Internet explorer and safari won't work.

OTL logfile created on: 2/1/2010 8:36:46 PM - Run 2
OTL by OldTimer - Version 3.1.27.1 Folder = F:\MFF\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.62 Gb Total Space | 8.81 Gb Free Space | 47.29% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 232.83 Gb Total Space | 216.80 Gb Free Space | 93.11% Space Free | Partition Type: FAT32
Drive G: | 6.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 1.86 Gb Total Space | 1.86 Gb Free Space | 99.92% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: LDHACKER
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/02/01 20:28:20 | 000,548,864 | ---- | M] (OldTimer Tools) -- F:\MFF\Downloads\OTL.exe
PRC - [2010/01/19 18:10:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- F:\MFF\firefox.exe
PRC - [2009/11/27 17:21:26 | 002,923,192 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009/10/11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/07/21 14:34:34 | 000,185,089 | ---- | M] (Avira GmbH) -- F:\Avira\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/13 16:48:24 | 000,108,289 | ---- | M] (Avira GmbH) -- F:\Avira\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:48 | 000,209,153 | ---- | M] (Avira GmbH) -- F:\Avira\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/16 00:10:22 | 002,402,184 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2009/02/16 00:10:22 | 000,981,384 | ---- | M] (Check Point Software Technologies LTD) -- F:\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/02/06 18:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/07/10 18:28:06 | 040,999,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- F:\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- F:\Windows Defender\MsMpEng.exe
PRC - [2005/06/21 15:48:18 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe

========== Modules (SafeList) ==========

MOD - [2010/02/01 20:28:20 | 000,548,864 | ---- | M] (OldTimer Tools) -- F:\MFF\Downloads\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/11/11 01:35:29 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/07/21 14:34:34 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- F:\Avira\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/23 13:28:29 | 000,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9dbdcb2b6b058) Google Update Service (gupdate1c9dbdcb2b6b058)
SRV - [2009/05/23 13:27:24 | 000,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/13 16:48:24 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- F:\Avira\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/05/06 15:15:00 | 002,785,582 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/02/16 00:10:22 | 002,402,184 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/07/10 18:28:06 | 040,999,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2008/07/10 18:28:06 | 000,369,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)
SRV - [2008/07/10 18:28:04 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows Defender\MsMpEng.exe -- (WinDefend)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AddThis"
FF - prefs.js..browser.search.selectedEngine: "Answers.com"
FF - prefs.js..extensions.enabledItems: [email protected]:0.4.2
FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.0.0
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.47
FF - prefs.js..extensions.enabledItems: [email protected]:3.1.2
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {8620c15f-30dc-4dba-a131-7c5d20cf4a29}:2.0.3
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.80
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.1
FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c9626}:1.6
FF - prefs.js..keyword.URL: "http://search.addthi...ocale=en-US&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: E:\MFF\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: E:\MFF\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: F:\MFF\components [2009/09/12 21:51:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: F:\MFF\plugins [2009/09/12 21:51:20 | 000,000,000 | ---D | M]

[2009/05/07 18:43:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/02/01 15:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions
[2009/12/13 16:12:25 | 000,000,000 | ---D | M] (ANTHEM) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2009/11/10 17:23:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010/01/31 17:19:12 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010/01/27 18:45:05 | 000,000,000 | ---D | M] (AddThis) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2009/12/28 18:40:25 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/20 15:53:03 | 000,000,000 | ---D | M] (Nightly Tester Tools) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}
[2010/01/31 17:19:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/01/22 23:13:01 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/01/29 10:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\[email protected]
[2010/01/20 17:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\[email protected]
[2010/01/26 17:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\[email protected]

O1 HOSTS File: ([2010/02/01 18:34:19 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {3D98AD1A-707C-4FA7-AE98-C4039B8231EB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\k24yw5q9.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\FSAddin-0.80.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Windows Defender] F:\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] F:\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = F:\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Shortcut to avgnt.lnk = F:\Avira\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Go PlaySushi! - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - C:\Program Files\PlaySushi\PSText.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1033625273734 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1033625378140 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.68.166 68.87.74.166
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\iEvony\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (F:\Logon screens\Hazrd\logonui.exe) - F:\Logon screens\Hazrd\logonui.exe (Wallpapers & Etc)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - F:\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/15 00:23:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/10/23 01:22:58 | 000,000,283 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{d44865ec-38fa-11de-988e-000874d72dfe}\Shell - "" = AutoRun
O33 - MountPoints2\{d44865ec-38fa-11de-988e-000874d72dfe}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d44865ec-38fa-11de-988e-000874d72dfe}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2007/10/23 01:45:39 | 001,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/04/15 00:22:10 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891891626803200)

========== Files/Folders - Created Within 14 Days ==========

[2010/02/01 18:42:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/01/31 19:00:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/31 11:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\kmcfgn
[2010/01/29 22:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/01/23 12:47:29 | 000,000,000 | ---D | C] -- C:\temp
[2010/01/23 12:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010/01/23 12:42:14 | 000,000,000 | ---D | C] -- C:\PS3ThemeCreator
[2010/01/19 20:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My Virtual Machines
[2009/12/19 14:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/11/14 16:06:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/07/27 22:03:08 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/06/30 10:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/06/24 14:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/06/24 12:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/06/07 22:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/05/23 13:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google

========== Files - Modified Within 14 Days ==========

[2010/02/01 19:46:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/01 19:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/02/01 18:44:13 | 000,002,003 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/02/01 18:42:48 | 004,456,448 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/02/01 18:39:48 | 000,000,302 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/02/01 18:37:47 | 000,350,192 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/02/01 18:37:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/01 18:36:36 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/02/01 18:36:28 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/01 18:36:12 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/01 18:36:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/01 18:35:01 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/02/01 18:23:49 | 000,000,360 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/02/01 13:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/02/01 13:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/02/01 07:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/02/01 01:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/01/31 18:00:45 | 000,000,479 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/01/30 20:03:43 | 000,000,398 | ---- | M] () -- C:\WINDOWS\KDiamond.INI
[2010/01/30 20:01:27 | 000,000,387 | ---- | M] () -- C:\WINDOWS\ccombat.ini
[2010/01/30 19:57:26 | 000,000,735 | ---- | M] () -- C:\WINDOWS\EntPack.ini
[2010/01/30 19:57:21 | 000,000,886 | ---- | M] () -- C:\WINDOWS\EntPack.dat
[2010/01/30 19:11:30 | 006,450,330 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ubuntu-9.10-desktop-i386.iso.download
[2010/01/30 14:25:28 | 000,000,039 | ---- | M] () -- C:\Documents and Settings\Administrator\jagex_runescape_preferences.dat
[2010/01/30 14:25:19 | 000,000,063 | ---- | M] () -- C:\Documents and Settings\Administrator\jagex_runescape_preferences2.dat
[2010/01/29 22:32:42 | 000,045,332 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/29 21:27:24 | 000,000,422 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\CCleaner.lnk
[2010/01/26 09:31:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/01/25 17:36:08 | 004,124,332 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\FileZilla_3.3.1_win32-setup.exe
[2010/01/24 00:13:32 | 000,159,243 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\vlc-record-2010-01-24-00h13m21s-Lil Wayne - A Millie .mp3-.mp3
[2010/01/24 00:13:15 | 000,176,797 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\vlc-record-2010-01-24-00h13m07s-Lil Wayne - A Millie .mp3-.mp3
[2010/01/23 19:14:10 | 000,000,072 | ---- | M] () -- C:\WINDOWS\MediaManager.INI
[2010/01/23 14:19:30 | 000,012,380 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/01/23 12:42:38 | 000,002,044 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\PS3ThemeCreator.exe.lnk
[2010/01/19 20:23:29 | 000,613,280 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/19 20:23:29 | 000,507,672 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/19 20:23:29 | 000,096,120 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2010/02/01 18:23:49 | 000,000,360 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/31 18:00:45 | 000,000,479 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/01/30 20:03:43 | 000,000,398 | ---- | C] () -- C:\WINDOWS\KDiamond.INI
[2010/01/30 20:01:27 | 000,000,387 | ---- | C] () -- C:\WINDOWS\ccombat.ini
[2010/01/30 19:47:24 | 000,000,886 | ---- | C] () -- C:\WINDOWS\EntPack.dat
[2010/01/30 19:47:24 | 000,000,735 | ---- | C] () -- C:\WINDOWS\EntPack.ini
[2010/01/30 19:11:19 | 006,450,330 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ubuntu-9.10-desktop-i386.iso.download
[2010/01/29 22:32:42 | 000,045,332 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/29 22:31:34 | 000,002,003 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/01/25 17:36:04 | 004,124,332 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\FileZilla_3.3.1_win32-setup.exe
[2010/01/24 00:13:32 | 000,159,243 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\vlc-record-2010-01-24-00h13m21s-Lil Wayne - A Millie .mp3-.mp3
[2010/01/24 00:13:14 | 000,176,797 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\vlc-record-2010-01-24-00h13m07s-Lil Wayne - A Millie .mp3-.mp3
[2010/01/23 19:14:10 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2010/01/23 14:19:30 | 000,012,380 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/01/23 12:42:38 | 000,002,044 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\PS3ThemeCreator.exe.lnk
[2009/11/14 16:38:32 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2009/11/05 20:14:42 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/10/10 23:19:41 | 000,000,752 | ---- | C] () -- C:\WINDOWS\AnimatorDV.INI
[2009/10/01 17:42:36 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\winscp.rnd
[2009/09/12 20:19:57 | 000,215,816 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/09/09 20:43:32 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2009/09/09 20:02:58 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009/06/25 22:13:57 | 000,163,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys
[2009/06/07 00:08:43 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/03 00:10:51 | 000,000,310 | ---- | C] () -- C:\WINDOWS\FPStudio.INI
[2009/05/28 13:21:44 | 000,427,776 | ---- | C] () -- C:\WINDOWS\System32\iegd3dg3.dll
[2009/05/28 13:21:44 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\ch7017.sys
[2009/05/28 13:21:44 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\ch7009.sys
[2009/05/28 13:21:44 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\fs454.sys
[2009/05/28 13:21:44 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\ns2501.sys
[2009/05/28 13:21:44 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvds.sys
[2009/05/28 13:21:44 | 000,005,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\ns387.sys
[2009/05/28 13:21:44 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\ti410.sys
[2009/05/28 13:21:44 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\sii164.sys
[2009/05/28 13:21:44 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\th164.sys
[2009/05/14 21:37:07 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTSHDW3.dll
[2009/05/03 20:54:15 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2009/05/03 20:54:14 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll
[2008/06/28 01:43:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS

========== LOP Check ==========

[2009/10/09 22:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Audacity
[2009/05/25 16:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/06/06 19:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Dev-Cpp
[2009/07/10 11:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DriverCure
[2010/01/29 18:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FileZilla
[2009/11/10 22:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FireShot
[2009/12/28 18:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\[email protected]
[2010/01/30 19:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FrostWire
[2009/05/28 15:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GarageGames
[2010/01/23 14:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
[2009/08/01 21:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\HighAndes
[2009/06/03 00:08:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Application Data\IFBuilder
[2009/11/27 20:55:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Application Data\ijjigame
[2009/06/24 12:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Notepad++
[2009/11/03 21:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
[2009/12/23 19:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ParaChat
[2009/10/19 20:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SystemRequirementsLab
[2009/10/23 16:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Thinking Minds Budiling Bytes
[2009/11/08 20:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2009/09/19 22:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Wal-Mart Digital Photo Viewer
[2009/07/10 11:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/08/01 21:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HighAndes
[2009/10/04 20:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2009/05/29 14:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySQL
[2009/07/10 11:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/12/23 19:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Parker Software
[2009/11/28 22:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009/12/13 13:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2009/12/13 13:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2009/06/02 23:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/01 13:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2010/02/01 19:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2010/02/01 01:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2010/02/01 07:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2010/02/01 13:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/02/01 18:39:48 | 000,000,302 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/04/30 22:35:23 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/04/30 22:35:23 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/04/30 22:35:23 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/04/30 22:35:23 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 06:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: IASTOR.SYS >
[2005/04/25 09:28:14 | 000,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\WINDOWS\dell\iastor\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2005/05/17 16:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys
[2005/05/17 16:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\system32\drivers\NvAtaBus.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009/04/14 17:09:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/04/14 17:09:23 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/04/14 17:09:23 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A8E2C33
< End of report >

#1
ldhacker

Posted 01 February 2010 - 07:10 PM

Advertisements

#2
ldhacker

Posted 01 February 2010 - 08:47 PM

#3
ldhacker

Posted 01 February 2010 - 09:52 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us