I haven't seen any more sidebars but i ran the OTL scan below. thx for your help!
OTL logfile created on: 9/9/2010 12:33:50 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Prometheus\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 72.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 119.23 Gb Total Space | 9.39 Gb Free Space | 7.88% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VALUED-474CCF39
Current User Name: Prometheus
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/09/09 12:31:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Prometheus\Desktop\OTL.exe
PRC - [2010/09/08 10:18:06 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/24 14:38:15 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\457\g2mstart.exe
PRC - [2010/07/24 14:38:15 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\457\g2mlauncher.exe
PRC - [2010/07/24 14:38:15 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\457\g2mcomm.exe
PRC - [2010/07/06 12:30:48 | 000,240,480 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/25 23:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\Prometheus\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/08/07 17:15:06 | 000,311,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2009/08/07 17:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/07/09 19:26:44 | 000,090,112 | ---- | M] (Sony Electronics Corporation) -- C:\Program Files\Sony\SmartWi Connection Utility\WCULauncher.exe
PRC - [2008/07/09 15:04:02 | 000,712,704 | ---- | M] (Sony Electronics Corporation) -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWi.exe
PRC - [2008/07/07 17:24:04 | 000,110,592 | ---- | M] (Sony Electronics, Inc) -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
PRC - [2008/06/16 19:21:36 | 002,058,776 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
PRC - [2008/06/16 19:21:15 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\LMS.exe
PRC - [2008/06/12 13:54:57 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2008/05/26 23:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/05/21 09:57:23 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2008/05/21 09:57:23 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2008/05/21 09:57:22 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2008/05/15 18:31:00 | 000,315,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2008/04/30 20:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/04/30 20:27:12 | 001,347,584 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2008/04/30 20:20:38 | 000,901,120 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2008/04/30 20:11:20 | 001,191,936 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2008/04/30 20:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/04/15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 18:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/25 20:04:42 | 000,217,088 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2008/03/25 13:53:46 | 000,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/12/06 14:39:12 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/09/26 18:05:02 | 000,524,367 | ---- | M] (Novatel Wireless Inc.) -- C:\Program Files\Sony\SmartWi Connection Utility\Phoenix.exe
PRC - [2007/06/05 23:46:52 | 000,053,776 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\psqltray.exe
PRC - [2007/02/05 12:22:08 | 000,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005/05/12 00:33:52 | 000,479,232 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
========== Modules (SafeList) ========== MOD - [2010/09/09 12:31:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Prometheus\Desktop\OTL.exe
MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/12/06 11:54:44 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
========== Win32 Services (SafeList) ========== SRV - [2010/08/15 14:32:49 | 001,355,416 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/08/07 17:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/07/07 17:24:04 | 000,110,592 | ---- | M] (Sony Electronics, Inc) [Auto | Running] -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe -- (SmartWiService)
SRV - [2008/06/16 19:21:36 | 002,058,776 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2008/06/16 19:21:15 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) Intel(R)
SRV - [2008/04/30 20:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/04/30 20:20:38 | 000,901,120 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2008/04/30 20:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/04/15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/03/25 13:53:46 | 000,176,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\PROMET~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/08/15 14:32:54 | 000,015,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/07/06 11:28:45 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/04/19 20:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/09/08 21:58:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/08/25 19:52:46 | 004,742,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/25 19:27:48 | 006,551,008 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/06/12 13:55:09 | 006,018,464 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008/05/21 14:03:47 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/05/21 09:57:23 | 000,108,767 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/05/19 12:21:48 | 000,071,961 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyPI.sys -- (SPI)
DRV - [2008/05/16 13:51:10 | 000,072,448 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\5U875.sys -- (5U875UVC)
DRV - [2008/05/16 13:26:52 | 000,046,592 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008/05/16 13:13:04 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/05/16 13:07:11 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel(R)
DRV - [2008/05/16 12:46:19 | 000,990,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2008/05/16 12:46:19 | 000,727,808 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008/05/16 12:46:19 | 000,208,256 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2008/05/09 13:07:57 | 000,022,560 | ---- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\shpf.sys -- (shpf)
DRV - [2008/05/06 00:01:50 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2008/05/01 13:09:34 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)
DRV - [2008/04/28 07:14:54 | 003,626,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008/04/13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/20 13:32:24 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/03/10 18:21:28 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/03/10 18:21:27 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/03/10 18:21:27 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/03/10 18:21:27 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/03/10 18:21:27 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/03/10 18:21:26 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007/11/05 19:55:14 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2007/09/17 16:16:46 | 000,066,560 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/09/05 17:24:00 | 000,041,216 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2007/08/16 11:28:40 | 000,047,120 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2006/11/07 10:32:32 | 000,196,096 | ---- | M] (Novatel Wireless, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NWVNdis.sys -- (NWVNDIS)
DRV - [2006/11/07 10:32:32 | 000,166,400 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2006/11/07 10:32:32 | 000,092,160 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV - [2006/11/07 10:32:32 | 000,092,160 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2006/11/07 10:32:32 | 000,092,160 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2006/08/17 16:56:52 | 000,042,240 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2plms.sys -- (ser2plms)
DRV - [2000/12/05 17:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=BABTDF&PC=BBLN&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://online.wsj.com/home/us"
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems:
moveplayer@movenetworks.com:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems:
msntoolbar@msn.com:4.0
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=BABTDF&PC=BBLN&q="
FF - HKLM\software\mozilla\Firefox\extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\Firefox [2010/08/25 11:28:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/25 11:28:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/08 10:18:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/08 10:18:17 | 000,000,000 | ---D | M]
[2010/04/13 15:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Mozilla\Extensions
[2010/04/13 15:54:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Prometheus\Application Data\Mozilla\Extensions\{2f1e6a90-e99e-11dd-ba2f-0800200c9a66}
[2010/09/09 07:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Mozilla\Firefox\Profiles\bkpoco85.default\extensions
[2010/05/11 16:41:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Prometheus\Application Data\Mozilla\Firefox\Profiles\bkpoco85.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/11 14:16:40 | 000,000,000 | ---D | M] (HyperSnap Toolbar) -- C:\Documents and Settings\Prometheus\Application Data\Mozilla\Firefox\Profiles\bkpoco85.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2009/03/24 10:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Mozilla\Firefox\Profiles\bkpoco85.default\extensions\moveplayer@movenetworks.com
[2010/08/25 19:44:03 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\Prometheus\Application Data\Mozilla\Firefox\Profiles\bkpoco85.default\searchplugins\bing.xml
[2010/09/09 07:07:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/11 15:24:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/08 19:54:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008/06/19 03:16:24 | 000,118,784 | ---- | M] (CANON INC.) -- C:\Program Files\Mozilla Firefox\plugins\MyCamera.dll
[2008/06/19 03:16:24 | 000,053,248 | ---- | M] (CANON INC.) -- C:\Program Files\Mozilla Firefox\plugins\NPCIG.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010/07/24 16:57:27 | 000,000,698 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VAIO Update 3] C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [WCULauncher] C:\Program Files\Sony\SmartWi Connection Utility\WCULauncher.exe (Sony Electronics Corporation)
O4 - HKCU..\Run: [GoToMeeting] C:\Program Files\Citrix\GoToMeeting\457\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer 3 SE Camera Monitor Ver.5.lnk = C:\Program Files\PIXELA\ImageMixer 3 SE Ver.5\Transfer Utility\CameraMonitor.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Prometheus\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Prometheus\Application Data\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files\Opanda\IExif 1.8\IExifCom.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: etrade.com ([us] https in Trusted sites)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C}
http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\psfus: DllName - C:\WINDOWS\system32\psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Prometheus\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Prometheus\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/24 16:18:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5a47d984-a5ba-11df-8eb8-00215d7046a2}\Shell - "" = AutoRun
O33 - MountPoints2\{5a47d984-a5ba-11df-8eb8-00215d7046a2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b9172cb8-2d39-11df-aff6-00215d7046a2}\Shell\AutoRun\command - "" = I:\APPInst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 90 Days ========== [2010/09/09 12:31:49 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Prometheus\Desktop\OTL.exe
[2010/09/08 20:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Application Data\Avira
[2010/09/08 20:27:59 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/09/08 20:27:58 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/09/08 20:27:58 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/09/08 20:27:58 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/09/08 20:27:57 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/09/08 20:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/09/08 20:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/09/02 23:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/02 23:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/02 23:08:08 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/02 16:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Desktop\Unused Desktop Shortcuts
[2010/08/26 20:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Desktop\iPhone Pics
[2010/08/25 11:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Application Data\Canon
[2010/08/25 11:31:39 | 000,389,180 | ---- | C] (Canon) -- C:\WINDOWS\System32\UCS32P.DLL
[2010/08/25 11:31:39 | 000,000,000 | -H-D | C] -- C:\CanoScan
[2010/08/25 11:28:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/08/25 11:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2010/08/25 11:27:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/08/25 11:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar Installer
[2010/08/22 23:14:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Prometheus\My Documents\My Dropbox
[2010/08/22 23:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Application Data\Dropbox
[2010/08/21 08:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\My Documents\Cliff Hike
[2010/08/17 23:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Local Settings\Application Data\WMA-MP3.com
[2010/08/12 21:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Streets & Trips 2009
[2010/08/12 21:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010/08/11 22:44:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\My Documents\VholdR Videos
[2010/08/11 22:44:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Local Settings\Application Data\Easy Edit Software
[2010/07/16 12:18:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/07/15 20:50:22 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Prometheus\IECompatCache
[2010/07/15 20:49:17 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Prometheus\PrivacIE
[2010/07/15 17:00:20 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Prometheus\IETldCache
[2010/07/15 16:53:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/07/15 16:50:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2010/07/15 16:23:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/07/15 16:18:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/07/15 16:18:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/07/15 16:18:57 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/07/15 16:17:23 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/07/15 09:47:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV
[2010/07/13 22:48:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Local Settings\Application Data\nyksfmwdn
[2010/07/13 15:40:11 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/13 14:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/07/13 14:50:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/07/13 14:32:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Application Data\Malwarebytes
[2010/07/13 14:32:21 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/13 14:32:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/13 14:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/13 14:32:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/13 13:54:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/13 13:50:27 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/07/13 13:50:27 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/07/13 13:50:27 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/07/13 13:50:27 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/07/13 13:50:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/13 13:50:09 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/07/13 13:49:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/07/13 08:37:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Desktop\SL Examples
[2010/07/12 22:28:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Local Settings\Application Data\hwqdmkxpw
[2010/07/09 07:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/07/09 07:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/07/08 18:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/07/08 18:24:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/07/08 17:30:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2010/07/08 17:30:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
[2010/07/08 14:19:41 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/07/08 14:19:34 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/07/08 14:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Prometheus\Local Settings\Application Data\Sunbelt Software
[2010/07/08 14:15:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{65893B95-F47B-4483-B883-86BA181E9B54}
[2010/07/08 14:12:26 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/07/08 14:12:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/07/08 14:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/07/08 10:59:24 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/07/08 10:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/07/07 21:22:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/07 21:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/06/17 13:00:50 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[42 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2010/09/09 12:31:57 | 000,078,056 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\Weston Cost Breakdown 2March10 working copy.xlsx
[2010/09/09 12:31:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Prometheus\Desktop\OTL.exe
[2010/09/09 12:20:00 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-758190093-4228296445-146539222-1008UA.job
[2010/09/09 11:53:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/09 11:20:00 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-758190093-4228296445-146539222-1008Core.job
[2010/09/09 10:59:20 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/09/09 10:45:40 | 000,095,033 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\Builder Fusion Select Health Comparison 09-08-10.pdf
[2010/09/09 07:05:00 | 000,563,887 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\TBA_FUSION PUBLISHING CONTRACT.pdf
[2010/09/08 20:43:15 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/09/08 20:42:46 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/08 20:42:45 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/08 20:42:38 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/08 20:42:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/08 20:42:23 | 3148,759,040 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/08 20:41:51 | 007,602,176 | ---- | M] () -- C:\Documents and Settings\Prometheus\NTUSER.DAT
[2010/09/08 20:41:51 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Prometheus\ntuser.ini
[2010/09/08 20:26:08 | 044,089,904 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\avira_antivir_personal_en.exe
[2010/09/07 20:40:19 | 000,049,011 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\2010-11_seasonpass-agreement.pdf
[2010/09/06 22:12:11 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/09/05 19:43:10 | 000,243,562 | ---- | M] () -- C:\Documents and Settings\Prometheus\My Documents\IBS LaLinda Design.pdf
[2010/09/05 07:41:28 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/09/04 23:26:02 | 000,011,309 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\Siding and Rooding Quantities.xlsx
[2010/09/04 14:50:03 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\Diet Tracking 30 Aug 10.xls
[2010/09/04 13:33:25 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\Prometheus\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/03 16:18:35 | 000,092,672 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\follow up list-1.xls
[2010/09/02 13:33:55 | 000,065,356 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\https___stmts.chase.com_Stmt2.pdf
[2010/09/02 12:05:04 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\EOC 2010 Leads.xls
[2010/09/02 12:01:14 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\Parade of Homes App Market List.xls
[2010/08/30 18:47:12 | 000,081,045 | ---- | M] () -- C:\Documents and Settings\Prometheus\My Documents\Kari's Lenovo Order.pdf
[2010/08/30 11:12:00 | 000,798,720 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\BF Cash budget Jan-Dec 10.xls
[2010/08/29 20:26:45 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Prometheus\My Documents\Diet Tracking.xls
[2010/08/29 13:17:05 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Streets & Trips 2009.lnk
[2010/08/29 13:16:38 | 008,393,216 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\CURRENT.est
[2010/08/28 17:12:14 | 000,083,075 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\Kari's Sony VAIO Receipt.pdf
[2010/08/25 13:10:36 | 000,018,073 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
[2010/08/24 18:00:00 | 004,119,577 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\eco venetian.pdf
[2010/08/24 12:10:23 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\Exibitor List.xls
[2010/08/23 19:50:24 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/23 10:28:12 | 000,259,072 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\HBA of Greater Tulsa Contract and Invoice (rev 082310a).doc
[2010/08/22 23:14:26 | 000,001,013 | ---- | M] () -- C:\Documents and Settings\Prometheus\Start Menu\Programs\Startup\Dropbox.lnk
[2010/08/19 21:47:46 | 000,001,635 | ---- | M] () -- C:\WINDOWS\option.dat
[2010/08/19 17:14:00 | 000,406,884 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\Anchor_Highland_CM134v6[1].pdf
[2010/08/17 12:10:12 | 000,158,697 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\WCG_PriceList.pdf
[2010/08/13 09:53:51 | 000,058,294 | ---- | M] () -- C:\Documents and Settings\Prometheus\My Documents\Questar Gas Payment.pdf
[2010/08/11 13:09:52 | 000,391,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/11 13:09:01 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\Copy of AR report 8 11 10.xls
[2010/08/11 12:41:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/11 12:40:28 | 000,606,038 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/11 12:40:28 | 000,515,382 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/11 12:40:28 | 000,098,964 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/10 10:26:32 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\Kohler Additional Order.xls
[2010/08/05 20:19:29 | 003,023,620 | ---- | M] () -- C:\Documents and Settings\Prometheus\My Documents\FM21-76_SurvivalManual.pdf
[2010/07/25 22:55:21 | 000,428,949 | ---- | M] () -- C:\Documents and Settings\Prometheus\My Documents\GCSR_maps.pdf
[2010/07/24 16:57:27 | 000,000,698 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/16 12:47:34 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2010/07/15 20:15:03 | 000,001,504 | ---- | M] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2010/07/15 16:46:40 | 000,000,356 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2010/07/15 16:24:30 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Enalujoxumugeya.bin
[2010/07/15 16:24:29 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Rjuvi.dat
[2010/07/15 16:20:50 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/07/15 16:16:38 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/07/15 16:16:37 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/07/15 16:16:37 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/15 16:16:33 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/07/15 16:16:02 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/07/15 16:16:02 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/07/15 16:15:54 | 000,000,679 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/15 16:14:52 | 000,023,444 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/07/15 16:13:02 | 000,000,282 | -HS- | M] () -- C:\boot.ini
[2010/07/15 16:12:45 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/07/15 16:05:14 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/13 19:51:05 | 000,643,058 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2010/07/13 14:50:28 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/07/10 17:08:21 | 000,083,086 | ---- | M] () -- C:\Documents and Settings\Prometheus\My Documents\Alpine School Year.pdf
[2010/07/08 16:30:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2010/07/08 16:30:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/07/08 14:19:34 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/07/08 14:14:55 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/07/06 11:28:45 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/07/06 11:28:44 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/06/15 11:50:34 | 000,077,602 | ---- | M] () -- C:\Documents and Settings\Prometheus\My Documents\iPhone 4 receipt.pdf
[2010/06/15 07:55:03 | 001,656,832 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\BFSalesPowerPointJuly09.ppt
[2010/06/13 09:19:19 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Prometheus\My Documents\2 Nephi 31.doc
[42 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/09/09 10:45:45 | 000,095,033 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\Builder Fusion Select Health Comparison 09-08-10.pdf
[2010/09/09 07:05:00 | 000,563,887 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\TBA_FUSION PUBLISHING CONTRACT.pdf
[2010/09/08 20:23:40 | 044,089,904 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\avira_antivir_personal_en.exe
[2010/09/07 20:40:19 | 000,049,011 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\2010-11_seasonpass-agreement.pdf
[2010/09/05 19:43:10 | 000,243,562 | ---- | C] () -- C:\Documents and Settings\Prometheus\My Documents\IBS LaLinda Design.pdf
[2010/09/04 15:04:58 | 000,011,309 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\Siding and Rooding Quantities.xlsx
[2010/09/02 13:33:55 | 000,065,356 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\https___stmts.chase.com_Stmt2.pdf
[2010/09/02 12:01:10 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\Parade of Homes App Market List.xls
[2010/08/30 18:47:11 | 000,081,045 | ---- | C] () -- C:\Documents and Settings\Prometheus\My Documents\Kari's Lenovo Order.pdf
[2010/08/30 11:12:00 | 000,798,720 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\BF Cash budget Jan-Dec 10.xls
[2010/08/29 20:27:05 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\Diet Tracking 30 Aug 10.xls
[2010/08/29 20:26:45 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Prometheus\My Documents\Diet Tracking.xls
[2010/08/28 17:12:13 | 000,083,075 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\Kari's Sony VAIO Receipt.pdf
[2010/08/25 11:37:06 | 000,018,073 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2010/08/25 11:31:39 | 000,393,225 | ---- | C] () -- C:\WINDOWS\System32\CNQ1209F.PLG
[2010/08/25 11:31:39 | 000,393,225 | ---- | C] () -- C:\WINDOWS\System32\CNQ1209B.PLG
[2010/08/25 11:31:39 | 000,393,225 | ---- | C] () -- C:\WINDOWS\System32\CNQ12091.PLG
[2010/08/24 18:00:00 | 004,119,577 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\eco venetian.pdf
[2010/08/24 12:10:23 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\Exibitor List.xls
[2010/08/23 10:28:11 | 000,259,072 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\HBA of Greater Tulsa Contract and Invoice (rev 082310a).doc
[2010/08/22 23:14:26 | 000,001,013 | ---- | C] () -- C:\Documents and Settings\Prometheus\Start Menu\Programs\Startup\Dropbox.lnk
[2010/08/19 17:14:00 | 000,406,884 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\Anchor_Highland_CM134v6[1].pdf
[2010/08/17 12:10:12 | 000,158,697 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\WCG_PriceList.pdf
[2010/08/13 09:53:44 | 000,058,294 | ---- | C] () -- C:\Documents and Settings\Prometheus\My Documents\Questar Gas Payment.pdf
[2010/08/12 21:29:42 | 000,002,465 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Streets & Trips 2009.lnk
[2010/08/11 13:09:01 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\Copy of AR report 8 11 10.xls
[2010/08/08 22:28:13 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\Kohler Additional Order.xls
[2010/08/08 22:26:11 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Prometheus\Desktop\EOC 2010 Leads.xls
[2010/08/05 21:24:25 | 003,023,620 | ---- | C] () -- C:\Documents and Settings\Prometheus\My Documents\FM21-76_SurvivalManual.pdf
[2010/07/26 10:51:56 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/07/25 22:55:21 | 000,428,949 | ---- | C] () -- C:\Documents and Settings\Prometheus\My Documents\GCSR_maps.pdf
[2010/07/16 12:47:34 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2010/07/15 16:46:40 | 000,000,356 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2010/07/15 16:22:51 | 3148,759,040 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/15 16:19:34 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/07/15 16:18:51 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/07/15 16:18:51 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/07/15 16:18:50 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/07/15 16:18:16 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/07/15 16:18:15 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/07/15 16:18:09 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/07/15 16:18:08 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/07/15 16:18:07 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/07/15 16:17:54 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/07/15 16:17:49 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/07/15 16:17:45 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/07/15 16:17:25 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/07/15 16:17:22 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/07/15 16:17:22 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/07/15 16:17:22 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/07/15 16:17:22 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/07/15 16:17:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/07/15 16:17:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/07/15 16:17:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/07/15 16:17:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/07/15 16:17:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/07/15 16:17:21 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/07/15 16:17:21 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/07/15 16:17:21 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/07/15 16:17:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/07/15 16:17:20 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/07/15 16:17:20 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/07/15 16:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/07/15 16:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/07/15 16:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/07/15 16:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/07/15 16:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/07/15 16:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/07/15 16:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/07/15 16:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/07/15 16:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/07/15 16:17:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/07/15 16:17:19 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/07/15 16:17:19 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/07/15 16:17:19 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/07/15 16:17:19 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/07/15 16:17:19 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/07/15 16:17:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/07/15 16:17:18 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/07/15 16:17:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/07/15 16:17:17 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/07/15 16:17:17 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/07/15 16:17:17 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/07/15 16:17:17 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/07/15 16:17:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/07/15 16:17:16 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/07/15 16:16:02 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/07/15 16:15:59 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/07/15 16:04:43 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/07/15 16:04:43 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/07/15 16:04:43 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/07/15 16:04:43 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/07/15 16:04:43 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/07/15 16:04:43 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/07/15 16:04:43 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/07/15 16:04:43 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/07/15 16:04:42 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/07/15 16:04:42 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/07/15 16:04:42 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/07/15 16:04:42 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/07/15 16:04:42 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/07/15 16:04:42 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/07/15 16:04:42 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/07/15 16:04:42 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/07/15 16:04:42 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/07/15 16:04:41 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/07/15 16:04:41 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/07/13 14:50:28 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/07/13 13:54:12 | 000,000,213 | -HS- | C] () -- C:\Boot.bak
[2010/07/13 13:54:08 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/07/13 13:50:27 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/07/13 13:50:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/07/13 13:50:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/07/13 13:50:27 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/13 13:50:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/07/12 22:31:30 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Rjuvi.dat
[2010/07/12 22:31:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Enalujoxumugeya.bin
[2010/07/10 17:08:21 | 000,083,086 | ---- | C] () -- C:\Documents and Settings\Prometheus\My Documents\Alpine School Year.pdf
[2010/07/09 07:15:45 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/07/08 18:09:00 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/07/08 16:30:21 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2010/07/08 16:30:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010/07/08 14:20:22 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/07/08 14:14:55 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/06/30 21:14:45 | 000,666,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/15 11:50:33 | 000,077,602 | ---- | C] () -- C:\Documents and Settings\Prometheus\My Documents\iPhone 4 receipt.pdf
[2010/06/13 09:19:19 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Prometheus\My Documents\2 Nephi 31.doc
[2010/06/04 14:56:59 | 000,001,497 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\Hewlett-PackardHP Officejet 5600 series1252703931_UI.log
[2010/06/04 14:56:59 | 000,000,854 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\Hewlett-PackardHP Officejet 5600 series1252703931_PROTOCOL.log
[2010/06/04 14:56:59 | 000,000,325 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\Hewlett-PackardHP Officejet 5600 series1252703931_API.log
[2010/06/04 14:56:59 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2010/04/21 23:24:03 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\lZJoYI4Nl0eqQ3j+wCKUIry3uRhdsn5SdheWTZPOlw==.trl
[2009/10/28 12:48:51 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/10/28 12:48:51 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\PnkBstrK.sys
[2009/09/14 10:51:07 | 000,000,363 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
[2009/09/14 10:51:07 | 000,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2009/09/14 10:51:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\HelpFilesUpdatePatch_HELPFILEREPLACE.log
[2009/09/14 10:50:42 | 000,002,936 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\PatchUpdate_InstantShareJPG.log
[2009/09/14 10:50:42 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2009/09/14 10:50:21 | 000,003,750 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\PatchUpdate_IZClosingDiscError.log
[2009/09/14 10:50:21 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2009/09/14 10:50:06 | 000,002,141 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\HPSU_48BitScanUpdate.log
[2009/09/14 10:50:06 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2009/09/14 10:48:24 | 000,160,903 | ---- | C] () -- C:\Documents and Settings\Prometheus\Application Data\Update_HP_RedboxHprblog_HPSU.log
[2009/09/14 10:48:24 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/04/21 14:43:37 | 000,001,202 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/02/04 19:14:19 | 000,018,790 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll
[2009/02/04 17:40:00 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\Prometheus\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/04 16:18:22 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/02/04 15:49:25 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Prometheus\Local Settings\Application Data\fusioncache.dat
[2008/07/24 19:59:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/07/24 19:09:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2008/07/24 18:49:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/07/24 18:49:14 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/07/24 18:49:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/07/24 18:49:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/07/24 18:49:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/07/24 18:49:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/07/24 16:48:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll
[2008/07/24 16:24:03 | 000,000,811 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2008/07/24 16:07:52 | 000,000,764 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/04/13 23:42:04 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/12/06 11:55:12 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/10/18 18:36:54 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\deskMenu2.dll
[2007/10/18 15:47:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/02/17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/12 13:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ========== [2009/02/26 12:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2009/12/02 01:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010/07/09 07:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2009/02/17 12:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Novatel Wireless
[2010/08/25 11:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/04/08 21:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pixela
[2010/03/24 10:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2010/09/05 07:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/07/24 18:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2010/04/06 22:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/03/16 10:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/07 07:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/08 14:15:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{65893B95-F47B-4483-B883-86BA181E9B54}
[2009/09/09 15:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/06 12:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/22 14:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Amazon
[2009/06/16 07:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Autodesk
[2009/11/10 17:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Blitware
[2010/08/25 13:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Canon
[2009/02/04 19:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\deskPDF
[2010/09/08 20:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Dropbox
[2009/02/07 11:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\InterVideo
[2009/05/03 00:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\OpenOffice.org
[2010/04/13 15:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Scendix Software
[2010/05/11 14:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Toolbar4
[2009/02/20 13:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Windows Desktop Search
[2009/02/22 23:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Windows Search
[2010/04/21 21:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Xilisoft
[2009/02/07 11:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prometheus\Application Data\Xilisoft Corporation
[2010/09/08 20:43:15 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/11/10 17:39:48 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2010/09/08 20:42:21 | 000,020,156 | ---- | M] () -- C:\aaw7boot.log
[2010/03/13 17:02:12 | 000,222,485 | ---- | M] () -- C:\acadminidump.dmp
[2008/07/24 16:18:39 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/02/04 15:49:14 | 000,000,213 | -HS- | M] () -- C:\Boot.bak
[2010/07/15 16:13:02 | 000,000,282 | -HS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/07/13 14:05:28 | 000,033,142 | ---- | M] () -- C:\ComboFix.txt
[2008/07/24 16:18:39 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/05/17 16:50:08 | 000,000,050 | ---- | M] () -- C:\DVDPATH.TXT
[2010/09/08 20:42:23 | 3148,759,040 | -HS- | M] () -- C:\hiberfil.sys
[2008/07/24 16:18:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/07/24 16:18:39 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 00:01:44 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/08 20:42:21 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009/06/16 07:27:13 | 000,002,606 | ---- | M] () -- C:\PlotandPublishLog.CSV
[2009/02/04 19:46:57 | 000,000,573 | ---- | M] () -- C:\RHDSetup.log
[2010/07/15 16:28:02 | 000,000,365 | ---- | M] () -- C:\rkill.log
[2009/02/04 19:49:40 | 000,000,087 | ---- | M] () -- C:\setup.log
[2010/07/09 07:25:45 | 000,043,648 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_09.07.2010_07.25.39_log.txt
[2010/07/09 07:34:12 | 000,042,472 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_09.07.2010_07.33.58_log.txt
[2010/07/09 16:33:00 | 000,042,472 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_09.07.2010_16.32.54_log.txt
[2010/07/10 15:25:24 | 000,042,472 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_10.07.2010_15.25.16_log.txt
[2010/07/10 17:18:20 | 000,042,472 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_10.07.2010_17.18.14_log.txt
[2010/07/10 21:27:22 | 000,042,472 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_10.07.2010_21.27.17_log.txt
[2010/07/12 22:33:40 | 000,042,472 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_12.07.2010_22.33.34_log.txt
[2010/07/13 09:52:27 | 000,002,426 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_13.07.2010_09.52.26_log.txt
[2010/07/13 09:59:13 | 000,003,068 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_13.07.2010_09.59.13_log.txt
[2010/07/13 10:10:28 | 000,003,068 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_13.07.2010_10.10.27_log.txt
[2010/07/13 10:15:42 | 000,001,560 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_13.07.2010_10.15.42_log.txt
[2010/07/24 17:00:17 | 000,041,606 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_24.07.2010_17.00.13_log.txt
[2010/07/25 22:35:42 | 000,041,146 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_25.07.2010_22.35.37_log.txt
[2010/07/24 16:47:42 | 000,044,512 | ---- | M] () -- C:\TDSSKiller.2.4.0.0_24.07.2010_16.47.24_log.txt
[2010/07/24 16:59:16 | 000,044,758 | ---- | M] () -- C:\TDSSKiller.2.4.0.0_24.07.2010_16.59.02_log.txt
[2009/02/07 11:52:24 | 000,000,648 | ---- | M] () -- C:\temp.txt
[2009/10/14 18:32:35 | 000,000,409 | ---- | M] () -- C:\WSC_PROFILE.txt
< %systemroot%\Fonts\*.com >[2006/04/18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >[2005/05/11 23:36:48 | 000,012,288 | ---- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
< %systemroot%\Fonts\*.ini >[2010/07/15 16:16:17 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* >[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 04:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* > < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav >[2010/07/15 10:02:26 | 000,339,968 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/07/13 15:51:19 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2010/07/15 10:02:26 | 044,273,664 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/07/15 10:02:26 | 007,340,032 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\bak. /s > < %systemroot%\system32\bak. /s > < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[2010/07/15 16:16:39 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x > < %systemroot%\*.config > < %systemroot%\system32\*.db > < %PROGRAMFILES%\Internet Explorer\*.dat > < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[2010/07/22 07:33:34 | 000,000,177 | -HS- | M] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2008/07/24 16:23:50 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Prometheus\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >[2010/09/08 20:26:08 | 044,089,904 | ---- | M] () -- C:\Documents and Settings\Prometheus\Desktop\avira_antivir_personal_en.exe
[2010/09/09 12:31:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Prometheus\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* > < %systemroot%\*.src > < %systemroot%\install\*.* > < %systemroot%\system32\DLL\*.* > < %systemroot%\system32\HelpFiles\*.* > < %systemroot%\system32\rundll\*.* > < %systemroot%\winn32\*.* > < %systemroot%\Java\*.* > < %systemroot%\system32\test\*.* > < %systemroot%\system32\Rundll32\*.* > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-11 18:41:26
========== Alternate Data Streams ========== @Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C39E55C5
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8C35AEA7
< End of report >