Thanks Maliprog for taking my case.
I dl'd otl.scr, ran it, pasting in custom code, and did quick scan.
It only produced otl.txt which I've pasted below.
I searched C: for extras.txt but didn't find it.
Decided not to continue with Step 2 GMER until I hear back from you re: no extras.txt.
Also in Step 3 the following
OTL log
OTL Extras log
GMER log
are not file names, so I'm not sure what I should include in a reply.
By OTL log, do you mean OTL.txt? I'm not sure of your terms.
/nick
OTL logfile created on: 3/16/2012 1:48:03 PM - Run 5
OTL by OldTimer - Version 3.2.37.1 Folder = C:\Documents and Settings\Nick\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.94 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 78.08% Memory free
3.79 Gb Paging File | 3.33 Gb Available in Paging File | 88.09% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 20.78 Gb Free Space | 53.20% Space Free | Partition Type: NTFS
Drive D: | 97.65 Gb Total Space | 32.52 Gb Free Space | 33.30% Space Free | Partition Type: NTFS
Drive E: | 97.65 Gb Total Space | 17.05 Gb Free Space | 17.46% Space Free | Partition Type: NTFS
Drive F: | 97.65 Gb Total Space | 12.41 Gb Free Space | 12.70% Space Free | Partition Type: NTFS
Drive G: | 97.65 Gb Total Space | 19.14 Gb Free Space | 19.60% Space Free | Partition Type: NTFS
Drive J: | 75.14 Gb Total Space | 47.68 Gb Free Space | 63.45% Space Free | Partition Type: NTFS
Drive L: | 147.24 Gb Total Space | 40.91 Gb Free Space | 27.79% Space Free | Partition Type: NTFS
Computer Name: GENERALSPECIFIX | User Name: Nick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/03/16 13:04:05 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nick\Desktop\OTL.scr
PRC - [2012/01/31 09:57:32 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/01/31 09:57:06 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/01/31 09:56:50 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/01/31 09:56:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/12/18 21:08:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2011/12/18 21:04:24 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2011/11/03 10:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2011/11/03 10:44:24 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2008/04/23 03:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/03 18:17:28 | 002,473,984 | ---- | M] (SEC) -- C:\Program Files\MagicTune Premium\MagicTune.exe
PRC - [2007/08/23 16:05:18 | 000,045,056 | ---- | M] () -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
PRC - [2007/01/15 17:18:00 | 000,036,864 | ---- | M] () -- C:\Program Files\MagicTune Premium\GammaTray.exe
PRC - [2005/07/29 18:25:28 | 000,270,336 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
PRC - [2005/07/29 18:23:52 | 000,139,264 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2005/07/29 18:20:58 | 000,118,843 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2005/07/29 18:20:40 | 000,061,503 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2005/07/07 22:29:52 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2003/07/25 12:15:48 | 000,536,576 | ---- | M] (-) -- C:\Program Files\Eraser\eraser.exe
========== Modules (No Company Name) ========== MOD - [2012/01/31 09:57:08 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008/09/16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/04/14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/12/03 18:16:34 | 000,065,536 | ---- | M] () -- C:\Program Files\MagicTune Premium\MTResEng.dll
MOD - [2007/12/03 18:16:28 | 000,032,768 | ---- | M] () -- C:\Program Files\MagicTune Premium\HzZone.dll
MOD - [2007/12/03 18:16:24 | 000,040,960 | ---- | M] () -- C:\Program Files\MagicTune Premium\EProfile.dll
MOD - [2007/12/03 18:16:24 | 000,040,960 | ---- | M] () -- C:\Program Files\MagicTune Premium\DProfile.dll
MOD - [2007/12/03 18:16:22 | 000,045,056 | ---- | M] () -- C:\Program Files\MagicTune Premium\VESADll.dll
MOD - [2007/12/03 18:16:20 | 000,045,056 | ---- | M] () -- C:\Program Files\MagicTune Premium\IProfile.dll
MOD - [2007/12/03 18:16:20 | 000,036,864 | ---- | M] () -- C:\Program Files\MagicTune Premium\DeviceInterface.dll
MOD - [2007/12/03 18:16:18 | 000,032,768 | ---- | M] () -- C:\Program Files\MagicTune Premium\Highlight.dll
MOD - [2007/11/05 09:08:42 | 000,077,824 | ---- | M] () -- C:\Program Files\MagicTune Premium\MagicTuneCore.dll
MOD - [2007/08/23 16:05:18 | 000,045,056 | ---- | M] () -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
MOD - [2007/01/15 17:18:00 | 000,036,864 | ---- | M] () -- C:\Program Files\MagicTune Premium\GammaTray.exe
MOD - [2006/01/12 22:20:26 | 000,019,968 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.DEU
MOD - [2006/01/12 22:13:46 | 000,019,968 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.FRA
MOD - [2005/07/29 18:23:52 | 000,139,264 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
MOD - [2005/07/07 22:29:52 | 000,876,544 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libeay32.dll
MOD - [2005/07/07 22:29:52 | 000,159,744 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\ssleay32.dll
MOD - [2005/07/07 22:29:52 | 000,024,691 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so
========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/01/31 09:57:06 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/01/31 09:56:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/12/18 21:08:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011/11/03 10:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2007/08/23 16:05:18 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe -- (MagicTuneEngine)
SRV - [2005/07/29 18:23:52 | 000,139,264 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2005/07/29 18:20:58 | 000,118,843 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2005/07/29 18:20:40 | 000,061,503 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2005/07/07 22:29:52 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -- (ForcewareWebInterface)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/01/31 09:57:31 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/01/31 09:57:31 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/12/18 21:04:24 | 000,525,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)
DRV - [2011/11/03 10:44:20 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011/09/16 17:09:17 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/04/14 01:15:34 | 000,011,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\scsiscan.sys -- (scsiscan)
DRV - [2007/11/29 13:46:08 | 000,013,184 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2005/12/27 01:09:10 | 000,033,792 | ---- | M] (Robert Schlabbach) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RMSPPPOE.SYS -- (RMSPPPOE) WAN Miniport (PPP over Ethernet Protocol)
DRV - [2005/08/11 01:49:28 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/07/29 05:11:04 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/07/29 05:11:02 | 000,034,048 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/03/09 16:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/10/27 16:21:30 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/12 22:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?} IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...Box&Form=IE8SRCIE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" =
http://search.condui...&ctid=CT2504091IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/03/11 18:44:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/24 14:08:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/02/29 22:55:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2012/02/24 14:01:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nick\Application Data\Mozilla\Extensions
[2012/03/01 17:11:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\um5jyn3v.default\extensions
[2012/03/01 17:11:39 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\um5jyn3v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/02/29 16:05:36 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Documents and Settings\Nick\Application Data\Mozilla\Firefox\Profiles\um5jyn3v.default\extensions\
[email protected][2012/02/24 14:08:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/16 10:40:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/02/16 06:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/16 06:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2001/08/23 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe (-)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GammaTray.lnk = C:\Program Files\MagicTune Premium\GammaTray.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Nick\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Nick\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C1D069F-ACAE-46EA-B739-885EDAF06CDC}: NameServer = 206.248.154.22 206.248.154.170
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/20 20:21:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/03/16 13:04:04 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nick\Desktop\OTL.scr
[2012/03/12 20:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2012/03/12 20:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Azureus Vuze
[2012/03/12 20:58:14 | 000,000,000 | ---D | C] -- C:\Program Files\Azureus
[2012/03/11 18:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\ForceField Shared Files
[2012/03/11 18:14:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\CheckPoint
[2012/03/11 18:13:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Check Point
[2012/03/11 18:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2012/03/11 18:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2012/03/10 14:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap
[2012/03/09 14:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2012/03/09 14:46:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Google
[2012/03/09 14:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google SketchUp 8
[2012/03/09 14:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/03/08 18:38:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nick\Start Menu\Programs\Administrative Tools
[2012/03/08 18:37:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012/03/08 15:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2012/03/08 15:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\eMule
[2012/03/07 20:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\dvdcss
[2012/03/07 10:45:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/03/07 02:26:21 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/03/06 21:04:30 | 000,000,000 | ---D | C] -- C:\XPupdates
[2012/03/05 18:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Local Settings\Application Data\uTorrent
[2012/03/04 23:37:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2012/03/04 23:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2012/03/04 23:36:58 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012/03/04 21:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Avira
[2012/03/04 21:12:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2012/03/04 21:12:19 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012/03/04 21:12:17 | 000,137,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012/03/04 21:12:17 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012/03/04 21:12:17 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012/03/04 21:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012/03/04 21:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2012/03/03 17:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\eMule
[2012/03/02 23:42:17 | 000,168,448 | ---- | C] (WexTech Systems, Inc.) -- C:\WINDOWS\System32\Awrtl30.dll
[2012/03/02 23:42:16 | 000,100,864 | ---- | C] (Corel Corporation Limited) -- C:\WINDOWS\System32\awpe.dll
[2012/03/02 23:40:55 | 000,245,760 | ---- | C] (Corel Corporation) -- C:\WINDOWS\System32\Sccomp91.dll
[2012/03/02 23:40:54 | 000,225,280 | ---- | C] (Corel Corporation) -- C:\WINDOWS\System32\Scint91.dll
[2012/03/02 23:40:54 | 000,110,592 | ---- | C] (Corel Corporation) -- C:\WINDOWS\System32\Sccres91.dll
[2012/03/02 23:35:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Profiles
[2012/03/02 23:34:47 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2012/03/02 23:22:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Corel
[2012/03/02 02:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\WinRAR
[2012/03/02 02:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Start Menu\Programs\WinRAR
[2012/03/02 02:37:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2012/03/02 02:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/03/01 18:48:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Start Menu\Programs\CD to MP3 Freeware
[2012/03/01 18:48:13 | 000,000,000 | ---D | C] -- C:\Program Files\CD to MP3 Freeware
[2012/03/01 17:47:01 | 000,000,000 | ---D | C] -- C:\Temp
[2012/03/01 17:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Start Menu\Programs\3herosoft
[2012/03/01 17:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\3herosoft
[2012/03/01 17:11:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\DVDVideoSoftIEHelpers
[2012/03/01 17:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDVideoSoft
[2012/03/01 17:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\DVDVideoSoft
[2012/03/01 17:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2012/03/01 17:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2012/03/01 17:09:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\DVDVideoSoft
[2012/03/01 17:03:33 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2012/03/01 17:03:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2012/03/01 16:29:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2012/03/01 16:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FreeRIP3
[2012/03/01 16:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\FreeRIP3
[2012/03/01 16:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Decrypter
[2012/03/01 16:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Start Menu\Programs\DVD Decrypter
[2012/03/01 04:04:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\New Folder
[2012/03/01 04:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/03/01 04:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\AltoMP3
[2012/03/01 04:02:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Start Menu\Programs\AltoMP3 Gold
[2012/03/01 04:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\AltoMP3 Gold
[2012/03/01 03:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2012/03/01 03:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2012/02/29 14:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Tools
[2012/02/29 14:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2012/02/29 14:16:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Microsoft Web Folders
[2012/02/29 14:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/02/28 03:54:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2012/02/28 03:53:50 | 000,000,000 | ---D | C] -- C:\Program Files\SoulseekNS
[2012/02/28 03:53:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Start Menu\Programs\Soulseek NS
[2012/02/27 15:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Macromedia
[2012/02/26 21:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\FileZilla
[2012/02/26 21:59:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2012/02/26 21:59:14 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2012/02/26 20:53:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Nick\PrivacIE
[2012/02/26 03:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\SubtitlesSynch
[2012/02/26 03:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Start Menu\Programs\SubtitlesSynch
[2012/02/25 23:12:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/02/25 16:30:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\AdobeUM
[2012/02/25 16:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2012/02/25 16:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2012/02/25 16:14:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2012/02/25 15:55:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe
[2012/02/25 15:55:04 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\Pcdlib32.dll
[2012/02/25 15:55:04 | 000,032,792 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\Spwhpt.dll
[2012/02/25 15:55:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012/02/25 04:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/02/25 03:40:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/02/24 22:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\Vuze Downloads
[2012/02/24 22:44:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\.swt
[2012/02/24 22:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Azureus
[2012/02/24 22:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\Vuze
[2012/02/24 14:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Mozilla
[2012/02/24 13:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/02/24 11:17:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Nick\IETldCache
[2012/02/24 03:12:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012/02/24 03:11:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/02/24 00:22:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\uTorrent
[2012/02/23 10:06:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Nick\UserData
[2012/02/23 02:06:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012/02/23 02:06:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2012/02/22 22:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/02/22 22:26:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Local Settings\Application Data\Temp
[2012/02/22 22:26:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Local Settings\Application Data\Conduit
[2012/02/22 22:19:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\Downloads
[2012/02/22 20:51:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012/02/22 20:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2012/02/22 19:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2012/02/22 19:10:26 | 000,016,868 | R--- | C] (Samsung Electronics.) -- C:\WINDOWS\System32\SSGH1LMK.DLL
[2012/02/22 18:59:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Local Settings\Application Data\Adobe
[2012/02/22 18:59:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Adobe
[2012/02/22 18:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012/02/22 18:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/02/22 18:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/02/22 16:01:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Thunderbird
[2012/02/22 15:20:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Local Settings\Application Data\Thunderbird
[2012/02/22 15:20:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Thunderbird
[2012/02/22 15:20:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012/02/22 14:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2012/02/22 14:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NVIDIA Corporation
[2012/02/22 14:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/02/22 14:26:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\My Documents\{9DF687E7-381C-4882-A05F-4ADF1DD53394}
[2012/02/22 14:20:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/02/22 14:16:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2012/02/22 14:16:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2012/02/22 14:16:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012/02/22 14:16:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2012/02/22 14:16:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012/02/22 14:14:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012/02/22 14:12:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012/02/22 14:08:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012/02/22 14:03:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2012/02/22 13:55:07 | 000,013,184 | ---- | C] (Samsung Electronics, Inc. ) -- C:\WINDOWS\System32\drivers\MTiCtwl.sys
[2012/02/22 13:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\MagicTune Premium
[2012/02/22 13:54:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\InstallShield
[2012/02/22 13:47:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2012/02/22 13:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SoundMAX
[2012/02/22 13:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2012/02/22 13:26:45 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2012/02/22 13:26:44 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/02/22 13:16:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012/02/22 13:15:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/02/22 13:14:48 | 000,474,624 | R--- | C] (ASUS) -- C:\WINDOWS\System32\AsusSetup.exe
[2012/02/22 00:06:14 | 000,681,984 | -H-- | C] (ACD Systems, Ltd.) -- C:\Documents and Settings\Nick\Desktop\Portable ACDSee.exe
[2012/02/21 13:51:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Local Settings\Application Data\Mozilla
[2012/02/21 01:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\vlc
[2012/02/21 01:38:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2012/02/21 01:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/02/20 22:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Eraser
[2012/02/20 22:08:12 | 000,000,000 | ---D | C] -- C:\Program Files\Eraser
[2012/02/20 21:40:17 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/02/20 20:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Application Data\Identities
[2012/02/20 20:27:28 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012/02/20 20:27:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nick\My Documents\My Pictures
[2012/02/20 20:27:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nick\My Documents\My Music
[2012/02/20 20:27:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Nick\Application Data\Microsoft
[2012/02/20 20:27:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nick\SendTo
[2012/02/20 20:27:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nick\Recent
[2012/02/20 20:27:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nick\Application Data
[2012/02/20 20:27:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nick\Start Menu\Programs\Startup
[2012/02/20 20:27:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nick\Start Menu
[2012/02/20 20:27:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nick\My Documents
[2012/02/20 20:27:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nick\Favorites
[2012/02/20 20:27:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nick\Start Menu\Programs\Accessories
[2012/02/20 20:27:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Nick\Cookies
[2012/02/20 20:27:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nick\Templates
[2012/02/20 20:27:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nick\PrintHood
[2012/02/20 20:27:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nick\NetHood
[2012/02/20 20:27:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nick\Local Settings
[2012/02/20 20:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Local Settings\Application Data\Microsoft
[2012/02/20 20:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nick\Desktop
[2012/02/20 20:25:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012/02/20 20:25:35 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012/02/20 20:25:34 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2012/02/20 20:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2012/02/20 20:24:59 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2012/02/20 20:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2012/02/20 20:23:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/02/20 20:23:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/02/20 20:22:36 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/02/20 20:22:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012/02/20 20:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012/02/20 20:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012/02/20 20:20:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012/02/20 20:20:34 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012/02/20 20:20:34 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012/02/20 20:20:24 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012/02/20 20:19:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012/02/20 20:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012/02/20 20:19:18 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012/02/20 20:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012/02/20 20:19:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012/02/20 20:19:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012/02/20 20:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012/02/20 20:18:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012/02/20 20:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012/02/20 20:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012/02/20 20:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012/02/20 20:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012/02/20 20:18:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2012/02/20 20:18:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2012/02/20 20:18:00 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012/02/20 20:17:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2012/02/20 20:17:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012/02/20 20:17:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/02/20 20:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012/02/20 20:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2012/02/20 20:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012/02/20 20:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012/02/20 20:16:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2012/02/20 20:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012/02/20 20:16:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012/02/20 20:16:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012/02/20 20:16:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/02/20 20:14:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2012/02/20 14:49:27 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012/02/20 14:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012/02/20 14:49:23 | 000,000,000 | R--D | C] -- C:\Program Files
[2012/02/20 14:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012/02/20 14:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012/02/20 14:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012/02/20 14:48:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2012/02/20 14:48:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2012/02/20 14:48:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2012/02/20 14:48:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2012/02/20 14:48:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2012/02/20 14:48:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2012/02/20 14:46:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012/02/20 14:46:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012/02/20 14:46:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012/02/20 14:46:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2012/02/20 14:46:30 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/02/20 14:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012/02/20 14:41:05 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012/02/20 14:41:05 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012/02/20 14:41:05 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012/02/20 14:41:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012/02/20 14:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/03/16 13:04:05 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nick\Desktop\OTL.scr
[2012/03/16 12:17:03 | 000,039,291 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/03/16 12:17:03 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2012/03/16 12:16:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/15 17:22:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/15 14:17:49 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\SubtitlesSynch.lnk
[2012/03/14 12:41:14 | 000,001,546 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Soulseek.lnk
[2012/03/11 18:19:56 | 000,415,859 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2012/03/11 05:20:52 | 000,432,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/11 05:20:52 | 000,067,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/10 16:36:59 | 000,111,104 | ---- | M] () -- C:\Documents and Settings\Nick\My Documents\AutoSave_Untitled.skp
[2012/03/10 14:18:42 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\-1
[2012/03/10 12:51:48 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Acrobat 7.0.lnk
[2012/03/10 12:46:54 | 000,002,241 | ---- | M] () -- C:\WINDOWS\panose.bin
[2012/03/09 14:46:27 | 000,001,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google SketchUp 8.lnk
[2012/03/09 00:20:29 | 000,134,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/09 00:08:42 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\eMule.lnk
[2012/03/07 02:26:21 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\µTorrent.lnk
[2012/03/06 23:51:39 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/03/05 04:01:04 | 000,000,521 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Copy of NOS.lnk
[2012/03/04 21:12:35 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2012/03/02 20:04:43 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\Nick\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/02 00:42:35 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\cdr.ini
[2012/03/01 18:48:15 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Free CD to MP3 Converter.lnk
[2012/03/01 17:46:41 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\3herosoft Audio Encoder.lnk
[2012/03/01 17:11:34 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\DVDVideoSoft Free Studio.lnk
[2012/03/01 16:29:22 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\FreeRIP.lnk
[2012/03/01 16:27:14 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\DVD Decrypter.lnk
[2012/03/01 04:02:27 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\AltoMP3 Gold.lnk
[2012/02/29 16:12:21 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Measurements.lnk
[2012/02/29 14:27:18 | 000,000,407 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\RENO.lnk
[2012/02/29 14:26:19 | 000,000,531 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\honda.lnk
[2012/02/29 14:21:53 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012/02/29 14:21:37 | 000,001,725 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2012/02/29 12:30:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\WgaLogon.dll
[2012/02/28 17:53:12 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Copy of IrfanView.lnk
[2012/02/27 20:16:05 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator (2).lnk
[2012/02/27 20:15:44 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to notepad.exe.lnk
[2012/02/27 15:35:02 | 000,000,130 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\KIJIJI.url
[2012/02/26 22:00:18 | 000,001,663 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2012/02/26 18:43:33 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/02/25 17:23:19 | 000,000,362 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Contact.lnk
[2012/02/25 16:39:29 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\PageMaker.lnk
[2012/02/25 04:59:03 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Freecell (2).lnk
[2012/02/25 04:41:01 | 000,000,151 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Weather.url
[2012/02/24 21:52:49 | 000,000,521 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\NOS.lnk
[2012/02/24 19:59:05 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\VLC.lnk
[2012/02/24 16:40:22 | 000,000,570 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\mazanaEmails.lnk
[2012/02/24 14:08:03 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/02/24 13:57:54 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/23 14:53:56 | 000,000,379 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\DLS.lnk
[2012/02/23 14:53:13 | 000,000,345 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Nick.lnk
[2012/02/22 20:16:25 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\IrfanView.lnk
[2012/02/22 18:42:10 | 000,001,029 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Shortcut to wordpad.exe.lnk
[2012/02/22 18:41:13 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\Nick\Desktop\Shortcut to notepad.exe.lnk
[2012/02/22 16:01:56 | 000,001,686 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/02/22 16:01:56 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Thunderbird.lnk
[2012/02/22 15:07:50 | 000,000,540 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\teksavvy.lnk
[2012/02/22 14:28:29 | 000,001,959 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NVIDIA Firewall.lnk
[2012/02/22 14:28:15 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/02/22 14:28:10 | 000,000,022 | ---- | M] () -- C:\WINDOWS\FileName
[2012/02/22 14:23:49 | 000,020,905 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2012/02/22 14:21:55 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/02/22 14:12:19 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/02/22 13:54:58 | 000,000,571 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MagicTune Premium.lnk
[2012/02/22 13:54:58 | 000,000,513 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GammaTray.lnk
[2012/02/21 13:51:25 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2012/02/20 20:27:36 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/02/20 20:25:02 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012/02/20 20:24:02 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/02/20 20:21:43 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/02/20 20:21:43 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/02/20 20:21:43 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/02/20 20:21:43 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012/02/20 20:21:43 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/02/20 20:21:35 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/02/20 20:21:34 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/02/20 20:21:23 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/02/20 20:18:14 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/02/20 20:14:22 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/03/14 12:41:14 | 000,001,546 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Soulseek.lnk
[2012/03/11 18:14:20 | 000,415,859 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2012/03/10 16:20:33 | 000,111,104 | ---- | C] () -- C:\Documents and Settings\Nick\My Documents\AutoSave_Untitled.skp
[2012/03/10 14:18:42 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\-1
[2012/03/09 14:46:27 | 000,001,762 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google SketchUp 8.lnk
[2012/03/09 00:08:42 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\eMule.lnk
[2012/03/07 02:26:21 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\µTorrent.lnk
[2012/03/05 04:01:04 | 000,000,521 | ---- | C] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Copy of NOS.lnk
[2012/03/04 21:12:35 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2012/03/01 18:48:20 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Nick\Application Data\cdr.ini
[2012/03/01 18:48:14 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Free CD to MP3 Converter.lnk
[2012/03/01 17:46:41 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\3herosoft Audio Encoder.lnk
[2012/03/01 17:11:34 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\DVDVideoSoft Free Studio.lnk
[2012/03/01 16:29:22 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\FreeRIP.lnk
[2012/03/01 16:27:14 | 000,001,635 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\DVD Decrypter.lnk
[2012/03/01 04:02:27 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\AltoMP3 Gold.lnk
[2012/02/29 16:12:25 | 000,000,642 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Measurements.lnk
[2012/02/29 14:31:37 | 000,000,577 | -H-- | C] () -- C:\Documents and Settings\Nick\Desktop\WOODWORK.lnk
[2012/02/29 14:27:20 | 000,000,407 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\RENO.lnk
[2012/02/29 14:26:21 | 000,000,531 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\honda.lnk
[2012/02/29 14:21:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/02/29 14:21:37 | 000,002,479 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
[2012/02/29 14:21:37 | 000,002,046 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Outlook.lnk
[2012/02/29 14:21:37 | 000,002,002 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft PowerPoint.lnk
[2012/02/29 14:21:37 | 000,001,725 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2012/02/29 14:21:36 | 000,002,030 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
[2012/02/29 14:21:36 | 000,001,990 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Access.lnk
[2012/02/29 12:30:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2012/02/28 23:09:14 | 000,002,309 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Acrobat 7.0.lnk
[2012/02/28 17:53:12 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Copy of IrfanView.lnk
[2012/02/27 20:16:05 | 000,001,486 | ---- | C] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator (2).lnk
[2012/02/27 20:15:44 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to notepad.exe.lnk
[2012/02/27 15:34:09 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\KIJIJI.url
[2012/02/26 21:59:16 | 000,001,663 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2012/02/26 18:43:33 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2012/02/26 18:43:33 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/02/26 03:45:38 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\SubtitlesSynch.lnk
[2012/02/25 17:23:22 | 000,000,362 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Contact.lnk
[2012/02/25 16:46:40 | 000,002,241 | ---- | C] () -- C:\WINDOWS\panose.bin
[2012/02/25 16:39:29 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\PageMaker.lnk
[2012/02/25 16:15:48 | 000,002,365 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat Distiller 7.0.lnk
[2012/02/25 16:15:48 | 000,002,359 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Designer 7.0.lnk
[2012/02/25 16:15:48 | 000,002,335 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2012/02/25 16:15:48 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 7.0 Professional.lnk
[2012/02/25 15:55:04 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2012/02/25 04:58:15 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Freecell (2).lnk
[2012/02/25 04:40:46 | 000,000,151 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Weather.url
[2012/02/24 21:52:51 | 000,000,521 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\NOS.lnk
[2012/02/24 19:59:05 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\VLC.lnk
[2012/02/24 16:40:25 | 000,000,570 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\mazanaEmails.lnk
[2012/02/24 14:08:03 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/02/24 13:57:54 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/23 14:53:59 | 000,000,379 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\DLS.lnk
[2012/02/23 14:53:16 | 000,000,345 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Nick.lnk
[2012/02/23 02:20:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/23 02:20:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/22 20:16:25 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\IrfanView.lnk
[2012/02/22 19:10:26 | 000,000,479 | R--- | C] () -- C:\WINDOWS\System32\SSGH1LMK.SMT
[2012/02/22 18:42:10 | 000,001,029 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Shortcut to wordpad.exe.lnk
[2012/02/22 18:41:13 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\Nick\Desktop\Shortcut to notepad.exe.lnk
[2012/02/22 18:32:10 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Nick\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/22 16:01:56 | 000,001,686 | ---- | C] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/02/22 16:01:56 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Thunderbird.lnk
[2012/02/22 15:07:50 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\teksavvy.lnk
[2012/02/22 14:28:29 | 000,001,959 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NVIDIA Firewall.lnk
[2012/02/22 14:28:15 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/02/22 14:28:10 | 000,000,022 | ---- | C] () -- C:\WINDOWS\FileName
[2012/02/22 14:16:24 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2012/02/22 14:16:24 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2012/02/22 14:16:24 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2012/02/22 14:16:24 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2012/02/22 14:16:24 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2012/02/22 14:16:24 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2012/02/22 14:16:24 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2012/02/22 14:16:23 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2012/02/22 14:16:23 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2012/02/22 14:16:23 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2012/02/22 14:16:23 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2012/02/22 14:16:23 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2012/02/22 14:16:23 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2012/02/22 14:16:23 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2012/02/22 14:16:23 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2012/02/22 14:16:23 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2012/02/22 14:16:23 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2012/02/22 14:16:23 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2012/02/22 14:16:23 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2012/02/22 14:16:23 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2012/02/22 14:16:23 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2012/02/22 14:16:23 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2012/02/22 14:16:23 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2012/02/22 14:16:23 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2012/02/22 14:16:23 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2012/02/22 14:16:23 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2012/02/22 14:16:23 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2012/02/22 14:16:23 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2012/02/22 14:16:23 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2012/02/22 14:16:22 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2012/02/22 14:16:22 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2012/02/22 14:16:22 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2012/02/22 14:16:22 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2012/02/22 14:16:22 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2012/02/22 14:16:22 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2012/02/22 14:16:22 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2012/02/22 14:16:22 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2012/02/22 14:16:22 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2012/02/22 14:16:22 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2012/02/22 14:16:22 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2012/02/22 14:16:22 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2012/02/22 14:16:22 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2012/02/22 14:16:22 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2012/02/22 14:16:22 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2012/02/22 14:16:22 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2012/02/22 14:16:22 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2012/02/22 14:16:22 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2012/02/22 14:16:22 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2012/02/22 14:16:22 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2012/02/22 14:16:22 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2012/02/22 14:16:22 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2012/02/22 14:16:22 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2012/02/22 14:16:22 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2012/02/22 14:16:22 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2012/02/22 14:16:22 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2012/02/22 14:16:22 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2012/02/22 14:16:22 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2012/02/22 14:16:22 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2012/02/22 14:16:22 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2012/02/22 14:16:22 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2012/02/22 14:16:22 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2012/02/22 14:16:22 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2012/02/22 14:16:22 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2012/02/22 14:16:22 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2012/02/22 14:16:22 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2012/02/22 14:16:22 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2012/02/22 14:16:22 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2012/02/22 14:16:21 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2012/02/22 14:16:21 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2012/02/22 14:16:21 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2012/02/22 14:16:21 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2012/02/22 14:16:21 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2012/02/22 14:16:21 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2012/02/22 14:16:21 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2012/02/22 14:16:21 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2012/02/22 14:16:21 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2012/02/22 14:16:21 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2012/02/22 14:16:21 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2012/02/22 14:16:21 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2012/02/22 14:16:21 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2012/02/22 14:12:38 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012/02/22 14:12:38 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2012/02/22 14:12:36 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012/02/22 13:54:58 | 000,000,571 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MagicTune Premium.lnk
[2012/02/22 13:54:58 | 000,000,513 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GammaTray.lnk
[2012/02/22 13:54:58 | 000,000,507 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MagicTunePremium.lnk
[2012/02/22 13:47:51 | 000,039,291 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2012/02/22 13:47:34 | 000,015,868 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2012/02/22 13:16:25 | 000,003,632 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2012/02/22 13:16:22 | 000,001,391 | R--- | C] () -- C:\WINDOWS\System32\nvsmb.nvu
[2012/02/22 13:14:48 | 000,000,705 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2012/02/22 13:14:48 | 000,000,265 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2012/02/22 13:14:47 | 000,271,078 | R--- | C] () -- C:\WINDOWS\System32\Alert.bmp
[2012/02/22 13:03:46 | 000,020,905 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2012/02/22 13:03:46 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2012/02/22 13:03:26 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2012/02/21 13:51:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2012/02/20 20:27:36 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/02/20 20:27:30 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Nick\Start Menu\Programs\Outlook Express.lnk
[2012/02/20 20:27:28 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Nick\Start Menu\Programs\Internet Explorer.lnk
[2012/02/20 20:27:11 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Nick\Start Menu\Programs\Remote Assistance.lnk
[2012/02/20 20:27:11 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Nick\Start Menu\Programs\Windows Media Player.lnk
[2012/02/20 20:25:02 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012/02/20 20:24:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/02/20 20:23:29 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/02/20 20:23:15 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/02/20 20:23:08 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/02/20 20:23:07 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/02/20 20:23:04 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/02/20 20:22:56 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/02/20 20:22:51 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/02/20 20:22:38 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/02/20 20:21:43 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/02/20 20:21:43 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/02/20 20:21:43 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/02/20 20:21:43 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012/02/20 20:21:43 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012/02/20 20:21:35 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/02/20 20:21:34 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012/02/20 20:21:34 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/02/20 20:20:23 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/02/20 20:20:09 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012/02/20 20:19:32 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012/02/20 20:19:32 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012/02/20 20:19:24 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012/02/20 20:18:16 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/02/20 20:18:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/02/20 20:17:41 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/02/20 20:17:10 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2012/02/20 20:17:10 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2012/02/20 20:17:10 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2012/02/20 20:17:10 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2012/02/20 20:17:10 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2012/02/20 20:17:10 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2012/02/20 20:17:09 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2012/02/20 20:17:09 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2012/02/20 20:17:09 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2012/02/20 20:17:09 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2012/02/20 20:17:09 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2012/02/20 20:17:06 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012/02/20 20:17:05 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012/02/20 20:17:04 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012/02/20 20:16:56 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2012/02/20 14:49:30 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/02/20 14:49:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/02/20 14:49:24 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012/02/20 14:49:24 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012/02/20 14:49:24 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012/02/20 14:49:23 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012/02/20 14:49:02 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/02/20 14:47:12 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/02/20 14:47:12 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/02/20 14:47:12 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/02/20 14:47:12 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/02/20 14:47:12 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/02/20 14:47:12 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/02/20 14:47:12 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012/02/20 14:47:11 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012/02/20 14:46:29 | 000,134,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/20 14:45:27 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2012/02/20 14:45:22 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
========== LOP Check ========== [2012/03/12 20:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2012/03/11 18:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2012/03/01 16:29:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2012/02/28 03:54:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2012/03/12 13:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/03/16 12:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Azureus
[2012/03/11 18:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\CheckPoint
[2012/03/01 17:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\DVDVideoSoft
[2012/03/01 17:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\DVDVideoSoftIEHelpers
[2012/02/26 22:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\FileZilla
[2012/02/22 15:20:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\Thunderbird
[2012/03/09 00:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nick\Application Data\uTorrent
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/03 19:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/04/14 06:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 06:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/03 19:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >[2004/08/03 19:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 06:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 06:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2004/08/03 19:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 06:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 06:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/16 10:40:42 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/16 10:40:42 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/16 10:40:42 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/16 10:40:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/16 10:40:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/16 10:40:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 08:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 08:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 08:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/16 10:40:42 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/16 10:40:42 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/16 10:40:42 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/16 10:40:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/16 10:40:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/16 10:40:41 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 08:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 08:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 08:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05D195EC
< End of report >
Edited by NickKeenan, 16 March 2012 - 12:29 PM.