Hi peku,
Yes, sorry I think I posted two log files in one reply previously. Here is the first OTListIt2 log file:
OTListIt logfile created on: 3/25/2009 9:22:27 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.7.1 Folder = D:\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
494.73 Mb Total Physical Memory | 164.11 Mb Available Physical Memory | 33.17% Memory free
1.13 Gb Paging File | 0.74 Gb Available in Paging File | 65.15% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 7.86 Gb Total Space | 1.28 Gb Free Space | 16.23% Space Free | Partition Type: NTFS
Drive D: | 66.66 Gb Total Space | 54.78 Gb Free Space | 82.18% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 37.26 Gb Total Space | 2.34 Gb Free Space | 6.28% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DANIEL
Current User Name: DV
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - F:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Popwire AB)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - D:\Downloads\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (aawservice [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8emc [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (getPlus(R) Helper [On_Demand | Stopped]) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (KodakCCS [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\KodakCCS.exe (Eastman Kodak Company)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (vsmon [Auto | Running]) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (ALCXSENS [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (DcCam [System | Running]) -- C:\WINDOWS\system32\DRIVERS\DcCam.sys (Eastman Kodak Company)
DRV - (DcFpoint [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\DcFpoint.sys (Eastman Kodak Company)
DRV - (DCFS2K [Auto | Running]) -- C:\WINDOWS\system32\drivers\dcfs2k.sys (Eastman Kodak Company)
DRV - (DcLps [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\DcLps.sys (Eastman Kodak Company)
DRV - (DcPTP [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\DcPTP.sys (Eastman Kodak Company)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (Exportit [System | Stopped]) -- C:\WINDOWS\system32\DRIVERS\exportit.sys (Eastman Kodak Company)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (pfc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SE27bus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SE27bus.sys (MCCI)
DRV - (SE27mdfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys (MCCI)
DRV - (SE27mdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SE27mdm.sys (MCCI)
DRV - (SE27mgmt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys (MCCI)
DRV - (se27nd5 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\se27nd5.sys (MCCI)
DRV - (SE27obex [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SE27obex.sys (MCCI)
DRV - (se27unic [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\se27unic.sys (MCCI)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SMBios [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SMBios.sys (Intel Corporation)
DRV - (srescan [Boot | Running]) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys (Check Point Software Technologies LTD)
DRV - (vsdatant [System | Running]) -- C:\WINDOWS\System32\vsdatant.sys (Check Point Software Technologies LTD)
DRV - ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ialmsbw.sys (Intel Corporation)
DRV - ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ialmkchw.sys (Intel Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft.com/isapi/redir.dl ... ar=msnhomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.telstra.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bigpond.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O1 HOSTS File: (698 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] "F:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart (OLYMPUS IMAGING CORP.)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}
http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab (get_atlcom Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ========== [5 C:\WINDOWS\*.tmp files]
[2009/03/25 09:18:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/03/24 21:59:03 | 00,000,000 | ---D | C] -- C:\fsaua.data
[2009/03/24 09:24:29 | 00,000,000 | ---D | C] -- C:\rsit
[2009/03/22 22:05:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/03/22 17:14:15 | 00,043,543 | ---- | C] () -- C:\Documents and Settings\DV\My Documents\1 VALHALLA PLACE CRAIGIEBURN.htm
[2009/03/22 17:14:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DV\My Documents\1 VALHALLA PLACE CRAIGIEBURN_files
[2009/03/22 17:13:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DV\My Documents\House for sale 1 Valhalla Place Craigieburn Quiet Location RealEstate 1_files
[2009/03/22 17:12:59 | 00,033,168 | ---- | C] () -- C:\Documents and Settings\DV\My Documents\House for sale 1 Valhalla Place Craigieburn Quiet Location RealEstate 1.htm
[2009/03/21 17:39:59 | 00,000,558 | ---- | C] () -- C:\Documents and Settings\DV\Desktop\DVD Shrink 3.2.lnk
[2009/03/21 15:16:26 | 00,019,968 | ---- | C] () -- C:\Documents and Settings\DV\My Documents\DL Songs.doc
[2009/03/21 14:53:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2009/03/20 18:35:28 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/20 14:09:46 | 00,047,104 | ---- | C] () -- C:\Documents and Settings\DV\My Documents\PRODUCTION COMPANIES.doc
[2009/03/20 09:39:57 | 00,002,542 | ---- | C] () -- C:\Documents and Settings\DV\My Documents\itunesreg.reg
[2009/03/20 09:33:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/03/20 09:33:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DV\Local Settings\Application Data\Downloaded Installations
[2009/03/20 06:06:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/03/19 16:14:11 | 00,002,055 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/03/19 16:13:30 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/03/19 16:13:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/03/19 16:13:05 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/03/19 16:12:48 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/03/19 16:12:22 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/03/19 16:11:54 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/03/19 16:11:48 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/03/18 19:09:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DV\My Documents\OJOsoft Corporation
[2009/03/18 19:03:43 | 02,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009/03/18 19:03:43 | 01,761,280 | ---- | C] () -- C:\WINDOWS\System32\ffdshow.ax
[2009/03/18 19:03:43 | 00,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2009/03/18 19:03:43 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2009/03/18 19:03:43 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.ax
[2009/03/18 19:03:43 | 00,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2009/03/18 15:05:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DV\Application Data\Malwarebytes
[2009/03/18 15:04:57 | 00,000,572 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/18 15:04:56 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/18 15:04:54 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/18 15:04:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/18 14:57:25 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt03.sqm
[2009/03/18 14:57:25 | 00,000,232 | -H-- | C] () -- C:\sqmdata03.sqm
[2009/03/18 14:30:22 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt02.sqm
[2009/03/18 14:30:22 | 00,000,232 | -H-- | C] () -- C:\sqmdata02.sqm
[2009/03/18 14:25:30 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt01.sqm
[2009/03/18 14:25:30 | 00,000,232 | -H-- | C] () -- C:\sqmdata01.sqm
[2009/03/17 21:20:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DV\My Documents\AnyDVDHD
[2009/03/17 21:19:36 | 00,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/03/17 21:19:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2009/03/16 15:11:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DV\Application Data\Telstra
[2009/03/16 14:25:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\DV\Local Settings\Application Data\Telstra_Corporation
[2009/03/16 14:15:04 | 00,000,000 | ---D | C] -- C:\Program Files\Telstra
[2009/03/16 14:12:19 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/03/16 14:11:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/03/09 20:08:44 | 00,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Medal of Honor Allied Assault(tm) Spearhead.lnk
[2009/03/09 20:03:08 | 00,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Medal of Honor Allied Assault.lnk
========== Files - Modified Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/25 09:17:47 | 34,395,507 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/03/25 09:17:47 | 00,057,798 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/03/25 09:17:09 | 00,570,368 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2009/03/25 09:17:09 | 00,437,248 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2009/03/25 09:15:56 | 00,348,371 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009/03/25 09:15:38 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/25 09:15:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/25 03:06:21 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/24 20:26:38 | 00,000,698 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2009/03/24 14:15:07 | 00,443,384 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/24 14:15:07 | 00,397,060 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/24 14:15:07 | 00,059,532 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/23 09:51:26 | 00,002,055 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/03/22 17:14:23 | 00,043,543 | ---- | M] () -- C:\Documents and Settings\DV\My Documents\1 VALHALLA PLACE CRAIGIEBURN.htm
[2009/03/22 17:13:02 | 00,033,168 | ---- | M] () -- C:\Documents and Settings\DV\My Documents\House for sale 1 Valhalla Place Craigieburn Quiet Location RealEstate 1.htm
[2009/03/21 17:39:59 | 00,000,558 | ---- | M] () -- C:\Documents and Settings\DV\Desktop\DVD Shrink 3.2.lnk
[2009/03/21 15:16:26 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\DV\My Documents\DL Songs.doc
[2009/03/20 23:10:04 | 00,047,104 | ---- | M] () -- C:\Documents and Settings\DV\My Documents\PRODUCTION COMPANIES.doc
[2009/03/20 18:35:28 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/03/20 09:59:59 | 00,000,040 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/03/20 09:39:57 | 00,002,542 | ---- | M] () -- C:\Documents and Settings\DV\My Documents\itunesreg.reg
[2009/03/19 16:12:48 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/03/19 16:11:54 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/03/19 10:34:29 | 00,081,360 | ---- | M] () -- C:\Documents and Settings\DV\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/18 19:44:12 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/18 15:04:57 | 00,000,572 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/18 14:57:25 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/03/18 14:57:25 | 00,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/03/18 14:30:22 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/03/18 14:30:22 | 00,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/03/18 14:25:30 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/03/18 14:25:30 | 00,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/03/16 15:33:52 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/03/16 15:33:51 | 00,325,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/03/16 15:33:51 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/03/16 15:33:49 | 00,107,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/03/16 15:30:26 | 00,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/03/15 00:23:04 | 00,618,526 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS.MVP
[2009/03/13 16:51:03 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\DV\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/09 20:22:44 | 04,769,202 | -H-- | M] () -- C:\Documents and Settings\DV\Local Settings\Application Data\IconCache.db
[2009/03/09 20:08:44 | 00,000,643 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Medal of Honor Allied Assault(tm) Spearhead.lnk
[2009/03/09 20:03:08 | 00,000,609 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Medal of Honor Allied Assault.lnk
[2009/02/25 12:55:00 | 24,768,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\WINDOWS:9B824AEA16F893E7
< End of report >