OTL logfile created on: 12/21/2010 9:04:26 AM - Run 2
OTL by OldTimer - Version 3.2.17.4 Folder = C:\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 75.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS.000 | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 72.12 Gb Free Space | 64.52% Space Free | Partition Type: NTFS
Drive D: | 7.81 Mb Total Space | 3.81 Mb Free Space | 48.72% Space Free | Partition Type: NTFS
Drive E: | 7.81 Mb Total Space | 3.82 Mb Free Space | 48.92% Space Free | Partition Type: NTFS
Drive F: | 55.91 Gb Total Space | 37.59 Gb Free Space | 67.23% Space Free | Partition Type: NTFS
Drive H: | 465.76 Gb Total Space | 437.60 Gb Free Space | 93.95% Space Free | Partition Type: NTFS
Computer Name: OTTERSEA | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/20 18:14:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
PRC - [2010/12/03 13:35:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/03 13:35:08 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/05 17:53:56 | 000,327,000 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2010/09/07 09:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/07/12 10:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/01/30 09:35:16 | 000,451,920 | ---- | M] (ACD Systems) -- C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.000\explorer.exe
PRC - [2006/11/14 00:07:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
PRC - [2002/04/17 14:51:08 | 000,290,816 | ---- | M] (Voyetra Turtle Beach, Inc.) -- C:\WINDOWS.000\SYSTEM32\tbctray.exe
PRC - [2001/08/17 22:36:54 | 000,086,016 | ---- | M] (PCtel, Inc.) -- C:\WINDOWS.000\SYSTEM32\pctspk.exe
========== Modules (SafeList) ==========
MOD - [2010/12/20 18:14:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.000\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS.000\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/11/05 17:53:56 | 000,327,000 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2001/08/17 22:36:54 | 000,086,016 | ---- | M] (PCtel, Inc.) [Auto | Running] -- C:\WINDOWS.000\SYSTEM32\pctspk.exe -- (Pctspk)
========== Driver Services (SafeList) ==========
DRV - [2010/09/07 08:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS.000\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 08:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS.000\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 08:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS.000\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 08:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS.000\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 08:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS.000\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 08:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS.000\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/07/09 16:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2010/05/10 12:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/13 17:45:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010/04/13 17:45:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010/04/13 17:45:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010/04/13 17:45:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010/04/13 17:45:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2010/02/17 12:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/27 17:10:44 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2009/06/02 17:02:46 | 005,085,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/04/26 15:17:06 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\tmcomm.sys -- (tmcomm)
DRV - [2008/11/25 17:18:26 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\epmntdrv.sys -- (epmntdrv)
DRV - [2008/11/25 17:18:22 | 000,003,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2008/10/30 20:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/08/05 19:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\Ambfilt.sys -- (Ambfilt)
DRV - [2008/06/16 08:02:34 | 000,017,024 | ---- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\BS_I2cIo.sys -- (BS_I2cIo)
DRV - [2008/04/13 23:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/04/13 23:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS.000\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 21:05:40 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\sisnic.sys -- (SISNIC)
DRV - [2008/04/13 10:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/15 12:12:06 | 005,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\igxpmp32.sys -- (ialm)
DRV - [2006/11/27 11:19:46 | 000,050,688 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\RxFilter.sys -- (RxFilter)
DRV - [2006/11/01 07:59:36 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS.000\SYSTEM32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/11/01 07:59:10 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS.000\SYSTEM32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/11/01 07:59:10 | 000,035,064 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS.000\SYSTEM32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/11/01 07:59:08 | 000,098,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS.000\SYSTEM32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/11/01 07:59:06 | 000,026,744 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS.000\SYSTEM32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/11/01 07:59:04 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS.000\SYSTEM32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/11/01 07:59:02 | 000,104,760 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS.000\SYSTEM32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/11/01 07:59:02 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS.000\SYSTEM32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/10/25 07:22:22 | 000,099,816 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS.000\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2006/09/15 08:45:24 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/09/15 08:45:22 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/09/15 08:42:52 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/01/04 14:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\Monfilt.sys -- (Monfilt)
DRV - [2005/03/16 00:23:54 | 000,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\BIOS.sys -- (BIOS)
DRV - [2002/08/28 22:59:12 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\an983.sys -- (AN983)
DRV - [2002/08/28 22:16:16 | 000,450,176 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2002/04/17 14:51:08 | 000,545,088 | ---- | M] (Voyetra Turtle Beach) [Kernel | On_Demand | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\tbcwdm.sys -- (tbcwdm)
DRV - [2002/04/17 14:51:08 | 000,144,768 | ---- | M] (Voyetra Turtle Beach) [Kernel | On_Demand | Running] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\tbcspud.sys -- (tbcspud)
DRV - [2002/03/21 19:44:32 | 000,019,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Turtle Beach\Santa Cruz\Control Panel\vtdg46xx.sys -- (vtdg46xx)
DRV - [2001/08/17 14:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 13:28:16 | 000,397,502 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS.000\system32\DRIVERS\vpctcom.sys -- (Vpctcom)
DRV - [2001/08/17 13:28:16 | 000,064,605 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS.000\system32\DRIVERS\vvoice.sys -- (Vvoice)
DRV - [2001/08/17 13:28:14 | 000,604,253 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS.000\system32\DRIVERS\vmodem.sys -- (Vmodem)
DRV - [2001/08/17 13:28:14 | 000,112,574 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\ptserlp.sys -- (Ptserlp)
DRV - [2001/08/17 11:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [2001/08/17 11:12:14 | 000,019,016 | ---- | M] (Kingston Technology Company ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\KTC111.SYS -- (KTC111)
DRV - [2000/05/22 19:08:04 | 000,031,470 | ---- | M] (Network Everywhere) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.000\SYSTEM32\DRIVERS\NC100A.sys -- (NC100) Network Everywhere Fast Ethernet Adapter(NC100 v2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.000\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.mc545.mail.yahoo.com/mc/welco ... r79a38d22/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://us.mc545.mail.yahoo.com/mc/welco ... r79a38d22/
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "https://login.yahoo.com/config/login_verify2?&.src=ym"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/19 15:21:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/19 15:21:34 | 000,000,000 | ---D | M]
[2010/12/19 15:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions
[2009/03/19 11:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/12/20 18:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\cirveo8y.default\extensions
[2010/12/20 18:17:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\cirveo8y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/21 09:02:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/19 08:49:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/12/19 08:49:29 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/12 10:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
O1 HOSTS File: ([2003/03/31 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS.000\SYSTEM32\DRIVERS\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {6F4F95AF-1647-4B72-A632-055405455423} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS.000\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [Device Detector] File not found
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Roxio\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS.000\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS.000\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [TraySantaCruz] C:\WINDOWS.000\SYSTEM32\tbctray.exe (Voyetra Turtle Beach, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Program Files\Opanda\IExif 2.3\IExifMap.htm ()
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files\Opanda\IExif 2.3\IExifCom.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 9979722917 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS.000\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java file://C:\WINDOWS.000\SYSTEM\iejava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS.000\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.142.136.220 64.91.3.46
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS.000\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS.000\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/15 04:16:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/12/21 08:59:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/19 08:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/12/19 08:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/12/17 12:14:42 | 001,345,624 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Desktop\tdsskiller.exe
[2010/12/17 12:03:43 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/12/17 11:58:54 | 000,000,000 | ---D | C] -- C:\WINDOWS.000\Internet Logs
[2010/12/17 11:56:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\IO
[2010/12/13 11:42:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/12/11 10:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/12/11 09:59:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/12/11 09:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Temp
[2010/12/11 09:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/12/11 09:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/12/11 09:54:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Google
[2010/12/11 09:42:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Uniblue
[2010/12/11 09:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/12/11 09:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Web Player
[2010/12/10 14:27:50 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2010/12/10 14:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/12/10 12:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/10 12:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\SUPERAntiSpyware.com
[2010/12/10 12:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/12/07 18:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\WinRAR
[2010/12/07 18:49:09 | 000,000,000 | ---D | C] -- C:\WINDOWS.000\System32\2120678167
[2010/12/07 18:48:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\admin\Application Data\Desktop
[2010/12/05 14:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\eCalc Calculator
[2006/11/23 13:06:02 | 000,028,672 | R--- | C] ( ) -- C:\WINDOWS.000\System32\DivXGraphBuilderCallback.dll
[33 C:\WINDOWS.000\Fonts\*.tmp files -> C:\WINDOWS.000\Fonts\*.tmp -> ]
[1 C:\Documents and Settings\admin\Desktop\*.tmp files -> C:\Documents and Settings\admin\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\admin\*.tmp files -> C:\Documents and Settings\admin\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/12/21 09:01:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS.000\System32\wpa.dbl
[2010/12/21 09:01:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS.000\bootstat.dat
[2010/12/21 09:01:21 | 2137,313,280 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/21 08:59:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS.000\tasks\Uninstall Expiration Reminder.job
[2010/12/21 02:00:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS.000\tasks\ParetoLogic Registration.job
[2010/12/20 18:18:35 | 000,000,464 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\OTL.lnk
[2010/12/20 18:17:12 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (3).lnk
[2010/12/19 15:21:38 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/19 15:21:38 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/12/19 14:55:45 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/12/19 14:53:49 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2010/12/18 02:12:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS.000\tasks\ParetoLogic Update Version2.job
[2010/12/17 18:07:29 | 000,000,505 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\SystemLook.lnk
[2010/12/17 13:54:06 | 000,331,488 | ---- | M] () -- C:\WINDOWS.000\System32\FNTCACHE.DAT
[2010/12/17 13:53:01 | 000,001,393 | ---- | M] () -- C:\WINDOWS.000\imsins.BAK
[2010/12/17 12:14:53 | 001,345,624 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Desktop\tdsskiller.exe
[2010/12/17 12:09:49 | 000,443,392 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\CKScanner.exe
[2010/12/17 12:02:29 | 000,000,498 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\OTM.lnk
[2010/12/16 01:00:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS.000\tasks\AppleSoftwareUpdate.job
[2010/12/15 16:10:49 | 000,000,247 | RHS- | M] () -- C:\boot.ini
[2010/12/13 11:42:42 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\HiJackThis.lnk
[2010/12/11 10:05:13 | 000,257,972 | ---- | M] () -- C:\Documents and Settings\admin\My Documents\cc_20101211_100454.reg
