Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

get answers fast search redirects HELP!


  • Please log in to reply

#1
fuzzer

fuzzer

    New Member

  • Member
  • Pip
  • 1 posts
Windows XP system. perfomed the steps outlined in the how to fix google redirects thread, TDSSKILLER would not run. Nothing was found with any of the other tools. I've also run Malmwarebytes, SpyBot, Kapersky AVP, and several other tools, nothing discovered. Below is my OTL log:

thanks in advance
steve

OTL logfile created on: 12/12/2011 7:22:12 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\emie.stoudt\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.09 Mb Total Physical Memory | 292.77 Mb Available Physical Memory | 28.64% Memory free
2.40 Gb Paging File | 1.80 Gb Available in Paging File | 74.91% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.62 Gb Total Space | 120.38 Gb Free Space | 82.67% Space Free | Partition Type: NTFS
Drive E: | 576.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 465.65 Gb Total Space | 423.98 Gb Free Space | 91.05% Space Free | Partition Type: FAT32

Computer Name: LFIWS1FSBC2 | User Name: emie.stoudt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/12 19:22:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\emie.stoudt\Desktop\OTL.exe
PRC - [2011/12/09 11:39:45 | 002,996,272 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2011/12/09 11:19:25 | 001,008,120 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\My Documents\Downloads\rkill.com
PRC - [2011/06/01 07:44:55 | 002,120,568 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Desktop.exe
PRC - [2011/06/01 07:44:54 | 008,003,448 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version6\TeamViewer.exe
PRC - [2011/06/01 07:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/06/01 07:16:33 | 000,108,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\tv_w32.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/09/20 01:34:22 | 000,032,768 | ---- | M] (SHARP CORPORATION) -- C:\Program Files\SHARP\Sharpdesk\SharpTray.exe
PRC - [2008/06/13 02:16:36 | 000,704,512 | ---- | M] (SHARP CORPORATION) -- C:\Program Files\SHARP\Sharpdesk\FTPServer.exe
PRC - [2008/06/13 02:12:54 | 000,548,864 | ---- | M] (SHARP CORPORATION) -- C:\Program Files\SHARP\Sharpdesk\nsapp.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/20 08:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2005/09/26 07:07:27 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2005/08/16 01:54:58 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Local Settings\Temp\RarSFX0\h\iexplore.exe
PRC - [2005/04/25 08:50:08 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2005/04/25 08:49:52 | 000,086,142 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2005/03/23 00:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/08/02 18:36:32 | 001,267,024 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2004/08/02 18:36:26 | 000,030,024 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2004/06/11 17:28:30 | 000,201,944 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2004/06/09 19:31:14 | 000,242,808 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2004/06/09 19:31:08 | 000,255,096 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2004/06/09 19:31:06 | 000,066,680 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2003/07/01 05:42:24 | 000,028,672 | ---- | M] (ActivCard) -- C:\Program Files\ActivCard\ActivCard Gold\acevtsrv.exe
PRC - [2003/03/24 11:39:22 | 000,036,864 | ---- | M] (ActivCard S.A.) -- C:\Program Files\Common Files\ActivCard\acautoup.exe
PRC - [2003/03/19 08:27:24 | 000,147,456 | ---- | M] (ActivCard) -- C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
PRC - [2002/12/17 06:38:20 | 000,135,168 | ---- | M] (ActivCard) -- C:\Program Files\Common Files\ActivCard\acachsrv.exe
PRC - [2002/11/29 12:43:58 | 000,053,248 | ---- | M] (ActivCard S.A.) -- C:\Program Files\Common Files\ActivCard\acautoreg.exe
PRC - [2002/08/12 14:54:58 | 000,159,744 | ---- | M] (ActivCard) -- C:\Program Files\Common Files\ActivCard\accoca.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/09 11:19:25 | 001,008,120 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\My Documents\Downloads\rkill.com
MOD - [2010/09/22 20:12:20 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2008/06/13 02:22:00 | 000,006,144 | ---- | M] () -- C:\Program Files\SHARP\Sharpdesk\discoveryps.dll
MOD - [2008/06/13 02:16:48 | 000,217,088 | ---- | M] () -- C:\Program Files\SHARP\Sharpdesk\FtpServerps.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/04/20 08:34:38 | 000,197,680 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll
MOD - [2005/08/16 01:54:58 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Local Settings\Temp\RarSFX0\h\iexplore.exe
MOD - [2002/11/28 17:23:16 | 000,684,032 | ---- | M] () -- C:\WINDOWS\system32\aclibeay.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/12/09 11:39:45 | 002,996,272 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/01 07:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2006/04/20 08:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2005/04/25 08:49:52 | 000,086,142 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel®
SRV - [2004/08/02 18:36:36 | 000,173,392 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2004/08/02 18:36:32 | 001,267,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2004/08/02 18:36:26 | 000,030,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2004/06/11 17:28:30 | 000,201,944 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2004/06/09 19:31:14 | 000,242,808 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2004/06/09 19:31:12 | 000,087,160 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2004/06/09 19:31:08 | 000,255,096 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2003/03/24 11:39:22 | 000,036,864 | ---- | M] (ActivCard S.A.) [Auto | Running] -- C:\Program Files\Common Files\ActivCard\acautoup.exe -- (acautoupdate)
SRV - [2002/12/17 06:38:20 | 000,135,168 | ---- | M] (ActivCard) [Auto | Running] -- C:\Program Files\Common Files\ActivCard\acachsrv.exe -- (ACachSrv)
SRV - [2002/11/29 12:43:58 | 000,053,248 | ---- | M] (ActivCard S.A.) [Auto | Running] -- C:\Program Files\Common Files\ActivCard\acautoreg.exe -- (acautoreg)
SRV - [2002/08/12 14:54:58 | 000,159,744 | ---- | M] (ActivCard) [Auto | Running] -- C:\Program Files\Common Files\ActivCard\accoca.exe -- (Accoca)


========== Driver Services (SafeList) ==========

DRV - [2011/11/02 10:13:12 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2011/05/19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2011/05/02 03:00:00 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110502.002\navex15.sys -- (NAVEX15)
DRV - [2011/05/02 03:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110502.002\naveng.sys -- (NAVENG)
DRV - [2010/01/28 12:39:08 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010/01/28 12:39:08 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/13 13:36:41 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2006/11/07 03:32:00 | 000,046,976 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPKBCCID.sys -- (HPKBCCID)
DRV - [2006/04/20 08:33:40 | 000,303,740 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2006/01/10 11:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/26 07:07:30 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/06/29 19:50:30 | 000,110,080 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005/06/14 22:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2005/05/17 04:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/03/30 05:03:06 | 001,035,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/01/26 06:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2004/08/03 21:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/06/11 17:28:10 | 000,263,736 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2004/06/11 17:28:08 | 000,016,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2004/03/04 22:46:46 | 000,082,832 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2004/02/09 14:43:56 | 000,301,200 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2004/02/09 14:43:56 | 000,037,008 | R--- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2002/11/08 19:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2001/08/17 12:51:14 | 000,023,936 | ---- | M] (OMNIKEY AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sccmusbm.sys -- (OMNUSB)
DRV - [2000/07/24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA ED 78 71 2A B5 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = lfinmproxy:8080

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/01 16:18:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/30 10:09:29 | 000,000,000 | ---D | M]

[2009/10/06 10:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\emie.stoudt\Application Data\Mozilla\Extensions
[2011/11/17 14:57:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\emie.stoudt\Application Data\Mozilla\Firefox\Profiles\vl5f18k3.default\extensions
[2011/04/11 13:24:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\emie.stoudt\Application Data\Mozilla\Firefox\Profiles\vl5f18k3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/17 14:57:04 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\emie.stoudt\Application Data\Mozilla\Firefox\Profiles\vl5f18k3.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/12/01 16:18:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/01/28 09:16:59 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/12/01 16:18:02 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/24 13:15:11 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/01 16:18:02 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/12/12 17:03:07 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [acEventServ] C:\Program Files\ActivCard\ActivCard Gold\acevtsrv.exe (ActivCard)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [FtpServer.exe] C:\Program Files\Sharp\Sharpdesk\FtpServer.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexTray] C:\Program Files\Sharp\Sharpdesk\IndexTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.0\masqform.exe (PureEdge Solutions Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SharpTray] C:\Program Files\Sharp\Sharpdesk\SharpTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [TypeRegChecker] C:\Program Files\Sharp\Sharpdesk\TypeRegChecker.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [DOS2USB] C:\Program Files\DOS2USB\DOS2USB.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ActivCard Gold Smart Card Agent.lnk = C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe (ActivCard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: paymentnet.com ([www6] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6A6F4B83-45C5-4CA9-BDD9-0D81C12295E4} https://sejstoudt.ho...emote/msrdp.cab (Microsoft Terminal Services Client Control (redist))
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://secureaccess...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 216.54.2.10 216.54.2.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79543C46-CF29-4ADD-9BED-87B9680D907D}: Domain = accqolnet.org
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79543C46-CF29-4ADD-9BED-87B9680D907D}: NameServer = 204.117.214.10,199.2.252.10,204.99.212.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D09BC28D-A5BE-4A55-AA09-787FE42A0C27}: DhcpNameServer = 216.54.2.10 216.54.2.11
O18 - Protocol\Handler\sds {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files\SHARP\Sharpdesk\ExplorerExtensions.dll (SHARP CORPORATION)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\acAuth: DllName - (acauth.dll) - C:\WINDOWS\System32\acauth.dll (ActivCard)
O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\system32\NavLogon.dll) - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\emie.stoudt\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\emie.stoudt\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/04/01 13:53:24 | 000,000,071 | -H-- | M] () - G:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008/06/27 09:57:00 | 000,000,000 | ---D | M] - G:\autorun -- [ FAT32 ]
O33 - MountPoints2\{97f6efa8-db4c-11dc-bf3c-00123f75acd0}\Shell - "" = AutoRun
O33 - MountPoints2\{97f6efa8-db4c-11dc-bf3c-00123f75acd0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{97f6efa8-db4c-11dc-bf3c-00123f75acd0}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL docs\client_restore_instructions.htm
O33 - MountPoints2\{a73c1a46-8b7c-11df-bfcc-00123f75acd0}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O33 - MountPoints2\{ab868c2c-0c2e-11df-bfa7-00123f75acd0}\Shell - "" = AutoRun
O33 - MountPoints2\{ab868c2c-0c2e-11df-bfa7-00123f75acd0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ab868c2c-0c2e-11df-bfa7-00123f75acd0}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\wd_windows_tools\WDSetup.exe -- [2008/06/19 12:46:02 | 001,760,476 | ---- | M] (Western Digital Corporation )
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/12 19:22:00 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\emie.stoudt\Desktop\OTL.exe
[2011/12/12 17:11:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\emie.stoudt\Desktop\GooredFix Backups
[2011/12/12 17:10:43 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\emie.stoudt\Desktop\GooredFix.exe
[2011/12/12 17:02:50 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/12/12 17:02:01 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\emie.stoudt\Desktop\OTM.exe
[2011/12/12 12:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/12/12 12:49:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\emie.stoudt\Start Menu\Programs\HiJackThis
[2011/12/12 12:27:04 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/12 11:38:00 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/12/11 03:36:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/12/10 22:15:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\emie.stoudt\Recent
[2011/12/10 11:22:28 | 001,577,776 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\emie.stoudt\Desktop\tdsskiller.exe
[2011/12/10 10:39:05 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/12/10 10:33:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/10 10:33:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/10 10:33:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/10 10:33:15 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/09 11:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Emsisoft Anti-Malware
[2011/12/09 11:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2011/12/09 11:36:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\emie.stoudt\My Documents\Anti-Malware
[2011/12/09 11:24:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/12/09 11:21:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/08 13:40:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/12/08 13:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/12/08 13:34:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[1 C:\Documents and Settings\emie.stoudt\My Documents\*.tmp files -> C:\Documents and Settings\emie.stoudt\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\emie.stoudt\*.tmp files -> C:\Documents and Settings\emie.stoudt\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/12 19:28:05 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/12 19:22:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\emie.stoudt\Desktop\OTL.exe
[2011/12/12 19:16:19 | 000,445,576 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/12 19:16:19 | 000,072,782 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/12 19:15:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/12 18:10:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/12 18:09:57 | 1071,812,608 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/12 17:23:46 | 105,789,456 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Desktop\setup_11.0.0.1245.x01_2011_12_13_00_23.exe
[2011/12/12 17:10:48 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\emie.stoudt\Desktop\GooredFix.exe
[2011/12/12 17:03:07 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/12/12 17:02:03 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\emie.stoudt\Desktop\OTM.exe
[2011/12/12 12:55:04 | 000,002,459 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Desktop\HiJackThis.lnk
[2011/12/12 12:48:38 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Desktop\HijackThis.msi
[2011/12/12 11:55:00 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Desktop\6wr0c2t2.exe
[2011/12/12 11:46:04 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Desktop\Shortcut to Internet Explorer.lnk
[2011/12/12 10:02:41 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/12/12 09:11:04 | 000,307,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/11 03:37:06 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/10 11:27:29 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Desktop\username123.exe.lnk
[2011/12/10 11:22:32 | 001,577,776 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\emie.stoudt\Desktop\tdsskiller.exe
[2011/12/10 10:39:25 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/12/10 09:38:56 | 000,023,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/12/09 11:37:23 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2011/12/09 11:37:23 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2011/12/08 14:01:35 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/12/08 13:40:13 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/11/19 11:11:52 | 000,002,253 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Desktop\SyncToy 2.1.lnk
[2011/11/19 10:25:10 | 000,000,122 | ---- | M] () -- C:\Documents and Settings\emie.stoudt\Desktop\Stoudt, Emie S Civ USAF ACC 633 FSS-FSCB - Outlook Web Access.url
[1 C:\Documents and Settings\emie.stoudt\My Documents\*.tmp files -> C:\Documents and Settings\emie.stoudt\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\emie.stoudt\*.tmp files -> C:\Documents and Settings\emie.stoudt\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/12 17:23:35 | 105,789,456 | ---- | C] () -- C:\Documents and Settings\emie.stoudt\Desktop\setup_11.0.0.1245.x01_2011_12_13_00_23.exe
[2011/12/12 12:49:37 | 000,002,459 | ---- | C] () -- C:\Documents and Settings\emie.stoudt\Desktop\HiJackThis.lnk
[2011/12/12 12:48:33 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\emie.stoudt\Desktop\HijackThis.msi
[2011/12/12 11:54:57 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\emie.stoudt\Desktop\6wr0c2t2.exe
[2011/12/11 03:01:35 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/12/10 11:29:41 | 1071,812,608 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/10 11:27:29 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\emie.stoudt\Desktop\username123.exe.lnk
[2011/12/10 10:39:23 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/12/10 10:39:10 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/12/10 10:33:16 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/10 10:33:15 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/10 10:33:15 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/10 10:33:15 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/10 10:33:15 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/12/10 09:38:55 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/12/09 11:37:23 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\emie.stoudt\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2011/12/09 11:37:23 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2011/12/08 13:40:13 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/11/19 10:25:10 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\emie.stoudt\Desktop\Stoudt, Emie S Civ USAF ACC 633 FSS-FSCB - Outlook Web Access.url
[2011/08/05 16:23:47 | 000,590,910 | ---- | C] () -- C:\Documents and Settings\emie.stoudt\Application Data\fontlst2.opf
[2011/07/27 12:54:00 | 000,231,928 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/23 11:13:20 | 000,000,098 | ---- | C] () -- C:\WINDOWS\System32\SF3ELMON.dat
[2010/08/23 11:13:04 | 000,159,836 | R--- | C] () -- C:\WINDOWS\_isusr32.dll
[2010/08/23 11:12:59 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\_isusr2k.dll
[2010/02/17 12:29:40 | 000,000,145 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2010/02/17 12:29:33 | 000,014,441 | ---- | C] () -- C:\WINDOWS\HL-5240.INI
[2010/02/17 12:29:07 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD5240.DAT
[2010/02/01 02:44:31 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/02 15:48:02 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\emie.stoudt\Application Data\$_hpcst$.hpc
[2008/05/19 14:41:26 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2007/11/01 13:19:03 | 000,000,916 | ---- | C] () -- C:\WINDOWS\Printfil.ini
[2007/11/01 13:18:58 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\161491541.dll
[2007/11/01 13:18:58 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\DvyP413.dll
[2007/11/01 13:18:58 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\161exp2.dll
[2007/11/01 13:18:58 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\161exp1.dll
[2007/11/01 13:18:58 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\161692542.dll
[2007/11/01 13:18:58 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\161692541.dll
[2007/11/01 13:18:58 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\161491542.dll
[2007/10/27 08:25:13 | 000,010,534 | ---- | C] () -- C:\Program Files\Common Files\lmouse.sys
[2007/10/26 10:47:26 | 000,749,568 | ---- | C] () -- C:\WINDOWS\System32\AGISSI.DLL
[2007/10/26 10:47:21 | 011,194,368 | ---- | C] () -- C:\WINDOWS\System32\zhhp_res.dll
[2007/10/26 10:47:21 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\ZHHP2600.EXE
[2007/10/26 10:47:19 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\zSHP2600.EXE
[2007/10/26 10:47:18 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\vshp2600.dll
[2007/09/12 12:33:00 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2007/03/06 15:28:12 | 000,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2006/12/05 11:11:44 | 000,029,752 | ---- | C] () -- C:\WINDOWS\System32\InstHelper.dll
[2006/12/05 11:11:14 | 000,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2006/02/05 11:37:50 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\emie.stoudt\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/10/21 16:42:07 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2005/10/21 14:43:58 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2005/10/21 14:42:48 | 000,000,455 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2005/10/21 14:42:48 | 000,000,238 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2005/10/21 14:42:48 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2005/10/21 14:42:48 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2005/10/21 14:42:48 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2005/10/21 14:41:00 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2005/10/21 12:51:16 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS12.DLL
[2005/10/21 12:51:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CNMCP12.EXE
[2005/10/11 14:00:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\PureEdgeAPI.ini
[2005/10/11 14:00:01 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\MSQOLE.DLL
[2005/10/06 16:21:41 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\NmUninst.exe
[2005/09/30 13:02:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PestPatrol5.INI
[2005/09/30 11:20:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2005/09/30 07:21:04 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/30 06:05:48 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/09/26 07:17:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/09/26 07:09:10 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/09/26 07:06:50 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/09/26 06:42:24 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/09/26 06:42:18 | 000,081,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/09/26 06:41:46 | 000,000,394 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/04/09 17:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/11 17:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 17:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/11 17:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 17:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 17:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 17:06:43 | 000,307,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 17:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/11 17:00:28 | 000,445,576 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 17:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/11 17:00:28 | 000,072,782 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 17:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/11 17:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/11 17:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/11 17:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/11 17:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/11 17:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/11 17:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/11 17:00:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/05/07 00:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\wrkgadm.exe
[2004/05/07 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[2003/06/19 12:30:36 | 000,193,584 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/28 17:23:16 | 000,684,032 | ---- | C] () -- C:\WINDOWS\System32\aclibeay.dll
[2002/03/04 09:16:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll

========== LOP Check ==========

[2010/09/13 12:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2011/07/20 15:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2005/09/30 13:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2011/12/08 13:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/08/02 14:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2005/10/11 14:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PureEdge
[2011/10/29 10:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2005/10/21 14:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/08/23 11:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sharp
[2010/08/23 11:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sharpdesk
[2005/09/26 07:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/12/10 09:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\emie.stoudt\Application Data\Juniper Networks
[2010/09/20 11:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\emie.stoudt\Application Data\PresentationPoint
[2005/10/14 18:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\emie.stoudt\Application Data\PureEdge
[2007/03/06 15:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\emie.stoudt\Application Data\ScanSoft
[2010/08/24 11:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\emie.stoudt\Application Data\Sharpdesk
[2011/11/08 14:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\emie.stoudt\Application Data\TeamViewer
[2008/07/11 10:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\emie.stoudt\Application Data\uTorrent
[2007/12/11 11:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\emie.stoudt\Application Data\Viewpoint
[2008/08/07 15:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\emie.stoudt\Application Data\WinCare2008

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP