OTL logfile created on: 5/8/2011 4:17:39 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\-Jigsaw-\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 596.17 Gb Total Space | 11.81 Gb Free Space | 1.98% Space Free | Partition Type: NTFS Drive D: | 6.85 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: JIGSAW | User Name: -Jigsaw- | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\-Jigsaw-\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Documents and Settings\-Jigsaw-\Desktop\RootRepeal.exe ( ) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.) PRC - C:\Program Files\DAEMON Tools Pro\DTProShellHlp.exe (DT Soft Ltd) PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\HPZipm12.exe (HP) OTL Extras logfile created on: 5/8/2011 4:17:39 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\-Jigsaw-\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 596.17 Gb Total Space | 11.81 Gb Free Space | 1.98% Space Free | Partition Type: NTFS Drive D: | 6.85 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: JIGSAW | User Name: -Jigsaw- | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l .scr [@ = scrfile] -- "%1" /S [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 "3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- () "C:\Program Files\Steam\steam.exe" = C:\Program Files\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment) "C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft) "C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor -- (Ubisoft Entertainment) "C:\Program Files\Hamachi\hamachi.exe" = C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi -- (LogMeIn Inc.) "C:\UT2004\System\UT2004.exe" = C:\UT2004\System\UT2004.exe:*:Enabled:UT2004 -- () "C:\Program Files\Adobe\Adobe After Effects CS4\Support Files\AfterFX.exe" = C:\Program Files\Adobe\Adobe After Effects CS4\Support Files\AfterFX.exe:*:Enabled:Adobe After Effects CS4 -- (Adobe Systems Incorporated) "C:\Program Files\Autodesk\Backburner\monitor.exe" = C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor -- (Autodesk, Inc.) "C:\Program Files\Autodesk\Backburner\manager.exe" = C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager -- (Autodesk, Inc.) "C:\Program Files\Autodesk\Backburner\server.exe" = C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server -- (Autodesk, Inc.) "C:\Program Files\Autodesk\3ds Max 2009\3dsmax.exe" = C:\Program Files\Autodesk\3ds Max 2009\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2009 32-bit -- (Autodesk, Inc.) "C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.) "C:\Program Files\Autodesk\Maya2010\bin\maya.exe" = C:\Program Files\Autodesk\Maya2010\bin\maya.exe:*:Enabled:Maya -- (Autodesk) "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH) "C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH) "C:\Program Files\Crazybump\CB.exe" = C:\Program Files\Crazybump\CB.exe:*:Enabled:crazybump -- () "C:\Program Files\Sierra\FEAR\FEAR.exe" = C:\Program Files\Sierra\FEAR\FEAR.exe:*:Enabled:FEAR -- (Monolith Productions, Inc.) "C:\Program Files\Sierra\FEAR\FEARMP.exe" = C:\Program Files\Sierra\FEAR\FEARMP.exe:*:Enabled:FEAR -- (Monolith Productions, Inc.) "C:\Program Files\Sierra\FEAR\FEARXP\FEARXP.exe" = C:\Program Files\Sierra\FEAR\FEARXP\FEARXP.exe:*:Enabled:FEARXP -- (Monolith Productions, Inc.) "C:\Program Files\Sierra Entertainment\FEAR Perseus Mandate\FEARXP2.exe" = C:\Program Files\Sierra Entertainment\FEAR Perseus Mandate\FEARXP2.exe:*:Enabled:FEARXP2 -- (TimeGate Studios, Inc.) "C:\Documents and Settings\-Jigsaw-\My Documents\My Games\UrbanTerror\ioUrbanTerror.exe" = C:\Documents and Settings\-Jigsaw-\My Documents\My Games\UrbanTerror\ioUrbanTerror.exe:*:Enabled:ioUrbanTerror -- () "C:\Program Files\Atari\AITD\Alone.exe" = C:\Program Files\Atari\AITD\Alone.exe:*:Enabled:Alone In The Dark -- (Eden Games) "C:\Program Files\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe" = C:\Program Files\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.) "C:\Documents and Settings\-Jigsaw-\My Documents\My Games\UrbanTerror\ioUrTded.exe" = C:\Documents and Settings\-Jigsaw-\My Documents\My Games\UrbanTerror\ioUrTded.exe:*:Enabled:ioUrTded -- () "C:\Documents and Settings\-Jigsaw-\My Documents\My Games\UrbanTerror\ioUrbanTerror_q3cbufexec.exe" = C:\Documents and Settings\-Jigsaw-\My Documents\My Games\UrbanTerror\ioUrbanTerror_q3cbufexec.exe:*:Enabled:ioUrbanTerror_q3cbufexec -- () "C:\Documents and Settings\-Jigsaw-\My Documents\My Games\Warcraft III\Warcraft III.exe" = C:\Documents and Settings\-Jigsaw-\My Documents\My Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment) "C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe" = C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- () "C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.) "C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe" = C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:swarm -- () "C:\Program Files\Steam\steamapps\j1g5aw\half-life 2 deathmatch\hl2.exe" = C:\Program Files\Steam\steamapps\j1g5aw\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2 -- () "C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe" = C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead -- () "C:\Documents and Settings\-Jigsaw-\My Documents\My Games\UrbanTerrorHD\UrbanTerrorHD_release.exe" = C:\Documents and Settings\-Jigsaw-\My Documents\My Games\UrbanTerrorHD\UrbanTerrorHD_release.exe:*:Enabled:UrbanTerrorHD_release -- () "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Program Files\Steam\steamapps\j1g5aw\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\j1g5aw\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- () "C:\Program Files\Steam\steamapps\common\fear2\FEAR2.exe" = C:\Program Files\Steam\steamapps\common\fear2\FEAR2.exe:*:Enabled:F.E.A.R. 2: Project Origin -- () "C:\Program Files\EslWire\wire.exe" = C:\Program Files\EslWire\wire.exe:*:Enabled:ESL Wire Client -- (Turtle Entertainment GmbH) "C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe" = C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe:*:Enabled:Dungeon Siege 2 Game Executable -- (Gas Powered Games) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R) "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.2 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{24EB39DB-B958-413D-818E-C0875101C96B}" = FPS Creator Model Pack - 10 "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0 "{26635B55-00CE-4C8D-8B2D-3765707AB378}" = Dark Basic Professional "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR "{310AFA6B-094D-45DA-8389-4712074B6A22}" = Maya 2010 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A316611-45D1-429C-AA26-B71259C44689}" = HP Photosmart, Officejet and Deskjet 7.0.A "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3ad61ee5-81d2-4d7e-adef-da1dd37277d1}" = Python 3.1 "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1 "{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA "{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}" = gmax "{40C03514-89C3-41BA-0090-3B440256DB87}" = The Sims 2 "{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit "{444E3FAE-DC6D-498B-BF98-6B6B61CA46D9}" = FPS Creator Model Pack - 9 "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4 "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{511DF669-2930-30C0-8EB6-552887E29EC8}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA "{51C48D1F-9BBF-450A-BBCE-1D775AB94B15}" = FileMaker Pro 9 "{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands "{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7 "{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra "{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}" = Everio MediaBrowser "{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes "{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade "{6084D038-3401-4C9D-A216-86E6EEA25AFB}" = ZBrush3 "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support "{60E2C8C9-6CF3-4B1A-9618-E304946C94E6}" = Python 2.4.4 "{64EEA791-0271-4B53-00AC-2BF05F5FBEF6}" = The Sims™ Castaway Stories "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6C1196CF-B4AD-4847-B70C-F034A781445E}" = GtkRadiant-1.4.0 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{71E13F8B-365D-4FCF-BA69-9209FAF9D680}" = FPS Creator Model Pack - 5 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}" = Nokia PC Suite "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7784A172-61F1-445E-8368-601607E0DD22}" = MP3 Player Utilities 4.00 "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client "{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme "{8151518B-A59D-4FC2-89AA-D99084EBC0FD}" = FPS Creator Model Pack - 17 "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{84FB24B0-9973-4370-B107-7C38DDF20ABC}" = Gamer HUD "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist "{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 "{8D0BB1D1-E9FB-49E9-A9C1-09C00F38DA0C}" = FEAR Perseus Mandate "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003 "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_XWeb_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_XWeb_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_XWeb_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0045-0000-0000-0000000FF1CE}" = Microsoft Expression Web 2 "{90120000-0045-0000-0000-0000000FF1CE}_XWeb_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0045-0409-0000-0000000FF1CE}" = Microsoft Expression Web 2 MUI (English) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_XWeb_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_XWeb_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{909BBDB7-BABE-434C-9124-863A9F8D1CF8}" = FEAR Extraction Point "{948BE614-F37B-4A73-AD43-0245F23C110D}" = Logitech GamePanel Software 2.00 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1" = Universal AntiCheat 3 v1.026 r1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A10D9B03-AABB-47D7-8A30-2FEA97E70BC7}" = Quake Live Mozilla Plugin "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2 "{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver "{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.1 "{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4 "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4 "{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3 "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Apartment Life "{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution "{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}" = Sony Vegas Pro 8.0 "{B91E4360-298A-4306-9E95-9AD91A0952A1}" = FPS Creator "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BDB48672-B567-4A4B-989E-0A7C2E220B6F}" = FPS Creator Model Pack - 16 "{BE9A67F1-BDD3-4259-9F5C-2EFCE6B3A6C5}" = Clive Barker's Jericho "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter "{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0 "{CDF97135-7FD2-4289-96B8-DD4505267ACD}" = ESET NOD32 Antivirus "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5 "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4 "{E0C90349-E55E-4161-87CF-6DCA54FFECF8}" = LG PC Suite II "{E5874895-A35A-4EF9-8720-8FA946AF842F}_is1" = Safe Returner 1.28 "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{E67FF1A2-23C1-4102-84E9-42115F77AD32}" = UltraMon "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F24C1A1D-7553-43CD-A1D7-2384273FA8F6}" = Grave Matter "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FDD8070F-E3B9-0409-822C-CCFE5E82C14D}" = Autodesk 3ds Max 2009 32-bit "3D World Studio_is1" = 3D World Studio 5.52 "504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) "53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "7-Zip" = 7-Zip 4.65 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4 "Advanced Sound Recorder_is1" = Advanced Sound Recorder v6.0 "Alone In The Dark_is1" = Alone In The Dark "Audacity_is1" = Audacity 1.2.6 "AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0 "AviSynth" = AviSynth 2.5 "Blender" = Blender (remove only) "Browser Defender_is1" = Browser Defender 2.0.6.15 "Bryce 6.3 6.3.0.84" = Bryce 6.3 "Bryce 6.3 Content 6.3.0.84" = Bryce 6.3 Content "Bryce Lightning 6.3 6.3.0.84" = Bryce Lightning 6.3 "Burn4Free" = Burn4Free CD and DVD "Burn4Free Toolbar" = Burn4Free Toolbar "Cheat Engine 5.5_is1" = Cheat Engine 5.5 "CoffeeCup GIF Animator" = CoffeeCup GIF Animator "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "Crazybump" = Crazybump (remove only) "CSStrat" = CSStrat "Cycore FX 1.0.1 for After Effects" = Cycore FX 1.0.1 for After Effects "CycoreFX HD 1.6.5 for After Effects" = CycoreFX HD 1.6.5 for After Effects "D978F69D5F15B845BD6BC6F8BF9BCD36982A2087" = Windows Driver Package - Nokia Modem (02/24/2009 4.0) "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DungeonSiege2" = Dungeon Siege 2 "DVD Decrypter" = DVD Decrypter (Remove Only) "DVD Shrink_is1" = DVD Shrink 3.2 "DVD-CLONER VI_is1" = DVD-CLONER V6.00 Build 978 "DVD-to-AVI 4.00_is1" = DVD-to-AVI 4.00 Build 807 "E7F682214B951640C9C539C41FDA1A7F836FF7B6" = Windows Driver Package - Nokia Modem (02/23/2009 7.01.0.2) "Easy GIF Animator_is1" = Easy GIF Animator 3.5 "Easy Graphic Converter 1.2_is1" = Easy Graphic Converter 1.2 "Easy Video Splitter_is1" = Easy Video Splitter 1.28 "ESL Wire_is1" = ESL Wire 1.9.7 "FBX Plugin 2009.0 for Max 2009" = FBX Plugin 2009.0 for Max 2009 "ffdshow_is1" = ffdshow [rev 2975] [2009-05-28] "Freez FLV to MP3 Converter v1.5_is1" = Freez FLV to MP3 Converter "GIF Animator" = Microsoft GIF Animator "Hamachi" = Hamachi 1.0.3.0 "IsoBuster_is1" = IsoBuster 2.5 "Keylight 1.2v1 for After Effects 7.0_is1" = Keylight 1.2v1 for After Effects 7.0 "KeyTweak" = KeyTweak - Keyboard Remapper (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "LAME for Audacity_is1" = LAME v3.98.2 for Audacity "Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MilkShape 3D 1.7.4" = MilkShape 3D 1.7.4 "mIRC" = mIRC "Monopoly by Parker Brothers" = Monopoly by Parker Brothers "Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10) "Nokia PC Suite" = Nokia PC Suite "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "OJOsoft Total Video Converter_is1" = OJOsoft Total Video Converter "particleIllusion 3.0" = particleIllusion 3.0 "Power DVD Burning Studio_is1" = Power DVD Burning Studio 10.0.11.88 "PunkBusterSvc" = PunkBuster Services "Q3AM_is1" = Q3AMv6 "RealAlt_is1" = Real Alternative 1.8.4 Lite "RealPlayer 12.0" = RealPlayer "Replay Media Catcher 3.11B" = Replay Media Catcher "RocketDock_is1" = RocketDock 1.3.5 "Spyware Doctor" = Spyware Doctor 7.0 "StarCraft II Beta" = StarCraft II Beta "Steam App 16450" = F.E.A.R. 2: Project Origin "Steam App 340" = Half-Life 2: Lost Coast "Steam App 500" = Left 4 Dead "Steam App 550" = Left 4 Dead 2 "Trapcode Form" = Trapcode Form "Trapcode Particular" = Trapcode Particular "Trapcode Shine" = Trapcode Shine "Tunatic" = Tunatic "UT2004" = Unreal Tournament 2004 "uTorrent" = µTorrent "VASST PIPSelection" = VASST PIPSelection 1.2.0 "Video to GIF Converter_is1" = Video to GIF Converter 5.20 "Videora iPod Converter" = Videora iPod Converter 5.04 "VLC media player" = VLC media player 0.9.8a "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGTK-2_is1" = GTK+ 2.10.6-1 runtime environment "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "Xfire" = Xfire (remove only) "Xilisoft DVD Ripper Ultimate 5" = Xilisoft DVD Ripper Ultimate "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "Xvid_is1" = Xvid 1.2.2 final uninstall "XWeb" = Microsoft Expression Web 2 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "JFileRecovery" = JFileRecovery "uTorrent" = µTorrent [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 5/7/2011 11:09:41 PM | Computer Name = JIGSAW | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: A connection with the server could not be established Error - 5/7/2011 11:09:42 PM | Computer Name = JIGSAW | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 5/7/2011 11:09:42 PM | Computer Name = JIGSAW | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error - 5/7/2011 11:20:21 PM | Computer Name = JIGSAW | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: A connection with the server could not be established Error - 5/7/2011 11:25:03 PM | Computer Name = JIGSAW | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: A connection with the server could not be established Error - 5/8/2011 1:09:57 AM | Computer Name = JIGSAW | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 5/8/2011 1:09:57 AM | Computer Name = JIGSAW | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 5/8/2011 1:09:58 AM | Computer Name = JIGSAW | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: A connection with the server could not be established Error - 5/8/2011 1:09:59 AM | Computer Name = JIGSAW | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 5/8/2011 1:09:59 AM | Computer Name = JIGSAW | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. [ System Events ] Error - 5/7/2011 11:19:23 PM | Computer Name = JIGSAW | Source = Service Control Manager | ID = 7034 Description = The mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit service terminated unexpectedly. It has done this 1 time(s). Error - 5/7/2011 11:22:35 PM | Computer Name = JIGSAW | Source = Ftdisk | ID = 262189 Description = The system could not sucessfully load the crash dump driver. Error - 5/7/2011 11:22:35 PM | Computer Name = JIGSAW | Source = Ftdisk | ID = 262193 Description = Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. Error - 5/7/2011 11:24:22 PM | Computer Name = JIGSAW | Source = Service Control Manager | ID = 7022 Description = The Automatic Updates service hung on starting. Error - 5/7/2011 11:24:50 PM | Computer Name = JIGSAW | Source = Service Control Manager | ID = 7034 Description = The mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit service terminated unexpectedly. It has done this 1 time(s). Error - 5/7/2011 11:37:22 PM | Computer Name = JIGSAW | Source = Ftdisk | ID = 262189 Description = The system could not sucessfully load the crash dump driver. Error - 5/7/2011 11:37:22 PM | Computer Name = JIGSAW | Source = Ftdisk | ID = 262193 Description = Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. Error - 5/8/2011 12:22:09 AM | Computer Name = JIGSAW | Source = Service Control Manager | ID = 7034 Description = The mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit service terminated unexpectedly. It has done this 1 time(s). Error - 5/8/2011 12:22:09 AM | Computer Name = JIGSAW | Source = Service Control Manager | ID = 7034 Description = The PnkBstrA service terminated unexpectedly. It has done this 1 time(s). Error - 5/8/2011 12:22:09 AM | Computer Name = JIGSAW | Source = Service Control Manager | ID = 7034 Description = The Autodesk Licensing Service service terminated unexpectedly. It has done this 1 time(s). < End of report > [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Documents and Settings\-Jigsaw-\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (sdCoreService) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools) SRV - (sdAuxService) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools) SRV - (Browser Defender Update Service) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET) SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET) SRV - (mi-raysat_3dsMax2009_32) -- C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe () SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (RegKernelHelp) -- File not found DRV - (catchme) -- File not found DRV - (ESLWireAC) -- C:\WINDOWS\system32\drivers\ESLWireACD.sys () DRV - (ESLvnic1) -- C:\WINDOWS\system32\drivers\ESLvnic.sys (Turtle Entertainment GmbH) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools) DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET) DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET) DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET) DRV - (VCSVADHWSer) Avnex Virtual Audio Device (WDM) -- C:\WINDOWS\system32\drivers\vcsvad.sys (Avnex) DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (lgmdmdm) -- C:\WINDOWS\system32\drivers\lgmdmdm.sys (MCCI Corporation) DRV - (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\lgmdmgmt.sys (MCCI Corporation) DRV - (lgmdobex) -- C:\WINDOWS\system32\drivers\lgmdobex.sys (MCCI Corporation) DRV - (lgmdbus) LG Mobile driver (WDM) -- C:\WINDOWS\system32\drivers\lgmdbus.sys (MCCI Corporation) DRV - (lgmdmdfl) -- C:\WINDOWS\system32\drivers\lgmdmdfl.sys (MCCI Corporation) DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec) DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultthis.engineName: "Freecorder Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "www.google.com" FF - prefs.js..extensions.enabledItems: support@burn4free-toolbar.com:1.0 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/05/01 03:10:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/29 20:28:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/17 10:43:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009/04/09 20:59:19 | 000,000,000 | ---D | M] [2009/04/09 00:03:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Extensions [2011/04/29 22:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Firefox\Profiles\24mt2the.default\extensions [2009/09/02 16:06:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Firefox\Profiles\24mt2the.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/11/11 20:33:31 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Firefox\Profiles\24mt2the.default\extensions\{64e8cc5b-20db-4212-8320-178fc5ae71f7} [2009/11/29 21:30:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Firefox\Profiles\24mt2the.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8} [2009/11/29 21:30:02 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Firefox\Profiles\24mt2the.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}(2) [2010/04/10 02:16:12 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Firefox\Profiles\24mt2the.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2009/11/29 21:30:06 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Firefox\Profiles\24mt2the.default\extensions\DTToolbar@toolbarnet(2).com [2009/11/29 21:30:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Firefox\Profiles\24mt2the.default\extensions\DTToolbar@toolbarnet.com [2010/10/20 13:40:12 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Firefox\Profiles\24mt2the.default\searchplugins\conduit.xml [2009/04/29 08:07:33 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\Application Data\Mozilla\Firefox\Profiles\24mt2the.default\searchplugins\daemon-search.xml [2011/04/29 22:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2009/11/15 21:53:07 | 000,000,000 | ---D | M] (Burn4Free Toolbar) -- C:\PROGRAM FILES\BURN4FREE TOOLBAR\V3.3.0.3\FIREFOX [2009/11/16 22:39:00 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD\FIREFOX\EXT O1 HOSTS File: ([2011/05/08 13:37:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKLM\..\Toolbar: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll () O3 - HKCU\..\Toolbar\ShellBrowser: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll () O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd) O4 - Startup: C:\Documents and Settings\-Jigsaw-\Start Menu\Programs\Startup\GIGABYTE Gamer HUD.lnk = C:\Program Files\GIGABYTE\Gamer HUD\HUD.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MBCameraMonitor.lnk = C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe (PIXELA CORPORATION) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html () O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\-Jigsaw-\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\-Jigsaw-\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/04/08 16:46:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKCU\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/05/08 16:18:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-Jigsaw-\Desktop\Logs [2011/05/08 16:16:47 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\-Jigsaw-\Desktop\OTL.exe [2011/05/08 14:49:47 | 000,472,064 | ---- | C] ( ) -- C:\Documents and Settings\-Jigsaw-\Desktop\RootRepeal.exe [2011/05/08 14:35:59 | 000,645,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\-Jigsaw-\Desktop\OTS.exe [2011/05/08 14:21:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SafeReturner [2011/05/08 14:21:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Safe Returner [2011/05/08 14:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\Safe Returner [2011/05/08 14:21:09 | 003,676,946 | ---- | C] (SafeReturner Anti-Malware Studio ) -- C:\Documents and Settings\-Jigsaw-\Desktop\safereturner.exe [2011/05/08 13:41:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2011/05/08 12:44:43 | 000,000,000 | ---D | C] -- C:\commy [2011/05/08 12:27:17 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/05/08 12:18:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/05/08 12:18:02 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/05/08 12:18:02 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/05/08 12:18:02 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/05/08 12:17:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/05/08 12:17:05 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/05/05 12:50:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-Jigsaw-\My Documents\Adobe [2011/04/25 00:03:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-Jigsaw-\My Documents\TikGames [2011/04/25 00:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Hasbro [2011/04/25 00:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\Hasbro [2011/04/24 09:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-Jigsaw-\My Documents\ESL Match Media [2011/04/16 20:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\Roadkil.Net [2011/04/16 20:42:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Roadkil.Net [2011/04/16 17:57:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dungeon Siege 2 [2011/04/16 17:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games [2011/04/09 15:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-Jigsaw-\Local Settings\Application Data\ESL Wire Game Client [2011/04/09 15:13:33 | 000,812,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\ESLWireACD.sys [2011/04/09 15:13:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ESL Wire [2011/04/09 15:13:27 | 000,024,504 | ---- | C] (Turtle Entertainment GmbH) -- C:\WINDOWS\System32\drivers\ESLvnic.sys [2011/04/09 15:13:27 | 000,000,000 | ---D | C] -- C:\Program Files\EslWire [2011/04/09 15:13:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESL Wire [2009/11/15 22:54:26 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\-Jigsaw-\Application Data\pcouffin.sys [2009/05/14 21:02:10 | 003,392,872 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\Common Files\adlmint_libFNP.dll [2009/05/14 21:02:10 | 003,298,152 | ---- | C] (Autodesk) -- C:\Program Files\Common Files\adlmint.dll [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/05/08 16:16:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\-Jigsaw-\Desktop\OTL.exe [2011/05/08 15:26:55 | 000,000,015 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\Desktop\settings.dat [2011/05/08 14:49:52 | 000,472,064 | ---- | M] ( ) -- C:\Documents and Settings\-Jigsaw-\Desktop\RootRepeal.exe [2011/05/08 14:36:06 | 000,645,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\-Jigsaw-\Desktop\OTS.exe [2011/05/08 14:21:50 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safe Returner.lnk [2011/05/08 14:21:50 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Kill Rogue Process.lnk [2011/05/08 14:21:37 | 003,676,946 | ---- | M] (SafeReturner Anti-Malware Studio ) -- C:\Documents and Settings\-Jigsaw-\Desktop\safereturner.exe [2011/05/08 14:20:33 | 003,314,232 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\Desktop\regacesetup.exe [2011/05/08 13:37:30 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2011/05/08 13:37:28 | 000,254,909 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2011/05/08 13:37:19 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/05/08 13:36:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/05/08 13:11:08 | 004,343,224 | R--- | M] () -- C:\Documents and Settings\-Jigsaw-\Desktop\commy.exe [2011/05/08 12:27:21 | 000,000,339 | RHS- | M] () -- C:\boot.ini [2011/05/08 11:51:24 | 000,000,223 | ---- | M] () -- C:\Boot.bak [2011/05/08 11:43:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/05/08 11:16:39 | 000,018,340 | -HS- | M] () -- C:\Documents and Settings\-Jigsaw-\Local Settings\Application Data\mncleotu8bxhx2j6rih3pir8 [2011/05/08 11:16:39 | 000,018,340 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\mncleotu8bxhx2j6rih3pir8 [2011/05/07 23:29:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011/05/07 18:09:49 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/04/26 16:14:58 | 000,053,688 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\demotivation.us_Hold-F11-If-you-laugh-you-are-a-really-bad-person_130017821718.jpg [2011/04/25 00:00:20 | 000,000,918 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Monopoly by Parker Brothers.lnk [2011/04/24 09:56:16 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ESL Wire.lnk [2011/04/23 17:32:14 | 000,155,836 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\cat2.jpg [2011/04/23 17:11:42 | 000,068,074 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\nyan_cat_timelapse_by_kingaby-d3dygfa.jpg [2011/04/22 00:43:42 | 000,498,212 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\Myth_Dragon_Wars.jpg [2011/04/22 00:43:34 | 000,317,528 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\Elektric_HD_desktop_theme.jpg [2011/04/22 00:42:05 | 000,197,354 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\Fantasy-Dragon-14858-926778.jpeg [2011/04/22 00:39:33 | 000,566,596 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\games-wallpapers-1920x1080.jpg [2011/04/22 00:39:15 | 000,298,989 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\hellgate-london-hd-wallpapers.jpg [2011/04/18 12:10:56 | 000,812,448 | ---- | M] () -- C:\WINDOWS\System32\drivers\ESLWireACD.sys [2011/04/17 01:06:48 | 000,487,199 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302962153950.jpg [2011/04/17 01:06:37 | 000,562,830 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302964207168.jpg [2011/04/17 01:06:33 | 001,459,661 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302964079744.jpg [2011/04/17 01:04:30 | 000,473,677 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302963759950.jpg [2011/04/17 01:04:26 | 000,334,263 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302964150158.jpg [2011/04/17 01:04:19 | 000,150,704 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302963425149.jpg [2011/04/17 01:04:11 | 000,090,057 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302963975287.jpg [2011/04/17 01:04:06 | 000,247,065 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302964233096.jpg [2011/04/17 01:03:06 | 000,229,310 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302958301309.jpg [2011/04/17 01:02:42 | 000,730,453 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302958479901.jpg [2011/04/17 01:02:33 | 001,976,541 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302959587377.png [2011/04/17 01:01:54 | 000,824,091 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302958269992.jpg [2011/04/17 00:59:58 | 000,313,425 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302958418807.jpg [2011/04/17 00:58:43 | 000,242,705 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302965889483.jpg [2011/04/17 00:58:16 | 000,765,869 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302963378886.jpg [2011/04/17 00:52:48 | 000,028,385 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302954701624.jpg [2011/04/16 20:42:44 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Roadkil's Unstoppable Copier.lnk [2011/04/16 20:27:17 | 000,001,974 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\Desktop\JFileRecovery.lnk [2011/04/16 17:57:33 | 000,001,816 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dungeon Siege 2.lnk [2011/04/16 17:06:17 | 000,000,150 | ---- | M] () -- C:\WINDOWS\cdplayer.ini [2011/04/16 16:36:46 | 002,108,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/04/15 20:24:35 | 000,443,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/04/15 20:24:35 | 000,071,846 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/04/09 15:19:53 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\Desktop\UrbanTerror.lnk [2011/04/09 14:35:32 | 000,018,519 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\x5cg.jpg [2011/04/09 14:29:56 | 000,012,084 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\x5blacks.jpg [2011/04/09 14:18:32 | 000,207,076 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\exile52.png [2011/04/09 14:12:31 | 000,256,840 | ---- | M] () -- C:\Documents and Settings\-Jigsaw-\My Documents\exile5s.png [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/05/08 15:07:29 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Desktop\settings.dat [2011/05/08 14:21:50 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Safe Returner.lnk [2011/05/08 14:21:50 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Kill Rogue Process.lnk [2011/05/08 14:20:07 | 003,314,232 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Desktop\regacesetup.exe [2011/05/08 13:11:07 | 004,343,224 | R--- | C] () -- C:\Documents and Settings\-Jigsaw-\Desktop\commy.exe [2011/05/08 12:27:21 | 000,000,223 | ---- | C] () -- C:\Boot.bak [2011/05/08 12:27:18 | 000,260,272 | RHS- | C] () -- C:\cmldr [2011/05/08 12:18:02 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/05/08 12:18:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/05/08 12:18:02 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/05/08 12:18:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/05/08 12:18:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/05/08 10:24:25 | 000,018,340 | -HS- | C] () -- C:\Documents and Settings\-Jigsaw-\Local Settings\Application Data\mncleotu8bxhx2j6rih3pir8 [2011/05/08 10:24:25 | 000,018,340 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\mncleotu8bxhx2j6rih3pir8 [2011/04/26 16:14:58 | 000,053,688 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\demotivation.us_Hold-F11-If-you-laugh-you-are-a-really-bad-person_130017821718.jpg [2011/04/25 00:00:20 | 000,000,918 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Monopoly by Parker Brothers.lnk [2011/04/23 17:32:13 | 000,155,836 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\cat2.jpg [2011/04/23 17:11:42 | 000,068,074 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\nyan_cat_timelapse_by_kingaby-d3dygfa.jpg [2011/04/22 00:43:42 | 000,498,212 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\Myth_Dragon_Wars.jpg [2011/04/22 00:43:34 | 000,317,528 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\Elektric_HD_desktop_theme.jpg [2011/04/22 00:42:04 | 000,197,354 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\Fantasy-Dragon-14858-926778.jpeg [2011/04/22 00:39:33 | 000,566,596 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\games-wallpapers-1920x1080.jpg [2011/04/22 00:39:14 | 000,298,989 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\hellgate-london-hd-wallpapers.jpg [2011/04/17 01:06:48 | 000,487,199 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302962153950.jpg [2011/04/17 01:06:37 | 000,562,830 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302964207168.jpg [2011/04/17 01:06:33 | 001,459,661 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302964079744.jpg [2011/04/17 01:04:30 | 000,473,677 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302963759950.jpg [2011/04/17 01:04:26 | 000,334,263 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302964150158.jpg [2011/04/17 01:04:19 | 000,150,704 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302963425149.jpg [2011/04/17 01:04:11 | 000,090,057 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302963975287.jpg [2011/04/17 01:04:05 | 000,247,065 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302964233096.jpg [2011/04/17 01:03:06 | 000,229,310 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302958301309.jpg [2011/04/17 01:02:42 | 000,730,453 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302958479901.jpg [2011/04/17 01:02:33 | 001,976,541 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302959587377.png [2011/04/17 01:01:54 | 000,824,091 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302958269992.jpg [2011/04/17 00:59:57 | 000,313,425 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302958418807.jpg [2011/04/17 00:58:43 | 000,242,705 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302965889483.jpg [2011/04/17 00:58:16 | 000,765,869 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302963378886.jpg [2011/04/17 00:52:48 | 000,028,385 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\1302954701624.jpg [2011/04/16 20:42:44 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Roadkil's Unstoppable Copier.lnk [2011/04/16 20:27:17 | 000,001,974 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Desktop\JFileRecovery.lnk [2011/04/16 17:57:33 | 000,001,816 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dungeon Siege 2.lnk [2011/04/09 15:13:32 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ESL Wire.lnk [2011/04/09 14:35:32 | 000,018,519 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\x5cg.jpg [2011/04/09 14:29:55 | 000,012,084 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\x5blacks.jpg [2011/04/09 14:18:32 | 000,207,076 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\exile52.png [2011/04/09 14:12:31 | 000,256,840 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\My Documents\exile5s.png [2011/03/22 21:39:10 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll [2011/03/20 23:23:39 | 000,018,232 | -HS- | C] () -- C:\Documents and Settings\-Jigsaw-\Local Settings\Application Data\r13fsel453rx [2011/03/20 23:23:39 | 000,018,232 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\r13fsel453rx [2011/02/26 11:19:32 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2011/01/24 15:22:45 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011/01/24 15:22:29 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat [2011/01/20 13:13:12 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010/08/27 18:58:34 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Application Data\MPQEditor.ini [2010/07/17 06:50:58 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010/07/09 16:29:55 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2010/07/08 16:34:56 | 000,113,152 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/19 17:33:59 | 000,000,466 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI [2010/03/27 23:01:31 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\mp3Media2.dll [2010/03/06 14:02:57 | 001,333,620 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Application Data\NMM-MetaData.db [2010/02/22 16:03:09 | 000,000,338 | ---- | C] () -- C:\WINDOWS\kaillera.ini [2009/12/25 22:20:49 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat [2009/12/25 21:32:07 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2009/12/25 21:13:39 | 002,293,286 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2009/11/15 22:54:42 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/11/15 22:54:26 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Application Data\ezpinst.exe [2009/11/15 22:54:26 | 000,007,176 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Application Data\pcouffin.cat [2009/11/15 22:54:26 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Application Data\pcouffin.inf [2009/10/23 15:00:41 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Local Settings\Application Data\fusioncache.dat [2009/10/14 21:21:03 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll [2009/08/02 23:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009/08/02 23:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009/08/02 23:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2009/08/02 22:56:02 | 000,000,085 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2009/07/24 03:43:03 | 000,036,868 | ---- | C] () -- C:\Program Files\uninst-3DStroke.exe [2009/07/23 23:50:53 | 000,110,415 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2009/07/23 23:50:41 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2009/07/23 23:50:35 | 000,006,947 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat [2009/06/23 20:03:15 | 000,000,598 | ---- | C] () -- C:\WINDOWS\ae_mini.INI [2009/06/23 17:52:13 | 000,005,085 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xpbthzbm.qqq [2009/06/14 00:23:03 | 000,000,412 | ---- | C] () -- C:\WINDOWS\asr.INI [2009/04/29 16:56:56 | 000,000,766 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/04/22 18:23:39 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll [2009/04/17 03:20:44 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\-Jigsaw-\Application Data\PnkBstrK.sys [2009/04/17 03:20:24 | 002,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2009/04/15 23:28:02 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/04/13 23:14:55 | 000,000,150 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009/04/10 01:07:07 | 000,107,832 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009/04/10 01:06:38 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009/04/09 21:34:00 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2009/04/09 19:48:18 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/04/09 00:03:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/04/08 19:36:58 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/04/08 19:34:04 | 002,108,104 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/04/08 16:48:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009/04/08 16:44:33 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008/08/24 14:11:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008/08/24 14:11:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2008/08/24 14:11:00 | 001,499,136 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008/08/24 14:11:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2008/08/24 14:11:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008/08/24 14:11:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008/08/24 14:11:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2008/08/24 14:11:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2007/06/28 19:54:10 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2007/06/28 19:52:18 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2007/06/27 16:13:51 | 000,512,000 | ---- | C] () -- C:\WINDOWS\System32\RegisterDialog.dll [2007/01/10 07:44:26 | 001,457,024 | R--- | C] () -- C:\WINDOWS\System32\SSCProt.dll [2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS [2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS [2004/08/07 10:17:40 | 000,443,588 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004/08/07 10:17:40 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004/08/07 10:17:39 | 000,071,846 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004/08/07 10:17:39 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004/08/07 10:17:35 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2004/08/07 10:17:34 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2004/08/07 10:17:30 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2004/08/07 10:17:08 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004/08/07 10:17:07 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004/08/07 10:16:26 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004/08/04 15:07:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004/08/03 04:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/09/18 00:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF @Alternate Data Stream - 190 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86 @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 < End of report >