[2010/12/11 09:56:25 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2010/12/10 14:28:04 | 000,001,973 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\SpyHunter.lnk
[2010/12/10 12:27:58 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/10 00:19:55 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/12/10 00:19:51 | 000,002,626 | ---- | M] () -- C:\WINDOWS.000\System32\CONFIG.NT
[2010/12/09 07:57:46 | 000,001,185 | ---- | M] () -- C:\WINDOWS.000\System32\1009706764
[2010/12/09 07:34:00 | 000,000,866 | ---- | M] () -- C:\Documents and Settings\admin\.recently-used.xbel
[2010/12/07 18:49:09 | 000,203,776 | -HS- | M] () -- C:\WINDOWS.000\System32\unrar.exe
[2010/12/05 14:30:05 | 000,001,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\eCalc Calculator.lnk
[2010/12/04 23:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS.000\tasks\Tune-up Application Start.job
[2010/12/01 10:35:53 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\ACDSee Photo Manager 2009.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS.000\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS.000\System32\drivers\mbam.sys
[1 C:\Documents and Settings\admin\Desktop\*.tmp files -> C:\Documents and Settings\admin\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\admin\*.tmp files -> C:\Documents and Settings\admin\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/12/20 18:18:35 | 000,000,464 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\OTL.lnk
[2010/12/20 18:17:12 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (3).lnk
[2010/12/19 15:21:38 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/19 15:21:38 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/12/19 14:53:49 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2010/12/17 18:07:29 | 000,000,505 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\SystemLook.lnk
[2010/12/17 12:09:45 | 000,443,392 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\CKScanner.exe
[2010/12/17 12:02:14 | 000,000,498 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\OTM.lnk
[2010/12/15 16:11:51 | 2137,313,280 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/13 11:42:42 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\HiJackThis.lnk
[2010/12/11 10:04:59 | 000,257,972 | ---- | C] () -- C:\Documents and Settings\admin\My Documents\cc_20101211_100454.reg
[2010/12/11 09:56:25 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2010/12/10 14:28:04 | 000,001,973 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\SpyHunter.lnk
[2010/12/10 12:27:58 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/09 07:34:00 | 000,000,866 | ---- | C] () -- C:\Documents and Settings\admin\.recently-used.xbel
[2010/12/08 18:47:54 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/12/07 18:50:17 | 000,001,185 | ---- | C] () -- C:\WINDOWS.000\System32\1009706764
[2010/12/07 18:49:09 | 000,203,776 | -HS- | C] () -- C:\WINDOWS.000\System32\unrar.exe
[2010/12/05 14:30:05 | 000,001,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\eCalc Calculator.lnk
[2010/11/10 21:17:43 | 000,000,260 | ---- | C] () -- C:\WINDOWS.000\MSREGUSR.INI
[2010/07/24 02:43:50 | 000,147,456 | ---- | C] () -- C:\WINDOWS.000\System32\igfxCoIn_v4926.dll
[2010/06/29 20:01:57 | 000,056,056 | ---- | C] () -- C:\WINDOWS.000\System32\DLAAPI_W.DLL
[2010/05/27 08:49:22 | 000,000,035 | ---- | C] () -- C:\WINDOWS.000\A4W.INI
[2010/05/27 08:47:38 | 000,001,212 | ---- | C] () -- C:\WINDOWS.000\pstudio.ini
[2010/05/27 08:47:38 | 000,000,028 | ---- | C] () -- C:\WINDOWS.000\album.ini
[2010/05/27 08:47:38 | 000,000,021 | ---- | C] () -- C:\WINDOWS.000\Ps_setup.ini
[2010/03/10 16:23:55 | 000,001,793 | ---- | C] () -- C:\WINDOWS.000\System32\fxsperf.ini
[2010/02/11 10:18:48 | 000,000,092 | ---- | C] () -- C:\WINDOWS.000\MFPD.INI
[2009/11/23 15:44:09 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\Smiley.ico
[2009/09/24 08:45:32 | 000,000,388 | ---- | C] () -- C:\WINDOWS.000\ODBC.INI
[2009/05/25 12:25:17 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/24 12:45:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS.000\ATIMMC.INI
[2009/04/21 17:41:39 | 000,000,090 | ---- | C] () -- C:\WINDOWS.000\QBChanUtil_Trigger.ini
[2009/04/03 09:14:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS.000\PEZDOWNLOAD.INI
[2009/03/27 15:40:42 | 000,002,108 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\rx_audio.Cache
[2009/03/21 17:48:46 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat
[2009/03/18 09:53:18 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[2009/03/13 08:18:21 | 000,000,814 | ---- | C] () -- C:\WINDOWS.000\CDFACE32.INI
[2009/03/13 08:18:19 | 000,118,784 | ---- | C] () -- C:\WINDOWS.000\System32\LFKODAK.DLL
[2009/03/13 08:18:17 | 000,338,944 | ---- | C] () -- C:\WINDOWS.000\System32\LFFPX7.DLL
[2009/02/28 13:49:06 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Printers
[2009/02/28 13:49:06 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\admin\Application Data\Pop Flute
[2009/02/28 13:49:06 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
[2009/02/24 18:56:22 | 000,000,718 | ---- | C] () -- C:\WINDOWS.000\WINHELP.INI
[2009/02/24 07:43:01 | 000,000,005 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameG.txt
[2009/02/19 18:48:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\rx_image.Cache
[2009/02/18 21:43:22 | 000,012,327 | ---- | C] () -- C:\WINDOWS.000\IOS.INI
[2009/02/18 21:43:22 | 000,005,068 | ---- | C] () -- C:\WINDOWS.000\DELETEFI.INI
[2009/02/18 21:43:22 | 000,003,598 | ---- | C] () -- C:\WINDOWS.000\HTMLHELP.INI
[2009/02/18 21:43:22 | 000,003,146 | ---- | C] () -- C:\WINDOWS.000\TELEPHON.INI
[2009/02/18 21:43:22 | 000,002,379 | ---- | C] () -- C:\WINDOWS.000\LEXSTAT.INI
[2009/02/18 21:43:22 | 000,001,119 | ---- | C] () -- C:\WINDOWS.000\dop.ini
[2009/02/18 21:43:22 | 000,000,865 | ---- | C] () -- C:\WINDOWS.000\DOSREP.INI
[2009/02/18 21:43:22 | 000,000,787 | ---- | C] () -- C:\WINDOWS.000\SCANREG.INI
[2009/02/18 21:43:22 | 000,000,643 | ---- | C] () -- C:\WINDOWS.000\wininit.ini
[2009/02/18 21:43:22 | 000,000,180 | ---- | C] () -- C:\WINDOWS.000\LEXHBP.INI
[2009/02/18 21:43:22 | 000,000,124 | ---- | C] () -- C:\WINDOWS.000\QTW.INI
[2009/02/18 21:43:22 | 000,000,074 | ---- | C] () -- C:\WINDOWS.000\voydll.ini
[2009/02/18 21:43:22 | 000,000,044 | ---- | C] () -- C:\WINDOWS.000\EXCHNG32.INI
[2009/02/18 21:43:22 | 000,000,026 | ---- | C] () -- C:\WINDOWS.000\MSOFFICE.INI
[2009/02/18 21:43:22 | 000,000,019 | ---- | C] () -- C:\WINDOWS.000\vautorun.ini
[2009/02/18 21:43:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS.000\progman.ini
[2009/02/18 21:43:21 | 000,007,885 | ---- | C] () -- C:\WINDOWS.000\NETDET.INI
[2009/02/18 21:43:21 | 000,000,122 | ---- | C] () -- C:\WINDOWS.000\PROTOCOL.INI
[2009/02/18 21:43:21 | 000,000,060 | ---- | C] () -- C:\WINDOWS.000\POWERPNT.INI
[2009/02/18 21:43:21 | 000,000,054 | ---- | C] () -- C:\WINDOWS.000\WAVEMIX.INI
[2009/02/18 21:34:52 | 000,004,337 | ---- | C] () -- C:\WINDOWS.000\ODBCINST.INI
[2009/02/18 21:19:28 | 001,822,720 | ---- | C] () -- C:\WINDOWS.000\System32\cmiwcnfg.dll
[2009/02/18 14:20:31 | 000,472,064 | ---- | C] () -- C:\WINDOWS.000\System32\NTFSFormat.dll
[2009/02/18 14:20:31 | 000,180,736 | ---- | C] () -- C:\WINDOWS.000\System32\DeviceManager.dll
[2009/02/18 14:20:31 | 000,139,776 | ---- | C] () -- C:\WINDOWS.000\System32\NTFSCopy.dll
[2009/02/18 14:20:31 | 000,093,184 | ---- | C] () -- C:\WINDOWS.000\System32\Partition.dll
[2009/02/18 14:20:31 | 000,086,528 | ---- | C] () -- C:\WINDOWS.000\System32\NTFSLib.dll
[2009/02/18 14:20:31 | 000,086,016 | ---- | C] () -- C:\WINDOWS.000\System32\ResizeNTFS.dll
[2009/02/18 14:20:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS.000\System32\Device.dll
[2009/02/18 14:20:31 | 000,065,536 | ---- | C] () -- C:\WINDOWS.000\System32\FatCopy.dll
[2009/02/18 14:20:31 | 000,061,952 | ---- | C] () -- C:\WINDOWS.000\System32\FatResizeMove.dll
[2009/02/18 14:20:31 | 000,045,568 | ---- | C] () -- C:\WINDOWS.000\System32\FileSystemCheck.dll
[2009/02/18 14:20:31 | 000,031,744 | ---- | C] () -- C:\WINDOWS.000\System32\FatLib.dll
[2009/02/18 14:20:31 | 000,025,088 | ---- | C] () -- C:\WINDOWS.000\System32\FATFileSystemAnalyser.dll
[2009/02/18 14:20:31 | 000,024,576 | ---- | C] () -- C:\WINDOWS.000\System32\NTFSFileSystemAnalyser.dll
[2009/02/18 14:20:31 | 000,022,016 | ---- | C] () -- C:\WINDOWS.000\System32\FatFormat.dll
[2009/02/18 14:20:31 | 000,021,504 | ---- | C] () -- C:\WINDOWS.000\System32\Fixup.dll
[2009/02/18 14:20:31 | 000,017,920 | ---- | C] () -- C:\WINDOWS.000\System32\SectorCopy.dll
[2009/02/18 14:20:31 | 000,014,848 | ---- | C] () -- C:\WINDOWS.000\System32\FileSystemAnalyser.dll
[2009/02/18 14:20:31 | 000,014,848 | ---- | C] () -- C:\WINDOWS.000\System32\EuEpmGdi.dll
[2009/02/18 14:20:31 | 000,010,752 | ---- | C] () -- C:\WINDOWS.000\System32\DeviceAdapter.dll
[2009/02/18 14:20:31 | 000,008,704 | ---- | C] () -- C:\WINDOWS.000\System32\epmntdrv.sys
[2009/02/18 14:20:31 | 000,006,656 | ---- | C] () -- C:\WINDOWS.000\System32\CallbackOperator.dll
[2009/02/18 14:20:31 | 000,003,072 | ---- | C] () -- C:\WINDOWS.000\System32\EuGdiDrv.sys
[2009/02/18 13:35:54 | 000,000,120 | ---- | C] () -- C:\WINDOWS.000\QUICKEN.INI
[2009/02/15 04:11:22 | 000,000,034 | ---- | C] () -- C:\WINDOWS.000\System32\OEMINFO.INI
[2009/02/06 20:28:37 | 000,022,016 | ---- | C] () -- C:\WINDOWS.000\System32\lxpnpapw.dll
[2009/02/06 06:54:41 | 000,210,944 | ---- | C] () -- C:\WINDOWS.000\System32\MSVCRT10.DLL
[2009/02/05 23:39:53 | 000,011,079 | -H-- | C] () -- C:\Program Files\folder.htt
[2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS.000\System32\physxcudart_20.dll
[2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS.000\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS.000\System32\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS.000\System32\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS.000\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS.000\System32\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS.000\System32\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS.000\System32\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS.000\System32\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS.000\System32\AgCPanelFrench.dll
[2006/12/20 12:26:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS.000\System32\px.ini
[2006/11/26 23:01:54 | 000,520,192 | ---- | C] () -- C:\WINDOWS.000\System32\CddbPlaylist2Roxio.dll
[2006/11/26 23:01:54 | 000,204,800 | ---- | C] () -- C:\WINDOWS.000\System32\CddbFileTaggerRoxio.dll
[2006/10/17 06:00:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS.000\System32\besched.dll
[2005/07/15 12:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS.000\System32\libeay32.dll
[2005/07/15 12:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS.000\System32\ssleay32.dll
[2005/07/15 12:35:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS.000\System32\qt-dx331.dll
[2003/10/02 00:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS.000\System32\lockout.dll
[2003/10/02 00:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS.000\System32\lockres.dll
[2003/03/31 06:00:00 | 000,209,010 | ---- | C] () -- C:\WINDOWS.000\System32\_004610_.tmp.dll
[2003/03/31 06:00:00 | 000,021,116 | ---- | C] () -- C:\WINDOWS.000\System32\_004577_.tmp.dll
[1999/04/23 22:22:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS.000\System32\MEMBG.DLL
[1999/04/23 22:22:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS.000\System32\ICMFILTER.DLL
[1999/01/22 12:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS.000\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2009/05/25 12:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\ACD Systems
[2010/09/27 10:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Canon
[2010/01/23 10:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\CheckPoint
[2010/11/11 07:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\com.nationalgeographic.products.cng120.68B1CC4249876152EBE333BD4B7514ADB4D94062.1
[2010/12/08 08:36:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\admin\Application Data\Desktop
[2010/06/10 10:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\eMusic
[2010/06/12 08:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\FreeAudioPack
[2009/09/14 11:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\GrabPro
[2010/05/25 16:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\gtk-2.0
[2009/02/18 21:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\InterTrust
[2009/03/18 09:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Nikon
[2010/09/13 12:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\OCS
[2010/09/13 12:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Opera
[2009/09/14 11:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Orbit
[2010/12/19 15:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\PriceGong
[2010/12/11 09:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Uniblue
[2010/06/09 12:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\92AF
[2009/06/29 10:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2010/05/15 08:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/03/24 11:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2009/04/21 17:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2009/03/18 09:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2009/02/18 15:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/02/28 13:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2009/03/24 11:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/04/22 15:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 10
[2009/09/19 14:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/18 09:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2010/06/07 10:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/21 02:00:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS.000\Tasks\ParetoLogic Registration.job
[2010/12/18 02:12:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS.000\Tasks\ParetoLogic Update Version2.job
[2010/12/04 23:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS.000\Tasks\Tune-up Application Start.job
[2010/12/21 08:59:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS.000\Tasks\Uninstall Expiration Reminder.job
[2010/01/29 11:26:55 | 000,000,106 | ---- | M] () -- C:\WINDOWS.000\Tasks\UPS System Shutdown Program.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\admin\My Documents\Wondershare Media Converter:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\admin\My Documents\My Received Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\admin\My Documents\Fax:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\admin\My Documents\Emicsoft Studio:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\admin\My Documents\DVDVideoSoft:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\admin\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\admin\Desktop\My eMusic:Roxio EMC Stream
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >