Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

OTL log for maliprog

Started by zarak , Mar 10 2011 12:03 PM

  • Please log in to reply

#1
zarak
Posted 10 March 2011 - 12:03 PM

zarak

    New Member

  • Member
  • Pip
  • 3 posts
For maliprog ~ Thanks for the welcome and I want to say "THANK YOU" first and foremost.

Here is the OTL log you wanted


OTL logfile created on: 3/10/2011 12:16:15 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Samuel J Dorando\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

247.00 Mb Total Physical Memory | 141.00 Mb Available Physical Memory | 57.00% Memory free
606.00 Mb Paging File | 479.00 Mb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.27 Gb Total Space | 24.19 Gb Free Space | 64.90% Space Free | Partition Type: NTFS

Computer Name: SJD | User Name: Samuel J Dorando | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/08 19:35:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Samuel J Dorando\desktop\OTL.exe
PRC - [2009/10/18 21:12:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002/09/04 13:11:04 | 000,073,728 | ---- | M] (Iomega Corporation) -- C:\Program Files\Iomega\System32\AppServices.exe


========== Modules (SafeList) ==========

MOD - [2011/03/08 19:35:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Samuel J Dorando\desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Iomega Activity Disk2)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2002/09/04 13:11:04 | 000,073,728 | ---- | M] (Iomega Corporation) [Auto | Running] -- C:\Program Files\Iomega\System32\AppServices.exe -- (Iomega App Services)
SRV - [2000/01/13 08:06:50 | 000,348,160 | ---- | M] (Iomega Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\ZipToA.exe -- (ZipToA)


========== Driver Services (SafeList) ==========

DRV - [2011/02/27 16:50:47 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/03/02 15:00:46 | 000,095,592 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite)
DRV - [2008/04/13 13:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/02/27 12:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/02/25 11:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/04/16 20:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2004/08/04 00:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/02/06 12:43:24 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/09/04 13:11:08 | 000,030,258 | ---- | M] (Iomega Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\iomdisk.sys -- (iomdisk)
DRV - [2002/07/17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002/01/08 17:53:14 | 000,124,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sis630p.sys -- (SiS630)
DRV - [2001/08/17 09:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 07:50:46 | 000,101,760 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sis300ip.sys -- (SiS300i)
DRV - [2001/08/17 07:20:16 | 000,297,728 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ac97sis.sys -- (SiS7018) Service for AC'97 Sample Driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0


[2011/02/27 17:43:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Samuel J Dorando\Application Data\Mozilla\Extensions
[2011/02/27 17:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Samuel J Dorando\Application Data\Mozilla\Firefox\Profiles\zxi8pgax.default\extensions
[2011/02/27 17:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Samuel J Dorando\Application Data\Mozilla\Firefox\Profiles\zxi8pgax.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/27 17:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Samuel J Dorando\Application Data\Mozilla\Firefox\Profiles\zxi8pgax.default\extensions\staged-xpis
[2010/08/02 19:04:37 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN
File not found (No name found) -- C:\PROGRAM FILES\PRICEGONG\2.1.0\FF
[2011/02/27 17:43:31 | 000,000,000 | ---D | M] ("Save tube video") -- C:\PROGRAM FILES\SAVE TUBE VIDEO COMPANY\SAVETUBEVIDEO\FF

O1 HOSTS File: ([2010/12/16 00:43:31 | 000,002,784 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 204.152.194.149 www.google.com
O1 - Hosts: 204.152.194.149 google.com
O1 - Hosts: 204.152.194.149 google.com.au
O1 - Hosts: 204.152.194.149 www.google.com.au
O1 - Hosts: 204.152.194.149 google.be
O1 - Hosts: 204.152.194.149 www.google.be
O1 - Hosts: 204.152.194.149 google.com.br
O1 - Hosts: 204.152.194.149 www.google.com.br
O1 - Hosts: 204.152.194.149 google.ca
O1 - Hosts: 38 more lines...
O2 - BHO: (ShowBarObj Class) - {2863E737-DD3F-4280-9AF8-E9E79C16F312} - C:\Program Files\Save Tube Video Company\SaveTubeVideo\MinBHO.dll ()
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: download.com ([]* in Trusted sites)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/BookWorm/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} http://webiq005.webi...6-6D5536C585C9} (WebIQ Engine Application Object)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Jewel%20Quest/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Samuel J Dorando\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Samuel J Dorando\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/02 15:42:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/10 12:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\Desktop\Geek2geek
[2011/03/08 23:08:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/08 21:44:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/03/08 19:34:56 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Samuel J Dorando\Desktop\OTL.exe
[2011/03/08 16:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\Application Data\AVG10
[2011/03/08 16:27:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/03/08 16:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/08 16:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/03/08 16:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/08 15:45:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Vivitar
[2011/03/08 14:20:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\Start Menu\Programs\HiJackThis
[2011/03/08 14:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/03/07 19:27:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\Local Settings\Application Data\PCHealth
[2011/03/06 00:01:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Samuel J Dorando\Recent
[2011/02/28 16:50:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2011/02/28 16:49:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/02/28 16:47:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2011/02/28 16:47:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2011/02/28 16:47:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011/02/28 16:46:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2011/02/27 17:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\My Documents\Downloads
[2011/02/27 17:42:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\Local Settings\Application Data\Mozilla
[2011/02/27 17:40:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Samuel J Dorando\My Documents\My DVDs
[2011/02/27 17:36:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\Application Data\Leadertech
[2011/02/27 17:34:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\Application Data\Canneverbe Limited
[2011/02/27 17:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\My Documents\StarBurn
[2011/02/27 17:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\Application Data\StarBurn
[2011/02/27 16:55:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\My Documents\SaveTubeVideo
[2011/02/27 16:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\Save Tube Video Company
[2011/02/27 16:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Rocket Division Software
[2011/02/27 16:55:24 | 000,095,592 | ---- | C] (Rocket Division Software) -- C:\WINDOWS\System32\drivers\StarPortLite.sys
[2011/02/27 16:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\Rocket Division Software
[2011/02/27 16:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\FinalBurner
[2011/02/27 16:43:00 | 000,045,056 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\WNASPI32.DLL
[2011/02/27 16:43:00 | 000,016,877 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS
[2011/02/27 16:43:00 | 000,000,000 | ---D | C] -- C:\Program Files\Free Create-Burn ISO Image
[2011/02/27 16:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Free Create-Burn ISO Image
[2011/02/27 16:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2011/02/10 15:45:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Samuel J Dorando\Application Data\Help
[2011/02/09 14:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\Usability Sciences
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/10 12:06:33 | 000,002,068 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/10 11:09:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/10 11:09:03 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011/03/10 11:09:02 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/03/10 11:08:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/10 11:08:51 | 259,575,808 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/09 17:59:46 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7079D8D6-5A63-471B-A766-CC004F1BC782}.job
[2011/03/08 19:35:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Samuel J Dorando\Desktop\OTL.exe
[2011/03/08 19:03:54 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/08 16:01:49 | 000,000,011 | ---- | M] () -- C:\WINDOWS\GKM303DS.ini
[2011/03/08 15:58:21 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/03/08 14:54:49 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\Local Settings\Application Data\housecall.guid.cache
[2011/03/08 14:20:09 | 000,002,006 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\Desktop\HiJackThis.lnk
[2011/03/07 19:22:42 | 000,288,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/06 22:00:01 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2011/03/05 23:54:05 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/03/05 16:42:48 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2011/03/05 16:42:48 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\Desktop\Glary Utilities.lnk
[2011/03/05 14:29:18 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/27 20:00:19 | 000,001,956 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/02/27 19:54:11 | 000,000,322 | ---- | M] () -- C:\WINDOWS\Xtarot.INI
[2011/02/27 17:42:52 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/02/27 16:55:25 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarBurn.lnk
[2011/02/27 16:44:22 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalBurner.lnk
[2011/02/27 16:43:01 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\Desktop\Free Create-Burn ISO Image.lnk
[2011/02/27 16:41:56 | 000,001,622 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk
[2011/02/27 16:41:56 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\Desktop\CDBurnerXP.lnk
[2011/02/23 16:27:45 | 000,030,356 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\My Documents\List of Doctors.PDS
[2011/02/23 15:41:29 | 000,287,826 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\My Documents\Forgotten Ohio Ohio State University.mht
[2011/02/18 18:20:28 | 000,037,236 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\My Documents\Being Old.PDS
[2011/02/18 16:29:03 | 000,091,636 | ---- | M] () -- C:\Documents and Settings\Samuel J Dorando\My Documents\Hot chocolate Recipe.PDS
[2011/02/10 14:27:08 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/02/09 08:53:52 | 000,270,848 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2011/02/09 08:53:52 | 000,186,880 | ---- | M] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/08 14:54:49 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Samuel J Dorando\Local Settings\Application Data\housecall.guid.cache
[2011/03/08 14:20:09 | 000,002,006 | ---- | C] () -- C:\Documents and Settings\Samuel J Dorando\Desktop\HiJackThis.lnk
[2011/03/05 22:29:18 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/02/27 17:42:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/02/27 16:55:25 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StarBurn.lnk
[2011/02/27 16:44:22 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\Samuel J Dorando\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalBurner.lnk
[2011/02/27 16:43:01 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\Samuel J Dorando\Desktop\Free Create-Burn ISO Image.lnk
[2011/02/27 16:41:56 | 000,001,622 | ---- | C] () -- C:\Documents and Settings\Samuel J Dorando\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk
[2011/02/27 16:41:56 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\Samuel J Dorando\Desktop\CDBurnerXP.lnk
[2011/02/27 16:41:55 | 000,001,556 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk
[2011/02/23 15:41:25 | 000,287,826 | ---- | C] () -- C:\Documents and Settings\Samuel J Dorando\My Documents\Forgotten Ohio Ohio State University.mht
[2011/02/18 18:20:28 | 000,037,236 | ---- | C] () -- C:\Documents and Settings\Samuel J Dorando\My Documents\Being Old.PDS
[2011/02/18 16:29:02 | 000,091,636 | ---- | C] () -- C:\Documents and Settings\Samuel J Dorando\My Documents\Hot chocolate Recipe.PDS
[2011/02/09 08:53:52 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2011/02/09 08:53:52 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2011/02/03 23:49:11 | 000,000,038 | ---- | C] () -- C:\WINDOWS\WOT.INI
[2010/12/21 00:48:18 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2010/10/24 16:22:06 | 000,162,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/10/24 15:32:19 | 000,000,011 | ---- | C] () -- C:\WINDOWS\GKM303DS.ini
[2010/10/24 14:42:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\asym.ini
[2010/10/24 14:40:06 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2010/10/24 14:40:06 | 000,033,634 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2010/10/24 13:47:56 | 000,000,065 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2010/10/23 19:01:53 | 000,010,252 | ---- | C] () -- C:\WINDOWS\Jeopardy.dat
[2010/10/23 18:20:48 | 000,000,585 | ---- | C] () -- C:\WINDOWS\ULTIMATE.INI
[2010/10/23 18:20:45 | 000,005,184 | ---- | C] () -- C:\WINDOWS\BUBBLE.DLL
[2010/10/23 18:11:34 | 000,000,403 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2010/10/23 18:11:14 | 000,124,880 | ---- | C] () -- C:\WINDOWS\bw6uinst.exe
[2010/10/23 17:59:10 | 000,000,322 | ---- | C] () -- C:\WINDOWS\Xtarot.INI
[2010/10/23 16:51:55 | 000,000,047 | ---- | C] () -- C:\WINDOWS\EPWSK.INI
[2010/10/23 16:37:40 | 000,000,051 | ---- | C] () -- C:\WINDOWS\WWWBATCH.INI
[2010/10/23 16:26:48 | 000,086,304 | ---- | C] () -- C:\WINDOWS\RHVIDEO.DLL
[2010/10/23 16:19:32 | 000,000,404 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010/10/23 15:58:41 | 000,000,121 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2010/08/22 14:06:53 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/08/08 22:39:36 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2010/08/08 00:26:06 | 000,002,068 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/07 12:14:00 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2010/08/03 10:18:37 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2010/08/02 18:21:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2010/08/02 16:48:02 | 000,001,956 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/08/02 15:46:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/08/02 15:38:17 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/08/02 11:23:03 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/08/02 11:21:55 | 000,288,496 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2003/03/31 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/03/31 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/03/31 07:00:00 | 000,400,380 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/03/31 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/03/31 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/03/31 07:00:00 | 000,061,348 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/03/31 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/03/31 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/03/31 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/03/31 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/03/31 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/06/20 13:02:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis730.bin
[2001/06/20 13:01:54 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis630.bin
[2000/11/13 15:48:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis300.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP