Norton does not detect any problems and I reviewed the forums, which looks like I am not the only one with this problem. I tried booting in safe mode, to run Malwarebytes and SUPERAntiSpyware, which found some threats and tracking cookies, but did not find or remove the PING.EXE issue, which reappeared on the next start up. I picked this problem up two days, Dec. 4th, while working with photoshop premiere elements, 3 windows of adobe flash player popped up trying to do an update and then closed on their own, it was after this point that the warrning messages started. Not sure if this has anything to do with it, but just in case any one else had this same issue. Since then, I am also experiencing periodic google chrome and internet explorer page redirects, the re-directs are to an Anti-virus product search page.
I am running Windows Vista.
Below is the OTL log:
OTL logfile created on: 12/6/2011 10:21:07 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bill\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 45.49% Memory free
6.21 Gb Paging File | 4.73 Gb Available in Paging File | 76.06% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.37 Gb Total Space | 127.03 Gb Free Space | 44.05% Space Free | Partition Type: NTFS
Drive D: | 9.72 Gb Total Space | 4.47 Gb Free Space | 46.01% Space Free | Partition Type: NTFS
Drive L: | 931.51 Gb Total Space | 853.77 Gb Free Space | 91.65% Space Free | Partition Type: NTFS
Computer Name: BILL-PC | User Name: Bill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/12/06 15:54:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
PRC - [2011/12/06 15:43:12 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/12/06 14:01:17 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/12/06 14:01:16 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/11/17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Bill\AppData\Local\Akamai\netsession_win.exe
PRC - [2011/11/12 09:04:55 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/05/25 01:09:08 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/05/25 01:09:07 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011/05/25 01:09:06 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/05/20 21:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe
PRC - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/01/21 15:24:08 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 07:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 02:33:19 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
PRC - [2007/02/25 08:10:46 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2007/02/08 17:50:33 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxczcoms.exe
PRC - [2006/11/08 21:57:00 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/11/07 17:34:26 | 000,053,248 | ---- | M] (Chicony) -- C:\Windows\ModPS2Key.exe
PRC - [2006/11/07 17:08:40 | 000,547,840 | ---- | M] () -- C:\Windows\zHotkey.exe
PRC - [2006/10/05 00:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
========== Modules (No Company Name) ==========
MOD - [2011/12/06 21:57:16 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/12/06 21:57:16 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/12/06 14:00:36 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/12/06 14:00:36 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2009/04/11 01:28:22 | 000,223,232 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2009/04/11 01:28:22 | 000,223,232 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2006/11/07 17:08:40 | 000,547,840 | ---- | M] () -- C:\Windows\zHotkey.exe
========== Win32 Services (SafeList) ==========
SRV - [2011/12/06 14:01:17 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/11/17 20:30:14 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011/05/25 01:09:06 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/05/20 21:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/08/08 15:05:44 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/01/21 15:24:08 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 07:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2007/02/25 08:10:46 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2007/02/08 17:50:33 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxczcoms.exe -- (lxcz_device)
SRV - [2006/10/05 00:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
========== Driver Services (SafeList) ==========
DRV - [2011/12/05 00:19:51 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111206.018\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/12/05 00:19:51 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111206.018\NAVENG.SYS -- (NAVENG)
DRV - [2011/11/14 14:28:02 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111123.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/09 20:35:49 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/11/09 20:35:48 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/08/22 23:17:32 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111206.001\IDSvix86.sys -- (IDSVix86)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/06/02 19:32:31 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/05/25 01:09:08 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011/05/25 01:09:05 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/03/30 22:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\Drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 22:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 19:39:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0501000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011/03/14 21:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 01:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMDS.SYS -- (SymDS)
DRV - [2010/11/15 20:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2009/10/20 02:00:00 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2009/10/20 02:00:00 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2009/08/13 15:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/06 20:57:04 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2006/11/02 02:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32) Intel®
DRV - [2006/11/02 02:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5432
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5432
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=DTP&M=GT5432
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5432
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Bill\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/09/28 17:04:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_3_6 [2011/12/06 21:56:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Bill\AppData\Roaming\Move Networks [2010/01/21 19:06:32 | 000,000,000 | ---D | M]
[2009/12/03 21:48:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bill\AppData\Roaming\Mozilla\Extensions
[2009/12/03 21:48:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bill\AppData\Roaming\Mozilla\Extensions\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Bill\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AT_Porsche = C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_1\
Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll (Gateway Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CHotkey] C:\Windows\zHotkey.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [lxczbmgr.exe] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ModPS2] C:\Windows\ModPS2Key.exe (Chicony)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ShowWnd] C:\Windows\ShowWnd.exe ()
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Bill\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{177425E4-7687-455B-8146-4FD7230AB707}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Bill\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Bill\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 03:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{4e60b2ba-7e55-11df-bb86-0019218cf368}\Shell - "" = AutoRun
O33 - MountPoints2\{4e60b2ba-7e55-11df-bb86-0019218cf368}\Shell\AutoRun\command - "" = "K:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/06 15:54:40 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2011/12/06 14:00:32 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\SUPERAntiSpyware.com
[2011/12/06 14:00:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/12/06 14:00:17 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/12/06 14:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/12/06 14:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/12/06 08:18:09 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Malwarebytes
[2011/12/06 08:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/06 08:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/06 08:18:01 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/06 08:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/06 07:15:01 | 002,562,040 | ---- | C] (Symantec Corporation) -- C:\Users\Bill\Desktop\NPE (1).exe
[2011/12/05 19:22:38 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\NPE
[2011/12/05 02:01:53 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\SanctionedMedia
[2011/11/15 18:02:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/09 20:25:23 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\Akamai
[2011/03/27 16:36:09 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll
[2011/03/27 16:36:09 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll
[2011/03/27 16:36:08 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll
[2011/03/27 16:36:08 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll
[2011/03/27 16:36:07 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll
[2011/03/27 16:36:07 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll
[2011/03/27 16:36:06 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll
[2011/03/27 16:36:06 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll
[2011/03/27 16:36:06 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll
[2011/03/27 16:36:04 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll
[2011/03/27 16:36:04 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxczih.exe
[2011/03/27 16:36:02 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxczcoms.exe
[2011/03/27 16:36:02 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll
[2011/03/27 16:36:01 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll
[2011/03/27 16:36:01 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxczcfg.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/12/06 22:20:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/06 21:55:54 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/06 21:55:49 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/06 21:55:49 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/06 21:55:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/06 21:55:27 | 3217,555,456 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/06 15:54:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2011/12/06 15:43:12 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/12/06 15:31:11 | 000,025,600 | ---- | M] () -- C:\Users\Bill\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/06 14:04:41 | 000,002,032 | ---- | M] () -- C:\Users\Bill\AppData\Local\d3d9caps.dat
[2011/12/06 14:00:17 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/12/06 08:18:04 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/06 07:31:54 | 001,008,114 | ---- | M] () -- C:\Users\Bill\Desktop\rkill.com
[2011/12/06 07:15:01 | 002,562,040 | ---- | M] (Symantec Corporation) -- C:\Users\Bill\Desktop\NPE (1).exe
[2011/12/05 19:57:25 | 345,623,396 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/05 19:01:41 | 000,001,955 | ---- | M] () -- C:\Users\Bill\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/04 18:39:50 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2011/12/01 23:13:25 | 000,649,176 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/01 23:13:25 | 000,122,686 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/29 21:57:41 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2011/11/27 12:46:53 | 000,000,285 | ---- | M] () -- C:\Users\Bill\Desktop\Media Disc (L).lnk
[2011/11/23 22:48:21 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLbx.DAT
[2011/11/18 17:22:29 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/11/15 18:02:01 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/11/14 00:04:25 | 007,339,533 | ---- | M] () -- C:\Users\Bill\AppData\Local\Temp20110407_0025_Las Vegas 40.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/12/06 15:05:53 | 3217,555,456 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/06 14:00:17 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/12/06 08:18:04 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/06 07:31:54 | 001,008,114 | ---- | C] () -- C:\Users\Bill\Desktop\rkill.com
[2011/12/05 19:01:41 | 000,001,955 | ---- | C] () -- C:\Users\Bill\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/27 12:46:33 | 000,000,285 | ---- | C] () -- C:\Users\Bill\Desktop\Media Disc (L).lnk
[2011/11/15 18:02:01 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/11/14 00:04:25 | 007,339,533 | ---- | C] () -- C:\Users\Bill\AppData\Local\Temp20110407_0025_Las Vegas 40.jpg
[2011/05/20 21:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/05/18 17:23:09 | 000,001,940 | ---- | C] () -- C:\Users\Bill\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/03/27 16:45:18 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXPRMON.DLL
[2011/03/27 16:45:18 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXPMONUI.DLL
[2011/03/27 16:39:28 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll
[2011/03/27 16:36:09 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll
[2011/03/27 16:36:08 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll
[2010/08/19 19:34:50 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Pianos and Keyboards
[2010/08/19 19:34:50 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Piano Med
[2010/08/19 19:34:50 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Piano Hard
[2010/08/19 19:34:50 | 000,000,268 | RH-- | C] () -- C:\Users\Bill\AppData\Roaming\Phaser
[2010/08/19 19:34:50 | 000,000,268 | RH-- | C] () -- C:\Users\Bill\AppData\Roaming\Perl
[2010/08/19 19:34:50 | 000,000,268 | RH-- | C] () -- C:\Users\Bill\AppData\Roaming\Percussion Kit
[2010/08/19 19:34:50 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2010/08/19 19:34:50 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2010/08/19 19:34:50 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2010/03/18 22:40:24 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Tables
[2010/03/18 22:40:24 | 000,000,268 | RH-- | C] () -- C:\Users\Bill\AppData\Roaming\Synth Pads
[2010/03/18 22:40:24 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLck.DAT
[2010/03/18 22:40:24 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Classical
[2010/03/18 21:17:44 | 000,000,048 | ---- | C] () -- C:\Windows\WinInit.Ini
[2010/03/18 20:55:05 | 000,000,000 | ---- | C] () -- C:\ProgramData\Metadata Importer
[2010/03/18 20:54:01 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Techno Kit
[2010/03/18 20:54:01 | 000,000,268 | RH-- | C] () -- C:\Users\Bill\AppData\Roaming\Synth Textures
[2010/03/18 20:54:01 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Clips
[2010/03/07 18:12:31 | 000,000,092 | ---- | C] () -- C:\Users\Bill\AppData\Local\fusioncache.dat
[2010/02/14 11:38:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2010/02/14 11:21:34 | 000,000,268 | RH-- | C] () -- C:\ProgramData\People
[2010/02/14 11:21:34 | 000,000,268 | RH-- | C] () -- C:\Users\Bill\AppData\Roaming\PDEs
[2010/02/14 11:21:34 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/02/14 11:16:52 | 000,000,268 | RH-- | C] () -- C:\ProgramData\PageLibraries
[2010/02/14 11:16:52 | 000,000,268 | RH-- | C] () -- C:\Users\Bill\AppData\Roaming\Organs
[2010/02/14 11:16:52 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/01/11 11:03:15 | 000,002,032 | ---- | C] () -- C:\Users\Bill\AppData\Local\d3d9caps.dat
[2009/11/07 13:20:01 | 000,017,089 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\UserTile.png
[2009/09/24 18:48:54 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/24 18:48:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008/08/10 12:16:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/04/10 18:05:56 | 000,000,346 | ---- | C] () -- C:\Windows\Lexstat.ini
[2008/04/10 17:59:07 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007/04/29 12:28:41 | 000,000,504 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\wklnhst.dat
[2007/04/17 19:18:31 | 000,025,600 | ---- | C] () -- C:\Users\Bill\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/25 07:19:57 | 000,000,004 | ---- | C] () -- C:\Windows\Pix11.dat
[2007/02/25 07:10:51 | 000,547,840 | ---- | C] () -- C:\Windows\zHotkey.exe
[2007/02/25 07:10:51 | 000,532,544 | ---- | C] () -- C:\Windows\PIC.dll
[2007/02/25 07:10:51 | 000,036,864 | ---- | C] () -- C:\Windows\ShowWnd.exe
[2007/02/25 07:10:51 | 000,024,576 | ---- | C] () -- C:\Windows\HKNTDLL.dll
[2006/11/22 17:16:18 | 000,003,612 | ---- | C] () -- C:\Windows\ReaderString.ini
[2006/11/21 13:50:06 | 000,000,037 | ---- | C] () -- C:\Windows\sunkist.ini
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,302,360 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,649,176 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,122,686 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/06/11 19:01:15 | 000,352,256 | ---- | C] () -- C:\Windows\System32\HotlineClient.exe
[2006/06/07 13:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006/03/27 11:19:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2006/03/07 11:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006/01/10 17:11:05 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
[2006/01/10 17:11:05 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll
[2002/03/14 12:00:26 | 000,038,567 | ---- | C] () -- C:\Windows\System32\pcpbios.exe
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\Windows\System32\sysres.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 1211 bytes -> C:\ProgramData\Microsoft:Zj7sspwjLmdCopknsVuty5
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 1144 bytes -> C:\Program Files\Common Files\microsoft shared:w08YdGFTVytdhqxIk85J
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 1072 bytes -> C:\ProgramData\Microsoft:b2fnHqDecG6dXgS6yn69TQWu7cfmqO
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
Any advice or guidance would be greatly appreciated.
Cheers,
Edited by bucner24, 06 December 2011 - 10:31 PM.