askey127, No on CD-RW but yes on Cd-r,Dvd-r..ActivIdentity?? first time hearing about it i would guess maybe has to do with Hp security like fingerprint reader or other. Ive never used it in a Corporate setting i did buy it used 2yrs ago but i had the hdd and the ram upgraded..Here are the logs:
OTL.Txt:
OTL logfile created on: 12/30/2010 3:20:55 PM - Run 1
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Documents and Settings\evil1\Desktop
Windows XP Tablet PC Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.42 Gb Total Space | 5.33 Gb Free Space | 4.96% Space Free | Partition Type: NTFS
Drive D: | 107.42 Gb Total Space | 84.50 Gb Free Space | 78.67% Space Free | Partition Type: NTFS
Drive E: | 83.24 Gb Total Space | 66.73 Gb Free Space | 80.17% Space Free | Partition Type: NTFS
Computer Name: EVILLAPTOP | User Name: evil1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2010/12/30 15:12:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\evil1\Desktop\OTL.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/04/02 15:19:36 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010/04/02 15:19:32 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2009/11/25 18:09:50 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/10/26 03:33:40 | 000,015,872 | ---- | M] () -- C:\Program Files\JDownloader\downloads\PORTABLE_SUITE\Unlocker 1.8.8\App\Unlocker\UnlockerAssistant.exe
PRC - [2009/10/10 15:07:08 | 000,320,832 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/09/30 17:57:20 | 000,718,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2009/09/04 15:22:22 | 000,098,304 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2009/02/27 06:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009/02/27 05:55:20 | 000,909,312 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2009/02/27 05:40:52 | 001,202,448 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2009/02/27 05:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/08/30 17:10:42 | 001,562,381 | ---- | M] () -- C:\Program Files\iPod Access for Windows\iPAHelper.exe
PRC - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007/02/07 01:30:00 | 000,065,536 | R--- | M] (Cognizance Corporation) -- C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2007/01/05 17:36:48 | 000,872,448 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/01 06:10:10 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wisptis.exe
PRC - [2006/10/09 11:23:06 | 000,697,976 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe
PRC - [2006/05/02 16:28:48 | 000,135,168 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient Mini\accoca.exe
PRC - [2006/04/12 16:43:38 | 000,081,920 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient Mini\acachsrv.exe
PRC - [2006/04/10 17:56:36 | 000,081,920 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient Mini\acevents.exe
PRC - [2006/03/03 15:28:18 | 000,136,736 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
PRC - [2006/02/28 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/05/10 11:31:22 | 000,241,664 | ---- | M] (Stardock) -- C:\Program Files\Common Files\Stardock\sdmcp.exe
PRC - [2005/04/12 11:15:04 | 000,869,376 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
PRC - [2002/08/29 03:41:28 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tabbtnu.exe
========== Modules (SafeList) ========== MOD - [2010/12/30 15:12:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\evil1\Desktop\OTL.exe
MOD - [2009/10/26 03:33:32 | 000,004,608 | ---- | M] () -- C:\Program Files\JDownloader\downloads\PORTABLE_SUITE\Unlocker 1.8.8\App\Unlocker\UnlockerHook.dll
MOD - [2007/09/02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll
MOD - [2007/03/26 12:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
MOD - [2007/02/26 03:49:00 | 000,070,144 | R--- | M] (Bioscrypt Inc.) -- C:\WINDOWS\system32\APSHook.dll
MOD - [2006/02/28 06:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2006/02/28 06:00:00 | 000,250,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ime\SPTIP.dll
MOD - [2006/02/28 06:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFP.dll
MOD - [2006/02/28 06:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ime\SPGRMR.dll
MOD - [2004/08/04 00:57:02 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2002/08/29 03:41:08 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Journal\nbmaptip.dll
========== Win32 Services (SafeList) ========== SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/04/02 15:19:36 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/09/04 15:22:22 | 000,098,304 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/02/27 06:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2009/02/27 05:55:20 | 000,909,312 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2009/02/27 05:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2008/08/30 17:10:42 | 001,562,381 | ---- | M] () [Auto | Running] -- C:\Program Files\iPod Access for Windows\iPAHelper.exe -- (iPAHelper.exe)
SRV - [2007/04/30 08:28:34 | 000,172,131 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\WINDOWS\system32\flcdlock.exe -- (FLCDLOCK)
SRV - [2007/02/07 01:30:00 | 000,074,240 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/06/22 05:14:00 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2006/05/02 16:28:48 | 000,135,168 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\ActivIdentity\ActivClient Mini\accoca.exe -- (accoca)
SRV - [2006/04/12 16:43:38 | 000,081,920 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\ActivIdentity\ActivClient Mini\acachsrv.exe -- (acachsrv)
SRV - [2005/04/12 11:15:04 | 000,869,376 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\evil1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2009/10/27 11:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motport.sys -- (motport)
DRV - [2009/10/27 11:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2009/09/09 18:24:14 | 000,062,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21)
DRV - [2009/06/19 15:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2009/06/05 11:42:28 | 000,017,408 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2009/05/08 10:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2009/03/04 09:31:32 | 004,202,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2009/02/13 12:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/01/29 16:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008/10/19 22:00:06 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\androidusb.sys -- (androidusb)
DRV - [2008/08/13 16:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/10/01 13:27:40 | 000,281,600 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2007/09/26 06:01:32 | 002,236,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/09/14 19:09:44 | 000,213,696 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/08/24 11:22:56 | 005,776,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/06/18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/06/01 11:27:00 | 000,145,288 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/04/23 13:13:44 | 000,030,008 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2007/01/22 14:09:38 | 000,034,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wisdpen.sys -- (wisdpen)
DRV - [2006/09/28 14:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pnetmdm.sys -- (pnetmdm)
DRV - [2006/08/28 14:40:48 | 001,160,320 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/06/28 09:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/02/28 17:05:00 | 000,087,808 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gtipci21.sys -- (GTIPCI21)
DRV - [2006/02/28 06:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2006/02/28 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/02/28 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006/02/27 16:48:20 | 000,401,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/02/27 16:45:48 | 001,342,602 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/02/27 16:43:44 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/02/27 16:43:06 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/02/27 16:40:16 | 000,148,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/01/10 01:00:04 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006/01/10 01:00:04 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2005/11/30 10:12:36 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/11/29 16:56:28 | 000,036,768 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\psd.sys -- (PersonalSecureDrive)
DRV - [2005/10/26 10:01:02 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/10/21 11:19:34 | 000,036,352 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2005/04/12 11:07:50 | 000,099,456 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005/04/12 11:07:30 | 000,029,056 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2005/04/12 11:07:26 | 000,028,160 | ---- | M] (Nero AG) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2005/01/07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/04/16 12:57:58 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/08/17 06:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\..\URLSearchHook: {90d46c30-9f25-4104-aea9-35c3f84477ff} - C:\Program Files\mipony-plugin\tbmip1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://flyingincognitosleep.com/cgi-bin/h.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: {F0B24ABB-A42D-4c82-AF2C-3FA6FF27E2C0}:0.3.11
FF - prefs.js..extensions.enabledItems:
smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {7C9AE782-DB21-4e40-81FB-AD8A53A6233A}:1.83
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {90d46c30-9f25-4104-aea9-35c3f84477ff}:2.5.6.0
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8081
FF - user.js..browser.startup.homepage: "http://flyingincognitosleep.com/cgi-bin/h.pl"
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/12 12:07:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/27 15:01:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/28 17:32:25 | 000,000,000 | ---D | M]
[2009/11/23 21:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\evil1\Application Data\Mozilla\Extensions
[2010/12/30 12:49:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\evil1\Application Data\Mozilla\Firefox\Profiles\6rw8d2vm.default\extensions
[2010/04/01 18:49:40 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\evil1\Application Data\Mozilla\Firefox\Profiles\6rw8d2vm.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/10/29 14:59:47 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\evil1\Application Data\Mozilla\Firefox\Profiles\6rw8d2vm.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010/06/14 22:25:36 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\evil1\Application Data\Mozilla\Firefox\Profiles\6rw8d2vm.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/05/04 22:48:22 | 000,000,000 | ---D | M] (Live IP Address) -- C:\Documents and Settings\evil1\Application Data\Mozilla\Firefox\Profiles\6rw8d2vm.default\extensions\{7C9AE782-DB21-4e40-81FB-AD8A53A6233A}
[2010/11/03 23:40:05 | 000,000,000 | ---D | M] (mipony-plugin Toolbar) -- C:\Documents and Settings\evil1\Application Data\Mozilla\Firefox\Profiles\6rw8d2vm.default\extensions\{90d46c30-9f25-4104-aea9-35c3f84477ff}
[2010/10/29 14:59:50 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\evil1\Application Data\Mozilla\Firefox\Profiles\6rw8d2vm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/12/26 17:31:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\evil1\Application Data\Mozilla\Firefox\Profiles\6rw8d2vm.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/08 23:51:19 | 000,000,000 | ---D | M] (Foxamp) -- C:\Documents and Settings\evil1\Application Data\Mozilla\Firefox\Profiles\6rw8d2vm.default\extensions\{F0B24ABB-A42D-4c82-AF2C-3FA6FF27E2C0}
[2010/06/23 01:31:46 | 000,000,000 | ---D | M] ("Virtual Keyboard") -- C:\Documents and Settings\evil1\Application Data\Mozilla\Firefox\Profiles\6rw8d2vm.default\extensions\vkeyboard@isul
[2010/12/29 13:38:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/12 12:07:14 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2009/11/25 18:10:30 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD\FIREFOX\EXT
[2010/01/15 22:45:03 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
O1 HOSTS File: ([2010/12/22 21:49:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKCU\..\Toolbar\WebBrowser: (mipony-plugin Toolbar) - {90D46C30-9F25-4104-AEA9-35C3F84477FF} - C:\Program Files\mipony-plugin\tbmip1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe File not found
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TabletWizard] C:\WINDOWS\Help\splshwrp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\JDownloader\downloads\PORTABLE_SUITE\Unlocker 1.8.8\App\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CubeDesktop] File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 [2010/12/28 15:35:50 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2010/12/28 15:35:50 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2010/12/28 15:35:50 | 000,000,000 | ---D | M]
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download with Mipony - C:\Program Files\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85}
http://go.microsoft.com/fwlink/?LinkId=82580 (Microsoft Genuine Advantage Self Support Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ackpbsc: DllName - C:\Program Files\ActivIdentity\ActivClient Mini\ackpbsc.dll - C:\Program Files\ActivIdentity\ActivClient Mini\ackpbsc.dll (ActivIdentity)
O20 - Winlogon\Notify\acunlock: DllName - C:\Program Files\ActivIdentity\ActivClient Mini\acunlock.dll - C:\Program Files\ActivIdentity\ActivClient Mini\acunlock.dll (ActivIdentity)
O20 - Winlogon\Notify\DeviceNP: DllName - DeviceNP.dll - C:\WINDOWS\System32\DeviceNP.dll (Hewlett-Packard Limited)
O20 - Winlogon\Notify\IfxWlxEN: DllName - IfxWlxEN.dll - C:\WINDOWS\System32\IfxWlxEN.dll (Infineon Technologies AG)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\MCPClient: DllName - C:\Program Files\Common Files\Stardock\mcpstub.dll - C:\Program Files\Common Files\Stardock\MCPStub.dll (Stardock)
O20 - Winlogon\Notify\OneCard: DllName - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
O20 - Winlogon\Notify\TabBtnWL: DllName - TabBtnWL.dll - C:\WINDOWS\System32\tabbtnwl.dll (Microsoft Corporation)
O20 - Winlogon\Notify\tpgwlnotify: DllName - tpgwlnot.dll - C:\WINDOWS\System32\tpgwlnot.dll (Microsoft Corporation)
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files\Common Files\Stardock\MCPCore.dll (Stardock)
O24 - Desktop WallPaper: C:\Documents and Settings\evil1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\evil1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/22 13:11:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010/12/30 15:13:00 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\evil1\Desktop\OTL.exe
[2010/12/30 11:23:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/12/29 10:00:14 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/12/29 10:00:14 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/12/28 18:15:33 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/12/28 18:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2010/12/28 17:44:38 | 002,923,248 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\evil1\Desktop\WindowsXP-KB914882-x86-ENU.exe
[2010/12/28 17:35:28 | 007,866,472 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\evil1\Desktop\mseinstall.exe
[2010/12/28 15:37:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/12/28 15:34:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\evil1\Desktop\1
[2010/12/28 15:32:13 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\evil1\Desktop\MGADiag.exe
[2010/12/27 13:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\evil1\My Documents\RegRun2
[2010/12/27 13:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2010/12/27 13:41:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/12/27 13:20:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/27 13:19:54 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/21 00:04:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\evil1\My Documents\UmdStreamComposer
[2010/12/20 23:25:04 | 000,000,000 | ---D | C] -- C:\Program Files\PSP Grader
[2010/12/20 11:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\evil1\Application Data\Dream Aquarium
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/12/30 15:12:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\evil1\Desktop\OTL.exe
[2010/12/30 12:43:03 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/30 12:37:25 | 000,000,435 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010/12/30 12:34:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/30 12:12:32 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\evil1\Desktop\SystemLook.exe
[2010/12/30 11:04:26 | 004,011,739 | R--- | M] () -- C:\Documents and Settings\evil1\Desktop\zzz.exe
[2010/12/29 13:08:48 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\evil1\Desktop\HiJackThis.lnk
[2010/12/28 18:18:11 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/28 18:11:02 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2010/12/28 18:07:49 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/28 17:44:48 | 002,923,248 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\evil1\Desktop\WindowsXP-KB914882-x86-ENU.exe
[2010/12/28 17:35:28 | 007,866,472 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\evil1\Desktop\mseinstall.exe
[2010/12/28 15:34:02 | 000,453,632 | ---- | M] () -- C:\Documents and Settings\evil1\Desktop\CKScanner.exe
[2010/12/28 15:32:17 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\evil1\Desktop\MGADiag.exe
[2010/12/27 14:00:05 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\evil1\Desktop\Reanimator.lnk
[2010/12/27 13:56:01 | 000,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/12/27 13:56:01 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[2010/12/27 13:20:01 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/23 16:30:39 | 000,001,658 | ---- | M] () -- C:\Documents and Settings\evil1\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/23 16:30:39 | 000,001,640 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/12/22 21:49:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/12/20 23:25:04 | 000,000,744 | ---- | M] () -- C:\Documents and Settings\evil1\Desktop\PSP Grader.lnk
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/20 11:34:32 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dream Aquarium.lnk
[2010/12/18 12:05:34 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\evil1\Application Data\Microsoft\Internet Explorer\Quick Launch\FlashFXP.lnk
[2010/12/18 12:05:34 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\evil1\Desktop\FlashFXP.lnk
[2010/12/16 21:29:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/13 07:36:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/08 21:29:49 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\evil1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/12/30 12:12:36 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\evil1\Desktop\SystemLook.exe
[2010/12/30 10:57:55 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/29 13:42:06 | 004,011,739 | R--- | C] () -- C:\Documents and Settings\evil1\Desktop\zzz.exe
[2010/12/28 18:11:02 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2010/12/28 15:34:01 | 000,453,632 | ---- | C] () -- C:\Documents and Settings\evil1\Desktop\CKScanner.exe
[2010/12/27 14:00:05 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\evil1\Desktop\Reanimator.lnk
[2010/12/27 13:56:01 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2010/12/27 13:41:38 | 000,002,447 | ---- | C] () -- C:\Documents and Settings\evil1\Desktop\HiJackThis.lnk
[2010/12/27 13:20:01 | 000,000,822 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/23 16:30:39 | 000,001,658 | ---- | C] () -- C:\Documents and Settings\evil1\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/23 16:30:39 | 000,001,640 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/12/20 23:25:04 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\evil1\Desktop\PSP Grader.lnk
[2010/12/20 11:34:32 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dream Aquarium.lnk
[2010/12/18 12:05:34 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\evil1\Application Data\Microsoft\Internet Explorer\Quick Launch\FlashFXP.lnk
[2010/12/18 12:05:34 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\evil1\Desktop\FlashFXP.lnk
[2010/08/17 01:20:41 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\evil1\Application Data\winscp.rnd
[2010/05/04 20:59:20 | 000,000,062 | ---- | C] () -- C:\WINDOWS\MyProg.ini
[2010/04/15 12:46:01 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\evil1\Application Data\iPod Access v4 Prefs
[2010/04/15 12:45:32 | 000,000,041 | -H-- | C] () -- C:\Documents and Settings\evil1\Application Data\iPodAccessv4_OwnerName
[2010/04/15 12:45:32 | 000,000,041 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\iPodAccessv4_OwnerName
[2010/04/15 12:42:51 | 000,000,011 | -H-- | C] () -- C:\Documents and Settings\evil1\Application Data\iPodAccess_Time
[2010/02/12 11:59:29 | 000,000,677 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/01/14 16:50:37 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/01/13 15:55:28 | 000,161,280 | ---- | C] () -- C:\WINDOWS\System32\TALBC.DLL
[2010/01/13 15:33:27 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\FlicPlusSDK_Win32_API.dll
[2009/12/25 17:35:51 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\evil1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/05 17:48:01 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/12/01 12:07:16 | 000,424,560 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/11/25 00:55:10 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/11/25 00:55:09 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/11/25 00:55:08 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/11/25 00:55:08 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/11/25 00:55:07 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/11/25 00:55:04 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/11/22 15:57:27 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\std201mt.dll
[2009/11/22 15:47:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\evil1\Local Settings\Application Data\QSwitch.txt
[2009/11/22 15:47:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\evil1\Local Settings\Application Data\DSwitch.txt
[2009/11/22 15:47:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\evil1\Local Settings\Application Data\AtStart.txt
[2009/11/22 15:40:26 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/11/22 15:08:58 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/11/22 15:08:58 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/11/22 15:08:58 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/11/22 15:08:58 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/11/22 15:08:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/11/22 15:08:58 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/11/22 14:31:33 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2009/11/22 13:18:43 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\evil1\Local Settings\Application Data\fusioncache.dat
[2009/11/22 06:55:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2009/04/16 13:24:14 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2009/04/16 13:24:14 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2009/04/16 13:24:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2009/04/16 13:24:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\Ogg.dll
[2007/04/30 08:31:14 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\flcdlmsg.dll
[2007/01/31 16:02:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2006/02/28 06:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006/02/27 16:51:36 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1998/05/07 02:10:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\ODMA32.dll
========== LOP Check ========== [2010/12/27 15:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/11/24 00:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010/06/22 22:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/04/15 12:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Findley Designs
[2009/11/22 16:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Infineon
[2009/12/13 00:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OfficeRecovery
[2009/11/29 22:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2009/12/30 22:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/12/22 16:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/01/25 21:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\4Media Software Studio
[2010/11/15 22:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\Azureus
[2010/05/06 11:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\BatteryBar
[2009/12/22 16:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\CopyTrans
[2010/03/10 13:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\DataCast
[2010/12/24 13:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\Dream Aquarium
[2010/01/13 17:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\EzySoft
[2010/11/18 01:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\FileZilla
[2010/06/30 14:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\Fortune Fountain Ltd
[2010/01/15 22:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\Foxit
[2009/11/22 16:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\Infineon
[2010/12/11 15:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\Mipony
[2009/12/13 00:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\OfficeRecovery
[2010/12/22 20:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\Otze
[2009/11/29 23:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\Radmin
[2009/11/22 15:06:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\SampleView
[2010/04/23 20:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\TeamViewer
[2010/11/06 14:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\Thinking Minds Budiling Bytes
[2009/11/29 22:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\Western Digital
[2010/01/27 23:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\WindSolutions
[2010/05/06 11:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\evil1\Application Data\WinPatrol
[2010/12/30 12:43:03 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ========== < End of report >