Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

WIN32/Agent.ODG virus? Please help [Solved]


  • Please log in to reply

#1
fixit5561

fixit5561

    Member

  • Member
  • PipPipPip
  • 106 posts
Hello everyone,

Im writing from my laptop because my desktop pc wont open anything to the internet, except my email program Mailwasher and Outlook express. I am able to send and receive emails, but other than that no internet access. I had gotten a virus and did go through all of the fixes on the *how to remove Malware* page( ran ATF, Malwarebytes, couldnt run system restore, do have ERUNT have had this for a year or so with many back ups.) and still no internet except for emails. I may have gotten a few virus' , I dont know I think Recycler virus and ODG virus, maybe more.

After I had gotten infected I tried to do a system recovery and still the same, no internet. When I click on a link on my desktop in safe mode and regular boot up I get the message windows cannot find http://..........' make sure you typed the name correctly and then try again. To search for a file click the start button, and then click search.

When I reboot my pc I get the box that comes up and it says it cant load c:\Windos\Microsoft.Net\framework\v20.50727\mscorwks.dll

Also a box comes up and says that c\programfiles\disc\discover.exe cant be loaded either. These two do not come up when I boot in safe mode, but still no internet in safe mode either.

I am able to get hijack logs from the pc via a flash card. This is how I had ran the ATF cleaner, Malwarebytes, etc. on my pc already. I do have a hijackthislog also already to go on the flash card.

I tried today, 3-28-09 to do a pc recovery with hitting f10. It loaded fine and had internet access too until I did a windows update (there were 99 updates that took place) after that back to no internet access again.

Below are my logs, thank you in advance for all your help!!

OTListIt logfile created on: 3/28/2009 1:07:14 PM - Run 6
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = F:\
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 70.99% Memory free
2.44 Gb Paging File | 2.07 Gb Available in Paging File | 84.74% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 140.47 Gb Total Space | 88.93 Gb Free Space | 63.31% Space Free | Partition Type: NTFS
Drive D: | 8.56 Gb Total Space | 0.55 Gb Free Space | 6.46% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 1.84 Gb Total Space | 1.79 Gb Free Space | 97.56% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-4DACD0EA75
Current User Name: Compaq_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\arservice.exe (Microsoft)
PRC - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe (America Online Inc)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\WINDOWS\ARPWRMSG.EXE (Microsoft)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
PRC - C:\WINDOWS\eHome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\DISC\DiscUpdMgr.exe (Digital Interactive Systems Corporation, Inc.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
PRC - C:\Program Files\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
PRC - C:\Program Files\OpenOffice.org 2.4\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN (OpenOffice.org)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\DISC\DiscStreamHub.exe (Digital Interactive Systems Corporation, Inc.)
PRC - C:\WINDOWS\system32\cidaemon.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - F:\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (AOL TopSpeedMonitor [Auto | Running]) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (ARSVC [Auto | Running]) -- C:\WINDOWS\arservice.exe (Microsoft)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (EhttpSrv [On_Demand | Stopped]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn [Auto | Running]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (GoToAssist [On_Demand | Stopped]) -- C:\Program Files\Citrix\GoToAssist\508\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (hpqcxs08 [On_Demand | Stopped]) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (hpqddsvc [Auto | Stopped]) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (HPSLPSVC [Auto | Running]) -- C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL (Hewlett-Packard Co.)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Stopped]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (McrdSvc [Auto | Running]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (WebrootSpySweeperService [Auto | Stopped]) -- File not found
SRV - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (WRConsumerService [Auto | Stopped]) -- File not found

========== Driver Services (SafeList) ==========

DRV - (AmdK8 [System | Stopped]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (eamon [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\eamon.sys (ESET)
DRV - (epfwtdir [System | Running]) -- C:\WINDOWS\system32\DRIVERS\epfwtdir.sys (ESET)
DRV - (ftsata2 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys (Promise Technology, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSXHWBS2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSX_DP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSX_DP.sys (Conexant Systems, Inc.)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (winachsx [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.h...a...&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2008/12/03 19:27:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD


O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - Reg Error: Key error. File not found
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] "C:\WINDOWS\ARPWRMSG.EXE" (Microsoft)
O4 - HKLM..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
O4 - HKLM..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdMgr.exe (Digital Interactive Systems Corporation, Inc.)
O4 - HKLM..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice (ESET)
O4 - HKLM..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [ftutil2] "C:\WINDOWS\system32\rundll32.exe" ftutil2.dll,SetWriteCacheMode (Promise Technology, Inc.)
O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe File not found
O4 - HKLM..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe File not found
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] "C:\WINDOWS\system32\nwiz.exe" /install ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RDListener] C:\Program Files\Registry Defense\RDListener.exe ()
O4 - HKLM..\Run: [Recguard] "C:\WINDOWS\SMINST\RECGUARD.EXE" ()
O4 - HKLM..\Run: [RTHDCPL] "C:\WINDOWS\RTHDCPL.EXE" (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Sites: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Sites: trymedia.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} http://download.micr...tualEarth3D.cab (SentinelVE3D Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} http://h20270.www2.h...staller_gmn.cab (VerifyGMN Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.co.../sysreqlab2.cab (System Requirements Lab Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1165130312656 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Groove Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} http://www.trendsecu...asyInstallX.CAB (TSEasyInstallX Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai...l/installer.exe (Virtools WebPlayer Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll File not found
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\508\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\508\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - CLSID or File not found.
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (8/10) - File not found
O30 - LSA: Security Packages - (ecurity Packages settings...) - File not found
O30 - LSA: Security Packages - (RA) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - C:\autorun.inf [2009/03/27 03:21:18 | 00,000,000 | RHSD | M] - [ NTFS ]
O32 - Autorun File - D:\AUTOEXEC.BAT () - [ FAT32 ]
O32 - Autorun File - D:\autorun.inf [2009/03/28 13:01:02 | 00,000,000 | RHSD | M] - [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2009/03/28 12:46:09 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/03/28 03:11:12 | 75,852,482 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\registration files.reg
[2009/03/28 02:35:37 | 00,700,510 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\address book new.WAB
[2009/03/27 23:45:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2009/03/27 23:37:43 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2009/03/27 23:05:17 | 00,001,557 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2009/03/27 23:01:19 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Internet Explorer.lnk
[2009/03/27 22:54:01 | 20,788,55168 | -HS- | C] () -- C:\hiberfil.sys
[2009/03/27 14:02:17 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2009/03/27 13:49:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2009/03/27 13:24:24 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/03/27 13:24:24 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/03/27 13:24:24 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/03/27 13:24:24 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/03/27 13:24:24 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/03/27 13:24:23 | 06,066,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/03/27 13:24:23 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/03/27 13:24:23 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/03/27 13:24:23 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/03/27 13:24:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/03/27 13:20:54 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/03/27 13:19:43 | 24,768,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/03/27 05:35:05 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/03/27 05:35:05 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/03/27 03:48:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/03/27 03:45:35 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/03/27 03:45:35 | 00,031,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/03/27 03:45:34 | 00,018,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/03/27 03:45:33 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/03/27 03:45:33 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/03/27 03:45:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/03/27 03:21:18 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2009/03/27 03:20:59 | 00,132,597 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Flash_Disinfector.exe
[2009/03/26 23:03:14 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/03/26 21:41:56 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/26 21:41:54 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 20:41:10 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/03/26 20:40:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2009/03/26 20:38:45 | 00,001,692 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RE473AA-ABA SR2020NX NA680_YC_0Pres_QCNH636_E64NAemREA3_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M1983_J160_7AMD_8Athlon 64_92.2_#061018_N_Z14F12F20_G10DE0241.MRK
[2009/03/26 20:36:08 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\desktop.ini
[2009/03/26 20:36:01 | 00,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2009/03/26 20:36:00 | 02,124,486 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IconCache.db
[2009/03/26 20:36:00 | 00,043,680 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/26 20:36:00 | 00,000,091 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\desktop.ini
[2009/03/26 20:35:57 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\desktop.ini
[2009/03/26 20:35:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Intuit
[2009/03/26 20:35:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Identities
[2009/03/26 20:35:56 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft
[2009/03/26 20:35:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ApplicationHistory
[2009/03/26 20:35:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Real
[2009/03/26 20:35:55 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Pictures
[2009/03/26 20:35:55 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Music
[2009/03/26 20:35:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Wildtangent
[2009/03/26 20:35:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft
[2009/03/26 20:35:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
[2009/03/26 20:34:06 | 00,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN.lnk
[2009/03/26 18:37:20 | 00,000,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/26 18:37:17 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/26 18:32:47 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/03/26 17:03:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/26 17:03:15 | 00,000,000 | ---D | C] -- C:\Program Files\Any DVD Converter Professional
[2009/03/26 12:56:51 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/03/26 12:56:51 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/03/26 11:58:03 | 00,000,133 | ---- | C] () -- C:\WINDOWS\Sansa Media Converter.INI
[2009/03/22 22:43:05 | 00,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EOS Utility.lnk
[2009/03/22 22:38:01 | 00,000,931 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZoomBrowser EX.lnk
[2009/03/20 15:26:28 | 00,000,026 | ---- | C] () -- C:\WINDOWS\Zone.Identifier
[2009/03/20 09:32:10 | 00,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk
[2009/03/18 03:50:31 | 00,001,968 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Shop for HP Supplies.lnk
[2009/03/17 09:40:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/03/17 09:40:07 | 00,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/17 05:20:13 | 00,001,634 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WS_FTP Home.lnk
[2009/03/16 15:14:54 | 00,000,000 | ---D | C] -- C:\Program Files\GetData
[2009/03/16 14:02:14 | 00,165,034 | ---- | C] () -- C:\WINDOWS\hpoins21.dat.temp
[2009/03/16 14:02:14 | 00,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat.temp
[2009/03/16 13:42:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/03/16 13:30:10 | 00,000,000 | ---D | C] -- C:\Program Files\Program Files
[2009/03/15 21:26:11 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/03/15 19:59:58 | 00,001,918 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk
[2009/03/15 19:47:16 | 00,001,905 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\eBay.lnk
[2009/03/15 19:47:16 | 00,001,537 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Extended Service Plans.lnk
[2009/03/15 19:47:15 | 00,002,117 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\My HP Games.lnk
[2009/03/15 19:47:15 | 00,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Snapfish for your photos.lnk
[2009/03/15 19:47:15 | 00,000,905 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/03/13 11:13:18 | 00,000,342 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Geeks.com - Computer parts, Laptop computers, Desktop computers, Computer hardware.url
[2009/03/13 02:42:54 | 00,000,900 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Closed Circuit DC Jack - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/12 15:33:59 | 00,000,138 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\connintro.htm.url
[2009/03/10 09:19:21 | 00,000,906 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Noise in LOD but not 3.5mm - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/10 09:11:55 | 00,001,018 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Sansa Fuze's diyLOD (v1 + v2) Guide [56K!!!] - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/09 20:01:33 | 00,000,301 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Sounds and Audio Devices.lnk
[2009/03/09 18:05:42 | 00,000,876 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\mini3 amp with Shure SE530 - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/09 14:59:41 | 00,001,131 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\EAC Foobar ASIO4ALL WASAPI Settings Pictorial - Page 10 - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/09 14:56:59 | 00,000,486 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DealExtreme Account Manager.url
[2009/03/09 10:48:05 | 00,000,000 | ---D | C] -- C:\Program Files\Feurio
[2009/03/09 10:40:59 | 00,413,183 | ---- | C] () -- C:\ASIO4ALL_2_9_English.exe
[2009/03/09 09:02:09 | 00,000,000 | ---D | C] -- C:\EACrips
[2009/03/09 08:46:34 | 00,000,000 | ---D | C] -- C:\Program Files\ASIO4ALL v2
[2009/03/09 02:15:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\foobar2000
[2009/03/09 02:15:48 | 00,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\foobar2000.lnk
[2009/03/09 02:15:47 | 00,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2009/03/09 01:59:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\AccurateRip
[2009/03/09 01:59:05 | 00,000,715 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Exact Audio Copy.lnk
[2009/03/09 01:59:03 | 00,000,000 | ---D | C] -- C:\Program Files\Exact Audio Copy
[2009/03/08 23:35:49 | 00,000,330 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Easiest program to rip cds to FLAC - Sansa Fuze - Welcome to SanDisk's Sansa Community.url
[2009/03/08 17:45:47 | 00,001,071 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\EAC Foobar ASIO4ALL WASAPI Settings Pictorial - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/08 00:55:47 | 00,000,461 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\[Random Entry - 20-02-2008] - How to rip Audio CD in Lossless Format-FLAC « Miyuki’s Random.url
[2009/03/07 22:48:31 | 00,004,403 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\A cheap-but-good DIY portable amp - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/03 10:03:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mp3tag
[2009/03/03 10:03:47 | 00,000,662 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mp3tag.lnk
[2009/03/03 10:03:45 | 00,000,000 | ---D | C] -- C:\Program Files\Mp3tag
[2009/03/02 20:20:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\SanDisk
[2009/02/27 23:37:55 | 00,000,000 | ---D | C] -- C:\DVDVideoSoft

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2009/03/28 11:23:53 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/03/28 11:23:53 | 00,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/03/28 11:23:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/28 11:23:34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/28 03:11:20 | 75,852,482 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\registration files.reg
[2009/03/28 02:56:11 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/28 02:22:14 | 00,700,510 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\address book new.WAB
[2009/03/28 00:15:01 | 00,444,764 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/28 00:15:01 | 00,382,330 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/28 00:15:01 | 00,053,756 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/28 00:03:43 | 00,000,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/27 23:58:53 | 00,195,368 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/27 23:38:31 | 20,788,55168 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/27 23:05:17 | 00,001,557 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2009/03/27 23:01:19 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Internet Explorer.lnk
[2009/03/27 13:44:46 | 00,000,091 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\desktop.ini
[2009/03/27 05:41:12 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/03/27 03:21:04 | 00,132,597 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Flash_Disinfector.exe
[2009/03/26 23:29:39 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/26 20:41:27 | 00,000,281 | R--- | M] () -- C:\boot.ini
[2009/03/26 20:38:47 | 00,001,692 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RE473AA-ABA SR2020NX NA680_YC_0Pres_QCNH636_E64NAemREA3_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M1983_J160_7AMD_8Athlon 64_92.2_#061018_N_Z14F12F20_G10DE0241.MRK
[2009/03/26 20:34:45 | 00,001,111 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/03/26 20:33:22 | 00,000,211 | R--- | M] () -- C:\BOOT.BAK
[2009/03/26 18:09:18 | 00,015,360 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/26 14:00:14 | 00,000,125 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/03/26 12:56:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/03/26 12:56:51 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/03/26 12:09:26 | 00,001,898 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ Sansa Media Converter.lnk
[2009/03/26 11:58:03 | 00,000,133 | ---- | M] () -- C:\WINDOWS\Sansa Media Converter.INI
[2009/03/26 11:05:29 | 00,000,860 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CloneDVD2.lnk
[2009/03/24 17:12:04 | 00,000,026 | ---- | M] () -- C:\WINDOWS\Zone.Identifier
[2009/03/22 22:43:05 | 00,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EOS Utility.lnk
[2009/03/22 22:38:01 | 00,000,931 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZoomBrowser EX.lnk
[2009/03/20 09:32:10 | 00,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk
[2009/03/18 04:27:38 | 00,165,034 | ---- | M] () -- C:\WINDOWS\hpoins21.dat
[2009/03/18 03:51:17 | 00,001,866 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.5.lnk
[2009/03/18 03:50:31 | 00,001,968 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Shop for HP Supplies.lnk
[2009/03/18 03:49:28 | 00,001,816 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/03/18 03:48:58 | 00,000,992 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2009/03/17 14:53:04 | 00,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/17 05:20:13 | 00,001,634 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WS_FTP Home.lnk
[2009/03/16 14:20:40 | 00,165,034 | ---- | M] () -- C:\WINDOWS\hpoins21.dat.temp
[2009/03/15 19:59:58 | 00,001,918 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk
[2009/03/15 19:00:42 | 00,000,189 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\briarart.com.url
[2009/03/15 18:53:11 | 00,040,738 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Slickdeals.net.url
[2009/03/15 15:36:22 | 00,000,293 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\PayPal - Welcome.url
[2009/03/15 11:14:42 | 00,000,236 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\USPS - The United States Postal Service (U.S. Postal Service).url
[2009/03/15 11:06:02 | 00,001,392 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DODTracker.com Real-time Tracking of Every Deal of the Day on the Web.url
[2009/03/15 10:25:13 | 00,000,220 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Rolex.url
[2009/03/15 03:16:03 | 00,007,831 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Woot One Day, One Deal (SM).url
[2009/03/15 03:15:07 | 00,003,585 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\1 Sale A Day, Daily Deal.url
[2009/03/14 23:54:01 | 00,000,225 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Welcome to UPS.url
[2009/03/14 16:01:12 | 00,000,713 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\TodaysDOD.com - Ultimate One-A-Day Tracking.url
[2009/03/14 15:55:40 | 00,007,325 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\ScoobyDeal - a Deal @ a Time (SM).url
[2009/03/13 23:01:36 | 00,004,403 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\A cheap-but-good DIY portable amp - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/13 11:41:28 | 00,000,342 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Geeks.com - Computer parts, Laptop computers, Desktop computers, Computer hardware.url
[2009/03/13 02:42:54 | 00,000,900 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Closed Circuit DC Jack - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/12 15:33:59 | 00,000,138 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\connintro.htm.url
[2009/03/12 02:12:47 | 00,000,486 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DealExtreme Account Manager.url
[2009/03/12 01:36:30 | 00,000,330 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Easiest program to rip cds to FLAC - Sansa Fuze - Welcome to SanDisk's Sansa Community.url
[2009/03/11 18:48:51 | 00,001,018 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Sansa Fuze's diyLOD (v1 + v2) Guide [56K!!!] - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/11 17:53:47 | 00,001,511 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DealSucker.com - deal of the day monitoring tracker aggregator.url
[2009/03/11 16:48:09 | 00,000,156 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Stootsi.com More Than a Deal. One Deal Each Day Plus a Thousand Other Products. Find anything today!.url
[2009/03/11 09:47:46 | 00,000,208 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Sugar Mama.url
[2009/03/10 19:26:13 | 00,002,646 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\SAM'S CLUB DISCOVER.url
[2009/03/10 19:25:02 | 00,000,223 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Capital One Credit Cards, Home & Auto Loans, Banking, Small Business Credit Card.url
[2009/03/10 18:39:37 | 00,032,777 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Fort Gratiot Weather Forecast and Conditions Michigan (48059).url
[2009/03/10 09:19:21 | 00,000,906 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Noise in LOD but not 3.5mm - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/10 00:41:41 | 00,000,162 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Find the latest One Day Deal Sites and One Day Sales at OneDayBuys.com!.url
[2009/03/09 20:23:45 | 00,001,131 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\EAC Foobar ASIO4ALL WASAPI Settings Pictorial - Page 10 - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/09 20:01:33 | 00,000,301 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Sounds and Audio Devices.lnk
[2009/03/09 18:05:42 | 00,000,876 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\mini3 amp with Shure SE530 - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/09 15:49:53 | 00,145,408 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/09 10:41:00 | 00,413,183 | ---- | M] () -- C:\ASIO4ALL_2_9_English.exe
[2009/03/09 02:49:12 | 00,000,461 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\[Random Entry - 20-02-2008] - How to rip Audio CD in Lossless Format-FLAC « Miyuki’s Random.url
[2009/03/09 02:15:48 | 00,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\foobar2000.lnk
[2009/03/09 01:59:05 | 00,000,715 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Exact Audio Copy.lnk
[2009/03/08 17:45:47 | 00,001,071 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\EAC Foobar ASIO4ALL WASAPI Settings Pictorial - Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/06 21:31:02 | 00,000,158 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Official Home of Mega Millions.url
[2009/03/06 17:09:35 | 00,000,245 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\FedEx.url
[2009/03/06 15:03:44 | 00,000,229 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Deal of the day Masterlist - Zerodaydeals.com.url
[2009/03/04 01:54:11 | 00,329,216 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Thumbs.db
[2009/03/03 10:03:47 | 00,000,662 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mp3tag.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 894 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\USPS - The United States Postal Service (U.S. Postal Service).url:favicon
@Alternate Data Stream - 894 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Chase Personal Banking Investments Credit Cards Home Auto Commercial Small Business Insurance.url:favicon
@Alternate Data Stream - 894 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Capital One Credit Cards, Home & Auto Loans, Banking, Small Business Credit Card.url:favicon
@Alternate Data Stream - 5430 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\PayPal - Welcome.url:favicon
@Alternate Data Stream - 3774 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Rolex.url:favicon
@Alternate Data Stream - 3638 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Home Depot.url:favicon
@Alternate Data Stream - 3638 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\FedEx.url:favicon
@Alternate Data Stream - 3574 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\SAM'S CLUB DISCOVER.url:favicon
@Alternate Data Stream - 3574 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Citi® Credit Cards, Citibank, Travel Reward Credit Cards, Small Business Credit Cards, Student Credit Cards.url:favicon
@Alternate Data Stream - 318 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Online Auctions - Sams Club - Wholesale Online Auction.url:favicon
@Alternate Data Stream - 318 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Geeks.com - Computer parts, Laptop computers, Desktop computers, Computer hardware.url:favicon
@Alternate Data Stream - 318 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Daily Deals at Yugly Prices - Yugster.com.url:favicon
@Alternate Data Stream - 2406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\DODTracker.com Real-time Tracking of Every Deal of the Day on the Web.url:favicon
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:803F26F5A9A3F892
@Alternate Data Stream - 2238 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\StarDate Online Moon Phase Calculator.url:favicon
@Alternate Data Stream - 2102 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\TodaysDOD.com - Ultimate One-A-Day Tracking.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Sansa Fuze's diyLOD (v1 + v2) Guide [56K!!!] - Head-Fi Covering Headphones, Earphones and Portable Audio.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Noise in LOD but not 3.5mm - Head-Fi Covering Headphones, Earphones and Portable Audio.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\mini3 amp with Shure SE530 - Head-Fi Covering Headphones, Earphones and Portable Audio.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\LOTTERY - Lottery.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Fort Gratiot Weather Forecast and Conditions Michigan (48059).url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\eBay – watches, fossil watches and omega watches items on eBay.com. Find IT on eBay..url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\eBay – stanwell pipe, radice pipe and ferndown pipe items on eBay.com.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\eBay - rolex, rolex Wristwatches items on eBay.com.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\EAC Foobar ASIO4ALL WASAPI Settings Pictorial - Page 10 - Head-Fi Covering Headphones, Earphones and Portable Audio.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\EAC Foobar ASIO4ALL WASAPI Settings Pictorial - Head-Fi Covering Headphones, Earphones and Portable Audio.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\DealSucker.com - deal of the day monitoring tracker aggregator.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Deal of the day Masterlist - Zerodaydeals.com.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Closed Circuit DC Jack - Head-Fi Covering Headphones, Earphones and Portable Audio.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\A cheap-but-good DIY portable amp - Head-Fi Covering Headphones, Earphones and Portable Audio.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\1 Sale A Day, Daily Deal.url:favicon
@Alternate Data Stream - 1334 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Trouble free pool.url:favicon
@Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Woot One Day, One Deal (SM).url:favicon
@Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Slickdeals.net.url:favicon
@Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Shnoop.com - Deal a Day! Daily deal on Every Day Merchandise at Closeout Prices!.url:favicon
@Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\ScoobyDeal - a Deal @ a Time (SM).url:favicon
@Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\DealExtreme Account Manager.url:favicon
@Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\[Random Entry - 20-02-2008] - How to rip Audio CD in Lossless Format-FLAC « Miyuki’s Random.url:favicon
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB1B13D8
< End of report >
OTListIt Extras logfile created on: 3/28/2009 1:07:14 PM - Run 6
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = F:\
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 70.99% Memory free
2.44 Gb Paging File | 2.07 Gb Available in Paging File | 84.74% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 140.47 Gb Total Space | 88.93 Gb Free Space | 63.31% Space Free | Partition Type: NTFS
Drive D: | 8.56 Gb Total Space | 0.55 Gb Free Space | 6.46% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 1.84 Gb Total Space | 1.79 Gb Free Space | 97.56% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-4DACD0EA75
Current User Name: Compaq_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"135:TCP" = 135:TCP:*:Enabled:DCOM(135)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections (Hewlett-Packard)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System (Digital Interactive Systems Corporation)
C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub (Digital Interactive Systems Corporation, Inc.)
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections (Hewlett-Packard)
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink File not found
C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts File not found
C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVU Player Component File not found
C:\Hanscript\mirc.exe:*:Enabled:mIRC File not found
C:\WINDOWS\network diagnostic\xpnetdiag.exe:*:Enabled:Network Diagnostic for Windows XP (Microsoft Corporation)
C:\Program Files\CuteFTP\CUTFTP32.EXE:*:Enabled:Winsock FTP Client File not found
C:\WINDOWS\system32\ftp.exe:*:Enabled:File Transfer Program (Microsoft Corporation)
C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP (Digital Interactive Systems Corporation, Inc.)
C:\Program Files\Trend Micro\Antivirus\pccmain.exe:*:Enabled:Trend Micro Antivirus File not found
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe File not found
C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe File not found
C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe File not found
C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe ( )
C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe (Hewlett-Packard Co.)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11DE2361-9F73-47B3-B638-2F267927E307}" = Ipswitch WS_FTP Home 2007
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23C3F5C0-566B-478B-AAB6-197ADAD0C945}" = Uniblue SpeedUpMyPC 2009
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.2.0
"{2CD2C0DB-81C3-416B-9FA6-589B9235359B}" = OpenOffice.org 2.4
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java™ 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3407FD83-0A2F-475E-BE94-34F1FA342C84}" = ESET NOD32 Antivirus
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Beta)
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 4.1
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{84F1DE76-C48C-4281-87A0-CC9548D1E7F9}" = Rhapsody Player Engine
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
"{9F7AF7CD-E3D0-4C68-A3BA-C76C359B3AA8}" = LightScribe 1.4.105.1
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{ACDE260A-602B-4cfb-A650-D0DBA6FFAD85}" = NetDeviceManager
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{c600ab3d-8b64-41df-bf36-b3d87ce0706b}" = C7200_Help
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CECEB0FF-5C45-4b50-9A00-C596E36D88F4}" = C7200
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1" = Uninstall Startup Inspector
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{E82FBDF4-8C05-4513-B8D8-2331145ECA11}_is1" = Solid FLV to DVD Converter and Burner 1.2.7
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{FC053571-8507-44E4-8B6D-AACEAB8CA57C}" = Sansa Media Converter
"3DGroove" = 3D Groove Playback Engine
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AnyDVD" = AnyDVD
"ArcSoft VideoImpression 16FP" = ArcSoft VideoImpression 1.6FP
"ASIO4ALL" = ASIO4ALL
"AwayMode160" = Microsoft Away Mode
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CleanUp!" = CleanUp!
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"CSCLIB" = Canon Camera Support Core Library
"DISCover" = DISCover
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"Exact Audio Copy" = Exact Audio Copy 0.99pb4
"Feurio" = Feurio! CD-Writer
"foobar2000" = foobar2000 v0.9.6.3
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.1
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.1
"GoToAssist" = GoToAssist 8.0.0.508
"Hanscript ver 5.0" = Hanscript ver 5.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ieSpell" = ieSpell
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.5 Full
"LimeWire" = LimeWire 5.0.11
"MailWasher_is1" = MailWasher
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Money2006b" = Microsoft Money 2006
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mp3tag" = Mp3tag v2.42
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RegistryDefense" = RegistryDefense
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Rhapsody" = Rhapsody
"Shop for HP Supplies" = Shop for HP Supplies
"System Tweaker_is1" = Uniblue System Tweaker
"SystemRequirementsLab" = System Requirements Lab
"Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009
"Uninstall_is1" = Uninstall 1.0.0.1
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WinZip Self-Extractor" = WinZip Self-Extractor
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD & MP3 Codec Pack_is1" = XviD & MP3 Codec Pack (remove only)
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/27/2009 11:07:02 PM | Computer Name = YOUR-4DACD0EA75 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 800736b1, P2 locateandloadmpclient, P3 unspecified,
P4 1.1.4700.0, P5 mpsigstub.exe, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL,
P10 NIL.

Error - 3/27/2009 11:29:28 PM | Computer Name = YOUR-4DACD0EA75 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/27/2009 11:29:37 PM | Computer Name = YOUR-4DACD0EA75 | Source = Application Error | ID = 1000
Description = Faulting application egui.exe, version 4.0.314.0, faulting module
eguiupdate.dll, version 4.0.314.0, fault address 0x00008632.

Error - 3/28/2009 12:09:14 AM | Computer Name = YOUR-4DACD0EA75 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/28/2009 12:24:44 AM | Computer Name = YOUR-4DACD0EA75 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/28/2009 1:04:22 AM | Computer Name = YOUR-4DACD0EA75 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/28/2009 2:23:37 AM | Computer Name = YOUR-4DACD0EA75 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/28/2009 3:17:14 AM | Computer Name = YOUR-4DACD0EA75 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/28/2009 10:56:47 AM | Computer Name = YOUR-4DACD0EA75 | Source = JavaQuickStarterService | ID = 1
Description =

Error - 3/28/2009 11:23:49 AM | Computer Name = YOUR-4DACD0EA75 | Source = JavaQuickStarterService | ID = 1
Description =

[ System Events ]
Error - 3/27/2009 11:18:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 3/27/2009 11:18:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll.
Reference
error message: The operation completed successfully. .

Error - 3/27/2009 11:18:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 3/27/2009 11:18:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 3/27/2009 11:18:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll.
Reference
error message: The operation completed successfully. .

Error - 3/27/2009 11:18:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 3/27/2009 11:18:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 3/27/2009 11:18:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll.
Reference
error message: The operation completed successfully. .

Error - 3/27/2009 11:18:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 3/27/2009 11:18:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .


< End of report >
Microsoft Windows XP Professional (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:143839 Mo/Free:1015 Mo)
D:\ [Fixed] - FAT32 - (Total:8769 Mo/Free:566 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Removable] (Total:1883 Mo/Free:1837 Mo)
Z:\ [Network] (Total:0 Mo/Free:0 Mo)

Sat 03/28/2009|12:46

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\WINDOWS\arservice.exe
---------- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\system32\cisvc.exe
---------- C:\WINDOWS\eHome\ehRecvr.exe
---------- C:\WINDOWS\eHome\ehSched.exe
---------- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\ehome\mcrdsvc.exe
---------- C:\Program Files\Canon\CAL\CALMAIN.exe
---------- C:\WINDOWS\system32\dllhost.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\RTHDCPL.EXE
---------- C:\WINDOWS\ehome\ehtray.exe
---------- C:\WINDOWS\ARPWRMSG.EXE
---------- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
---------- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
---------- C:\windows\system\hpsysdrv.exe
---------- C:\Program Files\DISC\DISCover.exe
---------- C:\WINDOWS\eHome\ehmsas.exe
---------- C:\Program Files\DISC\DiscUpdMgr.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
---------- C:\Program Files\FinePixViewer\QuickDCF.exe
---------- C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
---------- C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\Program Files\DISC\DiscStreamHub.exe
---------- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
---------- C:\WINDOWS\system32\cidaemon.exe
---------- C:\WINDOWS\system32\DllHost.exe
---------- C:\Program Files\Outlook Express\msimn.exe
---------- C:\WINDOWS\system32\NOTEPAD.EXE
---------- F:\Rooter.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Sat 03/28/2009|12:46

----------------------\\ Scan completed at 12:46
Malwarebytes' Anti-Malware 1.35
Database version: 1911
Windows 5.1.2600 Service Pack 3

3/28/2009 12:40:56 PM
mbam-log-2009-03-28 (12-40-56).txt

Scan type: Quick Scan
Objects scanned: 78804
Time elapsed: 2 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by fixit5561, 28 March 2009 - 10:21 PM.

  • 0

Advertisements


#2
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello fixit5561,
Sorry about the delay.

Since it has been a few days since posting your logs, please run another scan with OTListIt2 and post the OTListIt.txt in your next reply.
  • 0

#3
fixit5561

fixit5561

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Hi Jimmy,

No problem on the wait . I know you guys are busy as heck.
I did get the pc back onto the internet. I did a few PC restores. Then when I would try to do the windows update after the pc restore, I could download all the Windows updates except IE7.

When I updated from IE6 to IE7, IE7 stopped me from getting on the internet. Now here is the weird part, I found a link to download IE8 so I loaded IE8 and I'm able to get onto the internet.

I do keep getting a pop up though that tells me "VSFilter, Wrong File Version!" Also another pop up window, "Microsoft Visual C++ Runtime Library C:\ Windows System32\rundll32.exe" and would tell me that it was asked to be terminated in an unusual way.......

Thank you for your help with this Jimmy

I posted my new logs below for you:

OTListIt logfile created on: 4/4/2009 11:17:11 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.10.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 65.44% Memory free
3.78 Gb Paging File | 3.08 Gb Available in Paging File | 81.24% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 140.47 Gb Total Space | 76.47 Gb Free Space | 54.44% Space Free | Partition Type: NTFS
Drive D: | 8.56 Gb Total Space | 0.55 Gb Free Space | 6.44% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-4DACD0EA75
Current User Name: Compaq_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\arservice.exe (Microsoft)
PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\ARPWRMSG.EXE (Microsoft)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\WINDOWS\eHome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 2.4\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN (OpenOffice.org)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard)
PRC - c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\DISC\DiscUpdMgr.exe (Digital Interactive Systems Corporation, Inc.)
PRC - C:\Program Files\DISC\DiscStreamHub.exe (Digital Interactive Systems Corporation, Inc.)
PRC - C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
PRC - C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Inc.)
PRC - C:\Program Files\Rhapsody\rhaphlpr.exe (RealNetworks, Inc.)
PRC - C:\Documents and Settings\Compaq_Administrator\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (ARSVC [Auto | Running]) -- C:\WINDOWS\arservice.exe (Microsoft)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (EhttpSrv [On_Demand | Stopped]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn [Auto | Running]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (GoogleDesktopManager-092308-165331 [On_Demand | Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (hpqcxs08 [On_Demand | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (hpqddsvc [Auto | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (HPSLPSVC [Auto | Running]) -- C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL (Hewlett-Packard Co.)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (McrdSvc [Auto | Running]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (Net Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZinw12.dll (Hewlett-Packard)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZipm12.dll (Hewlett-Packard)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AmdK8 [System | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (eamon [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\eamon.sys (ESET)
DRV - (ehdrv [System | Running]) -- C:\WINDOWS\system32\DRIVERS\ehdrv.sys (ESET)
DRV - (epfwtdir [System | Running]) -- C:\WINDOWS\system32\DRIVERS\epfwtdir.sys (ESET)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSXHWBS2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSX_DP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSX_DP.sys (Conexant Systems, Inc.)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (StillCam [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (winachsx [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON2 [2009/04/02 10:36:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/02 11:36:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD


O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (Hewlett-Packard)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE (Microsoft)
O4 - HKLM..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice (ESET)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode (Promise Technology, Inc.)
O4 - HKLM..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup (Google)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run (Hewlett-Packard Company)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Sites: trymedia.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1238391395328 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-09.su...ows-i586-jc.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - C:\autorun.inf [2009/03/27 03:21:18 | 00,000,000 | RHSD | M] - [ NTFS ]
O32 - Autorun File - D:\AUTOEXEC.BAT () - [ FAT32 ]
O32 - Autorun File - D:\autorun.inf [2009/03/28 13:01:02 | 00,000,000 | RHSD | M] - [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[37 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/04/04 11:16:34 | 00,499,712 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTListIt2.exe
[2009/04/03 08:12:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/04/03 08:01:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/04/03 00:56:04 | 00,001,054 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\3X New LCD Screen Protector For SanDisk Sansa View MP3 - eBay (item 260386367781 end time Apr-03-09 095126 PDT).url
[2009/04/03 00:40:12 | 00,000,655 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Amazon.com SanDisk 8GB microSDHC Card CLASS 2 (SDSDQ-8192, Bulk Package) Electronics.url
[2009/04/02 20:28:25 | 00,000,250 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\microsoft visual c++ runtime library runtime error - MSDN Forums.url
[2009/04/02 17:42:06 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/04/02 17:42:06 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/04/02 17:42:04 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/04/02 17:42:03 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/04/02 17:42:03 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/04/02 17:42:02 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009/04/02 17:42:01 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009/04/02 17:42:00 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/04/02 17:42:00 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/04/02 17:41:59 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/04/02 17:41:57 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/04/02 17:41:57 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/04/02 17:41:56 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/04/02 17:41:54 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/04/02 17:41:53 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/04/02 17:41:53 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/04/02 17:41:52 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/04/02 17:41:51 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/04/02 17:41:51 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/04/02 17:41:50 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/04/02 17:41:48 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/04/02 17:41:48 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/04/02 17:41:47 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/04/02 17:41:46 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/04/02 17:41:45 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/04/02 17:41:45 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/04/02 17:41:44 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/04/02 17:41:41 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/04/02 17:41:39 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/04/02 17:41:38 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/04/02 17:41:37 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/04/02 17:41:37 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/04/02 17:41:36 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/04/02 17:41:35 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/04/02 17:41:32 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/04/02 17:41:32 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/04/02 17:41:31 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/04/02 17:41:28 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/04/02 17:41:27 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/04/02 17:41:27 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/04/02 17:41:25 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/04/02 17:41:23 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/04/02 17:41:23 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/04/02 17:41:22 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/04/02 17:41:22 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/04/02 17:41:21 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/04/02 17:41:19 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/04/02 17:41:17 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/04/02 17:41:17 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/04/02 17:41:16 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/04/02 17:41:14 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/04/02 17:40:13 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009/04/02 17:40:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/04/02 16:52:08 | 00,014,608 | ---- | C] (InterVideo, Inc.) -- C:\WINDOWS\System32\iviaspi.sys
[2009/04/02 16:41:07 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/04/02 16:41:07 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/04/02 16:41:07 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/04/02 16:41:07 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/04/02 16:41:07 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/04/02 16:41:06 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/04/02 16:41:06 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/04/02 16:41:06 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/04/02 16:41:06 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/04/02 16:41:05 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/04/02 16:41:05 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/04/02 16:41:00 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/04/02 16:41:00 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/04/02 16:41:00 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/04/02 16:40:59 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/04/02 16:40:59 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/04/02 16:40:59 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/04/02 16:40:58 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/04/02 16:40:57 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/04/02 16:40:55 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/04/02 16:40:52 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/04/02 16:38:56 | 00,000,000 | ---D | C] -- C:\Temp
[2009/04/02 16:11:46 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/04/02 16:11:45 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/04/02 16:11:36 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2009/04/02 16:11:35 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/04/02 16:11:35 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/04/02 16:11:35 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/04/02 16:11:35 | 00,086,016 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2009/04/02 16:11:27 | 00,684,032 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2009/04/02 16:11:25 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/04/02 16:11:25 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/04/02 16:11:23 | 00,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll
[2009/04/02 15:41:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009/04/02 11:04:29 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/04/02 10:36:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/04/02 10:17:45 | 00,309,760 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2009/04/02 10:17:42 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\serscan.sys
[2009/04/02 10:17:42 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2009/04/02 10:07:18 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/04/02 10:07:18 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2009/04/02 10:07:16 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2009/04/02 10:07:16 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2009/04/02 09:48:41 | 00,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/04/02 08:53:20 | 00,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/04/02 08:30:54 | 00,000,775 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\MailWasher Pro.lnk
[2009/04/02 08:23:10 | 00,000,952 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Desktop.lnk
[2009/04/02 08:13:53 | 00,001,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2009/04/02 08:13:53 | 00,001,669 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2009/04/02 07:58:04 | 00,000,000 | ---D | C] -- C:\0fad9177ba9ea345c50fb326d5561c1e
[2009/04/02 07:54:02 | 00,000,000 | ---D | C] -- C:\Program Files\Any DVD Converter Professional
[2009/04/02 07:52:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Desktop\Unused Desktop Shortcuts
[2009/04/01 22:59:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\E177E04D548C4006A465EEB92D3DE021
[2009/04/01 14:49:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Google Gadgets
[2009/04/01 08:04:13 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2009/04/01 08:04:13 | 00,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2009/04/01 08:04:12 | 00,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2009/04/01 03:34:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\InterVideo
[2009/04/01 03:24:59 | 00,000,308 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Fuze video format - Sansa Fuze - Welcome to SanDisk's Sansa Community.url
[2009/04/01 02:50:11 | 00,000,294 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Fuze Supported Video Codec Info - Sansa Fuze Video & Sansa Media Converter - abiforums.url
[2009/04/01 02:44:48 | 00,000,293 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\HOW TO UPLOAD VIDEOS ON SANSA FUZE - SANSA MEDIA CONVERTER - Sansa Media Converter - Welcome to SanDisk's Sansa Community.url
[2009/04/01 02:32:32 | 00,000,311 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Video file types - Sansa Fuze - Welcome to SanDisk's Sansa Community.url
[2009/04/01 02:04:01 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/04/01 02:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/04/01 02:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009/04/01 01:13:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/03/31 20:58:35 | 00,000,258 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\This May Help Many View Users !! - Sansa View - Welcome to SanDisk's Sansa Community.url
[2009/03/31 19:42:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/03/31 16:20:43 | 00,165,034 | ---- | C] () -- C:\WINDOWS\hpoins21.dat
[2009/03/31 16:20:43 | 00,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat
[2009/03/31 16:08:13 | 00,001,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.5.lnk
[2009/03/31 16:06:33 | 00,001,817 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/03/31 16:06:02 | 00,000,993 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2009/03/31 16:04:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/03/31 12:08:30 | 00,000,638 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/03/31 09:11:26 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2009/03/31 09:11:15 | 00,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2009/03/30 17:36:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\MailWasherPro
[2009/03/30 17:36:43 | 00,000,000 | ---D | C] -- C:\Program Files\FireTrust
[2009/03/30 17:36:00 | 07,231,386 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\mailwasher.rar
[2009/03/30 17:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\WinZip
[2009/03/30 17:10:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/03/30 17:10:18 | 00,000,000 | ---D | C] -- C:\Program Files\WinZip
[2009/03/30 16:05:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Any Video Converter
[2009/03/30 16:04:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Any Video Converter
[2009/03/30 16:04:05 | 00,000,000 | ---D | C] -- C:\Program Files\Any Video Converter
[2009/03/30 08:55:58 | 00,000,321 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Welcome to Internet Explorer 8.url
[2009/03/30 08:49:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/03/30 08:46:02 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/03/30 08:39:22 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Videos
[2009/03/30 08:31:30 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/30 08:31:30 | 00,000,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/30 08:31:28 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/30 03:12:42 | 00,001,158 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Photoshp.lnk
[2009/03/30 02:52:19 | 00,000,363 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to My Documents.lnk
[2009/03/30 02:52:13 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\My Computer.lnk
[2009/03/30 02:32:21 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/03/30 02:32:21 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/03/30 02:32:21 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/03/30 02:32:20 | 11,063,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/03/30 02:32:20 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/03/30 02:32:20 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/03/30 02:32:20 | 01,241,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/03/30 02:32:20 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/03/30 02:32:20 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/03/30 02:20:36 | 24,768,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/03/30 02:12:19 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/03/30 02:05:30 | 01,499,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2009/03/30 02:05:30 | 01,206,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2009/03/30 02:05:30 | 00,914,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2009/03/30 02:05:15 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/03/30 02:04:54 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/03/30 02:04:52 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/03/30 02:04:50 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/03/30 01:58:25 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/03/30 01:58:09 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/03/30 01:48:21 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/03/30 01:48:16 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/03/30 01:39:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/03/30 01:37:41 | 01,486,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\LegitCheckControl.DLL
[2009/03/30 01:37:12 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/03/30 01:37:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/03/30 01:27:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/03/30 01:10:47 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2009/03/30 01:10:47 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/03/30 01:10:47 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/03/30 01:10:47 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/03/30 01:10:34 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2009/03/30 01:10:34 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2009/03/30 01:10:34 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009/03/30 01:10:31 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/03/30 01:10:30 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/03/30 01:10:30 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/03/30 01:10:30 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/03/30 01:10:29 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/03/30 01:10:29 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/03/30 01:10:29 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/03/30 01:10:29 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/03/30 01:10:29 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/03/30 01:10:29 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/03/30 01:10:29 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/03/30 01:10:29 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/03/30 01:10:29 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/03/30 01:10:29 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/03/30 01:10:29 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/03/30 01:10:29 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/03/30 01:10:29 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/03/30 01:10:29 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/03/30 01:10:29 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/03/30 01:10:28 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/03/30 01:10:28 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/03/30 01:10:28 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/03/30 01:10:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/03/30 01:10:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/03/30 01:10:26 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/03/30 01:10:26 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/03/30 01:10:26 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/03/30 01:10:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/03/30 01:10:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/03/30 01:10:25 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/03/30 01:10:25 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/03/30 01:10:25 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/03/30 01:10:25 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/03/30 01:10:25 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/03/30 01:10:25 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/03/30 01:10:25 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/03/30 01:10:25 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/03/30 01:10:25 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/03/30 01:10:24 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/03/30 01:10:24 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/03/30 01:10:24 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/03/30 01:10:24 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/03/30 01:10:24 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/03/30 01:10:24 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/03/30 01:10:24 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/03/30 01:10:24 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/03/30 01:10:23 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/03/30 01:10:23 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/03/30 01:10:23 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/03/30 01:10:23 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009/03/30 01:10:22 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/03/30 01:10:22 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/03/30 01:10:22 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/03/30 01:10:22 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/03/30 01:10:20 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/03/30 01:10:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/03/30 01:10:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/03/30 01:10:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/03/30 01:10:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/03/30 01:08:05 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys
[2009/03/30 01:08:05 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys
[2009/03/30 01:08:05 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys
[2009/03/30 01:08:04 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/03/30 01:08:04 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/03/30 01:08:04 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys
[2009/03/30 01:08:04 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/03/30 01:08:04 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009/03/30 01:08:04 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009/03/30 01:08:04 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009/03/30 01:08:04 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2009/03/30 01:08:04 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2009/03/30 01:08:03 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\intelppm.sys
[2009/03/30 01:08:03 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009/03/30 01:08:02 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/03/30 01:08:02 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2009/03/30 01:08:02 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009/03/30 01:08:02 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009/03/30 01:08:02 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/03/30 01:08:01 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009/03/30 01:08:01 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009/03/30 01:08:01 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys
[2009/03/30 01:08:01 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009/03/30 01:08:01 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009/03/30 01:08:01 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009/03/30 00:25:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2009/03/29 16:00:23 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/03/29 15:05:51 | 00,031,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/03/29 15:05:50 | 00,018,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/03/29 15:05:49 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/03/29 15:05:49 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/03/29 13:35:46 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/03/29 13:33:36 | 00,001,692 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RE473AA-ABA SR2020NX NA680_YC_0Pres_QCNH636_E64NAemREA3_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M1983_J160_7AMD_8Athlon 64_92.2_#061018_N_Z14F12F20_G10DE0241.MRK
[2009/03/29 13:31:31 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\desktop.ini
[2009/03/29 13:31:21 | 02,124,486 | -H-- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IconCache.db
[2009/03/29 13:31:21 | 00,043,680 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/29 13:31:21 | 00,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2009/03/29 13:31:20 | 00,000,091 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\desktop.ini
[2009/03/29 13:31:17 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\desktop.ini
[2009/03/29 13:31:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Intuit
[2009/03/29 13:31:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Identities
[2009/03/29 13:31:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\HPQ
[2009/03/29 13:31:16 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft
[2009/03/29 13:31:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Real
[2009/03/29 13:31:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
[2009/03/29 13:31:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Ipswitch
[2009/03/29 13:31:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft
[2009/03/29 13:31:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Identities
[2009/03/29 13:31:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ApplicationHistory
[2009/03/29 13:31:14 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Pictures
[2009/03/29 13:31:14 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Music
[2009/03/29 13:31:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Wildtangent
[2009/03/29 13:31:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
[2009/03/28 22:06:11 | 00,001,577 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Quicken New User Edition 2006.lnk
[2009/03/28 22:06:11 | 00,000,639 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Rhapsody.lnk
[2009/03/28 12:46:09 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/03/28 03:11:12 | 75,852,482 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\registration files.reg
[2009/03/28 02:35:37 | 00,700,510 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\address book new.WAB
[2009/03/27 23:05:17 | 00,001,557 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2009/03/27 03:21:18 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2009/03/27 03:20:59 | 00,132,597 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Flash_Disinfector.exe
[2009/03/26 18:37:17 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/26 18:32:47 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/03/26 17:03:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Any DVD Converter Professional
[2009/03/26 17:03:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/26 12:56:51 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/03/26 12:56:51 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/03/26 11:58:03 | 00,000,133 | ---- | C] () -- C:\WINDOWS\Sansa Media Converter.INI
[2009/03/26 11:01:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\CloneDVD2919
[2009/03/26 11:00:55 | 05,084,892 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\CDVD2919.zip
[2009/03/22 22:43:05 | 00,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EOS Utility.lnk
[2009/03/22 22:38:01 | 00,000,931 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZoomBrowser EX.lnk
[2009/03/20 15:26:28 | 00,000,026 | ---- | C] () -- C:\WINDOWS\Zone.Identifier
[2009/03/20 09:32:10 | 00,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk
[2009/03/18 03:50:31 | 00,001,969 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Shop for HP Supplies.lnk
[2009/03/17 09:40:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/03/17 09:40:07 | 00,001,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/17 06:35:47 | 00,313,204 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Administrator.wab~
[2009/03/17 05:20:13 | 00,001,634 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WS_FTP Home.lnk
[2009/03/16 15:14:54 | 00,000,000 | ---D | C] -- C:\Program Files\GetData
[2009/03/16 14:02:14 | 00,165,101 | ---- | C] () -- C:\WINDOWS\hpoins21.dat.temp
[2009/03/16 14:02:14 | 00,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat.temp
[2009/03/16 13:42:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/03/16 13:30:10 | 00,000,000 | ---D | C] -- C:\Program Files\Program Files
[2009/03/16 11:13:19 | 01,599,425 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Administrator.wab
[2009/03/15 21:26:11 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/03/15 19:59:58 | 00,001,918 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk
[2009/03/15 19:47:16 | 00,001,905 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\eBay.lnk
[2009/03/15 19:47:16 | 00,001,537 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Extended Service Plans.lnk
[2009/03/15 19:47:15 | 00,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Snapfish for your photos.lnk
[2009/03/09 20:01:33 | 00,000,301 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Sounds and Audio Devices.lnk
[2009/03/09 10:48:05 | 00,000,000 | ---D | C] -- C:\Program Files\Feurio
[2009/03/09 10:40:59 | 00,413,183 | ---- | C] () -- C:\ASIO4ALL_2_9_English.exe
[2009/03/09 09:02:09 | 00,000,000 | ---D | C] -- C:\EACrips
[2009/03/09 08:46:34 | 00,000,000 | ---D | C] -- C:\Program Files\ASIO4ALL v2
[2009/03/09 02:15:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\foobar2000
[2009/03/09 02:15:48 | 00,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\foobar2000.lnk
[2009/03/09 02:15:47 | 00,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2009/03/09 01:59:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\AccurateRip
[2009/03/09 01:59:05 | 00,000,715 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Exact Audio Copy.lnk
[2009/03/09 01:59:03 | 00,000,000 | ---D | C] -- C:\Program Files\Exact Audio Copy
[2009/03/08 14:22:46 | 01,241,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll.mui
[2009/03/08 14:22:30 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll.mui
[2009/03/08 14:22:18 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe.mui
[2009/03/08 14:21:06 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll.mui
[2009/03/08 14:21:06 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe.mui
[2009/03/08 14:20:54 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll.mui
[2009/03/08 14:09:26 | 00,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2009/03/08 14:09:26 | 00,391,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2009/03/08 04:39:48 | 11,063,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
[2009/03/08 04:34:52 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2009/03/08 04:34:48 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2009/03/08 04:34:48 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[2009/03/08 04:34:30 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2009/03/08 04:34:28 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2009/03/08 04:34:18 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2009/03/08 04:34:18 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2009/03/08 04:33:48 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2009/03/08 04:33:40 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2009/03/08 04:33:26 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2009/03/08 04:33:08 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2009/03/08 04:33:02 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[2009/03/08 04:32:56 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
[2009/03/08 04:32:54 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2009/03/08 04:32:50 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
[2009/03/08 04:32:50 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[2009/03/08 04:32:48 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2009/03/08 04:32:46 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[2009/03/08 04:32:26 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2009/03/08 04:32:22 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iertutil.dll
[2009/03/08 04:32:04 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2009/03/08 04:31:56 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2009/03/08 04:31:54 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2009/03/08 04:31:52 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icardie.dll
[2009/03/08 04:31:52 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2009/03/08 04:31:44 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2009/03/08 04:31:38 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2009/03/08 04:31:38 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
[2009/03/08 04:31:36 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2009/03/08 04:31:26 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2009/03/08 04:31:18 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
[2009/03/08 04:31:02 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
[2009/03/08 04:31:02 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2009/03/08 04:30:56 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2009/03/08 04:24:28 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2009/03/08 04:22:46 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2009/03/08 04:11:12 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
[2008/02/16 02:00:06 | 00,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/12/09 11:29:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/11/14 22:15:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\FEDXPS.INI
[2007/07/03 15:52:27 | 00,000,033 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2007/04/20 19:58:48 | 00,000,029 | ---- | C] () -- C:\WINDOWS\TSMLite.ini
[2007/01/15 17:55:02 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2006/12/18 23:57:27 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2006/11/20 13:56:14 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/11/20 13:56:04 | 00,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2006/11/20 13:55:51 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2006/11/20 13:55:30 | 00,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2006/11/20 13:52:36 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/10/23 21:50:40 | 00,004,439 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/10/21 19:29:58 | 00,000,395 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2006/08/01 17:48:51 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/01 17:21:38 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/08/01 17:13:57 | 00,012,987 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/08/01 17:13:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/08/01 17:10:22 | 00,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/08/01 16:59:52 | 00,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/08/01 16:58:31 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/08/01 16:52:22 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/08/01 16:48:47 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/01 16:48:47 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/01 16:48:47 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/01 16:48:47 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/01 16:48:47 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/01 16:48:47 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/08/01 16:48:47 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/01 16:47:18 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/08/01 16:25:53 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/08/01 16:25:53 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/08/01 16:25:33 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/06/16 14:58:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/31 00:07:46 | 00,441,626 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2005/08/31 00:02:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2005/08/31 00:02:00 | 00,000,542 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/31 00:01:42 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/30 23:57:48 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2005/08/30 23:57:48 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2005/08/30 16:52:36 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/06 00:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 02:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/10 07:00:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2004/08/10 07:00:00 | 00,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2004/08/10 07:00:00 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2004/08/10 07:00:00 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2004/08/10 07:00:00 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2004/08/10 07:00:00 | 00,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2004/08/10 07:00:00 | 00,010,110 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2004/08/10 07:00:00 | 00,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2004/08/10 07:00:00 | 00,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2004/08/10 07:00:00 | 00,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2004/08/10 07:00:00 | 00,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2004/08/10 07:00:00 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2004/08/10 07:00:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2004/08/10 07:00:00 | 00,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2004/08/10 07:00:00 | 00,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2004/08/10 07:00:00 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2004/08/10 07:00:00 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2004/08/10 00:00:00 | 01,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll
[2004/08/10 00:00:00 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004/08/10 00:00:00 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll
[2004/08/10 00:00:00 | 00,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll
[2004/08/10 00:00:00 | 00,456,192 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004/08/10 00:00:00 | 00,386,048 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll
[2004/08/10 00:00:00 | 00,282,112 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004/08/10 00:00:00 | 00,282,112 | ---- | C] () -- C:\WINDOWS\System32\sbe(2).dll
[2004/08/10 00:00:00 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll
[2004/08/10 00:00:00 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2004/08/10 00:00:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2004/08/10 00:00:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll
[2004/08/10 00:00:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2004/08/10 00:00:00 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004/08/10 00:00:00 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll
[2004/08/10 00:00:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2004/08/10 00:00:00 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004/08/10 00:00:00 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004/08/10 00:00:00 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004/08/10 00:00:00 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll
[2004/08/10 00:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004/08/10 00:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004/08/10 00:00:00 | 00,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004/08/10 00:00:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2004/08/10 00:00:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2004/08/10 00:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2004/08/10 00:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2004/08/10 00:00:00 | 00,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2004/08/10 00:00:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2004/08/10 00:00:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2004/08/10 00:00:00 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004/08/10 00:00:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2004/08/10 00:00:00 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2004/08/10 00:00:00 | 00,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2004/08/10 00:00:00 | 00,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2004/08/10 00:00:00 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll
[2004/08/10 00:00:00 | 00,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2004/07/26 10:51:38 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Files - Modified Within 30 Days ==========

[37 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/04/04 11:16:42 | 00,499,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTListIt2.exe
[2009/04/04 11:08:36 | 00,000,220 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Rolex.url
[2009/04/04 00:49:30 | 00,000,639 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Rhapsody.lnk
[2009/04/04 00:45:06 | 00,187,392 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/03 23:13:29 | 00,001,392 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\DODTracker.com Real-time Tracking of Every Deal of the Day on the Web.url
[2009/04/03 16:38:18 | 00,000,638 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Head-Fi Covering Headphones, Earphones and Portable Audio.url
[2009/04/03 13:23:16 | 00,040,738 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Slickdeals.net.url
[2009/04/03 09:30:09 | 00,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/04/03 09:27:44 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/03 00:56:04 | 00,001,054 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\3X New LCD Screen Protector For SanDisk Sansa View MP3 - eBay (item 260386367781 end time Apr-03-09 095126 PDT).url
[2009/04/03 00:40:12 | 00,000,655 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Amazon.com SanDisk 8GB microSDHC Card CLASS 2 (SDSDQ-8192, Bulk Package) Electronics.url
[2009/04/02 21:33:29 | 00,000,293 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\PayPal - Welcome.url
[2009/04/02 20:35:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/02 20:35:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/02 20:28:25 | 00,000,250 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\microsoft visual c++ runtime library runtime error - MSDN Forums.url
[2009/04/02 20:23:48 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/02 16:52:09 | 00,001,899 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ Sansa Media Converter.lnk
[2009/04/02 16:11:50 | 00,000,947 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Media Player Classic.lnk
[2009/04/02 15:41:55 | 00,000,000 | ---- | M] () -- C:\WINDOWS\hpqEmlSz.INI
[2009/04/02 11:08:23 | 00,001,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/04/02 10:27:04 | 00,165,034 | ---- | M] () -- C:\WINDOWS\hpoins21.dat
[2009/04/02 10:24:50 | 00,000,542 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/02 10:19:50 | 00,000,108 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2009/04/02 10:16:16 | 00,001,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.5.lnk
[2009/04/02 10:15:26 | 00,001,969 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Shop for HP Supplies.lnk
[2009/04/02 10:12:37 | 00,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/04/02 10:11:12 | 00,000,993 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2009/04/02 10:01:16 | 00,000,091 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\desktop.ini
[2009/04/02 09:58:23 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/02 09:48:41 | 00,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/04/02 08:52:53 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/02 08:52:53 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/02 08:50:37 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/02 08:30:54 | 00,000,775 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\MailWasher Pro.lnk
[2009/04/02 08:23:10 | 00,000,952 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Desktop.lnk
[2009/04/02 08:13:53 | 00,001,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2009/04/02 08:13:53 | 00,001,669 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2009/04/02 08:04:42 | 00,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/02 08:04:42 | 00,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/02 08:04:41 | 00,441,626 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/02 08:00:05 | 00,176,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/01 03:24:59 | 00,000,308 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Fuze video format - Sansa Fuze - Welcome to SanDisk's Sansa Community.url
[2009/04/01 02:50:11 | 00,000,294 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Fuze Supported Video Codec Info - Sansa Fuze Video & Sansa Media Converter - abiforums.url
[2009/04/01 02:44:48 | 00,000,293 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\HOW TO UPLOAD VIDEOS ON SANSA FUZE - SANSA MEDIA CONVERTER - Sansa Media Converter - Welcome to SanDisk's Sansa Community.url
[2009/04/01 02:32:32 | 00,000,311 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Video file types - Sansa Fuze - Welcome to SanDisk's Sansa Community.url
[2009/04/01 02:04:01 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/03/31 20:58:35 | 00,000,258 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\This May Help Many View Users !! - Sansa View - Welcome to SanDisk's Sansa Community.url
[2009/03/31 17:19:20 | 00,000,233 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\StarDate Online Moon Phase Calculator.url
[2009/03/31 16:42:44 | 00,165,101 | ---- | M] () -- C:\WINDOWS\hpoins21.dat.temp
[2009/03/31 15:55:29 | 00,000,245 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\FedEx.url
[2009/03/30 17:36:00 | 07,231,386 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\mailwasher.rar
[2009/03/30 08:55:59 | 00,000,321 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Welcome to Internet Explorer 8.url
[2009/03/30 08:31:30 | 00,000,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/30 03:12:42 | 00,001,158 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Photoshp.lnk
[2009/03/30 02:52:19 | 00,000,363 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to My Documents.lnk
[2009/03/30 02:52:13 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\My Computer.lnk
[2009/03/30 01:07:44 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/03/29 16:48:07 | 02,902,434 | ---- | M] () -- C:\Frontpage Express 2[1].0.zip
[2009/03/29 16:27:07 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/29 13:36:34 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/03/29 13:33:38 | 00,001,692 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RE473AA-ABA SR2020NX NA680_YC_0Pres_QCNH636_E64NAemREA3_48_INAOS_SASUSTek Computer INC._V1.05_B3.00_T060630_WXP2_L409_M1983_J160_7AMD_8Athlon 64_92.2_#061018_N_Z14F12F20_G10DE0241.MRK
[2009/03/29 13:29:56 | 00,001,111 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/03/29 13:28:55 | 00,000,211 | RHS- | M] () -- C:\BOOT.BAK
[2009/03/28 03:11:20 | 75,852,482 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\registration files.reg
[2009/03/28 02:22:14 | 00,700,510 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\address book new.WAB
[2009/03/27 23:05:17 | 00,001,557 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\CCleaner.lnk
[2009/03/27 03:21:04 | 00,132,597 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Flash_Disinfector.exe
[2009/03/26 18:09:18 | 00,015,360 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/26 14:00:14 | 00,000,125 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/03/26 12:56:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/03/26 12:56:51 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/03/26 11:58:03 | 00,000,133 | ---- | M] () -- C:\WINDOWS\Sansa Media Converter.INI
[2009/03/26 11:05:29 | 00,000,860 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CloneDVD2.lnk
[2009/03/26 11:01:13 | 05,084,892 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\CDVD2919.zip
[2009/03/24 17:12:04 | 00,000,026 | ---- | M] () -- C:\WINDOWS\Zone.Identifier
[2009/03/22 22:43:05 | 00,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EOS Utility.lnk
[2009/03/22 22:38:01 | 00,000,931 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZoomBrowser EX.lnk
[2009/03/20 09:32:10 | 00,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk
[2009/03/17 05:20:13 | 00,001,634 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WS_FTP Home.lnk
[2009/03/17 05:09:18 | 01,599,425 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Administrator.wab
[2009/03/17 05:09:18 | 00,313,204 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Administrator.wab~
[2009/03/16 14:18:32 | 00,517,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/03/16 14:18:32 | 00,235,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009/03/16 14:18:32 | 00,069,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/03/16 14:18:32 | 00,022,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009/03/15 19:59:58 | 00,001,918 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk
[2009/03/15 19:00:42 | 00,000,189 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\briarart.com.url
[2009/03/11 09:47:46 | 00,000,208 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Sugar Mama.url
[2009/03/09 20:01:33 | 00,000,301 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Sounds and Audio Devices.lnk
[2009/03/09 15:27:22 | 04,178,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/03/09 15:27:22 | 01,846,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/03/09 15:27:22 | 00,453,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/03/09 10:41:00 | 00,413,183 | ---- | M] () -- C:\ASIO4ALL_2_9_English.exe
[2009/03/09 02:15:48 | 00,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\foobar2000.lnk
[2009/03/09 01:59:05 | 00,000,715 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Exact Audio Copy.lnk
[2009/03/08 14:22:46 | 01,241,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll.mui
[2009/03/08 14:22:46 | 01,241,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/03/08 14:22:30 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll.mui
[2009/03/08 14:22:18 | 00,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe.mui
[2009/03/08 14:21:06 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll.mui
[2009/03/08 14:21:06 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe.mui
[2009/03/08 14:20:54 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll.mui
[2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2009/03/08 14:09:26 | 00,391,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2009/03/08 14:09:26 | 00,391,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2009/03/08 04:41:16 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009/03/08 04:41:16 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/03/08 04:39:48 | 11,063,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
[2009/03/08 04:39:48 | 11,063,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/03/08 04:35:10 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009/03/08 04:34:58 | 00,914,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet.dll
[2009/03/08 04:34:58 | 00,914,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2009/03/08 04:34:56 | 01,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon.dll
[2009/03/08 04:34:56 | 01,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2009/03/08 04:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2009/03/08 04:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2009/03/08 04:34:48 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\webcheck.dll
[2009/03/08 04:34:48 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2009/03/08 04:34:48 | 00,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[2009/03/08 04:34:30 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2009/03/08 04:34:30 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2009/03/08 04:34:28 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2009/03/08 04:34:28 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2009/03/08 04:34:18 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2009/03/08 04:34:18 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2009/03/08 04:34:18 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\occache.dll
[2009/03/08 04:34:18 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2009/03/08 04:33:48 | 00,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2009/03/08 04:33:40 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2009/03/08 04:33:40 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2009/03/08 04:33:26 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2009/03/08 04:33:26 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2009/03/08 04:33:16 | 00,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll
[2009/03/08 04:33:16 | 00,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2009/03/08 04:33:08 | 00,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll
[2009/03/08 04:33:08 | 00,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2009/03/08 04:33:06 | 00,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2009/03/08 04:33:06 | 00,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2009/03/08 04:33:02 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll
[2009/03/08 04:33:02 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[2009/03/08 04:32:56 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
[2009/03/08 04:32:56 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\admparse.dll
[2009/03/08 04:32:54 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2009/03/08 04:32:54 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2009/03/08 04:32:52 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakui.dll
[2009/03/08 04:32:52 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
[2009/03/08 04:32:52 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2009/03/08 04:32:50 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iesetup.dll
[2009/03/08 04:32:50 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
[2009/03/08 04:32:50 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll
[2009/03/08 04:32:50 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[2009/03/08 04:32:48 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2009/03/08 04:32:48 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll
[2009/03/08 04:32:46 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll
[2009/03/08 04:32:46 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[2009/03/08 04:32:26 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2009/03/08 04:32:26 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/03/08 04:32:22 | 01,985,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iertutil.dll
[2009/03/08 04:32:22 | 01,985,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/03/08 04:32:04 | 00,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2009/03/08 04:32:04 | 00,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2009/03/08 04:31:56 | 00,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2009/03/08 04:31:56 | 00,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2009/03/08 04:31:54 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2009/03/08 04:31:52 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icardie.dll
[2009/03/08 04:31:52 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/03/08 04:31:52 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2009/03/08 04:31:52 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/03/08 04:31:44 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
[2009/03/08 04:31:44 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2009/03/08 04:31:38 | 00,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[2009/03/08 04:31:38 | 00,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2009/03/08 04:31:38 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\imgutil.dll
[2009/03/08 04:31:38 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
[2009/03/08 04:31:36 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[2009/03/08 04:31:36 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2009/03/08 04:31:26 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmled.dll
[2009/03/08 04:31:26 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2009/03/08 04:31:18 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmler.dll
[2009/03/08 04:31:18 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
[2009/03/08 04:31:02 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[2009/03/08 04:31:02 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
[2009/03/08 04:31:02 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe
[2009/03/08 04:31:02 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2009/03/08 04:30:56 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tdc.ocx
[2009/03/08 04:30:56 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2009/03/08 04:24:28 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2009/03/08 04:22:46 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2009/03/08 04:22:38 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msls31.dll
[2009/03/08 04:22:38 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
[2009/03/08 04:15:06 | 00,057,667 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[2009/03/08 04:11:12 | 00,445,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
[2009/03/08 04:11:12 | 00,445,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/03/06 21:31:02 | 00,000,158 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Official Home of Mega Millions.url

