askey127,
Here is the OTL log.
Butcher
OTL logfile created on: 2/28/2011 8:14:41 PM - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 101.30 Gb Free Space | 68.64% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/02/28 20:02:47 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2011/02/13 15:20:14 | 000,325,000 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/01/10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/29 21:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/21 19:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/01/17 18:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2007/12/25 16:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2007/12/03 19:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2007/09/28 19:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe
PRC - [2006/11/06 20:14:44 | 000,034,352 | ---- | M] () -- C:\Program Files\Toshiba\Utilities\KeNotify.exe
PRC - [2006/10/05 15:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (SafeList) ========== MOD - [2011/02/28 20:02:47 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
MOD - [2010/08/31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2007/03/26 13:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2008/01/21 19:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 18:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/25 16:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007/12/03 19:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/10/30 02:35:40 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/09/28 19:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/10/05 15:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ========== DRV - [2011/01/10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/30 11:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/06/19 20:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2008/12/23 02:47:52 | 000,138,240 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/07/29 04:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/01/21 18:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2007/11/09 16:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/08/31 19:43:32 | 000,020,352 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2007/07/14 01:01:30 | 002,771,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2006/11/28 18:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/09 00:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 00:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/08/30 11:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/07/28 19:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.toshibadirect.com/dpdstartIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.toshibadirect.com/dpdstartIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.toshibadirect.com/dpdstartIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2011/02/23 17:51:29 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HWSetup] File not found
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\Pictures\094.JPG
O24 - Desktop BackupWallPaper: C:\Users\Owner\Pictures\094.JPG
O30 - LSA: Authentication Packages - (ows\s) - File not found
O30 - LSA: Security Packages - (072-1426510162-1000) - File not found
O30 - LSA: Security Packages - (늱&) - File not found
O30 - LSA: Security Packages - (鑏) - File not found
O30 - LSA: Security Packages - () - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/02/28 20:06:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/02/28 20:02:45 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2011/02/28 18:15:32 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/02/28 18:13:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\erunt
[2011/02/27 10:26:23 | 007,809,352 | ---- | C] (VS Revo Group ) -- C:\Users\Owner\Desktop\RevoUninProSetup.exe
[2011/02/27 08:08:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\PeerNetworking
[2011/02/27 06:45:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/02/27 06:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/02/27 06:16:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/02/26 13:19:46 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/02/26 13:16:38 | 000,519,680 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTM.exe
[2011/02/24 17:52:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\WinPatrol
[2011/02/24 17:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2011/02/24 17:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2011/02/24 17:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2011/02/24 17:41:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\VS Revo Group
[2011/02/24 17:41:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2011/02/24 17:41:01 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2011/02/24 17:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/02/23 18:03:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Avira
[2011/02/23 18:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/02/23 18:00:19 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/02/23 18:00:19 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/02/23 18:00:19 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/02/23 18:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/02/23 18:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/02/20 08:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/02/20 08:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/02/20 08:05:22 | 000,000,000 | R--D | C] -- C:\Users\Owner\Documents
========== Files - Modified Within 30 Days ========== [2011/02/28 20:11:51 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/28 20:11:51 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/28 20:11:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/28 20:11:38 | 2011,217,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/28 20:02:47 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2011/02/28 18:22:25 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BCF36DFF-31CC-48B4-A048-A8507171BCD8}.job
[2011/02/28 18:13:08 | 000,513,320 | ---- | M] () -- C:\Users\Owner\Desktop\erunt.zip
[2011/02/27 13:15:23 | 000,932,352 | -HS- | M] () -- C:\Users\Owner\Desktop\ehthumbs_vista.db
[2011/02/27 10:27:14 | 000,001,060 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011/02/27 10:26:28 | 007,809,352 | ---- | M] (VS Revo Group ) -- C:\Users\Owner\Desktop\RevoUninProSetup.exe
[2011/02/27 09:22:25 | 000,000,497 | ---- | M] () -- C:\Users\Owner\Desktop\Sign In.url
[2011/02/27 08:08:56 | 000,031,007 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\UserTile.png
[2011/02/27 06:16:17 | 000,001,948 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2011/02/26 13:16:39 | 000,519,680 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTM.exe
[2011/02/25 13:23:55 | 000,075,264 | ---- | M] () -- C:\Users\Owner\Desktop\SystemLook.exe
[2011/02/24 17:57:51 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/02/23 18:00:31 | 000,001,818 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/02/13 11:48:28 | 000,607,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/02/13 11:48:28 | 000,105,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/02/11 16:14:28 | 000,393,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
========== Files Created - No Company Name ========== [2011/02/28 18:13:06 | 000,513,320 | ---- | C] () -- C:\Users\Owner\Desktop\erunt.zip
[2011/02/27 08:08:56 | 000,031,007 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\UserTile.png
[2011/02/27 06:16:17 | 000,001,948 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2011/02/25 13:23:54 | 000,075,264 | ---- | C] () -- C:\Users\Owner\Desktop\SystemLook.exe
[2011/02/24 17:41:03 | 000,001,060 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011/02/23 18:00:31 | 000,001,818 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/02/20 08:15:49 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/02/20 08:15:49 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2010/12/17 12:14:10 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2010/08/20 14:28:20 | 000,030,424 | ---- | C] () -- C:\Windows\System32\wrLZMA.dll
[2009/02/21 17:00:54 | 000,012,800 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/21 12:59:32 | 000,046,456 | R--- | C] () -- C:\Windows\System32\exitwx.exe
[2008/09/21 05:58:25 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/09/21 05:58:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/06/07 15:55:50 | 000,028,747 | ---- | C] () -- C:\Windows\System32\KMemoryMMX.dll
[2008/06/07 15:55:50 | 000,024,653 | ---- | C] () -- C:\Windows\System32\KMemoryPIII.dll
[2008/06/07 15:55:50 | 000,024,632 | ---- | C] () -- C:\Windows\System32\KMemory.dll
[2008/06/07 15:55:50 | 000,020,546 | ---- | C] () -- C:\Windows\System32\KMemoryC.dll
[2008/06/07 15:55:12 | 000,000,002 | ---- | C] () -- C:\Windows\PhotoSuite.ini
[2008/06/07 15:55:08 | 000,122,880 | ---- | C] () -- C:\Windows\System32\EnrouteStitch.dll
[2008/06/07 15:55:07 | 000,458,752 | ---- | C] () -- C:\Windows\System32\Fpl.dll
[2008/06/07 15:55:07 | 000,019,968 | ---- | C] () -- C:\Windows\System32\CPUINF32.DLL
[2008/06/07 15:55:06 | 000,332,800 | ---- | C] () -- C:\Windows\System32\FPXLIB.DLL
[2008/06/07 15:55:06 | 000,122,880 | ---- | C] () -- C:\Windows\System32\JPEGLIB.DLL
[2008/05/04 14:42:41 | 000,000,013 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2008/05/04 14:42:41 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/02/20 21:07:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/02/20 21:07:38 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/02/20 21:07:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/02/20 21:07:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/02/20 21:07:38 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/02/20 21:07:38 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/02/20 20:45:33 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/02/20 19:51:47 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2008/02/20 19:45:08 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2008/02/20 19:45:08 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2008/02/20 19:45:08 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2008/02/20 19:45:08 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/02/20 19:40:27 | 000,000,291 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/02/20 19:40:27 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2008/02/20 19:40:27 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008/02/20 19:40:27 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat
[2008/02/20 19:16:30 | 000,157,040 | ---- | C] () -- C:\Windows\fdbpinger.exe
[2007/12/21 19:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/07/14 00:52:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/07/14 00:29:00 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/02/20 18:39:10 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,393,048 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,607,406 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,105,014 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/08 23:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/11/23 16:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/07/23 00:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
========== LOP Check ========== [2009/09/30 16:11:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Costco Photo Viewer US
[2011/02/27 08:08:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PeerNetworking
[2010/01/31 13:19:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ulead Systems
[2011/02/24 17:52:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinPatrol
[2011/02/28 20:10:42 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/02/28 18:22:25 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{BCF36DFF-31CC-48B4-A048-A8507171BCD8}.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >