:44:57 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/09/10 14:44:01 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/10 14:44:01 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/09/10 14:44:01 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/09/10 14:44:01 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011/09/10 14:44:01 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011/09/10 14:43:56 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/09/10 14:43:56 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/09/10 14:43:55 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011/09/10 14:42:25 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2011/09/10 14:42:12 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011/09/10 14:41:56 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011/09/10 14:41:56 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011/09/10 14:41:49 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011/09/10 14:41:08 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2011/09/10 14:40:22 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/09/10 14:40:20 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/09/10 14:39:48 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2011/09/10 14:39:24 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2011/09/10 14:39:24 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2011/09/10 14:39:24 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2011/09/10 14:39:24 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2011/09/10 14:39:24 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2011/09/10 14:39:23 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2011/09/10 14:39:23 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2011/09/10 14:39:23 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/09/10 14:39:23 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2011/09/10 14:39:23 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2011/09/10 14:39:23 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2011/09/10 14:39:20 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011/09/10 14:39:20 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011/09/10 14:39:19 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011/09/10 14:39:14 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008/04/14 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 07:00:00 | 000,312,172 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 07:00:00 | 000,040,394 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/04/15 11:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/04/15 11:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== LOP Check ==========

[2011/09/10 15:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/09/11 12:22:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/09/25 06:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\AVG9

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/09/10 16:23:53 | 000,000,000 | R--D | M](C:\Documents and Settings\user\Desktop\???) -- C:\Documents and Settings\user\Desktop\邓丽君
[2011/09/10 16:23:39 | 000,000,000 | R--D | C](C:\Documents and Settings\user\Desktop\???) -- C:\Documents and Settings\user\Desktop\邓丽君

< End of report >

OTL Extras logfile created on: 10/4/2011 6:42:46 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\user\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.36 Mb Total Physical Memory | 100.38 Mb Available Physical Memory | 19.94% Memory free
1.44 Gb Paging File | 0.72 Gb Available in Paging File | 50.13% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.35 Gb Total Space | 18.03 Gb Free Space | 65.95% Space Free | Partition Type: NTFS
Drive D: | 28.54 Gb Total Space | 28.47 Gb Free Space | 99.74% Space Free | Partition Type: NTFS

Computer Name: SMHP | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgtray.exe" = C:\Program Files\AVG\AVG9\avgtray.exe:*:Enabled:AVG Free Tray Icon -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 L2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AVG9Uninstall" = AVG Free 9.0
"NeroMultiInstaller!UninstallKey" = Nero Suite
"RealPlayer 12.0" = RealPlayer
"The KMPlayer" = The KMPlayer (remove only)
"VLC media player" = VLC media player 1.0.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/10/2011 3:20:40 AM | Computer Name = USER-5D3EEE5E11 | Source = MsiInstaller | ID = 10005
Description = Product: HP 3D DriveGuard -- HP 3D DriveGuard can not be installed
on systems earlier than Windows Vista x86

Error - 9/24/2011 12:24:17 PM | Computer Name = USER-5D3EEE5E11 | Source = Application Hang | ID = 1002
Description = Hanging application HelpCtr.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 9/30/2011 5:23:02 AM | Computer Name = SMHP | Source = LoadPerf | ID = 3014
Description = Unable to update the performance counter explain text strings of the
009
language ID. The Win32 status returned by the call is the first DWORD in Data section.

Error - 9/30/2011 5:23:02 AM | Computer Name = SMHP | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP