and here is the other OTL log
OTL logfile created on: 3/08/2010 5:05:38 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 389.64 Gb Free Space | 83.66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: XP-74E6D1607983
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/08/03 17:04:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2010/03/25 21:40:42 | 000,203,312 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
PRC - [2010/01/15 22:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/07/07 02:07:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/13 09:22:18 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009/05/11 09:04:34 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/11/10 06:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/15 16:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe
PRC - [2008/10/09 15:07:56 | 000,107,912 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/04/14 10:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/18 07:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2007/04/11 07:46:52 | 000,709,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2006/01/18 13:13:58 | 005,210,624 | ---- | M] (Linksys) -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
PRC - [2005/07/04 16:46:04 | 000,053,307 | ---- | M] (GEMTEKS) -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
PRC - [2004/10/14 13:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
========== Modules (SafeList) ========== MOD - [2010/08/03 17:04:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2008/04/14 10:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe WMP54Gv4.exe -- (WMP54Gv4SVC)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2010/06/28 13:10:09 | 002,561,624 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Akamai/rswin_3725.dll -- (Akamai)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/01/15 22:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/14 06:13:04 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/11 09:04:34 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/11/10 06:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/15 16:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2008/10/09 15:07:56 | 000,107,912 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/04/07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/05/18 07:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
========== Driver Services (SafeList) ========== DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009/09/10 14:55:52 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/06/22 20:00:48 | 000,112,640 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/05/11 09:04:34 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/04/14 03:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2007/09/17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/04/11 07:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2006/05/10 14:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/10/27 15:06:30 | 000,356,096 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61) Linksys Wireless-G PCI Adapter Driver(RT61)
DRV - [2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2004/09/17 08:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://us.rd.yahoo.c...//www.yahoo.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
http://us.rd.yahoo.c...rch/search.htmlIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...ie=utf8&oe=utf8IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com.au/IE - HKCU\..\URLSearchHook: {69a8692d-db5d-4d46-a812-c9f09f324dcf} - C:\Program Files\IMVUspace\tbIMVU.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMV0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Fast Browser Search\IE\tbhelper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Max EN Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "
http://search.condui...={searchTerms}"FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://search.condui...earchSource=13"FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {867dd841-5bf7-44ca-8426-c5a6eda00735}:2.5.8.6
FF - prefs.js..extensions.enabledItems:
[email protected]:1.2.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..keyword.URL: "
http://www.mywebsear...799&searchfor=" FF - HKLM\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\MyWebSearch\bar\2.bin File not found
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/04/23 20:09:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/25 08:28:32 | 000,000,000 | ---D | M]
[2009/12/09 12:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2009/12/09 12:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\
[email protected][2010/05/24 20:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\
[email protected][2010/08/02 19:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9pn4j2w0.default\extensions
[2009/08/25 10:32:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9pn4j2w0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/06 13:19:29 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9pn4j2w0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/05/24 20:46:35 | 000,000,000 | ---D | M] (Max EN Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9pn4j2w0.default\extensions\{867dd841-5bf7-44ca-8426-c5a6eda00735}
[2010/06/25 16:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9pn4j2w0.default\extensions\
[email protected][2010/03/24 16:13:24 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9pn4j2w0.default\searchplugins\conduit.xml
[2009/06/25 18:56:08 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9pn4j2w0.default\searchplugins\live-search.xml
[2010/07/09 00:42:08 | 000,010,059 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9pn4j2w0.default\searchplugins\mywebsearch.xml
[2010/01/21 07:44:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/08/12 23:16:36 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
O1 HOSTS File: ([2004/08/04 20:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (IMVUspace Toolbar) - {69a8692d-db5d-4d46-a812-c9f09f324dcf} - C:\Program Files\IMVUspace\tbIMVU.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Max EN Toolbar) - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
O2 - BHO: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMV0.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (MTWB)
O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (IMVUspace Toolbar) - {69a8692d-db5d-4d46-a812-c9f09f324dcf} - C:\Program Files\IMVUspace\tbIMVU.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Max EN Toolbar) - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMV0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (IMVUspace Toolbar) - {69A8692D-DB5D-4D46-A812-C9F09F324DCF} - C:\Program Files\IMVUspace\tbIMVU.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Max EN Toolbar) - {867DD841-5BF7-44CA-8426-C5A6EDA00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IMVU Inc Toolbar) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files\IMVU_Inc\tbIMV0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [GoogleDesktop] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GoogleDesktop.exe File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [BigPond Connection Client] C:\Program Files\Telstra\BigPond Connection Client\BigPondCC.exe (Telstra Corporation)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O9 - Extra Button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - C:\Program Files\PlaySushi\PSText.dll ()
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Build%20in%20Time/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501}
http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4}
https://mpsnare.iesnare.com/StmOCX.cab (Stm Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB}
http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A}
http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47}
http://www.worldwinn...h/dinerdash.cab (DinerDash Control)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://C:\Program Files\Turbo Pizza\Images\armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\Administrator\Application Data\ooyi.exe) - C:\Documents and Settings\Administrator\Application Data\ooyi.exe (Don HO
[email protected])
O20 - HKLM Winlogon: UIHost - (logonui.exe) - logonui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - wlnotify.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - msnsspc.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/02/08 23:48:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2905cdd8-da0f-11dd-b8c0-00123f2eee3f}\Shell\AutoRun\command - "" = winlog.exe
O33 - MountPoints2\{2905cdd8-da0f-11dd-b8c0-00123f2eee3f}\Shell\open\command - "" = winlog.exe
O33 - MountPoints2\{3839aca2-4501-11de-9d97-00123f2eee3f}\Shell\AutoRun\command - "" = E:\winlog.exe -- File not found
O33 - MountPoints2\{3839aca2-4501-11de-9d97-00123f2eee3f}\Shell\open\command - "" = E:\winlog.exe -- File not found
O33 - MountPoints2\{56b1be22-65fe-11de-9de3-00123f2eee3f}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{56b1be22-65fe-11de-9de3-00123f2eee3f}\Shell\open\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{5c89d34b-3872-11de-b955-00123f2eee3f}\Shell\AutoRun\command - "" = E:\winlog.exe -- File not found
O33 - MountPoints2\{5c89d34b-3872-11de-b955-00123f2eee3f}\Shell\open\command - "" = E:\winlog.exe -- File not found
O33 - MountPoints2\{6edecb90-796b-11de-9e1d-00123f2eee3f}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{6edecb90-796b-11de-9e1d-00123f2eee3f}\Shell\open\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{7d15fc18-c8b0-11dd-b892-001ee5a8142c}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{7d15fc18-c8b0-11dd-b892-001ee5a8142c}\Shell\open\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{9d999fde-e3b8-11d9-b755-001ee5a8142c}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{9d999fde-e3b8-11d9-b755-001ee5a8142c}\Shell\open\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
O33 - MountPoints2\{9f7fe614-7689-11de-9e10-00123f2eee3f}\Shell\AutoRun\command - "" = E:\winlog.exe -- File not found
O33 - MountPoints2\{9f7fe614-7689-11de-9e10-00123f2eee3f}\Shell\open\command - "" = E:\winlog.exe -- File not found
O33 - MountPoints2\{a780e60e-5a45-11dd-b79c-001ee5a8142c}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not found
O33 - MountPoints2\{a780e60e-5a45-11dd-b79c-001ee5a8142c}\Shell\open\command - "" = E:\winlog.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux3 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux4 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux5 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux6 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux7 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux8 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux9 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi5 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi6 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi7 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi8 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi9 - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer5 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer6 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer7 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer8 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer9 - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - ir32_32.dll ()
Drivers32: vidc.iv32 - ir32_32.dll ()
Drivers32: vidc.iv41 - ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - ir50_32.dll (Intel Corporation)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave5 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave6 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave7 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave8 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave9 - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 90 Days ========== [2010/08/03 17:03:53 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/08/02 21:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/08/02 21:36:53 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/08/02 21:26:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/08/02 21:26:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/02 21:26:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/02 21:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/02 21:26:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/02 21:25:44 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2010/08/02 21:23:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/02 21:23:29 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/02 21:23:07 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2010/08/02 21:10:40 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2010/08/02 21:05:34 | 001,025,992 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\Administrator\Desktop\SecurityScan_Release_small.exe
[2010/08/02 20:20:50 | 000,112,640 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2010/08/02 20:20:50 | 000,102,528 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010/08/02 20:20:50 | 000,100,736 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbdev.sys
[2010/08/02 20:20:50 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2010/08/02 20:20:39 | 000,000,000 | ---D | C] -- C:\Program Files\Optus Wireless Broadband
[2010/08/02 20:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\1
[2010/08/02 19:35:39 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/08/02 14:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\mcxnolsnb
[2010/07/26 16:22:52 | 000,148,992 | RHS- | C] (Don HO
[email protected]) -- C:\Documents and Settings\Administrator\Application Data\ooyi.exe
[2010/07/22 13:04:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\New Folder (3)
[2010/07/22 13:04:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\New Folder (2)
[2010/07/22 13:04:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\New Folder
[2010/07/18 21:46:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\The Body Shop
[2010/07/08 17:02:54 | 000,000,000 | ---D | C] -- C:\Program Files\IMVU_Inc
[2010/07/08 17:02:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IMVU_Inc
[2010/07/07 12:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\HospitalTycoon
[2010/07/07 12:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2010/07/07 12:32:41 | 000,000,000 | ---D | C] -- C:\Program Files\Codemasters
[2010/06/30 17:19:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2010/06/30 15:42:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2010/06/30 15:42:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010/06/30 15:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2010/06/30 15:37:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2010/06/30 15:37:01 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2010/06/30 15:17:51 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2010/06/28 14:55:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\IMVU
[2010/06/28 14:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\IMVUClient
[2010/06/28 13:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2010/06/25 16:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\PlaySushi
[2010/06/24 18:20:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IMVUspace
[2010/06/24 18:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\IMVUspace
[2010/06/24 17:52:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\My Gimp Brushes
[2010/06/17 21:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Casey Chambers
[2010/06/17 21:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Bros
[2010/06/17 21:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Britney Spears ft. Ying Yang Twins
[2010/06/17 21:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Britney Spears
[2010/06/17 21:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Britney Spears & Madonna ft. Sprice girls
[2010/06/17 21:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\1927
[2010/06/17 21:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\101 Strings Orchestra Rrso Symphony Orchestra
[2010/06/17 21:07:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Various Artists
[2010/06/17 21:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Unknown Artist
[2010/06/17 21:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Umbrella
[2010/06/17 21:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Thom Sandi
[2010/06/17 21:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\The Last Goodbye
[2010/06/17 21:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\The Best of Megahits 2002 Vol.3 CD.1
[2010/06/17 21:07:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Southern Sons
[2010/06/17 21:07:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Soundtrack
[2010/06/17 21:07:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\SINITTA
[2010/06/17 21:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\S-Express
[2010/06/17 21:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Roxette (Per Gessle
[2010/06/17 21:07:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Rihanna
[2010/06/17 21:07:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Rihanna & Jay-z
[2010/06/17 21:07:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Riahnna
[2010/06/17 21:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Pussycat Dolls feat Ciara
[2010/06/17 21:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Pink
[2010/06/17 21:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\New Stories
[2010/06/17 21:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\New Artist (70)
[2010/06/17 21:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Mika
[2010/06/17 21:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Mika - Relax (Take It Easy)
[2010/06/17 21:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Madonna & Kylie Minogue
[2010/06/17 21:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Madonna
[2010/06/17 21:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Low & T-Pain
[2010/06/17 21:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Lionel Ritchie, Dancing on the Ceiling
[2010/06/17 21:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Leona Lewis ft Wretch 32
[2010/06/17 21:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Leona Lewis - Spirit
[2010/06/17 21:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Kylie Minogue - Can't Get You Out Of My Head (Supe
[2010/06/17 21:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Kylie Minogue
[2010/06/17 21:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Kylie
[2010/06/17 21:07:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Kenny G
[2010/06/17 21:07:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\John Farnham
[2010/06/17 21:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Hannah Montana
[2010/06/17 21:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Gloria Estafan
[2010/06/17 21:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Gimme More
[2010/06/17 21:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Elton Jhon
[2010/06/17 21:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Disney's Cars
[2010/06/17 21:06:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Dance
[2010/06/17 21:06:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Celine Dion - Titanic
[2010/06/17 21:06:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Celine Dion
[2010/05/29 03:10:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
[2010/05/29 03:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.thumbnails
[2010/05/29 03:06:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gimp-2.6
[2010/05/29 03:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\gegl-0.0
[2010/05/29 03:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010/05/29 03:04:18 | 018,234,256 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Desktop\gimp-2.6.8-i686-setup.exe
[2010/05/25 16:27:27 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010/05/25 16:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010/05/25 16:27:04 | 003,708,905 | ---- | C] (Dark Byte ) -- C:\Documents and Settings\Administrator\Desktop\CheatEngine54.exe
[2010/05/24 20:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\LimeWire
[2010/05/24 20:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
[2010/05/24 20:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/05/24 20:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Max_EN
[2010/05/24 20:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\Max_EN
[2010/05/24 20:46:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\LimeWire
[2010/05/24 20:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
========== Files - Modified Within 90 Days ========== [2010/08/03 17:04:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/08/03 15:06:16 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/08/03 15:01:10 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/08/03 14:55:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/03 14:55:39 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/08/03 14:55:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/03 14:55:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/03 01:46:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/08/03 01:41:12 | 001,385,410 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/08/02 21:46:19 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/08/02 21:41:21 | 000,508,956 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/02 21:41:21 | 000,432,688 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/02 21:41:21 | 000,067,660 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/02 21:26:20 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/02 21:26:03 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2010/08/02 21:23:29 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2010/08/02 21:23:29 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010/08/02 21:23:09 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2010/08/02 21:10:39 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2010/08/02 21:05:44 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010/08/02 21:05:44 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/08/02 21:05:37 | 001,025,992 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\Administrator\Desktop\SecurityScan_Release_small.exe
[2010/08/02 20:20:56 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Optus Wireless Broadband.lnk
[2010/08/02 17:05:18 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/08/02 15:58:12 | 000,036,668 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/07/29 17:07:52 | 000,071,632 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/29 17:07:33 | 000,274,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/28 19:42:33 | 000,059,024 | ---- | M] () -- C:\Documents and Settings\Administrator\Untitled.gif
[2010/07/28 19:39:17 | 000,056,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Animationn.gif
[2010/07/26 16:22:51 | 000,148,992 | RHS- | M] (Don HO
[email protected]) -- C:\Documents and Settings\Administrator\Application Data\ooyi.exe
[2010/07/24 11:45:34 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/07/22 13:04:39 | 000,013,937 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\New consultant details. when sign.pdf
[2010/07/13 22:09:21 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\IMVU.lnk
[2010/07/07 12:33:59 | 000,001,017 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Hospital Tycoon.lnk
[2010/06/30 18:06:48 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/06/30 18:06:48 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/06/30 15:40:29 | 000,001,680 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon Solution Menu.lnk
[2010/06/30 15:39:16 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon MP Navigator EX 2.1.lnk
[2010/06/30 15:38:51 | 000,001,652 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\My Printer.lnk
[2010/06/30 15:38:36 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon MX320 series On-screen Manual.lnk
[2010/06/24 18:00:37 | 000,011,622 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\My Gimp Brushes.zip
[2010/06/21 17:22:30 | 000,011,186 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\A Soul With A Dark Heart.docx
[2010/06/14 15:26:32 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/13 22:57:36 | 000,013,916 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\codes for homepage.docx
[2010/05/29 03:05:41 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/05/29 03:04:29 | 018,234,256 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Desktop\gimp-2.6.8-i686-setup.exe
[2010/05/25 16:27:12 | 003,708,905 | ---- | M] (Dark Byte ) -- C:\Documents and Settings\Administrator\Desktop\CheatEngine54.exe
[2010/05/24 20:46:59 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010/05/24 20:45:34 | 000,001,578 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\LimeWire 5.5.8.lnk
[2010/05/24 20:44:24 | 026,640,896 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MaxEN_LimeWireWin_5.5.8.exe
[2010/05/14 17:05:24 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Files Created - No Company Name ========== [2010/08/02 21:51:30 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/08/02 21:46:19 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/08/02 21:26:20 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/02 21:23:29 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2010/08/02 21:23:29 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010/08/02 21:05:44 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010/08/02 21:05:44 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/08/02 20:20:56 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Optus Wireless Broadband.lnk
[2010/08/02 17:05:18 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/08/02 15:58:12 | 000,036,668 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/07/28 19:42:32 | 000,059,024 | ---- | C] () -- C:\Documents and Settings\Administrator\Untitled.gif
[2010/07/28 19:37:25 | 000,056,264 | ---- | C] () -- C:\Documents and Settings\Administrator\Animationn.gif
[2010/07/07 12:33:59 | 000,001,017 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Hospital Tycoon.lnk
[2010/06/30 18:06:48 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/06/30 18:06:48 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/06/30 15:41:12 | 000,013,568 | ---- | C] () -- C:\WINDOWS\System32\CNC1736D.TBL
[2010/06/30 15:40:29 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon Solution Menu.lnk
[2010/06/30 15:39:16 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon MP Navigator EX 2.1.lnk
[2010/06/30 15:38:51 | 000,001,652 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\My Printer.lnk
[2010/06/30 15:38:36 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon MX320 series On-screen Manual.lnk
[2010/06/28 14:55:16 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\IMVU.lnk
[2010/06/24 18:00:37 | 000,011,622 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\My Gimp Brushes.zip
[2010/06/21 17:22:29 | 000,011,186 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\A Soul With A Dark Heart.docx
[2010/06/13 22:57:35 | 000,013,916 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\codes for homepage.docx
[2010/05/29 03:05:41 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2010/05/25 16:27:28 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010/05/24 20:46:59 | 000,001,536 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\LimeWire On Startup.lnk
[2010/05/24 20:45:34 | 000,001,578 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\LimeWire 5.5.8.lnk
[2010/05/24 20:44:03 | 026,640,896 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MaxEN_LimeWireWin_5.5.8.exe
[2009/12/19 09:41:27 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/12/19 09:41:27 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/10/05 18:24:59 | 000,000,122 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/08 17:27:46 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
[2008/12/20 21:37:46 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zwpshex.dll
[2008/11/17 18:33:42 | 000,000,182 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2005/06/28 15:39:26 | 000,000,155 | ---- | C] () -- C:\WINDOWS\disney.ini
[2005/06/28 12:25:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ka.ini
[2005/06/22 12:50:34 | 000,000,920 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2005/02/21 08:08:52 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
========== LOP Check ========== [2009/04/23 15:47:29 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Administrator\Application Data\.#
[2008/12/18 08:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Atari
[2008/08/27 21:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BFG_JanesRealty
[2008/12/07 17:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\blg
[2009/04/23 11:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Boolat Games
[2008/08/11 12:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Gaijin Ent
[2009/01/30 19:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GameInvest
[2008/08/16 15:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Go-Go Gourmet Chef of the Year
[2010/08/02 15:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
[2008/10/06 16:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Home Sweet Home 2
[2010/08/03 14:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\IMVU
[2010/02/25 18:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\IMVU Previewer
[2010/07/13 22:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\IMVUClient
[2009/02/25 20:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\iWin
[2008/07/16 11:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2010/08/03 14:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LimeWire
[2008/10/17 15:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Oberon Games
[2009/12/19 09:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PC Suite
[2009/01/30 11:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PlayFirst
[2008/12/07 16:48:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Pogo Games
[2009/12/19 09:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Samsung
[2008/08/10 21:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SpinTop
[2008/11/07 21:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Telstra
[2009/10/06 22:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2009/02/05 15:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ViquaSoft
[2009/12/23 09:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Vivox
[2005/07/07 23:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WildTangent
[2010/02/23 20:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Live Writer
[2008/12/07 17:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blg
[2009/04/23 15:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Burger Island 2
[2008/07/28 23:02:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/06/30 15:42:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2010/07/18 21:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010/06/30 17:19:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2010/01/27 07:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/03/28 12:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2009/05/07 11:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2008/12/07 22:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2009/02/25 20:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin
[2008/10/17 15:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Games
[2009/12/19 09:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/01/30 11:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/02/07 15:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SugarGames
[2010/07/10 02:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/05/25 20:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/08/03 15:01:10 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/08/03 14:55:39 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2005/02/08 23:48:03 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2005/02/15 03:41:29 | 000,000,320 | -HS- | M] () -- C:\boot.ini
[2005/02/08 23:48:03 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/01/29 11:58:28 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2005/02/08 23:48:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/02/08 23:48:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 20:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/14 00:56:42 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/03 14:55:21 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2009/03/15 14:12:14 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/03/16 11:54:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/03/31 13:52:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/04/01 19:17:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/04/02 14:00:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/04/03 21:33:23 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/05/15 07:41:35 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/05/15 13:00:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/05/16 13:24:32 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/06/14 15:09:29 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/03/05 17:07:47 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/03/05 23:13:18 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/03/06 12:38:03 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/03/09 17:04:21 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/03/10 13:52:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/03/11 20:21:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/03/12 09:41:04 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/03/12 20:56:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/03/13 12:41:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/03/13 22:46:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/03/15 14:12:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/03/16 11:54:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/03/31 13:52:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/04/01 19:17:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/04/02 14:00:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/04/03 21:33:23 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/05/15 07:41:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/05/15 13:00:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/05/16 13:24:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/06/14 15:09:29 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/03/05 17:07:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/03/05 23:13:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/03/06 12:38:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/03/09 17:04:21 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/03/10 13:52:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/03/11 20:21:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/03/12 09:41:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/03/12 20:56:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/03/13 12:41:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/03/13 22:46:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
< %systemroot%\system32\*.wt > < %systemroot%\system32\*.ruy > < %systemroot%\Fonts\*.com >[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini >[2005/02/08 23:47:37 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* >[2009/04/25 05:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD9O.DLL
[2009/04/25 05:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP9O.DLL
[2008/07/06 22:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 20:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr >[2009/07/10 12:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
< %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* >[2008/08/03 10:50:50 | 000,000,000 | ---- | M] () -- C:\Program Files\temp01
< %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav >[2005/02/09 10:30:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/02/09 10:30:12 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/02/09 10:30:12 | 000,901,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-15 06:38:59
========== Alternate Data Streams ========== @Alternate Data Stream - 226 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:22741C1F
@Alternate Data Stream - 225 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3BAD65EA
@Alternate Data Stream - 223 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A97FF73C
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9857FAE3
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:969C0C96
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F67AAFC5
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DF0BC727
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:883EDFB5
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:708BB0FA
@Alternate Data Stream - 202 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FA7CDE12
@Alternate Data Stream - 201 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10D98D98
@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:03777453
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:19C3BC3A
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A41FEAA2
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:13DF9DD1
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B0A3DB99
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F9E46E4C
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CEE4A457
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52E1DB1D
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:53DF59D1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E4FCDFD9
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:957E9765
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C12C74F6
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3D5D9217
< End of report >