========== Alternate Data Streams ==========

@Alternate Data Stream - 894 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Chase Personal Banking Investments Credit Cards Home Auto Commercial Small Business Insurance.url:favicon
@Alternate Data Stream - 88 bytes -> C:\Frontpage Express 2[1].0.zip:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Compaq_Administrator\My Documents\Administrator.wab:SummaryInformation
@Alternate Data Stream - 5430 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\PayPal - Welcome.url:favicon
@Alternate Data Stream - 3774 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Rolex.url:favicon
@Alternate Data Stream - 3638 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\FedEx.url:favicon
@Alternate Data Stream - 2435 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Amazon.com SanDisk 8GB microSDHC Card CLASS 2 (SDSDQ-8192, Bulk Package) Electronics.url:favicon
@Alternate Data Stream - 2406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\DODTracker.com Real-time Tracking of Every Deal of the Day on the Web.url:favicon
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:803F26F5A9A3F892
@Alternate Data Stream - 2238 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\StarDate Online Moon Phase Calculator.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\LOTTERY - Lottery.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Head-Fi Covering Headphones, Earphones and Portable Audio.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Fuze Supported Video Codec Info - Sansa Fuze Video & Sansa Media Converter - abiforums.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\eBay – stanwell pipe, radice pipe and ferndown pipe items on eBay.com.url:favicon
@Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\3X New LCD Screen Protector For SanDisk Sansa View MP3 - eBay (item 260386367781 end time Apr-03-09 095126 PDT).url:favicon
@Alternate Data Stream - 1334 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Trouble free pool.url:favicon
@Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Welcome to Internet Explorer 8.url:favicon
@Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Compaq_Administrator\Desktop\Slickdeals.net.url:favicon
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB1B13D8
< End of report >
OTListIt Extras logfile created on: 4/4/2009 11:17:11 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.10.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 65.44% Memory free
3.78 Gb Paging File | 3.08 Gb Available in Paging File | 81.24% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 140.47 Gb Total Space | 76.47 Gb Free Space | 54.44% Space Free | Partition Type: NTFS
Drive D: | 8.56 Gb Total Space | 0.55 Gb Free Space | 6.44% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-4DACD0EA75
Current User Name: Compaq_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections (Hewlett-Packard)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System (Digital Interactive Systems Corporation)
C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub (Digital Interactive Systems Corporation, Inc.)
C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP (Digital Interactive Systems Corporation, Inc.)
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections (Hewlett-Packard)
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
E:\setup\HPZnui01.exe:*:Enabled:hpznui01.exe File not found
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe ( )
C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe (Hewlett-Packard)
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire (Lime Wire, LLC)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{9F7AF7CD-E3D0-4C68-A3BA-C76C359B3AA8}" = LightScribe 1.4.105.1
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{ACDE260A-602B-4cfb-A650-D0DBA6FFAD85}" = NetDeviceManager
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BE9880CD-73A9-4EFD-83E5-4BB38D48E2BD}" = HP Smart Web Printing
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{c600ab3d-8b64-41df-bf36-b3d87ce0706b}" = C7200_Help
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CDF97135-7FD2-4289-96B8-DD4505267ACD}" = ESET NOD32 Antivirus
"{CECEB0FF-5C45-4b50-9A00-C596E36D88F4}" = C7200
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{FC053571-8507-44E4-8B6D-AACEAB8CA57C}" = Sansa Media Converter
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AwayMode160" = Microsoft Away Mode
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"DISCover" = DISCover
"Google Desktop" = Google Desktop
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.7.5
"MailWasher Pro_is1" = MailWasher Pro
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2006b" = Microsoft Money 2006
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"Rhapsody" = Rhapsody
"Shop for HP Supplies" = Shop for HP Supplies
"WildTangent CDA" = WildTangent Web Driver
"WildTangent compaq Master Uninstall" = My HP Games
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/1/2009 7:14:03 PM | Computer Name = YOUR-4DACD0EA75 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/1/2009 7:14:03 PM | Computer Name = YOUR-4DACD0EA75 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/1/2009 10:31:16 PM | Computer Name = YOUR-4DACD0EA75 | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
module ffdshow.ax, version 1.0.5.2817, fault address 0x0005661b.

Error - 4/1/2009 10:31:26 PM | Computer Name = YOUR-4DACD0EA75 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 4/1/2009 10:35:06 PM | Computer Name = YOUR-4DACD0EA75 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5145, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/2/2009 10:11:19 AM | Computer Name = YOUR-4DACD0EA75 | Source = MsiInstaller | ID = 11904
Description = Product: SolutionCenter -- Error 1904. Module C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
failed to register. HRESULT -2147220473. Contact your support personnel.

Error - 4/2/2009 10:29:46 AM | Computer Name = YOUR-4DACD0EA75 | Source = Application Hang | ID = 1002
Description = Hanging application hpqdirec.exe, version 100.0.65.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/2/2009 10:30:03 AM | Computer Name = YOUR-4DACD0EA75 | Source = Application Hang | ID = 1001
Description = Fault bucket 559164594.

Error - 4/2/2009 11:01:53 AM | Computer Name = YOUR-4DACD0EA75 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/2/2009 11:01:53 AM | Computer Name = YOUR-4DACD0EA75 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 4/2/2009 6:31:50 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/2/2009 6:31:50 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 4/2/2009 7:38:41 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 4/2/2009 7:40:01 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/2/2009 7:40:01 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 4/2/2009 8:35:20 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 4/2/2009 8:36:42 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/2/2009 8:36:42 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 4/4/2009 12:50:13 AM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 4/4/2009 12:50:13 AM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2


< End of report >
  • 0

#4
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello fixit5561,

  • Please open OTListIt2.exe
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :Files
    @C:\WINDOWS:803F26F5A9A3F892
    
    :Commands
    [purity]
    [emptytemp]
    [reboot]
  • Return to OTListIt2, right click in the "Custom Scans/fixes" window (under the light blue bar) and choose Paste.
  • Click the Run Fix button.
  • Let the program run until it is finished, reboot when it is done.
  • It will produce a log for you on reboot, please post that log in your next reply.




Download RootRepeal.zip and unzip it to your Desktop.
  • Double click RootRepeal.exe to start the program
  • Click on the Report tab at the bottom of the program window
  • Click the Scan button
  • In the Select Scan dialog, check:
    • Drivers
    • Files
    • Processes
    • SSDT
    • Stealth Objects
    • Hidden Services
  • Click the OK button
  • In the next dialog, select all drives showing
  • Click OK to start the scan

    Note: The scan can take some time. DO NOT run any other programs while the scan is running

  • When the scan is complete, the Save Report button will become available
  • Click this and save the report to your Desktop as RootRepeal.txt
  • Go to File, then Exit to close the program
Please post the contents of RootRepeal.txt in your next reply.
~~~~~~~~~~~~~~
In your next reply please have these logs.
The OTListIt2 log
And the RootRepeal log

Edited by Jimmy2012, 04 April 2009 - 10:52 AM.

  • 0

#5
fixit5561

fixit5561

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Hi Jimmy,

After I ran the OTListIT2 and then it wanted to reboot, I got a pop up window that said, dwwin.exe dll Initialization failed because windows station is shutting down. And als Rundll32.exe this program is not responding.

Thenafter I ran the rootRepeal I got a pop up window Microsoft Visual C++ runtime library, c\windows\system32\rundll32.exe, this application requested runtime to terminate in an unusual way.

Below are the two logs you requested:

========== FILES ==========
ADS C:\WINDOWS:803F26F5A9A3F892 deleted successfully.
========== COMMANDS ==========
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\hsperfdata_Compaq_Administrator\4672 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\IadHide5.dll scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Perflib_Perfdata_7f4.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Perflib_Perfdata_ae4.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Perflib_Perfdata_f94.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF1DE0.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF25A1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF2756.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF28BB.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF299D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF2B41.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF2B4F.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF616.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\S4JK888L\WIN32-Agent-ODG-virus-Please-help-t233674[2].html scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\IGZYPQCW\iframe[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\HPSLPS013.log scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_438.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.

OTListIt2 by OldTimer - Version 2.0.10.0 log created on 04042009_203540

Files moved on Reboot...
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\hsperfdata_Compaq_Administrator\4672 not found!
DllUnregisterServer procedure not found in C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\IadHide5.dll
C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\IadHide5.dll NOT unregistered.
C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\IadHide5.dll moved successfully.
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Perflib_Perfdata_7f4.dat not found!
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Perflib_Perfdata_ae4.dat not found!
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\Perflib_Perfdata_f94.dat not found!
C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF1DE0.tmp moved successfully.
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF25A1.tmp not found!
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF2756.tmp not found!
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF28BB.tmp not found!
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF299D.tmp not found!
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF2B41.tmp not found!
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF2B4F.tmp not found!
C:\Documents and Settings\Compaq_Administrator\Local Settings\Temp\~DF616.tmp moved successfully.
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\S4JK888L\WIN32-Agent-ODG-virus-Please-help-t233674[2].html not found!
File C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\IGZYPQCW\iframe[1].htm not found!
C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\WINDOWS\temp\HPSLPS013.log moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_438.dat not found!

Registry entries deleted on Reboot...


ROOTREPEAL © AD, 2007-2008
==================================================
Scan Time: 2009/04/04 20:49
Program Version: Version 1.2.3.0
Windows Version: Windows XP Media Center Edition SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB716C000 Size: 98304 File Visible: No
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBADEA000 Size: 8192 File Visible: No
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB2FD2000 Size: 45056 File Visible: No
Status: -

Hidden/Locked Files
-------------------
Path: C:\autorun.inf\lpt3.This folder was created by Flash_Disinfector
Status: Locked to the Windows API!

Path: C:\WINDOWS\Temp\hpqddsvc.log
Status: Size mismatch (API: 6818, Raw: 6214)

Path: C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a
Status: Locked to the Windows API!

Path: C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a
Status: Locked to the Windows API!

Path: C:\Program Files\Compaq Connections\5577497\Users\Default\Data\D0000000.FCS
Status: Allocation size mismatch (API: 512, Raw: 0)

Path: C:\Documents and Settings\Compaq_Administrator\My Documents\My Music\Abi's music\Disney\Disney Princess- The Ultimate Song Collection\Disney - Disney Princess The Ultimate Song Collection - 06 - Some Day My Prince Will Come [From Snow White and the Seven Dwarfs].wma
Status: Locked to the Windows API!

Path: D:\AUTORUN.INF\lpt3.This folder was created by Flash_Disinfector
Status: Locked to the Windows API!

Path: D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP77\change.log.1
Status: Allocation size mismatch (API: 16384, Raw: 8192)

Path: D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP81\CHANGE.LOG
Status: Allocation size mismatch (API: 16384, Raw: 8192)

SSDT
-------------------
#: 019 Function Name: NtAssignProcessToJobObject
Status: Hooked by "<unknown>" at address 0x89954630

#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x89953a60

#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x89953e80

#: 253 Function Name: NtSuspendProcess
Status: Hooked by "<unknown>" at address 0x89954460

#: 254 Function Name: NtSuspendThread
Status: Hooked by "<unknown>" at address 0x89954280

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x89953c90

#: 258 Function Name: NtTerminateThread
Status: Hooked by "<unknown>" at address 0x899540b0

Stealth Objects
-------------------
Object: Hidden Code [ETHREAD: 0x89cd66f0]
Process: System Address: 0x89952790 Size: -
  • 0

#6
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello fixit5561,

We are going to run System File Checker, to make sure all of your protected files are not corrupt. The scan will automatically replace any corrupt files that it finds.

Click Start
Select Run
At the prompt type sfc /scannow Please note that there is a single space between sfc and /scannow.

Typing this will start the program, and a box should appear telling you how much longer the process should take.

Sometimes the scan will prompt you for your Windows XP disc upon starting the scan. if this happens please make sure that you can view protected files:
My Computer
Tools
Folder Options
View
"Uncheck" Hide protected operating system files.

Then rerun the scan. If this still asks you to put in your windows XP CD, and you do not have the CD (If you bought it preinstalled) post back for more tips, otherwise enter Windows CD.

Once the scan is complete:

Check your Windows Updates! After using the File Protection Service, you might need to reapply some updates.

Please reboot, and let me know if anything has changed.

Also, please rehide the protected files:
My Computer
Tools
Folder Options
View
"Check" Hide protected operating system files.

  • 0

#7
fixit5561

fixit5561

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Hi Jimmy,

It asked for the windows xp professional sp3 cd, and I dont have it.

I did uncheck the hide protected operating system files. And I did recheck it just now.

When it tried to scan the pop up window said Files that are required for Windows to run properly must be copied to the DLL cache.

Thanks
Brian
  • 0

#8
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello fixit5561,
Please try this.



We will now do a deep search of your processes and files

Download avz4.zip from here
  • Unzip it to your desktop to a folder named avz4
  • Double click on AVZ.exe to run it.
  • Run an update by clicking the Auto Update button on the Right of the Log window: Posted Image
  • Click Start to begin the update
Note: If you recieve an error message, chose a different source, then click Start again


  • Start AVZ.
  • Choose from the menu "File" => "Standard scripts " and mark the "Healing/Quarantine and Advanced System Investigation" check box.
  • Click on the “Execute selected scripts”.
  • Automatic scanning, healing and system check will be executed.
  • A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip.
  • It is necessary to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan.
  • All applications will work properly after the system restart.

When restarted

  • Start AVZ.
  • Choose from the menu "File" => "Standard scripts " and mark the “Advanced System Investigation" check box.
  • Click on the "Execute selected scripts".
  • A system check will be automatically performed, and the created logfile (avz_sysinfo.htm) will be saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip.

Attach both zip files to your next post

To attach a file, do the following:
  • Click Add Reply
  • Under the reply panel is the Attachments Panel
  • Browse for the attachment file you want to upload, then click the green Upload button
  • Once it has uploaded, click the Manage Current Attachments drop down box
  • Click on Posted Image to insert the attachment into your post

  • 0

#9
fixit5561

fixit5561

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
deleted question

Edited by fixit5561, 05 April 2009 - 11:38 AM.

  • 0

#10
fixit5561

fixit5561

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Below are the .zip files

Attached File  virusinfo_syscure.zip   31.93KB   160 downloads
Attached File  virusinfo_syscheck.zip   30.6KB   175 downloads
  • 0

Advertisements


#11
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello fixit5561,

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.

  • 0

#12
fixit5561

fixit5561

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Hi Jimmy

Imstill working on that scan, it keeps stalling around 1/3 finished at a setup.exe file and then has an error message come up (you know the one where windows asks if you want to send a report to them, oR not to send it to them and then when you send or done send, windows shuts it down. Im trying to get more details for you and am running the scan on only my d:/ drive which is the backup drive to see if the same happens.

Thanks
  • 0

#13
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello fixit5561,

If the scan does not want to finish, please let me know and we will try other things.
  • 0

#14
fixit5561

fixit5561

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Hi Jimmy,

I found the file that was stopping the scan and have deleted it and am now running another scan. If this oen fails then we can go another route with it.

Did you want me to post the scans from the Dr. Web Cureit after it is finished?

Thanks
  • 0

#15
fixit5561

fixit5561

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Hi Jimmy,

I couldnt complete the scan on my C: drive. Only on my D: drive, which is the restore drive with the files to do a pc recovery on it. I did save a scan for that drive if you want it.

The file that the Dr Web CureIt keeps stopping at is C:\System Volumne Information\_restore {106CF321_99A3-4E3A-9103-1BD027606A99}\RP8\A0004044.exe thats on my C: drive. I tried about 4-5 times to run the CureIt and it stops at the same file. It is associated with anyDVD and I tried removing all the anydvd files and sent them to the recycle bin then permanently deleted them. Then I traced the above file and found it in a prefetch file (dont know if it truely is the right file) on my system so I put it into the recycle bin but didnt completely delete it in case it is still needed and the CuerIt still stopped at that file in the _restore file, so Im thinking that I deleted the wrong file as it isnt finding it in the recycle bin. I dont know.

Whats next?

Thanks
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP