I have pasted the OTL text below: Thank you for any assistance in advance!
OTL logfile created on: 12/19/2011 1:35:38 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Nikki Salazar\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
702.15 Mb Total Physical Memory | 189.42 Mb Available Physical Memory | 26.98% Memory free
1.68 Gb Paging File | 1.08 Gb Available in Paging File | 64.50% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 8.36 Gb Free Space | 22.45% Space Free | Partition Type: NTFS
Computer Name: FREDDIE | User Name: Nikki Salazar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/12/19 13:33:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nikki Salazar\Desktop\OTL.exe
PRC - [2011/12/15 16:48:16 | 000,150,168 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\Program Files\Rising\RSD\RsMgrSvc.exe
PRC - [2011/12/15 16:47:59 | 000,123,856 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\Program Files\Rising\RSD\popwndexe.exe
PRC - [2011/11/09 18:10:29 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011/09/22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 16:07:04 | 000,537,480 | -H-- | M] ( ) -- C:\WINDOWS\system32\dlcxcoms.exe
PRC - [2005/07/12 18:14:42 | 000,040,960 | -H-- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2005/07/08 02:13:14 | 000,036,864 | -H-- | M] () -- C:\WINDOWS\system32\acs.exe
PRC - [2004/08/28 01:33:00 | 000,110,592 | -H-- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
========== Modules (No Company Name) ==========
MOD - [2011/12/07 08:01:01 | 008,527,008 | -H-- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/09 18:10:28 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010/02/05 12:27:45 | 001,291,776 | -H-- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2006/10/20 00:33:28 | 000,117,760 | -H-- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll
MOD - [2005/07/12 18:14:42 | 000,040,960 | -H-- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
MOD - [2005/07/08 02:13:14 | 000,036,864 | -H-- | M] () -- C:\WINDOWS\system32\acs.exe
MOD - [2002/05/03 16:40:32 | 000,094,274 | -H-- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
========== Win32 Services (SafeList) ==========
SRV - [2011/12/15 16:48:16 | 000,150,168 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) [Auto | Running] -- C:\Program Files\Rising\RSD\RsMgrSvc.exe -- (RsMgrSvc)
SRV - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2006/11/03 16:07:04 | 000,537,480 | -H-- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dlcxcoms.exe -- (dlcx_device)
SRV - [2006/02/03 13:21:56 | 000,155,648 | ---- | M] (Sprint Spectrum, L.L.C) [Disabled | Stopped] -- C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe -- (OSCM Utility Service)
SRV - [2005/07/12 18:14:42 | 000,040,960 | -H-- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2005/07/08 02:13:14 | 000,036,864 | -H-- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2004/08/28 01:33:00 | 000,110,592 | -H-- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
========== Driver Services (SafeList) ==========
DRV - [2011/12/15 16:48:05 | 000,017,336 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\protreg.sys -- (rsdsys)
DRV - [2011/08/09 14:24:52 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011/08/04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2011/08/04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/12/02 11:20:54 | 000,122,504 | -H-- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EuDisk.sys -- (EuDisk)
DRV - [2005/06/29 00:01:58 | 001,241,088 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/17 16:17:48 | 000,352,000 | -H-- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2005/06/17 16:17:00 | 000,038,144 | -H-- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2005/06/10 22:42:00 | 000,005,504 | -H-- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
DRV - [2005/06/02 04:33:00 | 000,102,384 | -H-- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/05/25 03:39:44 | 000,465,952 | -H-- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005/05/09 16:17:06 | 000,031,360 | -H-- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005/05/05 15:27:38 | 000,007,936 | -H-- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
DRV - [2005/04/15 19:23:12 | 000,011,904 | -H-- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2005/04/01 17:59:14 | 000,065,152 | -H-- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2005/04/01 17:59:14 | 000,065,152 | -H-- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2005/03/31 18:08:02 | 000,211,200 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2005/03/31 17:08:46 | 001,034,240 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/03/31 17:08:00 | 000,714,880 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/02 17:36:08 | 000,070,912 | -H-- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/08/03 16:31:34 | 000,020,992 | -H-- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/09/19 16:45:48 | 000,021,248 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/06/11 09:53:22 | 000,006,867 | -H-- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mortgagenewsdaily.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 68 4A 7C B7 53 DB CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/09 18:10:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/20 16:59:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/12/18 17:08:30 | 000,000,000 | ---D | M]
[2008/10/22 15:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nikki Salazar\Application Data\Mozilla\Extensions
[2011/12/18 23:34:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nikki Salazar\Application Data\Mozilla\Firefox\Profiles\6620726x.default\extensions
[2010/04/29 12:32:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Nikki Salazar\Application Data\Mozilla\Firefox\Profiles\6620726x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/21 09:58:41 | 000,000,000 | ---D | M] (ProfileSong Community Toolbar) -- C:\Documents and Settings\Nikki Salazar\Application Data\Mozilla\Firefox\Profiles\6620726x.default\extensions\{981e53ba-6df4-4d99-8c33-6c398f5c139e}
[2011/12/18 23:34:58 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Nikki Salazar\Application Data\Mozilla\Firefox\Profiles\6620726x.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/05/09 08:05:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Nikki Salazar\Application Data\Mozilla\Firefox\Profiles\6620726x.default\extensions\[email protected]
[2011/11/09 18:11:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/09 18:10:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/10/27 18:39:32 | 000,028,488 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\atgpcdec.dll
[2009/10/27 18:39:32 | 000,185,240 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\atgpcext.dll
[2009/10/27 18:39:50 | 000,099,224 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\ieatgpc.dll
[2009/10/27 18:39:31 | 000,061,848 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/16 13:21:11 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2011/09/15 08:41:46 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2009/09/21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2011/11/09 18:10:30 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&output=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2011/12/18 22:55:34 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: Wallpaper =
O15 - HKCU\..Trusted Domains: lendersoffice.com ([secure] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2571F470-3C6F-4C6F-A8BF-374F885441AA}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{696ECC47-E7E3-4007-A018-CDB097C8D036}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\efcCuUMF: DllName - (efcCuUMF.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {3095D50F-F1BA-4BBC-A54D-819EEB7E0898} - No CLSID value found.
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\iiffGYOg) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/09 15:19:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{313028b8-dc51-11de-a189-00c09ffca3d9}\Shell\AutoRun\command - "" = E:\RDEapp.exe
O33 - MountPoints2\{4d4b2647-938f-11df-a1dd-00c09ffca3d9}\Shell\AutoRun\command - "" = E:\rcaeasyrip_setup.exe
O33 - MountPoints2\{4d4b2647-938f-11df-a1dd-00c09ffca3d9}\Shell\install\command - "" = E:\rcaeasyrip_setup.exe
O33 - MountPoints2\{4d4b2647-938f-11df-a1dd-00c09ffca3d9}\Shell\usermanualEnglish\command - "" = E:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{4d4b2647-938f-11df-a1dd-00c09ffca3d9}\Shell\usermanualFrench\command - "" = E:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{4d4b2647-938f-11df-a1dd-00c09ffca3d9}\Shell\usermanualSpanish\command - "" = E:\rcaeasyrip_setup.exe /pdf_Spanish
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/19 13:33:03 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nikki Salazar\Desktop\OTL.exe
[2011/12/19 11:22:25 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nikki Salazar\Desktop\TFC.exe
[2011/12/19 11:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\Desktop\Autoruns
[2011/12/19 09:57:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nikki Salazar\Recent
[2011/12/19 09:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit PhantomPDF
[2011/12/19 01:06:09 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/12/18 17:07:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET
[2011/12/18 17:07:40 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/18 17:07:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011/12/15 21:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\Desktop\LB_RateWatch
[2011/12/15 21:13:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\Desktop\Realtor Email List
[2011/12/15 17:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/12/15 16:48:45 | 000,017,336 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\drivers\protreg.sys
[2011/12/15 16:33:50 | 000,000,000 | R--D | C] -- C:\RavBin
[2011/12/15 16:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\Desktop\Make Office 2003 genuine
[2011/12/15 16:29:46 | 000,000,000 | ---D | C] -- C:\Program Files\Rising
[2011/12/15 16:29:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Rising
[2011/12/15 16:22:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\L&H
[2011/12/15 16:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011/12/15 14:58:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\Application Data\Ashampoo
[2011/12/15 14:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\ashampoo
[2011/12/15 14:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2011/12/15 14:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ashampoo
[2011/12/15 14:57:43 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2011/12/15 07:19:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\Start Menu\Programs\Everything
[2011/12/15 07:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Everything
[2011/12/14 10:47:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/14 10:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/13 11:39:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\Start Menu\Programs\System Fix
[2011/12/13 09:09:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\Application Data\Dropbox
[2011/12/09 12:44:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{DE1312BC-D3DD-47DD-8064-E0C466F63259}
[2011/12/09 12:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\BrowserXT
[2011/12/09 12:44:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BrowserXT
[2011/12/06 16:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\My Documents\BrowserXT
[2011/12/06 16:28:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\PackageAware
[2011/12/06 13:05:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Apps Migration
[2011/12/06 13:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Apps Sync 2.0
[2011/12/01 23:56:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/12/01 23:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2006/11/03 16:07:06 | 000,385,928 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxih.exe
[2006/11/03 16:07:04 | 000,537,480 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxcoms.exe
[2006/11/03 16:07:02 | 000,381,832 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxcfg.exe
[2006/10/11 17:01:40 | 000,643,072 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxpmui.dll
[2006/10/11 16:59:56 | 001,224,704 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxserv.dll
[2006/10/11 16:54:10 | 000,421,888 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxcomm.dll
[2006/10/11 16:52:34 | 000,585,728 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxlmpm.dll
[2006/10/11 16:51:16 | 000,397,312 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxiesc.dll
[2006/10/11 16:48:58 | 000,094,208 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxpplc.dll
[2006/10/11 16:48:14 | 000,684,032 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxcomc.dll
[2006/10/11 16:47:42 | 000,163,840 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxprox.dll
[2006/10/11 16:41:42 | 000,413,696 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxinpa.dll
[2006/10/11 16:41:04 | 000,991,232 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxusb1.dll
[2006/10/11 16:37:14 | 000,696,320 | -H-- | C] ( ) -- C:\WINDOWS\System32\dlcxhbn3.dll
========== Files - Modified Within 30 Days ==========
[2011/12/19 13:41:25 | 000,410,489 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Desktop\The High Octane Loan Originator PDF FILE.pdf
[2011/12/19 13:38:29 | 001,466,443 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Vargas RESPA.pdf
[2011/12/19 13:33:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nikki Salazar\Desktop\OTL.exe
[2011/12/19 13:07:02 | 000,000,886 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/19 12:29:02 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/19 11:42:40 | 000,000,882 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/19 11:42:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/19 11:38:50 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/12/19 11:22:55 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nikki Salazar\Desktop\TFC.exe
[2011/12/19 10:57:30 | 000,532,781 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Autoruns.zip
[2011/12/19 01:06:09 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/12/18 22:55:34 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/12/18 22:29:36 | 000,001,640 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Update Checker.lnk
[2011/12/18 16:17:24 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EA8462DB-9D37-4E21-A034-17889DEF7007}.job
[2011/12/18 12:42:54 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\d3d9caps.dat
[2011/12/16 17:46:19 | 000,000,012 | -H-- | M] () -- C:\WINDOWS\dirsaver.ini
[2011/12/16 14:17:50 | 000,011,282 | -HS- | M] () -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\sjegwl8v2oey3cyt0jdx3u553r6q
[2011/12/16 14:17:50 | 000,011,282 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\sjegwl8v2oey3cyt0jdx3u553r6q
[2011/12/16 14:09:51 | 000,386,560 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\My Documents\4o8Kw73xM.exe
[2011/12/16 13:48:49 | 000,331,480 | -H-- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 16:48:05 | 000,017,336 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\drivers\protreg.sys
[2011/12/15 16:37:57 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\RsUser.db
[2011/12/15 16:37:57 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\RsMon.db
[2011/12/15 16:30:16 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/12/15 16:28:52 | 000,000,376 | -H-- | M] () -- C:\WINDOWS\ODBC.INI
[2011/12/15 16:09:30 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Microsoft Outlook.lnk
[2011/12/15 14:57:52 | 000,000,857 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Application Data\Microsoft\Internet Explorer\Quick Launch\Ashampoo Burning Studio 6 FREE.lnk
[2011/12/15 14:57:52 | 000,000,839 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ashampoo Burning Studio.lnk
[2011/12/14 10:47:50 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/13 11:39:08 | 000,000,304 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~pQmU9UVWxBzRf2
[2011/12/13 11:39:08 | 000,000,216 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~pQmU9UVWxBzRf2r
[2011/12/13 11:38:57 | 000,000,328 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\pQmU9UVWxBzRf2
[2011/12/13 09:41:20 | 004,775,421 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Strategic Letters.zip
[2011/12/13 09:11:53 | 000,614,867 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Private+Label+Ordering+Guide.pdf
[2011/11/29 20:17:01 | 000,000,521 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Perfect Loan Process.lnk
[2011/11/29 18:21:42 | 000,000,361 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\My Documents\My Documents.lnk
[2011/11/29 16:21:44 | 000,001,807 | -H-- | M] () -- C:\WINDOWS\winpoint.ini
[2011/11/23 07:44:00 | 000,000,284 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/21 14:16:12 | 000,035,296 | ---- | M] () -- C:\Documents and Settings\Nikki Salazar\Desktop\AllRegs FHA Handbook.pdf
[2011/11/21 09:48:54 | 000,001,158 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
========== Files Created - No Company Name ==========
[2011/12/19 13:41:23 | 000,410,489 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Desktop\The High Octane Loan Originator PDF FILE.pdf
[2011/12/19 13:38:24 | 001,466,443 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Vargas RESPA.pdf
[2011/12/19 10:57:17 | 000,532,781 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Autoruns.zip
[2011/12/18 22:29:35 | 000,001,640 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Update Checker.lnk
[2011/12/18 12:42:54 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\d3d9caps.dat
[2011/12/16 14:09:51 | 000,386,560 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\My Documents\4o8Kw73xM.exe
[2011/12/16 14:09:25 | 000,011,282 | -HS- | C] () -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\sjegwl8v2oey3cyt0jdx3u553r6q
[2011/12/16 14:09:25 | 000,011,282 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\sjegwl8v2oey3cyt0jdx3u553r6q
[2011/12/15 16:37:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\RsUser.db
[2011/12/15 16:37:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\RsMon.db
[2011/12/15 16:30:16 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/12/15 14:57:52 | 000,000,857 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Application Data\Microsoft\Internet Explorer\Quick Launch\Ashampoo Burning Studio 6 FREE.lnk
[2011/12/15 14:57:52 | 000,000,839 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ashampoo Burning Studio.lnk
[2011/12/14 10:47:50 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/13 11:39:08 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~pQmU9UVWxBzRf2r
[2011/12/13 11:39:06 | 000,000,304 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~pQmU9UVWxBzRf2
[2011/12/13 11:38:56 | 000,000,328 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pQmU9UVWxBzRf2
[2011/12/13 09:41:12 | 004,775,421 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Strategic Letters.zip
[2011/12/13 09:11:46 | 000,614,867 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Desktop\Private+Label+Ordering+Guide.pdf
[2011/11/29 18:21:42 | 000,000,361 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\My Documents\My Documents.lnk
[2011/11/21 14:16:12 | 000,035,296 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Desktop\AllRegs FHA Handbook.pdf
[2011/11/18 13:09:28 | 000,202,926 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\census.cache
[2011/11/18 13:08:54 | 000,180,135 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\ars.cache
[2011/11/18 12:33:07 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\housecall.guid.cache
[2011/09/13 21:22:24 | 000,081,984 | -H-- | C] () -- C:\WINDOWS\System32\bdod.bin
[2011/07/07 12:37:25 | 000,176,235 | -H-- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2011/06/28 16:18:17 | 000,000,065 | -H-- | C] () -- C:\WINDOWS\System32\bd7040.dat
[2011/06/28 16:17:18 | 000,000,114 | -H-- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2011/06/28 14:30:29 | 000,086,384 | -H-- | C] () -- C:\WINDOWS\hpqins01.dat
[2011/03/28 11:16:59 | 000,077,824 | RH-- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2011/01/06 10:19:06 | 000,000,067 | -H-- | C] () -- C:\WINDOWS\swupdate.INI
[2010/06/10 13:30:02 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Application Data\com.zoosk.Desktop_state.xml
[2010/02/02 12:00:09 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/01/31 19:42:04 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2010/01/31 19:40:16 | 000,098,136 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2010/01/20 21:55:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\prvlcl.dat
[2009/11/13 17:25:28 | 000,010,875 | -H-- | C] () -- C:\WINDOWS\ESOA.INI
[2009/11/13 17:25:28 | 000,000,053 | -H-- | C] () -- C:\WINDOWS\PRSRVDLL.INI
[2009/06/10 14:01:35 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\atid.ini
[2009/05/27 16:57:29 | 000,001,807 | -H-- | C] () -- C:\WINDOWS\winpoint.ini
[2008/09/29 20:48:07 | 000,049,056 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/07/23 10:50:52 | 003,596,288 | -H-- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/07/10 20:05:54 | 000,000,206 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/06/16 22:32:21 | 000,001,944 | -H-- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/05/25 15:44:48 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/10 14:59:11 | 000,000,115 | -H-- | C] () -- C:\WINDOWS\PNTINFO.INI
[2008/02/09 13:06:17 | 000,102,364 | -H-- | C] () -- C:\WINDOWS\hpqins13.dat
[2008/01/21 13:54:55 | 000,110,030 | -H-- | C] () -- C:\WINDOWS\hpoins08.dat
[2007/12/07 10:33:36 | 000,571,320 | -H-- | C] () -- C:\WINDOWS\HPISExe.dat
[2007/12/07 10:31:02 | 000,099,712 | -H-- | C] () -- C:\WINDOWS\HPBroker.dll
[2007/10/31 14:40:29 | 000,000,248 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Application Data\wklnhst.dat
[2007/10/27 15:52:21 | 000,001,427 | -H-- | C] () -- C:\WINDOWS\disney.ini
[2007/10/18 15:00:30 | 000,134,554 | -H-- | C] () -- C:\WINDOWS\hpwins10.dat.temp
[2007/10/18 15:00:30 | 000,001,042 | -H-- | C] () -- C:\WINDOWS\hpwmdl10.dat.temp
[2007/10/18 14:52:29 | 000,135,115 | -H-- | C] () -- C:\WINDOWS\hpwins10.dat
[2007/08/02 13:43:11 | 000,000,375 | -H-- | C] () -- C:\WINDOWS\hpbvspst.ini
[2007/07/24 13:38:32 | 000,049,152 | RH-- | C] () -- C:\WINDOWS\System32\hpbprnfx.exe
[2007/07/24 13:37:47 | 000,001,005 | -H-- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2007/07/24 13:36:04 | 000,006,341 | -H-- | C] () -- C:\WINDOWS\hplj3380.ini
[2007/07/13 20:59:35 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\iplayer.INI
[2007/06/25 09:48:20 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\mchguid.ini
[2007/04/09 16:21:35 | 000,000,058 | -H-- | C] () -- C:\WINDOWS\sview.ini
[2007/04/09 16:21:03 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\srfvdo.dat
[2007/03/08 04:43:03 | 000,010,335 | -H-- | C] () -- C:\WINDOWS\hpwscr10.dat
[2007/02/27 20:19:55 | 000,001,042 | -H-- | C] () -- C:\WINDOWS\hpwmdl10.dat
[2006/10/28 09:31:44 | 000,344,064 | -H-- | C] () -- C:\WINDOWS\System32\dlcxcoin.dll
[2006/10/20 19:07:32 | 000,106,496 | -H-- | C] () -- C:\WINDOWS\System32\dlcxinsr.dll
[2006/10/20 19:06:44 | 000,036,864 | -H-- | C] () -- C:\WINDOWS\System32\dlcxcur.dll
[2006/10/20 19:03:28 | 000,139,264 | -H-- | C] () -- C:\WINDOWS\System32\dlcxjswr.dll
[2006/10/20 18:57:40 | 000,176,128 | -H-- | C] () -- C:\WINDOWS\System32\dlcxinsb.dll
[2006/10/20 18:56:52 | 000,086,016 | -H-- | C] () -- C:\WINDOWS\System32\dlcxcub.dll
[2006/10/20 18:55:28 | 000,073,728 | -H-- | C] () -- C:\WINDOWS\System32\dlcxcu.dll
[2006/10/20 18:54:42 | 000,176,128 | -H-- | C] () -- C:\WINDOWS\System32\dlcxins.dll
[2006/10/20 18:48:38 | 000,454,656 | -H-- | C] () -- C:\WINDOWS\System32\dlcxutil.dll
[2006/10/20 18:46:42 | 000,188,416 | -H-- | C] () -- C:\WINDOWS\System32\dlcxgrd.dll
[2006/09/22 06:42:38 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\dlcxcaps.dll
[2006/09/06 05:13:14 | 000,073,728 | -H-- | C] () -- C:\WINDOWS\System32\dlcxcfg.dll
[2006/08/08 14:58:04 | 000,692,224 | -H-- | C] () -- C:\WINDOWS\System32\dlcxdrs.dll
[2006/05/14 17:40:44 | 000,004,096 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\prl.dmp
[2006/04/24 14:09:58 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlcxvs.dll
[2006/03/19 18:03:04 | 000,061,440 | -H-- | C] () -- C:\WINDOWS\System32\dlcxcnv4.dll
[2006/02/19 13:16:36 | 000,000,047 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/01/24 10:33:16 | 000,221,184 | -H-- | C] () -- C:\WINDOWS\System32\ExpLoansFromGenesis.dll
[2006/01/19 16:59:10 | 000,000,058 | -H-- | C] () -- C:\WINDOWS\mchguid.ini
[2006/01/17 11:00:45 | 000,000,042 | -H-- | C] () -- C:\WINDOWS\POINTHelp.INI
[2005/12/23 14:54:58 | 000,221,184 | RH-- | C] () -- C:\WINDOWS\System32\HP3AIOZ6.dll
[2005/12/23 14:54:58 | 000,000,412 | RH-- | C] () -- C:\WINDOWS\System32\HP3AIOZ6.dat
[2005/12/23 13:48:32 | 000,000,030 | -H-- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2005/12/23 13:48:31 | 000,000,509 | -H-- | C] () -- C:\WINDOWS\Brwmark.ini
[2005/12/23 13:48:31 | 000,000,059 | -H-- | C] () -- C:\WINDOWS\brmx2001.ini
[2005/12/23 13:48:31 | 000,000,040 | -H-- | C] () -- C:\WINDOWS\opt_1440.ini
[2005/12/23 13:48:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\Brohl144.ini
[2005/12/23 13:47:31 | 000,000,296 | -H-- | C] () -- C:\WINDOWS\BRDIAG.INI
[2005/12/23 13:47:31 | 000,000,012 | -H-- | C] () -- C:\WINDOWS\brpp2ka.ini
[2005/12/23 13:47:31 | 000,000,012 | -H-- | C] () -- C:\WINDOWS\Brownie.ini
[2005/12/23 13:47:31 | 000,000,011 | -H-- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2005/12/23 11:46:02 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Nikki Salazar\Local Settings\Application Data\fusioncache.dat
[2005/12/23 11:45:52 | 000,184,320 | -H-- | C] () -- C:\WINDOWS\System32\EmbeddedDX.dll
[2005/12/23 09:41:37 | 000,266,240 | -H-- | C] () -- C:\WINDOWS\System32\ControlWZCS.exe
[2005/12/23 09:41:34 | 000,036,864 | -H-- | C] () -- C:\WINDOWS\System32\acs.exe
[2005/12/23 09:41:29 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2005/12/23 09:41:12 | 000,270,336 | -H-- | C] () -- C:\WINDOWS\System32\PlugPlayPCIDevice.exe
[2005/12/23 09:41:12 | 000,163,840 | -H-- | C] () -- C:\WINDOWS\System32\MFCFirstRemove.exe
[2005/08/09 17:59:11 | 000,011,122 | -H-- | C] () -- C:\WINDOWS\HWSetupStr.ini
[2005/08/09 17:59:11 | 000,002,036 | -H-- | C] () -- C:\WINDOWS\SVPW32Str.ini
[2005/08/09 17:36:25 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/08/09 17:00:57 | 000,000,012 | -H-- | C] () -- C:\WINDOWS\dirsaver.ini
[2005/08/09 16:45:20 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/08/09 16:39:18 | 000,000,217 | -H-- | C] () -- C:\WINDOWS\Quicken.ini
[2005/08/09 16:37:42 | 000,204,800 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/08/09 16:37:42 | 000,200,704 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/08/09 16:37:42 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/08/09 16:37:42 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/08/09 16:37:42 | 000,188,416 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/08/09 16:37:42 | 000,020,480 | -H-- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/08/09 16:36:54 | 000,000,277 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/08/09 16:32:32 | 000,128,113 | -H-- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/08/09 16:32:32 | 000,045,056 | -H-- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/08/09 16:32:32 | 000,009,362 | -H-- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/08/09 16:32:32 | 000,007,671 | -H-- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/08/09 16:00:49 | 000,090,112 | -H-- | C] () -- C:\WINDOWS\InstDrvr.exe
[2005/08/09 16:00:49 | 000,006,867 | -H-- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/08/09 15:26:03 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/09 15:21:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/09 15:16:35 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/09 15:15:18 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/09 14:41:18 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/09 14:38:23 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/09 14:38:18 | 000,448,440 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/09 14:38:18 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/09 14:38:18 | 000,075,018 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/09 14:38:18 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/09 14:38:16 | 000,004,688 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/09 14:38:14 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/09 14:38:12 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/09 14:38:04 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/09 14:38:04 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/09 14:37:49 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/09 14:37:40 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/09 08:10:36 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/09 08:09:39 | 000,331,480 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/06/10 17:59:16 | 000,095,617 | -H-- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/05/19 09:38:27 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/11 22:08:00 | 000,106,496 | -H-- | C] () -- C:\WINDOWS\System32\tsbwls.dll
[2003/11/12 09:16:58 | 000,061,440 | -H-- | C] () -- C:\WINDOWS\System32\GNetParserX.dll
[2003/09/26 06:42:46 | 000,002,421 | -H-- | C] () -- C:\WINDOWS\System32\scrubber.ini
[2003/01/07 16:05:08 | 000,002,695 | -H-- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/03 16:40:32 | 000,094,274 | -H-- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2002/05/03 16:40:32 | 000,094,274 | -H-- | C] () -- C:\WINDOWS\System32\HPBHEALR(3).DLL
[2001/07/06 16:30:00 | 000,003,399 | -H-- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2001/03/28 11:37:14 | 000,000,033 | -H-- | C] () -- C:\WINDOWS\System32\hppcap.ini
[2000/02/17 13:57:02 | 000,225,280 | -H-- | C] () -- C:\WINDOWS\System32\GN32.DLL
[1999/10/13 17:59:48 | 000,028,672 | -H-- | C] () -- C:\WINDOWS\System32\gns2kzip.dll
========== LOP Check ==========
[2009/06/10 14:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/10/31 13:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/08/03 17:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2011/12/15 14:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2011/09/03 10:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/03/27 14:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CounterPath
[2007/11/24 12:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Disney Interactive
[2011/12/18 17:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2006/01/23 14:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/12/18 16:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/12/15 16:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rising
[2008/09/12 23:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2011/12/16 12:10:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/30 08:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2010/12/01 00:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/03/10 08:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/12/01 00:33:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/06/04 17:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/19 12:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/12 13:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/10/31 13:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2011/12/09 12:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{DE1312BC-D3DD-47DD-8064-E0C466F63259}
[2011/12/15 14:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Ashampoo
[2011/10/06 09:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Auslogics
[2011/03/15 11:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Calyx Software
[2008/12/31 10:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/04/15 20:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2011/12/13 11:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Dropbox
[2011/01/02 13:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\ePASS
[2011/12/19 09:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Foxit Software
[2006/01/23 14:02:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\HotSync
[2005/08/09 16:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\InterTrust
[2006/03/21 22:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\InterVideo
[2011/07/06 16:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\IObit
[2009/04/13 10:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\KompoZer
[2006/01/23 14:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Leadertech
[2008/07/06 10:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Lexmark Productivity Studio
[2011/12/15 07:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\MP3Rocket
[2011/09/13 22:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\MyScribe
[2006/01/25 22:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\PDS
[2011/10/26 07:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\PrimoPDF
[2009/11/05 21:05:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\RateWatch.8120D7806F19A08520F163B2D95EA0AD9E0C0659.1
[2011/07/08 11:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Smart PDF Tools Pro
[2008/09/21 01:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Sony
[2007/10/31 14:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Template
[2011/08/11 19:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Toktumi
[2006/01/08 21:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\toshiba
[2011/03/30 08:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\Trusteer
[2010/12/01 00:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\TuneUp Software
[2009/10/27 18:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\webex
[2008/01/31 13:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikki Salazar\Application Data\X5400 Series
[2011/12/18 16:17:24 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{EA8462DB-9D37-4E21-A034-17889DEF7007}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\rundll32.exe:SummaryInformation
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C41CE1F6
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EA029835
< End of report >