OTL logfile created on: 10/13/2011 4:32:18 PM - Run 1
OTL by OldTimer - Version 3.2.29.1     Folder = C:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1021.13 Mb Total Physical Memory | 603.34 Mb Available Physical Memory | 59.09% Memory free
2.40 Gb Paging File | 2.07 Gb Available in Paging File | 85.97% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.27 Gb Total Space | 9.86 Gb Free Space | 26.47% Space Free | Partition Type: NTFS
Drive G: | 599.99 Gb Total Space | 131.98 Gb Free Space | 22.00% Space Free | Partition Type: NTFS
Drive I: | 12.00 Gb Total Space | 4.09 Gb Free Space | 34.06% Space Free | Partition Type: NTFS
Drive J: | 49.99 Gb Total Space | 1.01 Gb Free Space | 2.01% Space Free | Partition Type: NTFS
Drive P: | 39.07 Gb Total Space | 7.66 Gb Free Space | 19.62% Space Free | Partition Type: NTFS
Drive Q: | 399.99 Gb Total Space | 41.62 Gb Free Space | 10.41% Space Free | Partition Type: NTFS
Drive U: | 19.99 Gb Total Space | 9.20 Gb Free Space | 45.99% Space Free | Partition Type: NTFS
Drive W: | 4.88 Gb Total Space | 1.75 Gb Free Space | 35.85% Space Free | Partition Type: NTFS
Drive Y: | 399.99 Gb Total Space | 41.62 Gb Free Space | 10.41% Space Free | Partition Type: NTFS
Drive Z: | 399.99 Gb Total Space | 41.62 Gb Free Space | 10.41% Space Free | Partition Type: NTFS
 
Computer Name: IN012 | User Name: dwagner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/10/13 16:30:48 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
PRC - [2011/08/18 19:21:22 | 000,204,800 | ---- | M] (N-able Technologies) -- C:\Program Files\N-able Technologies\Windows Agent\bin\agent.exe
PRC - [2011/08/18 19:21:20 | 000,028,672 | ---- | M] (N-able Technologies) -- C:\Program Files\N-able Technologies\Windows Agent\bin\AgentMaint.exe
PRC - [2009/03/03 11:50:56 | 001,795,400 | -H-- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2009/03/03 11:50:56 | 001,443,144 | -H-- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2009/03/03 11:50:53 | 002,440,120 | -H-- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2008/09/11 19:47:40 | 000,108,392 | -H-- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011/10/09 01:33:57 | 000,998,400 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
MOD - [2011/10/09 01:28:59 | 001,840,640 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll
MOD - [2011/10/09 01:28:40 | 000,771,584 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
MOD - [2011/10/09 01:21:21 | 000,679,936 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
MOD - [2011/10/09 01:21:12 | 005,450,752 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/10/09 01:21:04 | 000,971,264 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/10/09 01:21:02 | 000,212,992 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/10/09 01:20:44 | 007,950,848 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/10/09 01:02:21 | 011,490,816 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/04/19 15:19:40 | 000,065,536 | ---- | M] () -- C:\Program Files\N-able Technologies\Windows Agent\bin\SISRepository.dll
MOD - [2011/04/19 15:19:40 | 000,036,864 | ---- | M] () -- C:\Program Files\N-able Technologies\Windows Agent\bin\SISRepositoryCommon.dll
MOD - [2006/06/23 11:10:58 | 000,466,944 | -H-- | M] () -- C:\WINDOWS\system32\nvshell.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (Smcinst)
SRV - [2011/09/16 11:28:42 | 000,019,968 | ---- | M] () [Auto | Stopped] -- C:\Program Files\N-able Technologies\NRM\RSMWinService.exe -- (RSMWebServer)
SRV - [2011/08/18 19:21:22 | 000,204,800 | ---- | M] (N-able Technologies) [Auto | Running] -- C:\Program Files\N-able Technologies\Windows Agent\bin\agent.exe -- (Windows Agent Service)
SRV - [2011/08/18 19:21:20 | 000,028,672 | ---- | M] (N-able Technologies) [Auto | Running] -- C:\Program Files\N-able Technologies\Windows Agent\bin\AgentMaint.exe -- (Windows Agent Maintenance Service)
SRV - [2011/07/13 12:29:52 | 001,642,496 | ---- | M] (WCCS) [On_Demand | Stopped] -- C:\Program Files\N-able Technologies\NRM\UltraVNCServer\winrdp.exe -- (winrdp_service)
SRV - [2009/07/09 21:43:40 | 001,830,856 | -H-- | M] (UltraVNC) [Auto | Stopped] -- C:\Program Files\UltraVNC\WinVNC.exe -- (uvnc_service)
SRV - [2009/03/03 11:50:56 | 001,795,400 | -H-- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2009/03/03 11:50:55 | 000,320,840 | -H-- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2009/03/03 11:50:53 | 002,440,120 | -H-- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2008/09/11 19:47:40 | 000,108,392 | -H-- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/09/11 19:47:40 | 000,108,392 | -H-- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/08/13 16:12:08 | 000,213,504 | -H-- | M] (Numara Software, Inc.) [Auto | Stopped] -- C:\WINDOWS\TIREMOTE\TIRemoteService.exe -- (TIRmtSvc)
SRV - [2008/06/30 16:36:35 | 003,093,872 | -H-- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/01/04 18:03:34 | 000,079,360 | -H-- | M] (Autodesk) [Auto | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007/11/14 20:49:10 | 000,660,872 | -H-- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\Ghost\ngctw32.exe -- (NGCLIENT)
SRV - [2007/04/03 17:18:08 | 001,516,584 | -H-- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2006/08/12 01:51:40 | 000,902,760 | -H-- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service)
SRV - [2006/06/23 13:39:27 | 000,172,032 | -H-- | M] (New Boundary Technologies, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2006/03/03 21:03:10 | 000,069,632 | -H-- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/07/28 07:01:02 | 000,105,592 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/03/03 11:54:58 | 000,123,952 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/03/03 11:51:05 | 000,043,824 | -H-- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2009/03/03 11:51:04 | 000,319,664 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2009/03/03 11:51:04 | 000,279,600 | -H-- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/09/11 19:47:32 | 000,420,400 | -H-- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/09/11 19:47:32 | 000,191,536 | -H-- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008/09/11 19:47:32 | 000,027,696 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2008/02/29 03:13:46 | 000,028,944 | -H-- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/02/29 03:13:36 | 000,079,120 | -H-- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008/02/29 03:13:24 | 000,036,880 | -H-- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 03:13:16 | 000,035,344 | -H-- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/02/29 03:12:56 | 000,063,120 | -H-- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/02/29 03:12:48 | 000,020,240 | -H-- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007/08/15 08:27:18 | 000,009,600 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558)
DRV - [2007/04/03 17:17:08 | 000,306,295 | -H-- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2007/01/24 01:23:16 | 000,127,376 | -H-- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007/01/18 15:28:02 | 000,005,275 | -H-- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/08/23 09:39:00 | 000,240,896 | -H-- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/07/20 14:37:22 | 000,035,712 | -H-- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2005/07/18 19:40:40 | 001,019,064 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/04/05 12:38:32 | 000,132,352 | RH-- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/28 09:33:58 | 002,241,280 | -H-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/08/12 18:45:52 | 000,113,664 | -H-- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/07/18 00:11:26 | 000,768,512 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/01/13 00:31:37 | 001,576,312 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111009.009\NAVEX15.SYS -- (NAVEX15)
DRV - [2004/01/13 00:31:37 | 000,374,392 | -H-- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2004/01/13 00:31:37 | 000,086,136 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111009.009\NAVENG.SYS -- (NAVENG)
DRV - [2001/08/17 13:11:02 | 000,153,631 | -H-- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xnd5.sys -- (EL90X)
DRV - [2001/08/17 08:11:06 | 000,066,591 | -H-- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://intranet:82
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://intranet:82
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
 
 
O1 HOSTS File: ([2001/08/23 08:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IntelAudioStudio] C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NGTray] C:\Program Files\Symantec\Ghost\ngtray.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [ShowWnd] C:\WINDOWS\ShowWnd.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] sttray.exe File not found
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Track-It! Workstation Manager Service Monitor] C:\WINDOWS\TIREMOTE\TIServiceMonitor.exe (Numara Software, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNTSecurity = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 2600 = C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\c0f3f978.com (EasyPHP)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = msmsgsin.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = msnmsgr.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O15 - HKLM\..Trusted Domains: aol.com ([free] http in Trusted sites)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1233852403215 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151414561311 (MUWebControl Class)
O16 - DPF: {6E704581-CCAE-46D2-9C64-20D724B3624E} http://radaol-prod-web-rr.streamops.aol.com/mediaplugin/3.0.84.2/win32/unagi3.0.84.2.cab (UnagiAx Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38044.2415393519 (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cab (ZoneIntro Class)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Java Plug-in 1.5.0_08)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.11 10.10.10.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = gibraltardesign.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B6615CE-0961-46B0-9959-37AFF6EBB151}: DhcpNameServer = 10.10.10.6 10.10.10.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C148A023-9056-47F0-898E-A633A66AC711}: DhcpNameServer = 10.10.10.11 10.10.10.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C148A023-9056-47F0-898E-A633A66AC711}: Domain = gibraltardesign.local
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {9EF34FF2-3396-4527-9D27-04C8C1C67806} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/12 12:17:00 | 000,000,000 | -H-D | M] - C:\Autodesk VIZ 2006 -- [ NTFS ]
O32 - AutoRun File - [2004/02/03 15:55:46 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/05/10 15:57:54 | 000,001,870 | ---- | M] () - U:\AutoCAD MEP 2010 - ARCH.lnk -- [ NTFS ]
O32 - AutoRun File - [2010/05/06 10:44:20 | 000,001,870 | ---- | M] () - U:\AutoCAD MEP 2010-ELEC.lnk -- [ NTFS ]
O32 - AutoRun File - [2010/05/06 10:47:12 | 000,001,870 | ---- | M] () - U:\AutoCAD MEP 2010-MECH.lnk -- [ NTFS ]
O32 - AutoRun File - [2010/05/06 10:48:44 | 000,001,870 | ---- | M] () - U:\AutoCAD MEP 2010-PLUM.lnk -- [ NTFS ]
O32 - AutoRun File - [2010/05/19 13:37:56 | 000,001,870 | ---- | M] () - U:\AutoCAD MEP 2010-STRC.lnk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/10/13 16:30:45 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2011/10/13 16:05:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\Macromedia
[2011/10/13 16:04:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\Adobe
[2011/10/13 16:04:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\TEMP\PrivacIE
[2011/10/13 16:04:29 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\TEMP\IETldCache
[2011/10/13 16:03:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Local Settings\Application Data\Symantec
[2011/10/13 16:02:55 | 000,000,000 | --SD | C] -- C:\Documents and Settings\TEMP\Application Data\Microsoft
[2011/10/13 16:02:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TEMP\Start Menu\Programs\Startup
[2011/10/13 16:02:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TEMP\Start Menu
[2011/10/13 16:02:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TEMP\SendTo
[2011/10/13 16:02:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TEMP\Recent
[2011/10/13 16:02:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TEMP\My Documents\My Pictures
[2011/10/13 16:02:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TEMP\My Documents\My Music
[2011/10/13 16:02:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TEMP\My Documents
[2011/10/13 16:02:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TEMP\Favorites
[2011/10/13 16:02:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TEMP\Application Data
[2011/10/13 16:02:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TEMP\Start Menu\Programs\Accessories
[2011/10/13 16:02:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\TEMP\Cookies
[2011/10/13 16:02:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\TEMP\Templates
[2011/10/13 16:02:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\TEMP\PrintHood
[2011/10/13 16:02:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\TEMP\NetHood
[2011/10/13 16:02:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\TEMP\My Documents\My Received Files
[2011/10/13 16:02:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\TEMP\Local Settings\Application Data\Microsoft
[2011/10/13 16:02:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\TEMP\Local Settings
[2011/10/13 16:02:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\TEMP\Application Data\Identities
[2011/10/13 16:02:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\TEMP\Desktop
[2011/10/13 14:27:38 | 000,496,640 | -HS- | C] ( ) -- C:\Documents and Settings\All Users\Application Data\DNQjcPtFlY.exe
[2011/10/13 14:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\IIS Express
[2011/10/11 05:55:06 | 000,460,288 | -HS- | C] (RapidEE.com) -- C:\Documents and Settings\All Users\Application Data\dEaYgfJuMxVqq.exe
[2011/10/10 12:30:57 | 000,458,240 | -HS- | C] (RapidEE.com) -- C:\Documents and Settings\All Users\Application Data\ojjxXPniykJvb.exe
[2011/10/10 07:53:24 | 000,345,600 | -H-- | C] (RapidEE.com) -- C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk.exe
[2011/10/10 07:49:55 | 000,453,120 | -HS- | C] (RapidEE.com) -- C:\Documents and Settings\All Users\Application Data\nTEtPClXirMXi.exe
[2011/10/10 07:48:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Local Settings
[2011/10/07 08:28:15 | 000,000,000 | -H-D | C] -- C:\Program Files\UltraVNC
[2011/10/05 09:29:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/05 09:29:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/10/05 09:29:19 | 000,022,216 | -H-- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/10/05 09:29:18 | 000,000,000 | -H-D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2004/07/18 01:55:20 | 000,135,168 | -H-- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/10/13 16:30:48 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2011/10/13 16:02:58 | 000,013,420 | RHS- | M] () -- C:\Documents and Settings\TEMP\ntuser.pol
[2011/10/13 15:08:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/13 14:27:08 | 000,496,640 | -HS- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\DNQjcPtFlY.exe
[2011/10/13 14:25:47 | 000,014,874 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/10/13 14:15:26 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/13 14:14:35 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2011/10/12 15:25:48 | 000,001,643 | -H-- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2011/10/11 05:54:20 | 000,460,288 | -HS- | M] (RapidEE.com) -- C:\Documents and Settings\All Users\Application Data\dEaYgfJuMxVqq.exe
[2011/10/11 00:57:16 | 000,458,240 | -HS- | M] (RapidEE.com) -- C:\Documents and Settings\All Users\Application Data\ojjxXPniykJvb.exe
[2011/10/10 08:02:17 | 000,000,296 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjk
[2011/10/10 08:02:17 | 000,000,200 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjkr
[2011/10/10 08:02:09 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk
[2011/10/10 08:00:00 | 000,043,805 | -H-- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/10/10 07:53:24 | 000,345,600 | -H-- | M] (RapidEE.com) -- C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk.exe
[2011/10/10 07:49:10 | 000,453,120 | -HS- | M] (RapidEE.com) -- C:\Documents and Settings\All Users\Application Data\nTEtPClXirMXi.exe
[2011/10/10 07:39:23 | 000,534,538 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/10 07:39:23 | 000,099,988 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/09 01:15:54 | 000,001,374 | -H-- | M] () -- C:\WINDOWS\imsins.BAK
[2011/10/08 03:00:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\defrag.job
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/10/13 16:02:57 | 000,013,420 | RHS- | C] () -- C:\Documents and Settings\TEMP\ntuser.pol
[2011/10/13 16:02:56 | 000,002,605 | -H-- | C] () -- C:\Documents and Settings\TEMP\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook 2003.lnk
[2011/10/13 16:02:56 | 000,002,587 | -H-- | C] () -- C:\Documents and Settings\TEMP\Desktop\Microsoft Office Outlook 2003.lnk
[2011/10/13 16:02:56 | 000,000,804 | -H-- | C] () -- C:\Documents and Settings\TEMP\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/10/13 16:02:56 | 000,000,779 | -H-- | C] () -- C:\Documents and Settings\TEMP\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/13 16:02:56 | 000,000,079 | -H-- | C] () -- C:\Documents and Settings\TEMP\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/10/13 16:02:55 | 000,001,599 | -H-- | C] () -- C:\Documents and Settings\TEMP\Start Menu\Programs\Remote Assistance.lnk
[2011/10/13 16:02:55 | 000,000,767 | -H-- | C] () -- C:\Documents and Settings\TEMP\Start Menu\Programs\Internet Explorer.lnk
[2011/10/13 16:02:55 | 000,000,738 | -H-- | C] () -- C:\Documents and Settings\TEMP\Start Menu\Programs\Outlook Express.lnk
[2011/10/10 08:02:17 | 000,000,296 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjk
[2011/10/10 08:02:17 | 000,000,200 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjkr
[2011/10/10 08:02:09 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk
[2011/10/10 07:59:50 | 000,000,718 | -H-- | C] () -- C:\Documents and Settings\All Users\Desktop\ATT.exe.lnk
[2009/04/24 12:13:58 | 000,110,413 | -H-- | C] () -- C:\WINDOWS\hpoins11.dat
[2009/04/24 12:13:24 | 000,077,824 | -H-- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2009/04/24 12:13:10 | 000,006,947 | -H-- | C] () -- C:\WINDOWS\hpomdl11.dat
[2009/03/03 10:04:37 | 000,029,744 | -H-- | C] () -- C:\WINDOWS\System32\InstHelper.dll
[2009/03/03 10:03:45 | 000,197,672 | -H-- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2009/03/03 10:03:44 | 000,193,576 | -H-- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2009/03/02 18:21:54 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2008/04/30 10:50:09 | 000,094,208 | -H-- | C] () -- C:\WINDOWS\TIRHService.exe
[2008/04/12 11:30:51 | 000,000,028 | -H-- | C] () -- C:\WINDOWS\pdf995.ini
[2008/04/09 09:32:23 | 000,045,056 | -H-- | C] () -- C:\WINDOWS\System32\KmRemove.exe
[2008/04/07 07:29:55 | 000,051,716 | -H-- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/04/07 07:29:55 | 000,000,059 | -H-- | C] () -- C:\WINDOWS\wpd99.drv
[2008/03/05 17:06:54 | 000,000,768 | -H-- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/01/04 18:03:05 | 000,000,231 | -H-- | C] () -- C:\WINDOWS\System32\3dsviz.ini
[2008/01/04 18:03:04 | 000,000,043 | -H-- | C] () -- C:\WINDOWS\System32\InstallSettings.ini
[2007/08/15 08:27:18 | 000,009,600 | -H-- | C] () -- C:\WINDOWS\System32\drivers\n558.sys
[2007/01/22 07:24:38 | 000,001,324 | -H-- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/08/10 12:46:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\mtstack16.INI
[2006/07/07 06:58:45 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\STRATIS.INI
[2006/06/28 11:07:11 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/06/23 13:39:28 | 000,543,232 | -H-- | C] () -- C:\WINDOWS\zHotkey.exe
[2006/06/23 13:39:28 | 000,532,544 | -H-- | C] () -- C:\WINDOWS\PIC.dll
[2006/06/23 13:39:28 | 000,036,864 | -H-- | C] () -- C:\WINDOWS\ShowWnd.exe
[2006/06/23 13:39:28 | 000,024,576 | -H-- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2006/06/23 11:10:58 | 001,662,976 | -H-- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/23 11:10:58 | 001,519,616 | -H-- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/06/23 11:10:58 | 001,466,368 | -H-- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/06/23 11:10:58 | 001,339,392 | -H-- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/06/23 11:10:58 | 001,019,904 | -H-- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/06/23 11:10:58 | 000,466,944 | -H-- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/23 11:10:58 | 000,442,368 | -H-- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/06/23 11:10:58 | 000,110,592 | -H-- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/09/14 14:47:41 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2005/09/14 14:47:40 | 000,156,160 | -H-- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/08/04 03:56:57 | 000,538,624 | ---- | C] () -- C:\WINDOWS\System32\spider.exe
[2004/07/18 00:07:42 | 000,086,016 | -H-- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/07/18 00:06:20 | 000,389,120 | -H-- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/02/27 10:01:14 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/02/05 11:04:43 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2004/02/04 14:49:48 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2004/02/03 15:57:53 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/02/03 15:52:33 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/02/03 15:51:24 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\sol.exe
[2004/02/03 15:51:23 | 000,119,808 | ---- | C] () -- C:\WINDOWS\System32\winmine.exe
[2004/02/03 15:51:23 | 000,055,296 | ---- | C] () -- C:\WINDOWS\System32\freecell.exe
[2004/02/03 10:36:40 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/02/03 10:35:43 | 000,304,416 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/01/07 16:05:08 | 000,002,695 | -H-- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 08:00:00 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:00:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 08:00:00 | 000,534,538 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 08:00:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 08:00:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 08:00:00 | 000,099,988 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 08:00:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 08:00:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 08:00:00 | 000,004,463 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 08:00:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/02/12 12:22:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2007/06/27 09:26:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/02/05 11:19:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2009/03/04 10:51:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2011/10/08 03:00:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\defrag.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >