Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

PC slow, missing text on desktop found MBR.exe in C:Windows with SAS

Started by tpknet , Nov 16 2010 06:22 PM

Please log in to reply

#1
tpknet

Posted 16 November 2010 - 06:22 PM

Member

Member
10 posts

My PC was acting wierd with text missing on the desktop icons and also when I opened programs they either wouldn't work or I would get a mostly blank window that would open. I scanned it in safe mode with super antispyware and found a trojan with the name MBR.exe in the C:\Windows directory and got rid of it. Now the PC has all the text there but it is super slow. I booted it normally and scanned it with Malwarebytes and Avira and found nothing. I did look at the event viewer and there were lots of errors that I don't know much about. We did have power go out several times the other day and my PC was on, not sure if that could cause an issue but at any rate I am suspicious of malware becasue of the MBR.exe.

OTL logfile created on: 11/16/2010 4:23:53 PM - Run 2
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\TPKNET\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 30.18 Gb Free Space | 23.58% Space Free | Partition Type: NTFS
Drive D: | 244.62 Gb Total Space | 86.94 Gb Free Space | 35.54% Space Free | Partition Type: NTFS
Drive E: | 244.14 Gb Total Space | 138.55 Gb Free Space | 56.75% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 687.36 Gb Total Space | 36.77 Gb Free Space | 5.35% Space Free | Partition Type: NTFS
Drive I: | 465.76 Gb Total Space | 71.22 Gb Free Space | 15.29% Space Free | Partition Type: NTFS
Drive J: | 698.64 Gb Total Space | 27.79 Gb Free Space | 3.98% Space Free | Partition Type: NTFS
Drive O: | 7.55 Gb Total Space | 0.23 Gb Free Space | 3.03% Space Free | Partition Type: FAT32

Computer Name: CORE-2-DESKTOP
Current User Name: TPKNET
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/11/16 11:46:42 | 002,806,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2010/11/16 11:46:08 | 005,348,256 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2start.exe
PRC - [2010/08/25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/02 16:09:56 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/19 18:40:32 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TPKNET\Desktop\OTL.exe
PRC - [2010/03/18 10:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/25 12:38:00 | 000,233,472 | ---- | M] () -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe
PRC - [2007/03/10 14:43:52 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2006/11/13 12:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 12:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/09/19 09:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2005/09/27 11:49:22 | 000,393,216 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\sttray.exe
PRC - [2004/01/08 08:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE

========== Modules (SafeList) ==========

MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/03/19 18:40:32 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TPKNET\Desktop\OTL.exe
MOD - [2008/04/13 18:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004/01/08 08:50:00 | 000,024,064 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL
MOD - [2004/01/08 08:50:00 | 000,006,144 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\LgWndHk.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/11/16 11:46:42 | 002,806,000 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2010/09/09 17:00:00 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/02 16:09:56 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/07/04 03:49:14 | 000,075,496 | ---- | M] (tzuk) [Auto | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/29 09:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/09/16 18:01:16 | 000,020,480 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/07/30 21:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/04/13 18:12:36 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/13 18:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2007/10/25 12:38:00 | 000,233,472 | ---- | M] () [Auto | Running] -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService)
SRV - [2007/07/24 16:57:06 | 000,074,360 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007/05/10 09:54:26 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2007/04/19 21:29:44 | 000,411,168 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/01/22 17:07:48 | 000,053,248 | ---- | M] (Hauppauge Computer Works) [Auto | Stopped] -- C:\Program Files\Hauppauge MediaMVP\MVPStart.exe -- (MVPMedia)
SRV - [2007/01/22 17:06:14 | 000,045,056 | ---- | M] (Hauppauge Computer Works, Inc.) [Auto | Stopped] -- C:\Program Files\Hauppauge MediaMVP\Hardware\DglSvcMain.exe -- (MVPMediaSvc)
SRV - [2006/12/02 05:17:54 | 002,805,000 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)
SRV - [2006/11/09 17:30:14 | 000,065,536 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/09/20 09:12:20 | 006,352,963 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\SlimServer\server\slim.exe -- (slimsvc)
SRV - [2005/10/14 04:51:46 | 028,768,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2005/10/14 04:51:12 | 000,239,320 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2005/10/14 04:50:20 | 000,045,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2005/10/14 02:53:50 | 000,087,768 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2005/03/07 12:30:46 | 000,180,224 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v1.05\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2004/08/04 04:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2004/08/04 04:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microwebinc.com/links
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.microwebinc.com/links"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.6.8
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/30 15:10:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/14 19:49:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/04 10:57:19 | 000,000,000 | ---D | M]

[2009/03/23 10:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Extensions
[2010/11/07 14:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions
[2010/06/14 10:27:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/18 13:46:37 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/10/04 14:54:46 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/10/18 13:46:52 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/02/06 18:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\LDSI_plashcor@gmail(2).com
[2010/08/11 17:49:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\[email protected]
[2007/12/12 18:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\[email protected]
[2010/11/07 14:36:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/01/16 01:28:50 | 000,155,648 | ---- | M] (Solidworks Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll
[2009/12/20 23:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2010/04/05 11:23:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EPSON Stylus C86 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2R1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IntelAudioStudio] C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-BA7E-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\TPKNET\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Documents and Settings\TPKNET\Start Menu\Programs\Startup\WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe (Antony Lewis)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to MVP Favorite Radio Stations - C:\Program Files\Hauppauge MediaMVP\mvp.htm ()
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase1140.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1160746614294 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1177609958031 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EFFDEEEC-F9E1-4461-91D2-DAEB8CC595F1} http://192.168.1.228:5002/CSViewer.cab (CSViewer Control)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\TPKNET\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\TPKNET\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/01/30 22:37:22 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/11/16 11:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2010/11/16 11:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TPKNET\My Documents\Anti-Malware
[2010/11/15 14:52:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/11/13 11:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TPKNET\Application Data\Avira
[2010/11/12 21:17:06 | 000,000,000 | ---D | C] -- C:\Projects
[2010/11/06 18:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/11/06 18:12:43 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/11/04 20:36:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2010/11/04 20:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TPKNET\My Documents\SightSpeed Recordings
[2010/11/04 20:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TPKNET\Local Settings\Application Data\LogiShrd
[2010/11/04 20:32:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\logishrd
[2010/11/04 20:32:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2010/11/04 20:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2010/11/04 20:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2010/06/07 01:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/13 19:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\IsolatedStorage
[2010/02/28 20:44:51 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2010/02/28 20:44:51 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2010/02/28 20:44:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2010/02/28 20:44:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2010/01/06 10:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/01/06 10:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/10/04 11:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/01/05 10:35:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/01/05 10:35:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/01/05 10:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/01/03 16:22:48 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\TPKNET\Application Data\pcouffin.sys
[2008/04/23 21:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/07/24 09:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Intuit
[2007/04/27 02:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2007/01/05 00:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help
[2007/01/05 00:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Help
[2003/06/19 11:05:04 | 000,431,888 | --S- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\riched20.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[16 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/11/16 13:29:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/11/16 11:12:18 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2010/11/16 11:06:56 | 000,597,242 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/11/16 11:06:56 | 000,493,972 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/16 11:06:56 | 000,091,442 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/16 11:05:14 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/16 11:04:34 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\TPKNET\Desktop\Outlook.lnk
[2010/11/16 11:03:01 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/11/16 11:02:32 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/16 11:01:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/11/16 11:01:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/16 11:00:41 | 013,631,488 | ---- | M] () -- C:\Documents and Settings\TPKNET\ntuser.dat
[2010/11/16 11:00:41 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\TPKNET\ntuser.ini
[2010/11/16 11:00:27 | 009,162,112 | -H-- | M] () -- C:\Documents and Settings\TPKNET\Local Settings\Application Data\IconCache.db
[2010/11/15 15:50:10 | 000,015,894 | ---- | M] () -- C:\WINDOWS\UEDIT32.INI
[2010/11/15 08:23:11 | 000,000,146 | ---- | M] () -- C:\WINDOWS\capture.INI
[2010/11/13 10:53:44 | 000,002,222 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2010/11/10 17:32:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/10 16:50:56 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2010/11/10 16:50:56 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/11/09 19:04:29 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\TPKNET\Desktop\Word 2003.lnk
[2010/11/09 12:31:52 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\TPKNET\Desktop\Family.doc
[2010/11/08 20:25:10 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint Shop Pro 7.lnk
[2010/11/08 10:50:21 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\TPKNET\Desktop\Excel.lnk
[2010/11/08 10:02:04 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\TPKNET\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2010/11/07 12:29:27 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\TPKNET\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/06 18:12:45 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/11/05 12:23:04 | 000,093,496 | ---- | M] () -- C:\Documents and Settings\TPKNET\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/11/04 20:38:36 | 000,001,659 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2010/11/04 20:32:20 | 000,001,274 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[16 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/16 11:12:18 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2010/11/09 12:31:52 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\TPKNET\Desktop\Family.doc
[2010/11/08 10:02:04 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\TPKNET\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2010/11/07 12:29:27 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\TPKNET\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/04 20:38:36 | 000,001,659 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2010/11/04 20:32:20 | 000,001,274 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2010/10/09 20:28:42 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\inst.exe
[2010/07/27 21:44:20 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/27 02:03:20 | 010,829,656 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/07/27 02:03:18 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/07/27 01:56:04 | 000,090,411 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/02/28 20:44:56 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2010/02/28 20:44:55 | 000,003,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\DeNoise.sys
[2010/01/06 15:51:42 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/11/21 18:50:25 | 000,000,473 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2009/11/11 10:04:35 | 000,001,413 | ---- | C] () -- C:\WINDOWS\System32\pfdnnt_actions.sys
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/03/31 14:53:03 | 000,010,929 | ---- | C] () -- C:\WINDOWS\UN060501.INI
[2009/01/16 20:42:18 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/01/08 12:22:49 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2009/01/05 14:35:49 | 000,002,222 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2009/01/03 16:22:54 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\pcouffin.log
[2009/01/03 16:22:48 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\pcouffin.cat
[2009/01/03 16:22:48 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\pcouffin.inf
[2008/11/01 12:57:02 | 000,111,376 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2008/11/01 12:57:02 | 000,040,352 | ---- | C] () -- C:\WINDOWS\System32\agcrypto.dll
[2008/09/23 18:51:45 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/02/27 11:08:06 | 000,042,537 | RH-- | C] () -- C:\WINDOWS\System32\srosa.sys
[2008/02/26 21:03:07 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2007/12/20 15:13:05 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007/12/20 15:13:02 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/12/20 15:13:02 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/12/20 15:13:01 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/12/20 15:13:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/10/22 15:02:37 | 000,010,856 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/10/22 13:41:33 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2007/09/08 12:09:37 | 000,290,904 | R--- | C] () -- C:\WINDOWS\System32\vc6-re200l.dll
[2007/05/10 09:54:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2007/05/01 16:11:28 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_0C.dll
[2007/05/01 16:11:28 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_10.dll
[2007/05/01 16:11:28 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_0A.dll
[2007/05/01 16:11:28 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_09.dll
[2007/05/01 16:11:28 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_11.dll
[2007/05/01 16:11:26 | 000,847,872 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255.Dll
[2007/05/01 16:11:26 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_07.dll
[2007/05/01 16:11:26 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_0402.dll
[2007/04/26 19:49:59 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2007/04/26 19:49:45 | 000,000,045 | ---- | C] () -- C:\WINDOWS\EPSONC86.ini
[2007/04/26 17:51:51 | 000,161,792 | ---- | C] () -- C:\WINDOWS\System32\crownmon.dll
[2007/04/26 17:51:51 | 000,099,328 | ---- | C] () -- C:\WINDOWS\System32\crnsnmp.dll
[2007/04/26 17:51:51 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\crnutil.dll
[2007/04/04 16:19:06 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2007/04/04 16:14:27 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2007/04/04 16:14:27 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2007/04/04 16:12:23 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2007/04/04 16:10:04 | 000,000,152 | ---- | C] () -- C:\WINDOWS\EPSON Perfection 3200 Installer.ini
[2007/01/30 22:40:10 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2007/01/30 22:37:22 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2007/01/30 22:37:22 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/30 22:37:22 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2007/01/30 22:37:22 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2007/01/30 22:37:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2007/01/30 22:37:22 | 000,001,289 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2007/01/24 10:34:30 | 000,000,608 | ---- | C] () -- C:\WINDOWS\3DHOME.INI
[2007/01/15 23:10:12 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/12/30 17:04:26 | 000,002,927 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/11/09 09:46:43 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/11/09 09:46:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/11/09 09:46:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/11/09 09:46:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/11/09 09:46:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/11/09 09:46:42 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/10/23 10:35:58 | 000,000,146 | ---- | C] () -- C:\WINDOWS\capture.INI
[2006/10/20 08:37:46 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\THBIni20.dll
[2006/10/18 09:09:55 | 000,000,104 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2006/10/17 15:05:59 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/10/16 09:08:40 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\$_hpcst$.hpc
[2006/10/13 19:19:25 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/10/13 19:17:08 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\FixVTS.ini
[2006/10/13 19:05:09 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\CuteZipShell.dll
[2006/10/13 18:57:34 | 000,015,894 | ---- | C] () -- C:\WINDOWS\UEDIT32.INI
[2006/10/13 18:09:44 | 000,903,168 | ---- | C] () -- C:\WINDOWS\System32\mitmdl30.dll
[2006/10/13 18:09:44 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\lffax60n.dll
[2006/10/13 18:09:44 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\lfcmp60n.dll
[2006/10/13 18:09:44 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\lfpng60n.dll
[2006/10/13 18:09:44 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\lftif60n.dll
[2006/10/13 18:09:44 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\lfpcx60n.dll
[2006/10/13 18:09:44 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfpct60n.dll
[2006/10/13 18:09:44 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfeps60n.dll
[2006/10/13 18:09:44 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\lfbmp60n.dll
[2006/10/13 18:09:44 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lfpsd60n.dll
[2006/10/13 18:09:44 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\lftga60n.dll
[2006/10/13 18:09:44 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwpg60n.dll
[2006/10/13 18:09:44 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwmf60n.dll
[2006/10/13 18:09:44 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\lfmsp60n.dll
[2006/10/13 18:09:44 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\lfmac60n.dll
[2006/10/13 14:34:06 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2006/10/12 20:32:12 | 000,000,840 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/01 03:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/01 03:22:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/06/01 03:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/06/01 03:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/06/01 03:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/01 03:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/06/01 03:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/03/07 12:30:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_RUS.dll
[2005/03/07 12:30:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ITA.dll
[2005/03/07 12:30:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_FRA.dll
[2005/03/07 12:30:46 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\Tsp.dll
[2005/03/07 12:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ESN.dll
[2005/03/07 12:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ENU.dll
[2005/03/07 12:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_DEU.dll
[2005/03/07 12:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_CHS.dll
[2004/08/03 18:56:46 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/03 02:25:59 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\dlportio.sys
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2007/07/24 17:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2009/01/05 10:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2006/12/05 09:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avocent AdminWorks
[2009/02/28 19:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2007/07/19 11:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2009/11/08 09:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/01/05 10:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2007/01/30 23:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2007/01/30 23:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2006/10/20 14:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2008/03/08 12:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Saitek
[2007/10/29 14:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2008/09/23 18:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2007/01/30 22:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2008/02/26 09:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/23 13:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TOSHIBA
[2009/04/01 14:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/02/17 23:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/29 07:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/06/28 13:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Audacity
[2007/07/24 17:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Autodesk
[2009/01/07 21:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\BitTyrant
[2010/06/01 10:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/01/08 08:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\DAEMON Tools
[2009/06/05 15:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\DAEMON Tools Lite
[2009/01/08 08:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\DAEMON Tools Pro
[2010/02/03 13:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\DVDFab
[2007/04/04 16:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\EPSON
[2006/11/09 09:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\FarStone
[2010/01/28 12:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\FileZilla
[2009/11/20 20:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\FreeVideoConverter
[2006/10/13 19:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\GlobalSCAPE
[2008/12/19 22:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\gtk-2.0
[2009/11/20 17:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\ImgBurn
[2006/11/09 09:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\InterVideo
[2009/01/18 09:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\IObit
[2007/04/26 19:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Leadertech
[2007/10/30 11:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\LinkedIn
[2010/08/19 19:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Microweb
[2007/05/03 08:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\MusicIP
[2006/11/09 09:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Musicmatch
[2007/04/26 11:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\OfficeUpdate12
[2010/02/11 14:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Pamela
[2008/02/19 11:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Publish Providers
[2009/11/04 21:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Red Kawa
[2009/11/20 18:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Regensoft
[2010/11/07 13:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\RipIt4Me
[2007/02/26 19:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Seattle Avionics
[2008/02/19 11:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Sony
[2008/02/19 11:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Sony Setup
[2007/02/21 12:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\STOIK
[2010/11/13 11:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\TeraCopy
[2010/11/16 16:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\uTorrent
[2010/10/09 20:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Vso
[2008/06/12 07:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\webex

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >

#2
kahdah

Posted 22 November 2010 - 05:50 PM

GeekU Teacher

Retired Staff
15,822 posts

Hello tpknet

Welcome to G2Go.

=====================
Do you still need assistance?
If so then please open OTL once more and click on Run scan again.
Post the new log that opens please and let me know what the current issue is.

#3
tpknet

Posted 29 November 2010 - 01:29 PM

Member

Topic Starter
Member
10 posts

Yes, My PC is still acting up. I didn't see your reply for a while.

My PC gets really slow after being on for a while and a lot of the text for the icons on the desktop sort of dissapears. The black shadows stay but the white text is gone. Also, I usually will have some windows that have opened up with messages on them but there is not text or very little text on them so I can't even see what is supposed to be there. If it gets this far I cannot get the Task Manager to open. Usually just turning off the PC and rebooting it will make it fast again and sometimes it boots and is slow. It seems that if the computer boots OK and I use it all day things go OK. I leave the computer on all night and usually in the morning it will be all messed up. I have tried during the day to run Avira scans and they never complete. The computer will eventually lock up so hard I have to just turn it off. I am not sure this is a Virus but I am suspicious of that. Someone told me to just pull all the cards and connectors and memory in the case and put them back in just to make sure the connections are OK. I haven't tried this yet.

Thanks,
Tpknet

OTL logfile created on: 11/16/2010 4:23:53 PM - Run 2
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\TPKNET\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 30.18 Gb Free Space | 23.58% Space Free | Partition Type: NTFS
Drive D: | 244.62 Gb Total Space | 86.94 Gb Free Space | 35.54% Space Free | Partition Type: NTFS
Drive E: | 244.14 Gb Total Space | 138.55 Gb Free Space | 56.75% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 687.36 Gb Total Space | 36.77 Gb Free Space | 5.35% Space Free | Partition Type: NTFS
Drive I: | 465.76 Gb Total Space | 71.22 Gb Free Space | 15.29% Space Free | Partition Type: NTFS
Drive J: | 698.64 Gb Total Space | 27.79 Gb Free Space | 3.98% Space Free | Partition Type: NTFS
Drive O: | 7.55 Gb Total Space | 0.23 Gb Free Space | 3.03% Space Free | Partition Type: FAT32

Computer Name: CORE-2-DESKTOP
Current User Name: TPKNET
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/11/16 11:46:42 | 002,806,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2010/11/16 11:46:08 | 005,348,256 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2start.exe
PRC - [2010/08/25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/02 16:09:56 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/19 18:40:32 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TPKNET\Desktop\OTL.exe
PRC - [2010/03/18 10:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/25 12:38:00 | 000,233,472 | ---- | M] () -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe
PRC - [2007/03/10 14:43:52 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2006/11/13 12:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 12:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/09/19 09:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2005/09/27 11:49:22 | 000,393,216 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\sttray.exe
PRC - [2004/01/08 08:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE

========== Modules (SafeList) ==========

MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/03/19 18:40:32 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TPKNET\Desktop\OTL.exe
MOD - [2008/04/13 18:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004/01/08 08:50:00 | 000,024,064 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL
MOD - [2004/01/08 08:50:00 | 000,006,144 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\LgWndHk.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/11/16 11:46:42 | 002,806,000 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2010/09/09 17:00:00 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/02 16:09:56 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/07/04 03:49:14 | 000,075,496 | ---- | M] (tzuk) [Auto | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/29 09:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/09/16 18:01:16 | 000,020,480 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/07/30 21:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/04/13 18:12:36 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/13 18:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2007/10/25 12:38:00 | 000,233,472 | ---- | M] () [Auto | Running] -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService)
SRV - [2007/07/24 16:57:06 | 000,074,360 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007/05/10 09:54:26 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2007/04/19 21:29:44 | 000,411,168 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/01/22 17:07:48 | 000,053,248 | ---- | M] (Hauppauge Computer Works) [Auto | Stopped] -- C:\Program Files\Hauppauge MediaMVP\MVPStart.exe -- (MVPMedia)
SRV - [2007/01/22 17:06:14 | 000,045,056 | ---- | M] (Hauppauge Computer Works, Inc.) [Auto | Stopped] -- C:\Program Files\Hauppauge MediaMVP\Hardware\DglSvcMain.exe -- (MVPMediaSvc)
SRV - [2006/12/02 05:17:54 | 002,805,000 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)
SRV - [2006/11/09 17:30:14 | 000,065,536 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/09/20 09:12:20 | 006,352,963 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\SlimServer\server\slim.exe -- (slimsvc)
SRV - [2005/10/14 04:51:46 | 028,768,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2005/10/14 04:51:12 | 000,239,320 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2005/10/14 04:50:20 | 000,045,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2005/10/14 02:53:50 | 000,087,768 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2005/03/07 12:30:46 | 000,180,224 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v1.05\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2004/08/04 04:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2004/08/04 04:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microwebinc.com/links
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.microwebinc.com/links"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.6.8
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/30 15:10:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/14 19:49:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/04 10:57:19 | 000,000,000 | ---D | M]

[2009/03/23 10:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Extensions
[2010/11/07 14:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions
[2010/06/14 10:27:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/18 13:46:37 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/10/04 14:54:46 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/10/18 13:46:52 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/02/06 18:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\LDSI_plashcor@gmail(2).com
[2010/08/11 17:49:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\[email protected]
[2007/12/12 18:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Mozilla\Firefox\Profiles\8lshjtg1.default\extensions\[email protected]
[2010/11/07 14:36:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/01/16 01:28:50 | 000,155,648 | ---- | M] (Solidworks Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll
[2009/12/20 23:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2010/04/05 11:23:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EPSON Stylus C86 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2R1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IntelAudioStudio] C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-BA7E-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\TPKNET\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Documents and Settings\TPKNET\Start Menu\Programs\Startup\WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe (Antony Lewis)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to MVP Favorite Radio Stations - C:\Program Files\Hauppauge MediaMVP\mvp.htm ()
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase1140.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1160746614294 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1177609958031 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EFFDEEEC-F9E1-4461-91D2-DAEB8CC595F1} http://192.168.1.228:5002/CSViewer.cab (CSViewer Control)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\TPKNET\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\TPKNET\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/01/30 22:37:22 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/11/16 11:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2010/11/16 11:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TPKNET\My Documents\Anti-Malware
[2010/11/15 14:52:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/11/13 11:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TPKNET\Application Data\Avira
[2010/11/12 21:17:06 | 000,000,000 | ---D | C] -- C:\Projects
[2010/11/06 18:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/11/06 18:12:43 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/11/04 20:36:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2010/11/04 20:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TPKNET\My Documents\SightSpeed Recordings
[2010/11/04 20:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TPKNET\Local Settings\Application Data\LogiShrd
[2010/11/04 20:32:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\logishrd
[2010/11/04 20:32:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2010/11/04 20:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2010/11/04 20:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2010/06/07 01:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/13 19:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\IsolatedStorage
[2010/02/28 20:44:51 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2010/02/28 20:44:51 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2010/02/28 20:44:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2010/02/28 20:44:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2010/01/06 10:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/01/06 10:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/10/04 11:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/01/05 10:35:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/01/05 10:35:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/01/05 10:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/01/03 16:22:48 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\TPKNET\Application Data\pcouffin.sys
[2008/04/23 21:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/07/24 09:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Intuit
[2007/04/27 02:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2007/01/05 00:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help
[2007/01/05 00:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Help
[2003/06/19 11:05:04 | 000,431,888 | --S- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\riched20.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[16 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/11/16 13:29:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/11/16 11:12:18 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2010/11/16 11:06:56 | 000,597,242 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/11/16 11:06:56 | 000,493,972 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/16 11:06:56 | 000,091,442 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/16 11:05:14 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/16 11:04:34 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\TPKNET\Desktop\Outlook.lnk
[2010/11/16 11:03:01 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/11/16 11:02:32 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/16 11:01:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/11/16 11:01:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/16 11:00:41 | 013,631,488 | ---- | M] () -- C:\Documents and Settings\TPKNET\ntuser.dat
[2010/11/16 11:00:41 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\TPKNET\ntuser.ini
[2010/11/16 11:00:27 | 009,162,112 | -H-- | M] () -- C:\Documents and Settings\TPKNET\Local Settings\Application Data\IconCache.db
[2010/11/15 15:50:10 | 000,015,894 | ---- | M] () -- C:\WINDOWS\UEDIT32.INI
[2010/11/15 08:23:11 | 000,000,146 | ---- | M] () -- C:\WINDOWS\capture.INI
[2010/11/13 10:53:44 | 000,002,222 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2010/11/10 17:32:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/10 16:50:56 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2010/11/10 16:50:56 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/11/09 19:04:29 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\TPKNET\Desktop\Word 2003.lnk
[2010/11/09 12:31:52 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\TPKNET\Desktop\Family.doc
[2010/11/08 20:25:10 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint Shop Pro 7.lnk
[2010/11/08 10:50:21 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\TPKNET\Desktop\Excel.lnk
[2010/11/08 10:02:04 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\TPKNET\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2010/11/07 12:29:27 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\TPKNET\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/06 18:12:45 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/11/05 12:23:04 | 000,093,496 | ---- | M] () -- C:\Documents and Settings\TPKNET\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/11/04 20:38:36 | 000,001,659 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2010/11/04 20:32:20 | 000,001,274 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[16 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/16 11:12:18 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
[2010/11/09 12:31:52 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\TPKNET\Desktop\Family.doc
[2010/11/08 10:02:04 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\TPKNET\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2010/11/07 12:29:27 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\TPKNET\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/04 20:38:36 | 000,001,659 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2010/11/04 20:32:20 | 000,001,274 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2010/10/09 20:28:42 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\inst.exe
[2010/07/27 21:44:20 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/27 02:03:20 | 010,829,656 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/07/27 02:03:18 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/07/27 01:56:04 | 000,090,411 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/02/28 20:44:56 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2010/02/28 20:44:55 | 000,003,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\DeNoise.sys
[2010/01/06 15:51:42 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/11/21 18:50:25 | 000,000,473 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2009/11/11 10:04:35 | 000,001,413 | ---- | C] () -- C:\WINDOWS\System32\pfdnnt_actions.sys
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/03/31 14:53:03 | 000,010,929 | ---- | C] () -- C:\WINDOWS\UN060501.INI
[2009/01/16 20:42:18 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/01/08 12:22:49 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2009/01/05 14:35:49 | 000,002,222 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2009/01/03 16:22:54 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\pcouffin.log
[2009/01/03 16:22:48 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\pcouffin.cat
[2009/01/03 16:22:48 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\pcouffin.inf
[2008/11/01 12:57:02 | 000,111,376 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2008/11/01 12:57:02 | 000,040,352 | ---- | C] () -- C:\WINDOWS\System32\agcrypto.dll
[2008/09/23 18:51:45 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/02/27 11:08:06 | 000,042,537 | RH-- | C] () -- C:\WINDOWS\System32\srosa.sys
[2008/02/26 21:03:07 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2007/12/20 15:13:05 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007/12/20 15:13:02 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/12/20 15:13:02 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/12/20 15:13:01 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/12/20 15:13:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/10/22 15:02:37 | 000,010,856 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/10/22 13:41:33 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2007/09/08 12:09:37 | 000,290,904 | R--- | C] () -- C:\WINDOWS\System32\vc6-re200l.dll
[2007/05/10 09:54:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2007/05/01 16:11:28 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_0C.dll
[2007/05/01 16:11:28 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_10.dll
[2007/05/01 16:11:28 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_0A.dll
[2007/05/01 16:11:28 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_09.dll
[2007/05/01 16:11:28 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_11.dll
[2007/05/01 16:11:26 | 000,847,872 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255.Dll
[2007/05/01 16:11:26 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_07.dll
[2007/05/01 16:11:26 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\SaiC0255_0402.dll
[2007/04/26 19:49:59 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2007/04/26 19:49:45 | 000,000,045 | ---- | C] () -- C:\WINDOWS\EPSONC86.ini
[2007/04/26 17:51:51 | 000,161,792 | ---- | C] () -- C:\WINDOWS\System32\crownmon.dll
[2007/04/26 17:51:51 | 000,099,328 | ---- | C] () -- C:\WINDOWS\System32\crnsnmp.dll
[2007/04/26 17:51:51 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\crnutil.dll
[2007/04/04 16:19:06 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2007/04/04 16:14:27 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2007/04/04 16:14:27 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2007/04/04 16:12:23 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2007/04/04 16:10:04 | 000,000,152 | ---- | C] () -- C:\WINDOWS\EPSON Perfection 3200 Installer.ini
[2007/01/30 22:40:10 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2007/01/30 22:37:22 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2007/01/30 22:37:22 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/30 22:37:22 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2007/01/30 22:37:22 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2007/01/30 22:37:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2007/01/30 22:37:22 | 000,001,289 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2007/01/24 10:34:30 | 000,000,608 | ---- | C] () -- C:\WINDOWS\3DHOME.INI
[2007/01/15 23:10:12 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/12/30 17:04:26 | 000,002,927 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/11/09 09:46:43 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/11/09 09:46:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/11/09 09:46:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/11/09 09:46:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/11/09 09:46:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/11/09 09:46:42 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/10/23 10:35:58 | 000,000,146 | ---- | C] () -- C:\WINDOWS\capture.INI
[2006/10/20 08:37:46 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\THBIni20.dll
[2006/10/18 09:09:55 | 000,000,104 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2006/10/17 15:05:59 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/10/16 09:08:40 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\$_hpcst$.hpc
[2006/10/13 19:19:25 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/10/13 19:17:08 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\TPKNET\Application Data\FixVTS.ini
[2006/10/13 19:05:09 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\CuteZipShell.dll
[2006/10/13 18:57:34 | 000,015,894 | ---- | C] () -- C:\WINDOWS\UEDIT32.INI
[2006/10/13 18:09:44 | 000,903,168 | ---- | C] () -- C:\WINDOWS\System32\mitmdl30.dll
[2006/10/13 18:09:44 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\lffax60n.dll
[2006/10/13 18:09:44 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\lfcmp60n.dll
[2006/10/13 18:09:44 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\lfpng60n.dll
[2006/10/13 18:09:44 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\lftif60n.dll
[2006/10/13 18:09:44 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\lfpcx60n.dll
[2006/10/13 18:09:44 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfpct60n.dll
[2006/10/13 18:09:44 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfeps60n.dll
[2006/10/13 18:09:44 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\lfbmp60n.dll
[2006/10/13 18:09:44 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lfpsd60n.dll
[2006/10/13 18:09:44 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\lftga60n.dll
[2006/10/13 18:09:44 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwpg60n.dll
[2006/10/13 18:09:44 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwmf60n.dll
[2006/10/13 18:09:44 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\lfmsp60n.dll
[2006/10/13 18:09:44 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\lfmac60n.dll
[2006/10/13 14:34:06 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2006/10/12 20:32:12 | 000,000,840 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/01 03:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/01 03:22:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/06/01 03:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/06/01 03:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/06/01 03:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/01 03:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/06/01 03:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/03/07 12:30:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_RUS.dll
[2005/03/07 12:30:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ITA.dll
[2005/03/07 12:30:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_FRA.dll
[2005/03/07 12:30:46 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\Tsp.dll
[2005/03/07 12:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ESN.dll
[2005/03/07 12:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_ENU.dll
[2005/03/07 12:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_DEU.dll
[2005/03/07 12:30:46 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\TspPopup_CHS.dll
[2004/08/03 18:56:46 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/03 02:25:59 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\dlportio.sys
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2007/07/24 17:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2009/01/05 10:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2006/12/05 09:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avocent AdminWorks
[2009/02/28 19:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2007/07/19 11:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2009/11/08 09:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/01/05 10:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2007/01/30 23:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2007/01/30 23:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2006/10/20 14:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2008/03/08 12:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Saitek
[2007/10/29 14:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2008/09/23 18:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2007/01/30 22:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2008/02/26 09:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/23 13:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TOSHIBA
[2009/04/01 14:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/02/17 23:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/29 07:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/06/28 13:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Audacity
[2007/07/24 17:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Autodesk
[2009/01/07 21:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\BitTyrant
[2010/06/01 10:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/01/08 08:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\DAEMON Tools
[2009/06/05 15:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\DAEMON Tools Lite
[2009/01/08 08:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\DAEMON Tools Pro
[2010/02/03 13:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\DVDFab
[2007/04/04 16:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\EPSON
[2006/11/09 09:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\FarStone
[2010/01/28 12:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\FileZilla
[2009/11/20 20:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\FreeVideoConverter
[2006/10/13 19:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\GlobalSCAPE
[2008/12/19 22:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\gtk-2.0
[2009/11/20 17:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\ImgBurn
[2006/11/09 09:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\InterVideo
[2009/01/18 09:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\IObit
[2007/04/26 19:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Leadertech
[2007/10/30 11:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\LinkedIn
[2010/08/19 19:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Microweb
[2007/05/03 08:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\MusicIP
[2006/11/09 09:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Musicmatch
[2007/04/26 11:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\OfficeUpdate12
[2010/02/11 14:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Pamela
[2008/02/19 11:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Publish Providers
[2009/11/04 21:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Red Kawa
[2009/11/20 18:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Regensoft
[2010/11/07 13:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\RipIt4Me
[2007/02/26 19:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Seattle Avionics
[2008/02/19 11:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Sony
[2008/02/19 11:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Sony Setup
[2007/02/21 12:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\STOIK
[2010/11/13 11:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\TeraCopy
[2010/11/16 16:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\uTorrent
[2010/10/09 20:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\Vso
[2008/06/12 07:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TPKNET\Application Data\webex

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >

#4
kahdah

Posted 02 December 2010 - 08:18 AM

GeekU Teacher

Retired Staff
15,822 posts

Seems like it may or may not be a hard drive issue.

I will need to know the manufacturer's name of the hard drive you have installed.
To get that go to Start then right click on the C:\drive and choose properties.
Then click on the hardware tab.

Then you can write down what you see there under Disk Drives and post that info here for me to see then I will be able to help yo