OTListIt logfile created on: 4/29/2009 10:47:19 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\VanDerMark Family\Local Settings\Temporary Internet Files\Content.IE5\G8NBT46Y
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
509.98 Mb Total Physical Memory | 164.30 Mb Available Physical Memory | 32.22% Memory free
1.22 Gb Paging File | 0.48 Gb Available in Paging File | 39.56% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.94 Gb Total Space | 52.38 Gb Free Space | 73.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D1R74361
Current User Name: VanDerMark Family
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\AOL\1103757878\ee\AOLSoftware.exe (AOL LLC)
PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\Program Files\AOL 9.1\waol.exe (AOL, LLC.)
PRC - C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\brss01a.exe (brother Industries Ltd)
PRC - C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
PRC - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe (America Online Inc)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe (Logitech, Inc.)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
PRC - C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe (Logitech, Inc.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - c:\program files\common files\aol\1103757878\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe ()
PRC - C:\Program Files\Common Files\AOL\1103757878\EE\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files\AOL 9.1\shellmon.exe (AOL, LLC.)
PRC - C:\Documents and Settings\VanDerMark Family\Local Settings\Temporary Internet Files\Content.IE5\G8NBT46Y\OTListIt2[1].exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (0116081232684624mcinstcleanup [Disabled | Stopped]) -- File not found
SRV - (a2free [Auto | Running]) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
SRV - (AOL ACS [Auto | Running]) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
SRV - (AOL TopSpeedMonitor [Auto | Running]) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc)
SRV - (Apple Mobile Device [Disabled | Stopped]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Stopped]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Brother XP spl Service [Auto | Running]) -- C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DSBrokerService [Disabled | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (getPlus® Helper [On_Demand | Stopped]) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [On_Demand | Stopped]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LBTServ [On_Demand | Stopped]) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (NetSvc [On_Demand | Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (sdAuxService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (sdCoreService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WANMiniportService [Auto | Running]) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AliIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (BrScnUsb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (CmdIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (drvmcdb [Boot | Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (drvnddm [Auto | Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)
DRV - (DSproct [On_Demand | Stopped]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HPZid412 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntelC51 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC51.sys (Intel Corporation)
DRV - (IntelC52 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC52.sys (Intel Corporation)
DRV - (IntelC53 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\IntelC53.sys (Intel Corporation)
DRV - (L8042Kbd [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys (Logitech, Inc.)
DRV - (L8042mou [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\L8042mou.Sys (Logitech, Inc.)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (LBeepKE [Auto | Running]) -- C:\WINDOWS\System32\Drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (LHidFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (LMouFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (LMouKE [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouKE.Sys (Logitech, Inc.)
DRV - (MCSTRM [Auto | Running]) -- C:\WINDOWS\System32\drivers\mcstrm.sys (RealNetworks, Inc.)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mohfilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mohfilt.sys (Intel Corporation)
DRV - (mraid35x [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (PCTCore [Boot | Running]) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sscdbhk5 [System | Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)
DRV - (ssrtln [System | Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)
DRV - (symc810 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (tfsnboio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)
DRV - (tfsncofs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)
DRV - (tfsndrct [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)
DRV - (tfsndres [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)
DRV - (tfsnifs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)
DRV - (tfsnopio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)
DRV - (tfsnpool [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)
DRV - (tfsnudf [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)
DRV - (tfsnudfa [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)
DRV - (tmcomm [Auto | Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (ultra [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (wanatw [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys (America Online, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.aol.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\
[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/11/08 09:32:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/03 12:03:54 | 00,000,000 | ---D | M]
O1 HOSTS File: (738 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1103757878\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b (AOL, LLC.)
O4 - HKCU..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H (PC Tools)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Sites: west.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Sites: westathome.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Sites: westathome.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Sites: workathomeagent.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94}
http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}
http://photos.walmar...martActivia.cab (Snapfish Activia)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345}
https://www-secure.s...abs/tgctlsr.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}
http://cdn.scan.onec...lscbase5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://www.update.mi...b?1232598630437 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FAE28553-6D86-4EFB-ACA9-05A8ACEBDEE4}
http://ww1.fotobenav...ploradorv20.ocx (Explorador de Fotos Rollpix v2.0)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7}
http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Value error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\autoexec.001 () - [ NTFS ]
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - C:\autorun.PNF () - [ NTFS ]
O33 - MountPoints2\{13722ba3-e6ff-11dd-9e10-001111702b26}\Shell - "" = AutoRun
O33 - MountPoints2\{13722ba3-e6ff-11dd-9e10-001111702b26}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ========== [1 C:\*.tmp files]
[3 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/29 13:38:51 | 00,000,098 | ---- | C] () -- C:\index.ini
[2009/04/29 13:24:21 | 00,011,254 | ---- | C] () -- C:\WINDOWS\System32\locate.com
[2009/04/29 11:31:38 | 00,000,534 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\Desktop\ISeeYouXP.lnk
[2009/04/29 11:31:28 | 00,000,000 | ---D | C] -- C:\ISeeYouXP
[2009/04/29 10:06:34 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009/04/29 10:06:23 | 00,130,936 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/04/29 10:06:23 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009/04/29 10:06:10 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/04/29 10:06:06 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/04/29 10:06:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/04/29 10:05:48 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/04/29 10:05:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\Application Data\PC Tools
[2009/04/29 10:05:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/04/29 10:05:44 | 00,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2009/04/29 10:05:42 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\STKIT432.DLL
[2009/04/29 10:05:38 | 00,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2009/04/29 09:58:13 | 00,000,710 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\a-squared HiJackFree.lnk
[2009/04/29 09:58:11 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared HiJackFree
[2009/04/29 00:02:03 | 00,086,912 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090429_000158.reg
[2009/04/27 21:16:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Search
[2009/04/27 13:21:51 | 00,008,396 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\3945_001.pdf
[2009/04/26 17:19:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\My Albums
[2009/04/25 14:10:39 | 53,482,7008 | -HS- | C] () -- C:\hiberfil.sys
[2009/04/25 13:51:15 | 00,000,648 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk
[2009/04/25 13:51:04 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2009/04/25 13:51:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\a-squared Free
[2009/04/25 11:19:13 | 00,000,000 | ---D | C] -- C:\Program Files\Citrix
[2009/04/25 11:02:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Desktop Search
[2009/04/25 11:01:39 | 00,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/04/25 11:01:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/04/25 11:01:30 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2009/04/25 11:00:00 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2009/04/25 11:00:00 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2009/04/25 10:59:59 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2009/04/25 10:59:47 | 00,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/04/25 10:59:18 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2009/04/25 10:57:11 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/04/25 10:57:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/04/25 10:57:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009/04/25 09:51:21 | 00,053,248 | ---- | C] (
http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2009/04/17 23:49:51 | 00,000,000 | ---D | C] -- C:\Program Files\FaceDub
[2009/04/16 23:07:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\Updater5
[2009/04/15 01:19:34 | 00,000,220 | -HS- | C] () -- C:\WINDOWS\dwin.sys
[2009/04/15 01:19:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\avlocks3
[2009/04/14 22:46:00 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/14 22:46:00 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/14 22:46:00 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/14 22:46:00 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/14 22:46:00 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/14 22:46:00 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/14 22:45:59 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/14 22:45:59 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/14 22:45:59 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/14 22:45:13 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/14 22:45:13 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/14 22:45:13 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/13 22:25:21 | 00,000,000 | ---D | C] -- C:\Program Files\FLEX Spreadsheet
[2009/04/12 14:29:38 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Gradiation annoucement 2009.doc
[2009/04/09 16:47:15 | 01,289,163 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Rite Aid coupon.jpg
[2009/04/09 12:52:50 | 00,000,932 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090409_125247.reg
[2009/04/08 21:46:57 | 01,277,680 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\couponprinter.exe
[2009/04/06 22:10:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2009/04/06 22:10:53 | 00,000,000 | ---D | C] -- C:\Program Files\Coupons
[2009/04/06 02:26:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2009/04/05 16:07:10 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2009/04/05 15:57:07 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\Desktop\CCleaner.lnk
[2009/04/05 15:57:07 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/04/05 12:02:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\VanDerMark Family\My Documents\Info Virus-Trojas-Spy
[2009/04/04 21:44:10 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2009/04/04 21:44:10 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2009/04/04 21:44:10 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2009/04/03 12:02:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/04/03 12:02:40 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/04/03 12:02:35 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/04/03 11:23:11 | 00,280,576 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\VanDerMark Family\Desktop\framework_cleanup_tool.exe
[2009/04/01 14:53:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/04/01 09:53:34 | 15,477,248 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\My Documents\ica32web.msi
[2009/03/31 16:04:17 | 00,000,917 | ---- | C] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Revo Uninstaller.lnk
[2009/03/31 16:04:16 | 00,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2009/03/31 13:37:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/03/31 13:36:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/03/31 13:34:51 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/03/31 13:34:32 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/03/31 13:33:56 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/03/31 13:31:00 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/03/31 13:30:59 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/03/31 13:30:59 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/03/31 13:30:59 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/03/31 13:30:59 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/03/31 13:30:59 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/03/31 13:30:58 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/03/31 13:30:58 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/03/31 13:30:57 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/02/27 10:21:41 | 00,000,122 | -HS- | C] () -- C:\WINDOWS\System32\ofatugil.ini
[2009/02/12 01:35:41 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2008/03/15 18:34:59 | 00,000,819 | ---- | C] () -- C:\WINDOWS\Start.INI
[2008/01/09 15:01:48 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/05/16 21:11:20 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/05/16 21:11:10 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/12/28 19:09:20 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2006/09/18 16:57:12 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/08/11 13:41:56 | 00,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2006/08/11 13:41:41 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
[2006/08/03 21:08:30 | 00,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2006/08/03 21:08:29 | 00,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2006/03/05 20:26:50 | 00,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2005/09/07 16:43:29 | 00,000,126 | ---- | C] () -- C:\WINDOWS\7THLEVEL.INI
[2005/07/08 08:42:26 | 00,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2005/06/22 11:04:50 | 00,000,694 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/01/09 17:26:22 | 00,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2005/01/09 17:26:22 | 00,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll
[2005/01/09 17:26:22 | 00,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2005/01/09 17:26:22 | 00,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll
[2005/01/09 17:26:22 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll
[2005/01/09 17:26:22 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2004/12/08 07:57:41 | 00,000,099 | ---- | C] () -- C:\WINDOWS\upst.ini
[2004/12/08 07:57:41 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/11/20 19:47:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2004/11/20 18:51:56 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2004/11/20 18:27:41 | 00,000,843 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2004/11/20 18:27:41 | 00,000,462 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2004/11/20 18:27:41 | 00,000,147 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2004/11/20 18:27:41 | 00,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2004/11/11 04:40:36 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/11 04:30:07 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/11 03:57:00 | 00,000,519 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/16 00:03:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 15:13:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 15:04:08 | 00,000,799 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2004/08/10 14:57:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2004/08/04 07:00:00 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003/11/16 05:48:02 | 00,909,312 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2003/11/16 05:48:00 | 01,060,864 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003/11/15 12:54:18 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/10/06 18:42:58 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/03/29 14:45:56 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\wwnet32i.dll
[2001/07/06 15:30:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1980/01/01 02:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
========== Files - Modified Within 30 Days ========== [1 C:\*.tmp files]
[3 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/29 22:42:02 | 00,053,096 | ---- | M] () -- C:\VETlog.dmp
[2009/04/29 22:40:46 | 00,000,799 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/04/29 22:29:54 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/04/29 22:29:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/29 22:29:44 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/04/29 22:29:43 | 53,482,7008 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/29 14:36:34 | 00,000,098 | ---- | M] () -- C:\index.ini
[2009/04/29 11:31:39 | 00,000,534 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\ISeeYouXP.lnk
[2009/04/29 10:06:10 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/04/29 10:05:44 | 00,000,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2009/04/29 09:58:13 | 00,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\a-squared HiJackFree.lnk
[2009/04/29 00:02:59 | 00,086,912 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090429_000158.reg
[2009/04/27 21:20:22 | 00,054,986 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Application Data\wklnhst.dat
[2009/04/27 15:44:45 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/04/27 13:21:51 | 00,008,396 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\3945_001.pdf
[2009/04/27 12:32:29 | 00,002,483 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Word.lnk
[2009/04/25 13:51:15 | 00,000,648 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk
[2009/04/25 11:12:15 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/25 11:12:15 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/25 11:01:39 | 00,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/04/25 11:01:36 | 00,544,866 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/25 11:01:36 | 00,463,070 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/04/25 11:01:36 | 00,078,728 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/04/25 10:59:28 | 00,000,782 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Windows Media Player.lnk
[2009/04/25 10:57:11 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/04/25 10:52:14 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/04/25 10:41:26 | 02,359,296 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\My Money.mny
[2009/04/25 10:41:22 | 02,360,254 | R--- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\My Money Backup.mbf
[2009/04/25 09:51:38 | 00,002,530 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2009/04/23 19:39:10 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/23 15:43:15 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/04/23 14:04:42 | 00,000,418 | ---- | M] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job
[2009/04/15 01:19:34 | 00,000,220 | -HS- | M] () -- C:\WINDOWS\dwin.sys
[2009/04/12 14:29:39 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Gradiation annoucement 2009.doc
[2009/04/09 12:54:18 | 00,000,932 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\cc_20090409_125247.reg
[2009/04/09 12:49:24 | 01,289,163 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\Rite Aid coupon.jpg
[2009/04/08 21:47:38 | 01,277,680 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\couponprinter.exe
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/05 15:57:08 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\CCleaner.lnk
[2009/04/03 12:12:52 | 00,334,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/03 12:05:42 | 00,112,488 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/03 11:18:26 | 00,130,936 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/04/01 09:53:34 | 15,477,248 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\ica32web.msi
[2009/03/31 16:04:17 | 00,000,917 | ---- | M] () -- C:\Documents and Settings\VanDerMark Family\Desktop\Revo Uninstaller.lnk
[2009/03/31 13:59:43 | 00,000,088 | -HS- | M] () -- C:\Documents and Settings\VanDerMark Family\My Documents\DESKTOP.INI
[2009/03/31 11:28:18 | 00,000,131 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\DESKTOP.INI
========== LOP Check ========== [2009/04/29 10:05:48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/02/05 16:39:01 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/01/28 11:03:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008/11/24 22:26:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2008/01/04 00:18:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads
[2007/11/25 11:00:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2007/12/12 23:51:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/01/10 14:46:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2008/10/25 14:10:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2004/11/20 18:24:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brother
[2004/11/11 04:26:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/01/28 21:00:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2008/03/30 22:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2007/11/04 14:56:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gtek
[2006/09/17 15:51:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2008/08/04 06:01:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/12/05 09:43:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2008/12/05 09:33:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2007/11/25 11:25:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2008/11/05 14:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/01/23 00:28:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2007/03/27 22:18:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee.com
[2009/04/25 11:01:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2006/08/11 13:41:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2006/08/11 19:16:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MotiveSysIDs
[2009/02/25 01:51:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/01/23 14:02:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2008/12/03 11:10:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/04/29 10:05:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/02/09 13:19:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2007/01/19 20:50:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2004/12/22 19:25:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2004/11/11 04:28:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2007/01/18 19:48:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2004/11/11 03:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/01/29 22:15:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2006/12/13 19:16:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2008/03/07 00:52:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2008/01/28 21:03:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/04/29 22:31:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/12/04 21:38:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2008/11/07 10:43:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/04/26 21:09:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/04/29 10:05:48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data
[2006/05/13 13:56:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\acccore
[2008/12/03 11:19:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Adobe
[2008/11/25 10:10:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\AdobeUM
[2006/05/11 19:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Aim
[2008/01/07 08:49:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\AOL
[2009/02/06 23:09:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Apple Computer
[2004/11/29 00:44:25 | 00,000,000 | R--D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Brother
[2004/11/20 19:10:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\CyberLink
[2006/12/23 17:03:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Google
[2007/11/04 14:56:03 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\GTek
[2004/11/21 14:09:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Help
[2006/12/13 19:27:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\HP
[2009/03/31 16:28:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\ICAClient
[2004/11/11 03:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Identities
[2008/01/16 00:40:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Image Zone Express
[2004/11/11 04:33:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Jasc Software Inc
[2005/03/28 22:54:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Leadertech
[2006/12/22 14:31:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\LimeWire
[2008/12/05 09:44:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Logitech
[2007/03/20 16:31:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Macromedia
[2008/11/05 14:29:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Malwarebytes
[2008/08/04 00:09:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\McAfee
[2004/11/21 21:01:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\McAfee.com
[2008/12/13 21:45:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Microsoft
[2005/10/18 15:05:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\MSNInstaller
[2006/11/18 16:15:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Musicmatch
[2009/04/29 10:05:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\PC Tools
[2007/01/19 21:32:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\PlayFirst
[2007/12/14 19:33:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Printer Info Cache
[2006/11/18 16:18:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Real
[2009/04/05 15:01:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\ScanSoft
[2009/02/12 01:35:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Simply Super Software
[2006/12/13 20:39:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Snapfish
[2004/11/11 04:40:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Sonic
[2004/11/11 04:25:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Sun
[2009/02/12 01:43:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\SUPERAntiSpyware.com
[2009/01/23 22:58:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\U3
[2007/12/13 21:05:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Uniblue
[2007/01/23 15:01:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Viewpoint
[2009/04/25 11:02:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Desktop Search
[2009/04/27 21:16:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Windows Search
[2005/11/13 12:46:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\Yahoo!
[2004/12/22 19:26:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\VanDerMark Family\Application Data\You've Got Pictures Screensaver
[2009/04/27 15:44:45 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/04/23 19:39:10 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 07:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\DESKTOP.INI
[2009/04/29 22:29:52 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/04/23 14:04:42 | 00,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\Schedule Task Weekly.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
< End of report >